今天项目中用到sso的时,在启动项目后,在浏览器上登录系统,sso客户端提示错误。
SSO服务端: 3.5.1
SSO客户端: 3.2.5
原因是因为:
web.xml配置文件配置错误导致.
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://fast-web.cn:8443/cas/login</param-value>
</init-param>
红色的地方是多于的配置. 如果配置了/login就会报以下错误.
删除掉后.重新启动服务即可。
<!-- 该过滤器负责用户的认证工作,必须启用它 -->
<filter>
<filter-name>CASFilter</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>https://fast-web.cn:8443/cas/login</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://fast-web.cn:8080</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CASFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- 该过滤器负责对Ticket的校验工作,必须启用它 -->
<filter>
<filter-name>CASValidationFilter</filter-name>
<filter-class>
org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://fast-web.cn:8443/cas/login</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://fast-web.cn:8080</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CASValidationFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
错误如下:
[org.jasig.cas.client.util.XmlUtils]org.xml.sax.SAXParseException: The reference to entity "locale" must end with the ';' delimiter.
org.xml.sax.SAXParseException: The reference to entity "locale" must end with the ';' delimiter.
at org.apache.xerces.util.ErrorHandlerWrapper.createSAXParseException(Unknown Source)
at org.apache.xerces.util.ErrorHandlerWrapper.fatalError(Unknown Source)
at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source)
at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source)
at org.apache.xerces.impl.XMLScanner.reportFatalError(Unknown Source)
at org.apache.xerces.impl.XMLScanner.scanAttributeValue(Unknown Source)
at org.apache.xerces.impl.XMLNSDocumentScannerImpl.scanAttribute(Unknown Source)
at org.apache.xerces.impl.XMLNSDocumentScannerImpl.scanStartElement(Unknown Source)
at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(Unknown Source)
at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown Source)
at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
at org.apache.xerces.parsers.XMLParser.parse(Unknown Source)
at org.apache.xerces.parsers.AbstractSAXParser.parse(Unknown Source)
at org.jasig.cas.client.util.XmlUtils.getTextForElement(XmlUtils.java:164)
at org.jasig.cas.client.validation.Cas20ServiceTicketValidator.parseResponseFromServer(Cas20ServiceTicketValidator.java:82)
at org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:217)
at org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:169)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:242)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:116)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:242)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:76)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:242)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at com.common.core.busi.other.filter.SessionFilter.doFilterInternal(SessionFilter.java:85)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:242)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:243)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:201)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:163)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:108)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:556)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:401)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:242)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:267)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:245)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:260)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
at java.lang.Thread.run(Thread.java:662
)
相关推荐
予org.jasig.cas.client.util.CommonUtils 加入 public static void disableSSLVerification(){ try { // Create a trust manager that does not validate certificate chains TrustManager[] ...
-- 该过滤器使得开发者可以通过 org.jasig.cas.client.util.AssertionHolder 来获取用户 的登录名。 比如 AssertionHolder.getAssertion().getPrincipal().getName()。 --> <filter-name>CAS Assertion ...
这可能包括Spring Security CAS的配置XML文件、Java代码片段,或者相关的服务器和客户端配置文档。 通过遵循这些步骤,你可以成功地将CAS客户端集成到你的应用中,实现单点登录功能,提高系统的安全性,并为用户...
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter <param-name>casServerLoginUrl <param-value>http://127.0.0.1/login</param-value> <param-name>serverName <param-value>...
<bean id="casFilter" class="org.apache.shiro.cas.CasFilter"> ${adminPath}/login"/> <!-- 安全认证过滤器 --> <bean id="shiroFilter" class="org.apache.shiro.spring.web....
这是已经调整过的cas服务端,maven项目 已完成内容 登录页面已做调整 验证码功能 记住我功能 多数据源支持(根据传入参数client确定用哪个数据源和sql语句) 运行该项目 先建立sys_account表,直接导入sys_...
集成Spring Security时,你需要在`pom.xml`中添加Spring Security的相关依赖,并在CAS的配置文件(如`cas.properties`或`application.yml`)中配置加密算法,以便在认证过程中使用。 在配置加密算法时,Spring ...
CAS(Central Authentication Service)是一种广泛使用的开放源码身份验证框架,它允许用户通过单一登录(Single Sign-On,SSO)访问多个应用系统。这个压缩包包含的是CAS服务器的4.2.1版本的源代码,以及使用Gradle...
Maven坐标:org.jasig.cas.client:cas-client-core:3.2.1; 标签:jasig、client、cas、core、中英对照文档、jar包、java; 使用方法:解压翻译后的API文档,用浏览器打开“index.html”文件,即可纵览文档内容。 ...
* HttpServletRequest包裹过滤器:org.jasig.cas.client.util.HttpServletWrapperFilter 这些过滤器和监听器共同提供了单点登录的功能,包括单点登出、认证、Ticket校验和HttpServletRequest包裹等。 三、CAS单点...
CAS Server 是一套基于 Java 实现的服务,该服务以一个 Java Web Application 单独部署在与 servlet2.3 兼容的 Web 服务器上,另外,由于 Client 与 CAS Server 之间的交互采用 Https 协议,因此部署 CAS Server 的...
org.jasig.cas.client.util.HttpServletRequestWrapperFilter <!-- CAS SINGLE SIGN OUT FILTER --> <filter-name>CAS Single Sign Out Filter org.jasig.cas.client.session.SingleSignOut...
<filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter <param-name>casServerUrlPrefix <param-value>http://gis.hayao.com/hayao_cas2</param-value> <param-name>...
cas单点登录系统,带源码,可定制开发;CASServer负责完成对用户的认证工作,CASServer需要独立部署,CASServer处理用户名/密码等凭证(Credentials)验证,它可能会到数据库检索一条用户帐号信息,也可能在XML文件中...
server 地址: http://www.jasig.org/cas/download client 地址: http://www.ja-sig.org/downloads/cas-clients/ 当前最新版本 cas-server-3.4.2 , cas-client-3.1.10 2. 安装 server l 解压 cas-server-...
源码中包含了如`org.jasig.cas.client.util.AssertionThreadLocal`、`org.jasig.cas.client.util.HttpServletRequestWrapper`等类,它们在处理CAS认证流程中起着关键作用。 **5. CAS的优势** - **便利性**:用户只...
服务端的下载地址为:[http://downloads.jasig.org/cas/cas-server-3.5.1-release.zip](http://downloads.jasig.org/cas/cas-server-3.5.1-release.zip)。 由于CAS客户端与CASServer之间的通信依赖于HTTPS协议,...
<bean class="org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler"> ``` 3. **重启服务器并测试**: - 重启Tomcat服务器。 - 使用数据库中的用户信息进行登录测试。 通过以上步骤,可以...
- **配置 CAS 验证过滤器**:`<filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>` 验证从 CAS 获取的票据是否有效。 3. **初始化参数**:配置 CAS 服务器...