preface

This article will integrate CAS using Spring-boot2.x to integrate single sign-on functionality.

Version: based on Spring-Boot2. x and cas-client3.3.3, as well as single sign-on center CAS-server.core-3.5.2

dependency

<dependency>
    <groupId>org.jasig.cas.client</groupId>
    <artifactId>cas-client-core</artifactId>
    <version>3.3.3</version>
     <exclusions>  
        <exclusion>  
            <groupId>org.slf4j</groupId>  
            <artifactId>log4j-over-slf4j</artifactId>  
        </exclusion>  
    </exclusions>  
</dependency>/** Used to configure the CAS client */ through Spring's application.properties<dependency>
    <groupId>net.unicon.cas</groupId>
    <artifactId>cas-client-autoconfig-support</artifactId>
    <version>2.3.0 - GA</version>
     <exclusions>  
        <exclusion>  
            <groupId>org.slf4j</groupId>  
            <artifactId>log4j-over-slf4j</artifactId>  
        </exclusion>  
    </exclusions>  
</dependency>
Copy the code

Configure the properties of the Cas-client

Cas single sign-on protocol
cas.validation-type=CAS
Cas single sign-on center service address
cas.server-url-prefix=http://10.13.200.207:8080/cas-server/
Cas single sign-on center service login address
cas.server-login-url=http://10.13.200.207:8080/cas-server/login
#cas client address (which is used to access a single sign-on subsystem)
cas.client-host-url=172.19.233.2:8080
Copy the code

Configure cas annotations in SpringApplication

Cas sso is successfully integrated into SpringBoot by configuring the @enablecasClient annotation above the class of the springBoot entry main function.

So far, we have quickly connected cas to SpringBoot in the above three steps. Here are the problems encountered and matters needing attention.

Problems and precautions

The CAS conflicts with spring-Session. The SYSTEM that has been connected to single sign-on (SSO) does not need to maintain sessions. Even if the local session fails, the CAS automatically generates a new session. Any subsystem that logs in from the same browser will automatically log in.
The CAS client address must be the IP address and port number. Do not add other suffixes. Otherwise, the cas-client sends authentication to the CAS-server, and returns “ticket stub ‘ST-402-twkzzyDRTVHgC2AAord7-eguid. cc’ does not meet the target service” or “ticket stub cannot be recognized”.

mo4tech.com (Moment For Technology) is a global community with thousands techies from across the global hang out!Passionate technologists, be it gadget freaks, tech enthusiasts, coders, technopreneurs, or CIOs, you would find them all here.

Quick integration of CAS single sign-on into Spring-Boot2.x and problems encountered during integration in three simple steps

preface

dependency

Configure the properties of the Cas-client

Configure cas annotations in SpringApplication

Problems and precautions

Quick integration of CAS single sign-on into Spring-Boot2.x and problems encountered during integration in three simple steps

preface

dependency

Configure the properties of the Cas-client

Configure cas annotations in SpringApplication

Problems and precautions

Related Posts

Design and Implementation of Python Scrapy Django WeUI News Collection and subscription System based on Web crawler

Cloud native project practice DevOps(GitOps)+K8S+BPF+SRE, from 0 to 1 using Golang to develop production-grade Mahjong game server — Part 3

COLA 4.0: Best practices that get to the heart of application architecture