Teach you how to use code to realize SSO single sign on

1. summary

1.1. What is? SSO?

Single sign on （ Single Sign-On , abbreviation SSO ） It is one of the most popular solutions for enterprise business integration , SSO In many application systems , Users only need Log in once You can access all the trusted applications .

1.2. What is? CAS?

With SSO The popularity of technology , There are many related products , among CAS It's a solution ,CAS（Central Authentication Service） Unified identity authentication service or central identity service , It consists of server and client , Realization SSO, And it is easy to integrate enterprise applications .

CAS yes Yale university （ Yale ） An open source project launched , For the purpose of web The application system provides a reliable single sign on method ,CAS stay 2004 year 12 The month officially became JA-SIG A project for .

Official website ：https://www.apereo.org/projects/cas

CAS It has the following characteristics ：

• Open source enterprise single sign on solution

• CAS Server For those that need to be deployed independently web application

• CAS Client Support a lot of clients （ This refers to the single sign on system web application ）, Include Java、.Net 、ISAPI、Php、Perl、uPortal、Acegi、Ruby、VBScript Such as the client

With CAS, Our system architecture evolved into the following ：

It can be seen from the architecture that ,CAS There are two parts ：CAS Server and CAS Client.

• CAS Server Independent deployment required , Mainly responsible for user authentication ,CAS Client Responsible for handling

• Access requests to client protected resources , Need to log in , Redirect to CAS Server.

below , We build... Step by step CAS Realization SSO.

1.3. Development environment requirements

Jdk1.8+ maven3.6 idea tomcat9.0+ windows10

2. CAS Server Server side

2.1. CAS Server side software package download

• The download version is 5.3

Download the server's overlay Address : https://github.com/apereo/cas-overlay-template/tree/5.3

Compressed package ：cas-overlay-template-5.3.zip

After decompression, use the command ：build.cmd package

Then use the compiled directory to view war package :

2.2. Basic deployment and testing on the server side

take war Put the bag in tomcat Of webapp in , Then start tomcat

Access address ：http://localhost:8080/cas  perhaps  http://localhost:8080/cas/login

The default user name and password are \webapps\cas\WEB-INF\classes\application.properties Inside user name ：casuser password ：Mellon

CAS Server started successfully

2.3. CAS Server Server configuration

2.3.1 Remove https authentication

CAS The default is HTTPS agreement , If you use HTTPS Agreement needs to be SSL A security certificate （ You need to apply and purchase from a specific organization ）. If the security requirements are not high or in the development and testing stage , You can use HTTP agreement . Here we explain how to modify the configuration , Give Way CAS Use HTTP agreement .

WeChat search official account ：Java Back end programming , reply ：java Collect information .

modify CAS Server profile ：

\cas\WEB-INF\classes\application.properties Add the following to it :

cas.tgc.secure=false
cas.serviceRegistry.initFromJson=true

\cas\WEB-INF\classes\services In the catalog HTTPSandIMAPS-10000001.json The modification is as follows :

"serviceId" : "^(https|http|imaps)://.*"

3. CAS Client Client configuration （ Own project ）

Pom File dependency, i.e pom.xml

<dependency>
<groupId>net.unicon.cas</groupId>
<artifactId>cas-client-autoconfig-support</artifactId>
<version>2.1.0-GA</version>
</dependency>

application.yml The configuration file

WeChat search official account ： Architect's Guide , reply ： Architects Collect information .

client 1

server:
  port: 9010
cas:
  server-url-prefix: http://localhost:8080/cas
  server-login-url: http://localhost:8080/cas/login
  client-host-url: http://localhost:9010
  validation-type: cas3

notes ： The startup class appends the startup class CAS Annotations @EnableCasClient

Create a new test class in the project

iimport io.swagger.annotations.Api;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
@Api(description = "SSO-CAS Test of ")
public class TestController {

    @GetMapping("/test1")
    public String test1(){
        return "test1....";
    }
}

client 2

server:
  port: 9011
cas:
  server-url-prefix: http://localhost:8080/cas
  server-login-url: http://localhost:8080/cas/login
  client-host-url: http://localhost:9011
  validation-type: cas3

notes ： The startup class appends the startup class CAS Annotations @EnableCasClient

Create a new test class in the project

import io.swagger.annotations.Api;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
@Api(description = "SSO-CAS Test of ")
public class TestController {

    @GetMapping("/test2")
    public String test1(){
        return "test2....";
    }
}

client 1, client 2 and cas After the server is set up , So let's test that out ：

1. First start tomcat In the server CAS Server.

2. Start the client respectively 1 And the client 2, Then enter the client... In the browser address bar 1 The address of http://localhost:9010/test1

Not logged in , Continue to enter the client in the address bar of the browser 2 The address of ：http://localhost:9011/test2

When we log in to one of the login interfaces （ Suppose you log in to the client 2） Will jump to the login interface , Here's the picture ：

We re-enter the client in the browser window again 1,http://localhost:9010/test1, Or refresh the client page just entered , You can enter the page without logging in , Here's the picture ：

The above is the single sign on test .

If this article helps you , Don't forget to give me a 3 even , give the thumbs-up , forward , Comment on ,

Learn more JAVA Knowledge and skills , Pay attention to Blogger learning JAVA Courseware , Source code , Installation package , There are also the latest interview materials of big factories, etc

I'll see you next time .

Collection It's like whoring for nothing , Praise is the truth .