目标

• 统一用户管理
• 统一身份认证
• 统一授权管理
• 统一审计管理
• 单点登录

一、部署最基本系统

WAR Overlay Installation

1. 运行tomcat（略）
2. 使用 ./build.sh package 生成 war 包。
   在 \build\libs 下生成 cas.war 并在tomcat部署运行。
3. 使用默认用户名密码登录 http://localhost:8080/cas/login
   User: casuser
   Password: Mellon

image.png image.png

二、基于mysql数据库的用户管理

参考 CAS 5 Database Authentication Tutorial

1. 启用 Database Authentication 并重新build
   cas-overlay-template\build.gradle 添加
   compile "org.apereo.cas:cas-server-support-jdbc:${project.'cas.version'}"

2. 参考教程的链接创建数据库表

   
   image.png
3. 修改 apache-tomcat-9.0.13\webapps\cas\WEB-INF\classes\application.properties

注释掉 # cas.authn.accept.users=casuser::Mellon

加上：

cas.authn.jdbc.query[0].sql=SELECT * FROM USERS WHERE uid=?
cas.authn.jdbc.query[0].url=jdbc:[mysql://localhost/test?useUnicode=true&useJDBCCompliantTimezoneShift=true&useLegacyDatetimeCode=false&serverTimezone=UTC](mysql://localhost/test?useUnicode=true&useJDBCCompliantTimezoneShift=true&useLegacyDatetimeCode=false&serverTimezone=UTC)
cas.authn.jdbc.query[0].dialect=org.hibernate.dialect.MySQLDialect
cas.authn.jdbc.query[0].user=root
cas.authn.jdbc.query[0].password=yourpwd
cas.authn.jdbc.query[0].driverClass=com.mysql.jdbc.Driver
cas.authn.jdbc.query[0].fieldPassword=psw

logging.level.org.apereo=DEBUG
cas.authn.accept.users=

4. 运行，用数据库的用户名密码登录成功

   
   image.png
   image.png
   image.png

三、实现自己的用户登录系统

四、用户管理

五、授权管理

……

参考

******************************************************************
Apereo CAS ******************************************************************
Apereo CAS 6.0.0-SNAPSHOT
Enterprise Single SignOn for all earthlings and beyond
- https://github.com/apereo/cas
- https://apereo.github.io/cas
******************************************************************
6.0.0-SNAPSHOT
Enterprise Single SignOn for all earthlings and beyond
- https://github.com/apereo/cas
- https://apereo.github.io/cas
******************************************************************
Usage: build.sh [command]

        The following commands are available:

        clean:          Clean Maven build directory
        cli:            Run the CAS command line shell and pass commands
        copy:           Copy config from the project's local etc/cas/config directory to the root /etc/cas/config
        debug:          Run cas.war and listen for Java debugger on port 5000
        dependencies:   Get a report of all dependencies configured in the build
        docker:         Build a Docker image based on the current build and configuration
        gencert:        Create keystore with SSL certificate in location where CAS looks by default
        getview:        Ask for a view name to be included in the overlay for customizations
        getresource:    Ask for a resource name (properties/json/etc file) to be included in the overlay for customizations
        listviews:      List all CAS views that ship with the web application and can be customized in the overlay
        package:        Clean and build CAS war
        explode:        Explode and unzip and packaged CAS war
        run:            Build and run cas.war via Java as an executable war
        runalone:       Build and run cas.war on its own as a standalone executable
        tomcat:         Deploy the CAS web application to an external Apache Tomcat server
        update:         Package the CAS overlay by force-updating dependencies and SNAPSHOT versions