Linux中本地构建CAS单点登陆开发环境-优快云博客

本教程详细介绍了在Linux环境下使用Ubuntu10.10搭建CAS单点登录系统的全过程，包括必需软件的安装（如Tomcat、Maven、JDK）、推荐软件的选择（如IDE、版本控制系统），以及具体的配置步骤，如创建证书、修改Tomcat配置文件等。通过遵循此指南，用户可以轻松实现单点登录功能。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

Thisdocument is designed to walk a new CAS user through our recommendeddevelopment/build process. It does not require you to explicitlydownload any version of CAS, but it does require particulardevelopment tools to be available. We've detailed those requirementsand our recommendations as part of this process. Experienced usersmay be able to ignore that, and other parts. At the end of thedocument, we've listed publicly available examples of our recommendedprocess. This document will continue to evolve.

本文以Ubuntu 10.10为例。

1、<style type="text/css">  </style>Required Software

必需软件

A Servlet 2.4 Container - We've hadgood luck withTomcatand this exercise will use that.
Maven2- If you're interested in using the Maven2 WAR Overlay method, youhave no choice but todownloadMaven2
Java5 or higher - We'll assume you'veinstalleda JDK. While Java 5 will work, it has reached itsend-of-life,so you should install Java 6 or higher.

看字面意思应该很容易明白，要求linux系统安装了tomcat，maven2，jdk等。

2、<style type="text/css">  </style>Recommended Software

推荐软件

An IDE - This exercise won'tactually utilize an IDE, but we recommend you use the one you'remost comfortable with in your daily work. We've had great luck withIntelliJIDEA,Eclipseand theSpringSourceTool Suite
AVersion Control system - Again, this exercise won't actually use aversion control system, but you should ultimately be using one suchasSubversionorGit.

要求系统安装IDE和版本控制器，安装Eclipse和subversion就可以了。

3、<style type="text/css">  </style>Setting up theSoftware

安装以上软件，安装过程相信大家已经很熟悉了。注意，安装好之后，需要配置java，maven，tomcat等的环境变量。

4、<style type="text/css">  </style>Create the Certificate

创建认证

(1).打开console终端，输入：

keytool -genkey -alias tomcat -keyalg RSA -validity 365
这时，会自动创建一个名为.keystore的文件，路径为$HOME/.keystore

注意：

如果提示'keytool'is not recognized as an internal or external command,

operableprogram or batch file.

说明系统环境变量没有设定jdk

执行上述命令后，会得到如同下面的信息：

Enterkeystore password:

Re-enternewpassword:

Whatis your first and last name?

[Unknown]:localhost

Whatis the name of your organizational unit?

[Unknown]:shihuangzhe

Whatis the name of your organization?

[Unknown]:shihuangzhe

Whatis the name of your City or Locality?

[Unknown]: sh

Whatis the name of your State or Province?

[Unknown]: sh

Whatis the two-letter country code forthisunit?

[Unknown]: cn

IsCN=localhost, OU=shihuangzhe, O=shihuangzhe, L=sh, ST=sh, C=cn correct?

[no]:y

5、<style type="text/css">  </style> 修改 $TOMCAT_HOME/conf/server.xml配置档

注意：

Tomcat每个版本的SSL配置是不同的，读者可自行参考TOMCAT_HOME\webapps\docs\index.xml文档。

Tomcat--6.0

<Connectorport="8443"protocol="HTTP/1.1"SSLEnabled="true"

maxThreads="150"scheme="https" secure="true"

clientAuth="false"sslProtocol="TLS"keystoreFile="/home/dsan/.keystore" keystorePass="50963187"/>

Tomcat—7.0

<Connectorport="8443"protocol="org.apache.coyote.http11.Http11Protocol"SSLEnabled="true"

maxThreads="150"scheme="https" secure="true"

clientAuth="false"sslProtocol="TLS"

keystoreFile="/home/dsan/.keystore"keystorePass="50963187" keyAlias="tomcat"/>

如果这里设置有问题，tomcat启动时候应该会报如下错误：

EVERE: Failed to initialize connector [Connector[HTTP/1.1-8443]] LifecycleException: Protocol handler initialization failed: java.lang.Exception: No Certificate file specified or invalid file format
5、产生server.crt档<style type="text/css">  </style>

终端console执行如下：

keytool -export -alias tomcat -file server.crt

则此时会产生$HOME/server.crt

6、<style type="text/css">  </style>Youcan then import the server.crt into other JVM keystore's byexecuting a command similar to this:

NOTE,Windows machine's may require the "\" instead of "/"and reference variables with "%", i.e. %JAVA_HOME%.

导入key

终端console执行如下：

keytool -import -file server.crt -keystore $JAVA_HOME\jre\lib\security\cacerts