本文详细介绍了如何在Linux系统上安装JDK、Tomcat、Maven和CAS,并配置HTTPS证书,最终部署CAS应用。重点步骤包括环境变量设置、Maven编译与CAS安装、HTTPS证书生成与导入、Tomcat配置及CAS应用部署。
1、安装包和环境依赖
jdk-8u171-linux-x64.tar
apache-tomcat-8.5.31.tar
apache-maven-3.5.3-bin.tar
cas-overlay-template-master.zip
以上安装包下载地址:
https://pan.baidu.com/s/19xAaWfq8Bq5x_FPDwmqmew 密 码:yhf0
若是想自行下载最新版本,官网下载地址分别为:
jdk: http://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads- 2133151.html
tomcat: https://tomcat.apache.org/download-80.cgi maven: http://maven.apache.org/download.cgi
cas:https://github.com/apereo/cas-overlay-template(拉下master分支的代码)
这里使用maven编译.war包,开始使用gradle编译,发现在国内有拦截,无法打包成功, 浪费了许多时间,如果使用gradle,cas就要下载cas-gradle-overlay-template,建议大家不要尝试使用gradle。 下载cas时可以选择版本,我选择的是master,然后点击clone or download下载
(1)将这四个安装包放在/usr/local下面,使用以下命令解压缩:
tar ‐zxvf jdk‐8u171‐linux‐x64.tar.gz
tar ‐zxvf apache‐tomcat‐8.5.31.tar.gz
tar ‐zxvf apache‐maven‐3.5.3‐bin.tar.gz
unzip cas‐overlay‐template‐master.zip
(2)编辑环境变量
vi /etc/profile
加入以下语句:
export JAVA_HOME=/usr/local/jdk1.8.0_171 2
export PATH=$JAVA_HOME/bin:$JAVA_HOME/jre/bin:$PATH
export CLASSPATH=.:$JAVA_HOME/lib:$JAVA_HOME/jre/lib
export MAVEN_HOME=/usr/local/apache‐maven‐3.5.3
export PATH=$MAVEN_HOME/bin:$PATH
(3)执行命令
source /etc/profile
(4)验证
1、输入:
javac -version
出现以下信息,则jdk安装无误
javac 1.8.0_171
2、 输入:
mvn -v
出现以下信息,则maven安装无误
Apache Maven 3.5.3 (3383c37e1f9e9b3bc3df5050c29c8aff9f295297; 2018-02- 25T03:49:05+08:00) Maven home: /usr/local/apache-maven-3.5.3 Java version: 1.8.0_171, vendor: Oracle Corporation Java home: /usr/local/jdk1.8.0_171/jre Default locale: en_US, platform encoding: UTF-8 OS name: "linux", version: "4.4.0-128-generic", arch: "amd64", family: "unix"
3、测试Tomcat能否正常启动:
启动Tomcat:
cd /usr/local/apache‐tomcat‐8.5.31/bin
./startup.sh
关闭Tomcat:
cd /usr/local/apache‐tomcat‐8.5.31/bin
./shutdown.sh
启动tomcat后若出现以下信息:,证明Tomcat配置成功
Using CATALINA_BASE: /usr/local/apache‐tomcat‐8.5.31 2 Using CATALINA_HOME: /usr/local/apache‐tomcat‐8.5.31 3 Using CATALINA_TMPDIR: /usr/local/apache‐tomcat‐8.5.31/temp 4 Using JRE_HOME: /usr/local/jdk1.8.0_171 5 Using CLASSPATH: /usr/local/apache‐tomcat‐ 8.5.31/bin/bootstrap.jar:/usr/local/apache‐tomcat‐8.5.31/bin/tomcat‐juli.ja r6 Tomcat started.
证明Tomcat配置成功,然后打开浏览器,输入:
http://127.0.0.1:8080(127.0.0.1可换成你的主机IP)
出现tomcat猫,则 tomcat安装成功
2、使用Java keytool工具生成HTTPS证书,并为系统注册
1.生成server.keystore
root@ubuntu:~# cd /usr/local/apache‐tomcat‐8.5.31
root@ubuntu:/usr/local/apache‐tomcat‐8.5.31# keytool ‐genkey ‐alias tomca t ‐keyalg RSA ‐keypass tomcat ‐storepass tomcat ‐keystore server.keystore ‐ validity 3600
What is your first and last name?
[Unknown]: localhost
What is the name of your organizational unit?
[Unknown]: si
What is the name of your organization?
[Unknown]: si
What is the name of your City or Locality?
[Unknown]: sh
What is the name of your State or Province?
[Unknown]: sh
What is the two‐letter country code for this unit?
[Unknown]: cn
Is CN=localhost, OU=si, O=si, L=sh, ST=sh, C=cn correct?
[no]: y
alias: 别名 这里起名tomcat
keyalg: 证书算法,RSA
keystore:证书生成的目标路径和文件名
keypass:密钥保护密码
storepass:存储密码
2.生成证书server.cer
root@ubuntu:/usr/local/apache‐tomcat‐8.5.31# keytool ‐export ‐trustcacert s ‐alias tomcat ‐file server.cer ‐keystore server.keystore ‐storepass tomcat
显示
Certificate stored in file <server.cer>
3.导入证书
root@ubuntu:/usr/local/apache‐tomcat‐8.5.31# keytool ‐import ‐trustcacert s ‐alias tomcat ‐keystore "/usr/local/jdk1.8.0_171/jre/lib/security/cacert s" ‐file "/usr/local/apache‐tomcat‐8.5.31/server.cer" ‐storepass changeit
注意:证书库默认密码为changeit,不能填前面自定义的密码
显示:
输入“y”后回车 若想删除此证书,命令:
# keytool ‐delete ‐alias tomcat ‐keystore "/usr/local/jdk1.8.0_171/jre/li b/security/cacerts" ‐storepass changeit
4.tomcat配置https
编辑server.xml文件
root@ubuntu:~# vi /usr/local/apache‐tomcat‐8.5.31/conf/server.xml
将8443端口配置去掉注释,并改为以下内容:
<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" 2 maxThreads="150" SSLEnabled="true" scheme="https" secure="true" 3 clientAuth="false" sslProtocol="TLS" keystoreFile="server.keystore" keystorePass="tomcat" />
port: https的端口,默认8443
clientAuth:设置是否双向验证,默认为false,设置为true代表双向验证
keystoreFile: keystore证书的路径
keystorePass: 生成keystore时的口令
5.测试连接是否成功
在浏览器中输入:
https://localhost:8443
一般浏览器会显示该连接不安全,你在浏览器手动将此连接设置为可信任的,然后出现 tomcat页面即说明https配置成功。
配置cas5.3
进入cas-overlay-template-master文件编译cas.war包
root@ubuntu:~# cd /usr/local/cas‐overlay‐template‐master
root@ubuntu:/usr/local/cas‐overlay‐template‐master# mvn install // 编译.war包
等pom的jar包下载完后以及编译成功后就会多出一个target文件夹,里面有cas的内容,我们只需要将cas.war(或cas的文件夹)放到tomcat的webapp下并启动tomcat,访问
https://localhost:8443/cas/login就能看到如下的页面 :
默认用户名和密码为casuser和Mellon,成功登录后显示如下页面
1)若修改默认的用户名和密码 到apachetomcat8.5.43\webapps\cas\WEBINF\classes目录的 application.properties的最后面修改密码为如下:
yyh:新用户名 123456:新密码
cas.authn.accept.users=yyh::123456
题外话
小潘的个人微信公众号【小潘学程序】,有兴趣可给个关注~
一起学习,一起成长
扫一扫
2130
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
