配置uPortal的cas
uPortal 4 默认绑定了一个cas服务. 这个cas 服务跟uPortal服务一起启动。
如果默认的cas有以下几项发生改变之后,要想uPortal继续能够使用默认绑定的cas,则uPortal也要修改两个文件才能继续使用cas:web.xml和security.properties。
- server hostname cas
- server port
- SSL/non-SSL
- application context name change
- uPortal和cas不再用localhost访问,从其他地方用ip访问
Option 1: 修改默认自带的cas
Step 1: 修改filters/local.properties
1. NEW: 在filters文件夹, local.properties文件记录了cas服务器的配置,把“localhost:
8080”改成cas修改后的地址即可。
# HSQL Configuration environment.build.hsql.port= 8887
# Database Connection Settings (Uncomment the Maven Filters section in rdbm.properties) environment.build.hibernate.connection.driver_class=org.hsqldb.jdbc.JDBCDriver environment.build.hibernate.connection.url=jdbc:hsqldb:hsql: //localhost:${environment.build.hsql.port}/uPortal
environment.build.hibernate.connection.username=sa environment.build.hibernate.connection.password= environment.build.hibernate.dialect=org.hibernate.dialect.HSQLDialect # uPortal server configuration properties environment.build.uportal.server=localhost: 8080
environment.build.uportal.protocol=http environment.build.uportal.context=/uPortal environment.build.uportal.email.fromAddress=portal @university .edu
# CAS server configuration properties environment.build.cas.server=localhost: 8080
environment.build.cas.protocol=http |
Step 2: uportal-war/src/main/resources/properties/security.properties
如果你要修改uPortal首页的登录和登出连接,则找到security.properties文件,修改即可。
![]() |
logoutRedirect.root 默认情况下登出是跳到了cas的登出页面. 如果你想用户点击“ logging out“跳转到你想要的页面 你就把登出超链接的"url="修改成"service="
|
## This is the factory that supplies the concrete authentication class
root=org.jasig.portal.security.provider.UnionSecurityContextFactory root.cas=org.jasig.portal.security.provider.cas.CasAssertionSecurityContextFactory #root.cas=org.jasig.cas3.extensions.clearpass,integration.uportal.PasswordCachingCasAssertionSecurityContextFactory root.simple=org.jasig.portal.security.provider.SimpleSecurityContextFactory ## Answers what tokens are examined in the request for each context during authentication.
## A subcontext only needs to set its tokens if it differs from those of the root context.
principalToken.root=userName credentialToken.root=password credentialToken.root.cas=ticket ## Answers where the user will be redirected when log out occurs. Each security context can have one. ## (See comments in the LogoutServlet class )
## It would be better to escape the value of the url parameter, but since there are no parameters on the ## unescaped URL and since there are no further parameters on the logout URL, this does work.
logoutRedirect.root=${environment.build.cas.protocol}: //${environment.build.cas.server}/cas/logout?url=${environment.build.uportal.protocol}://${environment.build.uportal.server}${environment.build.uportal.context}/Login
## This is the factory that supplies the concrete authorization class
authorizationProvider=org.jasig.portal.security.provider.AuthorizationServiceFactoryImpl ## Login URL, if specified the CLogin channel will display a Login link with
## this URL instead of the standard userName/password form.
org.jasig.portal.channels.CLogin.CasLoginUrl=${environment.build.cas.protocol}: //${environment.build.cas.server}/cas/login?service=${environment.build.uportal.protocol}://${environment.build.uportal.server}${environment.build.uportal.context}/Login
## URL of the CAS cleartext password service #org.jasig.cas3.extensions.clearpass.integration.uportal.PasswordCachingCasAssertionSecurityContextFactory.clearPassCasUrl=${environment.build.cas.protocol}: //${environment.build.cas.server}/cas/clearPass
### ... |
Step 3: Rebuild uPortal
这里是要先情况之前老的部署,cmd命令进入..\uPortal-4.0.5-quick-start\uPortal-4.0.5,不能会报出找不到clean这个目标
ant clean deploy-ear |
Step 4: Restart Tomcat
Note: If you choose not to configure the CasLoginUrl parameter you will receive the following error, "Could not resolve property placeholder ${org.jasig.portal.channels.CLogin.CasLoginUrl}". This error stems from the CasLoginUrl parameter being referenced in two files: jsonRenderingPipelinContext.xml andrenderingPipelineContext.xml located in the directory path, uportal-war/src/main/resources/properties/contexts. Therefore, you will need to remove (comment out) the CasLoginUrl parameter reference in the two xml files. <entry key="EXTERNAL_LOGIN_URL" value="${org.jasig.portal.channels.CLogin.CasLoginUrl}" />
|
Option 2: 配置使用外部独立配置的CAS
要使 uPortal 使用外部的cas.同样的要先进行上面的配置。不同的是,你也许想把原来的移除掉
Steps 1 and 2:跟上面配置一样,修改两个文件。
同上,修改 web.xml和 security.properties两个文件,让uPortal找打新的CAS的URL
Step 3: 移除默认的CAS
通过命令”ant deploy-ear“来移除默认cas,先修改
:
- 注释或删除uportal-portlets-overlay/pom.xml文件的
<module>cas</module>
. - 注释或删除 uportal-ear/pom.xml 的CAS <dependency>部分和 <webModule> 元素 .
Step 4. Rebuild uPortal
ant clean deploy-ear |