内部邀請碼:C8E245J (不寫邀請碼,沒有現金送)
國内私募機構九鼎控股打造,九鼎投資是在全國股份轉讓系統挂牌的公衆公司,股票代碼為430719,為“中國PE第一股”,市值超1000億元。
------------------------------------------------------------------------------------------------------------------------------------------------------------------
原文位址:http://blog.csdn.net/designlife/article/details/2956814
最近,在做CAS單點登陸的一個子產品,由于公司的産品太多,各個系統都要部署,在開發中Https的證書的部署比較麻煩,是以,打算把CAS的Https去掉。具體的修改如下
1.修改cas-servlet.xml
<bean id="warnCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
p:cookieSecure="true"
p:cookieMaxAge="-1"
p:cookieName="CASPRIVACY"
p:cookiePath="/cas" />
<bean id="ticketGrantingTicketCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
p:cookieSecure="true "
p:cookieName="CASTGC"
p:cookiePath="/cas" />
把上面連個bean中的p:cookieSecure="true "修改為p:cookieSecure="false"
2.修改deployerConfigContext.xml
<bean class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
p:httpClient-ref="httpClient" />
添加p:requireSecure="false"
3.修改casclient的用戶端
修改用戶端的https驗證
(1).edu.yale.its.tp.cas.client.filter.edu.yale.its.tp.cas.client.filter
if (! casValidate.startsWith("https://")){
throw new ServletException("validateUrl must start with https://, its current value is [" + casValidate + "]");
}
if (casServiceUrl != null){
if (! (casServiceUrl.startsWith("https://")|| (casServiceUrl.startsWith("http://") ))){
throw new ServletException("service URL must start with http:// or https://; its current value is [" + casServiceUrl + "]");
}
}
if (! casValidate.startsWith("https://")){
throw new ServletException("validateUrl must start with https://, its current value is [" + casValidate + "]");
if (casServiceUrl != null){
if (! (casServiceUrl.startsWith("https://")|| (casServiceUrl.startsWith("http://") ))){
throw new ServletException("service URL must start with http:// or https://; its current value is [" + casServiceUrl + "]");
}
把這兩段内容注釋掉
(2).修改edu.yale.its.tp.cas.util.SecureURL
if (!u.getProtocol().equals("https")){
// IOException may not be the best exception we could throw here
// since the problem is with the URL argument we were passed, not
// IO. -awp9
log.error("retrieve(" + url + ") on an illegal URL since protocol was not https.");
throw new IOException("only 'https' URLs are valid for this method");
if (!u.getProtocol().equals("https")){
// IOException may not be the best exception we could throw here
// since the problem is with the URL argument we were passed, not
// IO. -awp9
log.error("retrieve(" + url + ") on an illegal URL since protocol was not https.");
throw new IOException("only 'https' URLs are valid for this method");
把這段内容注釋掉