國內私募機構九鼎控股打造APP,來就送 20元現金領取地址:
http://jdb.jiudingcapital.com/phone.html
內部邀請碼: C8E245J (不寫邀請碼,沒有現金送)
國內私募機構九鼎控股打造,九鼎投資是在全國股份轉讓系統掛牌的公眾公司,股票代碼為430719,為“中國PE第一股”,市值超1000億元。
內部邀請碼: C8E245J (不寫邀請碼,沒有現金送)
國內私募機構九鼎控股打造,九鼎投資是在全國股份轉讓系統掛牌的公眾公司,股票代碼為430719,為“中國PE第一股”,市值超1000億元。
------------------------------------------------------------------------------------------------------------------------------------------------------------------
原文地址:http://blog.csdn.net/designlife/article/details/2956814
最近,在做CAS單點登陸的一個模塊,由於公司的產品太多,各個系統都要部署,在開發中Https的證書的部署比較麻煩,所以,打算把CAS的Https去掉。具體的修改如下
1.修改cas-servlet.xml
Java代碼
- <bean id="warnCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
- p:cookieSecure="true"
- p:cookieMaxAge="-1"
- p:cookieName="CASPRIVACY"
- p:cookiePath="/cas" />
- <bean id="ticketGrantingTicketCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
- p:cookieSecure="true "
- p:cookieMaxAge="-1"
- p:cookieName="CASTGC"
- p:cookiePath="/cas" />
- <bean id="warnCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
- p:cookieSecure="true"
- p:cookieMaxAge="-1"
- p:cookieName="CASPRIVACY"
- p:cookiePath="/cas" />
- <bean id="ticketGrantingTicketCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
- p:cookieSecure="true "
- p:cookieMaxAge="-1"
- p:cookieName="CASTGC"
- p:cookiePath="/cas" />
把上面連個bean中的p:cookieSecure="true "修改為p:cookieSecure="false"
2.修改deployerConfigContext.xml
Java代碼
- <bean class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
- p:httpClient-ref="httpClient" />
- <bean class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
- p:httpClient-ref="httpClient" />
添加p:requireSecure="false"
3.修改casclient的客戶端
修改客戶端的https驗證
(1).edu.yale.its.tp.cas.client.filter.edu.yale.its.tp.cas.client.filter
Java代碼
- if (! casValidate.startsWith("https://")){
- throw new ServletException("validateUrl must start with https://, its current value is [" + casValidate + "]");
- }
- if (casServiceUrl != null){
- if (! (casServiceUrl.startsWith("https://")|| (casServiceUrl.startsWith("http://") ))){
- throw new ServletException("service URL must start with http:// or https://; its current value is [" + casServiceUrl + "]");
- }
- }
- if (! casValidate.startsWith("https://")){
- throw new ServletException("validateUrl must start with https://, its current value is [" + casValidate + "]");
- }
- if (casServiceUrl != null){
- if (! (casServiceUrl.startsWith("https://")|| (casServiceUrl.startsWith("http://") ))){
- throw new ServletException("service URL must start with http:// or https://; its current value is [" + casServiceUrl + "]");
- }
- }
把這兩段內容注釋掉
(2).修改edu.yale.its.tp.cas.util.SecureURL
Java代碼
- if (!u.getProtocol().equals("https")){
- // IOException may not be the best exception we could throw here
- // since the problem is with the URL argument we were passed, not
- // IO. -awp9
- log.error("retrieve(" + url + ") on an illegal URL since protocol was not https.");
- throw new IOException("only 'https' URLs are valid for this method");
- }
- if (!u.getProtocol().equals("https")){
- // IOException may not be the best exception we could throw here
- // since the problem is with the URL argument we were passed, not
- // IO. -awp9
- log.error("retrieve(" + url + ") on an illegal URL since protocol was not https.");
- throw new IOException("only 'https' URLs are valid for this method");
- }
把這段內容注釋掉