三.取消https，直接http訪問

1.WEB-INF/deployerConfigContext.xml

在<bean class = "org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler" p:httpClient-ref = "httpClient" />

增加參數 p:requireSecure="false" ，是否需要安全驗證，即 HTTPS ， false 為不采用 如下：

<bean class = "org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler" p:httpClient-ref = "httpClient" p:requireSecure= "false" />      

 

2.WEB-INF/spring-configuration/ticketGrantingTicketCookieGenerator.xml

修改 p:cookieSecure="true" 為 p:cookieSecure=" false " ， 即不需要安全 cookie

如下部分：

<bean id = "ticketGrantingTicketCookieGenerator" class = "org.jasig.cas.web.support.CookieRetrievingCookieGenerator"

   p:cookieSecure = " false "

   p:cookieMaxAge = "-1"

   p:cookieName = "CASTGC"

   p:cookiePath = "/cas" />

 

3.WEB-INF\spring-configuration\warnCookieGenerator.xml

修改 p:cookieSecure="true" 為 p:cookieSecure=" false " ， 即不需要安全 cookie

結果如下：

<bean id = "warnCookieGenerator" class = "org.jasig.cas.web.support.CookieRetrievingCookieGenerator"

   p:cookieSecure = " false "

   p:cookieMaxAge = "-1"

   p:cookieName = "CASPRIVACY"

   p:cookiePath = "/cas" />

 

4.修改 services/Apereo-10000002.json下面的serviceId的https改成http

 

5.修改 services/services\HTTPSandIMAPS-10000001.json下面的serviceId的https改成http

 

客戶端tomcat分別修改login-tomcat-8.0.12\webapps\examples\WEB-INF\web.xml和blog-tomcat-8.0.12\webapps\examples\WEB-INF\web.xml

修改成http和相對於的端口號

 

訪問地址分別為：

http://login.hacker.org:18080/examples/servlets/servlet/HelloWorldExample

http://blog.hacker.org:28080/examples/servlets/servlet/HelloWorldExample

http://server.hacker.org:8080/cas/logout