This is an old revision of the document!
casserver# wget http://developer.ja-sig.org/maven2/org/jasig/cas/cas-server-support-radius/3.5.2/cas-server-support-radius-3.5.2.jar casserver# tar -xvzf cas-server-3.5.2-release.tar.gz casserver# cd cas-server-3.5.2/cas-server-webapp/ casserver:~/cas-server-3.5.2/cas-server-webapp# find . -name '*,v'
./src/main/webapp/WEB-INF/cas.properties,v ./src/main/webapp/WEB-INF/deployerConfigContext.xml,v ./pom.xml,v
casserver:~/cas-server-3.5.2/cas-server-webapp# mvn clean package
Смотрим на ошибки компиляции и для каждой выполняем примерно следующее:
# wget http://developer.ja-sig.org/maven2/org/jasig/parent/jasig-parent/39/jasig-parent-39.pom # mv jasig-parent-39.pom /root/.m2/repository/org/jasig/parent/jasig-parent/39/jasig-parent-39.pom ...
casserver# cat int.geotrust.crt /etc/ssl/certs/ca-certificates.crt > int.crt casserver# openssl pkcs12 -export -chain -inkey bmstu.ru.clkey -in bmstu.ru.crt -name "tomcat" -CAfile int.crt -out bmstu.ru_int.p12 casserver# keytool -importkeystore -srckeystore bmstu.ru_int.p12 -srcstoretype PKCS12 -alias tomcat -keystore /usr/share/tomcat7/.keystore casserver# keytool -list -v -keystore /usr/share/tomcat7/.keystore
casclient# openssl s_client -showcerts -connect proxy.bmstu.ru:443 casserver# cat /etc/tomcat7/server.xml
... <Connector port="8443" ... ciphers="SSL_RSA_WITH_RC4_128_SHA" ...
casclient# apt-get install libapache2-mod-auth-cas casclient# cp int.geotrust.crt /etc/ssl/certs/ casclient# cp bmstu.ru.crt /etc/ssl/certs/ casclient# c_rehash /etc/ssl/certs/ casclient# cat /etc/apache2/mods-enabled/auth_cas.conf
CASCookiePath /var/cache/apache2/mod_auth_cas/ CASCertificatePath /etc/ssl/certs/ CASLoginURL https://proxy.bmstu.ru:8443/cas/login CASValidateURL https://proxy.bmstu.ru:8443/cas/serviceValidate CASAllowWildcardCert On
casclient# pkg_add -r ap22-mod_auth_cas casclient# cat /usr/local/etc/apache22/Includes/auth_cas.conf
LoadModule auth_cas_module libexec/apache22/mod_auth_cas.so CASCookiePath /var/cache/apache2/mod_auth_cas/ CASLoginURL https://proxy.bmstu.ru:8443/cas/login CASValidateURL https://proxy.bmstu.ru:8443/cas/serviceValidate CASAllowWildcardCert On CASCertificatePath /usr/local/share/certs/
# cat default-ssl
... <Directory "/.../cgi-bin"> ... Order allow,deny Allow from all AuthType CAS AuthName "TEST CAS AUTH" require valid-user </Directory> ...