2

使用以下命令运行 apereo/cas docker 容器

docker run -p 8443:8443 -v /root/cas/config:/etc/cas/config -d apereo/cas:v6.2.4

/root/cas/config/cas.properties 文件在主机上

cas.authn.accept.users=
cas.authn.file.separator=::
cas.authn.file.filename=file:///etc/cas/config/users.txt
cas.authn.file.name=file:///etc/cas/config/users.txt
cas.authn.file.passwordEncoder.type=NONE

/root/cas/config/users.txt 文件

testuser::password

当我执行到 docker 容器中时,我可以在 /etc/cas/config 看到相同的 cas.properties 和 users.txt 文件,但由于某种原因,当我以 testuser 身份登录时,它没有进行身份验证。

不知道为什么!!

容器启动



     _    ____  _____ ____  _____ ___     ____    _    ____
    / \  |  _ \| ____|  _ \| ____/ _ \   / ___|  / \  / ___|
   / _ \ | |_) |  _| | |_) |  _|| | | | | |     / _ \ \___ \
  / ___ \|  __/| |___|  _ <| |__| |_| | | |___ / ___ \ ___) |
 /_/   \_\_|   |_____|_| \_\_____\___/   \____/_/   \_\____/


CAS Version: 6.2.4
CAS Branch: 6.2.x
CAS Commit Id: 60ba4cdd35a279ba8aae8922920099d314576500
CAS Build Date/Time: 2020-10-14T10:36:30Z
Spring Boot Version: 2.2.8.RELEASE
Spring Version: 5.2.6.RELEASE
Java Home: /opt/java/openjdk
Java Vendor: AdoptOpenJDK
Java Version: 11.0.8
JVM Free Memory: 71 MB
JVM Maximum Memory: 1 GB
JVM Total Memory: 113 MB
JCE Installed: Yes
OS Architecture: amd64
OS Name: Linux
OS Version: 4.4.11-23.53.amzn1.x86_64
OS Date/Time: 2020-11-03T21:30:47.993674
OS Temp Directory: /tmp
------------------------------------------------------------
Apache Tomcat Version: Apache Tomcat/9.0.39
------------------------------------------------------------


2020-11-03 21:30:48,104 INFO [org.apereo.cas.configuration.DefaultCasConfigurationPropertiesSourceLocator] - <Configuration files found at [/etc/cas/config] are [[file [/etc/cas/config/cas.properties]]] under profile(s) [[standalone]]>
2020-11-03 21:30:48,602 INFO [org.apereo.cas.web.CasWebApplication] - <The following profiles are active: standalone>
2020-11-03 21:30:49,521 DEBUG [org.apereo.cas.web.CasWebApplicationContext] - <Refreshing org.apereo.cas.web.CasWebApplicationContext@3c443976>
2020-11-03 21:30:58,432 INFO [org.apereo.cas.configuration.CasConfigurationPropertiesValidator] - <Application context has validated CAS property sources and configuration successfully.>
2020-11-03 21:30:59,484 DEBUG [org.apereo.cas.tomcat.CasTomcatServletWebServerFactory] - <Code archive: /cas-overlay/cas.war>
2020-11-03 21:30:59,492 DEBUG [org.apereo.cas.tomcat.CasTomcatServletWebServerFactory] - <Document root: /cas-overlay/cas.war>
2020-11-03 21:31:12,045 DEBUG [org.apereo.cas.config.CasCoreConfiguration] - <Applying configuration for Accept Any Authentication Policy>
2020-11-03 21:31:14,978 INFO [org.springframework.boot.autoconfigure.security.servlet.UserDetailsServiceAutoConfiguration] - <

Using generated security password: 512112df-5dd0-48ff-878f-41828c1c6899
>
2020-11-03 21:31:15,415 INFO [org.springframework.security.web.access.channel.ChannelProcessingFilter] - <Validated configuration attributes>
2020-11-03 21:31:15,454 INFO [org.springframework.security.web.DefaultSecurityFilterChain] - <Creating filter chain: any request, [org.springframework.security.web.access.channel.ChannelProcessingFilter@4ea48b2e, org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@45790cb, org.springframework.security.web.context.SecurityContextPersistenceFilter@2820b369, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@476c137b, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@2507a170, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@73a5d86c, org.springframework.security.web.session.SessionManagementFilter@688d2a5d, org.springframework.security.web.access.ExceptionTranslationFilter@1e3566e, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@1280bae3]>
2020-11-03 21:31:17,974 DEBUG [org.apereo.cas.config.CasPersonDirectoryConfiguration] - <Attribute repository sources are not available for person-directory principal resolution>
2020-11-03 21:31:18,086 WARN [org.apereo.cas.config.CasCoreServicesConfiguration] - <Runtime memory is used as the persistence storage for retrieving and persisting service definitions. Changes that are made to service definitions during runtime WILL be LOST when the CAS server is restarted. Ideally for production, you should choose a storage option (JSON, JDBC, MongoDb, etc) to track service definitions.>
2020-11-03 21:31:18,142 WARN [org.apereo.cas.config.CasCoreTicketsConfiguration] - <Runtime memory is used as the persistence storage for retrieving and managing tickets. Tickets that are issued during runtime will be LOST when the web server is restarted. This MAY impact SSO functionality.>
2020-11-03 21:31:18,154 INFO [org.apereo.cas.util.CoreTicketUtils] - <Ticket registry encryption/signing is turned off. This MAY NOT be safe in a clustered production environment. Consider using other choices to handle encryption, signing and verification of ticket registry tickets, and verify the chosen ticket registry does support this behavior.>
2020-11-03 21:31:18,186 DEBUG [org.apereo.cas.config.CasCoreTicketsSchedulingConfiguration] - <Ticket registry cleaner is enabled.>
2020-11-03 21:31:18,377 DEBUG [org.apereo.cas.config.CasPersonDirectoryConfiguration] - <No attribute repository sources are available/defined to merge together.>
2020-11-03 21:31:18,415 DEBUG [org.apereo.cas.pm.config.PasswordManagementConfiguration] - <Password management is disabled. To enable the password management functionality, add 'cas.authn.pm.enabled=true' to the CAS configuration and then configure storage options for account updates>
2020-11-03 21:31:18,530 WARN [org.apereo.cas.util.cipher.BaseStringCipherExecutor] - <Secret key for encryption is not defined for [Ticket-granting Cookie]; CAS will attempt to auto-generate the encryption key>
2020-11-03 21:31:18,558 WARN [org.apereo.cas.util.cipher.BaseStringCipherExecutor] - <Generated encryption key [aXblgCPSNYneVsuoV52UEx-N4qeYR8L1_Tlt9eSy9Q8] of size [256] for [Ticket-granting Cookie]. The generated key MUST be added to CAS settings under setting [cas.tgc.crypto.encryption.key].>
2020-11-03 21:31:18,566 WARN [org.apereo.cas.util.cipher.BaseStringCipherExecutor] - <Secret key for signing is not defined for [Ticket-granting Cookie]. CAS will attempt to auto-generate the signing key>
2020-11-03 21:31:18,567 WARN [org.apereo.cas.util.cipher.BaseStringCipherExecutor] - <Generated signing key [DbaQjgbvwkhg6d6EMbURZwdxD2QRxbG71Iflo6wsX76xzaJAgIqFCbOlAfxiVKa2M9EbXFxh5hN1MPcUVMUx8w] of size [512] for [Ticket-granting Cookie]. The generated key MUST be added to CAS settings under setting [cas.tgc.crypto.signing.key].>
2020-11-03 21:31:18,931 WARN [org.apereo.cas.util.cipher.BaseBinaryCipherExecutor] - <Secret key for signing is not defined under [cas.webflow.crypto.signing.key]. CAS will attempt to auto-generate the signing key>
2020-11-03 21:31:18,934 WARN [org.apereo.cas.util.cipher.BaseBinaryCipherExecutor] - <Generated signing key [7dk5gLYwNoYKNCQTQB1BZvIhEmj-hOaSkVwMRnNGD0WyO9EBCA5F_y69GLRZP41cNeKoH2nXNt4ItcaDFdF5cw] of size [512]. The generated key MUST be added to CAS settings under setting [cas.webflow.crypto.signing.key].>
2020-11-03 21:31:18,935 WARN [org.apereo.cas.util.cipher.BaseBinaryCipherExecutor] - <Secret key for encryption is not defined under [cas.webflow.crypto.encryption.key]. CAS will attempt to auto-generate the encryption key>
2020-11-03 21:31:18,937 WARN [org.apereo.cas.util.cipher.BaseBinaryCipherExecutor] - <Generated encryption key [ybP_djhKWyRG-CCAfNFeCA] of size [16]. The generated key MUST be added to CAS settings under setting [cas.webflow.crypto.encryption.key].>
2020-11-03 21:31:19,628 INFO [org.apereo.cas.web.CasWebApplication] - <Started CasWebApplication in 38.442 seconds (JVM running for 44.26)>
2020-11-03 21:31:19,643 INFO [org.apereo.cas.web.CasWebApplication] - <>
2020-11-03 21:31:19,643 INFO [org.apereo.cas.web.CasWebApplication] - <


  ____  _____    _    ______   __
 |  _ \| ____|  / \  |  _ \ \ / /
 | |_) |  _|   / _ \ | | | \ V /
 |  _ <| |___ / ___ \| |_| || |
 |_| \_\_____/_/   \_\____/ |_|

>
2020-11-03 21:31:19,644 INFO [org.apereo.cas.web.CasWebApplication] - <>
2020-11-03 21:31:19,645 INFO [org.apereo.cas.web.CasWebApplication] - <Ready to process requests @ [2020-11-03T21:31:19.642Z]>
2020-11-03 21:31:19,683 INFO [org.apereo.cas.services.AbstractServicesManager] - <Loaded [0] service(s) from [InMemoryServiceRegistry].>
4

1 回答 1

1

服务不读取身份验证或服务的 cas.properties 设置的原因是因为需要使用附加模块构建 cas 覆盖以读取这些属性。

 implementation "org.apereo.cas:cas-server-support-generic:${casServerVersion}"
 implementation "org.apereo.cas:cas-server-support-json-service-registry:${casServerVersion}"

使用这两个模块重建 cas-overlay-template 项目后,它应该读取与文件身份验证和 json 服务注册表相关的 cas.properties

于 2020-11-05T19:40:45.127 回答