我正在尝试添加CAS作为OBIEE 11g的身份验证提供程序。
到目前为止,我已将cas-client-core-3.2.1.jar jar添加到$ MW_HOME / wlserver_10.3 / server / lib / consoleapp / webapp / WEB-INF / lib /并配置$ MW_HOME / wlserver_10.3 /server/lib/consoleapp/webapp/WEB-INF/web.xml包含流动元素:
<filter>
<filter-name>CAS Authentication Filter</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>http://192.168.0.117:8000/cas/login</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>https://192.168.0.170</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>org.jasig.cas.client.validation.Cas10TicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>http://192.168.0.117:8000/cas</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>https://192.168.0.170</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<filter>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Authentication Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
这仅适用于WL控制台而不适用于OBIEE应用程序。我被重定向到cas登录但是在我仍需要输入控制台密码之后,有效用户将是来自CAS的那个。
任何想法如何为OBIEE应用程序部署CAS?
谢谢,谢伊
确定解决了它,必须解压缩analytics.ear文件并从中解压缩analytics.war将cas core jar添加到WEB-INF / lib并将上面的XML添加到WEB-INF / web.xml repack analytics.war ,重新包装analytics.ear重新启动weblogic。
在EM-> coreapplication-> security enable SSO中选择通用SSO并设置登录和注销URL
注意:我们有一个初始化块,如果用户/密码无法进行身份验证,则会失败,必须进行更改。