rubycas-server Quick Start

fjqzyc

• git clone git://github.com/rubycas/rubycas-server.git
  
• cd rubycas-server
  
• cp config/config.example.yml config.yml
  
• 配置config.yml，详细如下
  
• mysqladmin -u root create casserver
  
• Run bundle install
  
• bundle exec rubycas-server -c config.yml
  

　　cas server数据库配置：
　　

database:
adapter: mysql2
database: casserver
username: root
password: 123456
host: localhost
reconnect: true

　　
　　应用数据库配置：

authenticator:
class: CASServer::Authenticators::SQL
database:
adapter: mysql2
database: redmine
username: redmine
password: redmine
host: localhost
user_table: users
username_column: login
password_column: lastname
　　
　　日志配置：

log:
file: /pathto/log/casserver.log
level: INFO
　　
　　服务器配置：

server: webrick
port: 3200
　　
　　rubycas-server
　　生成ssl证书，最新分支中没有了这个rake任务，拷贝下边代码到rake任务中，生成ssl证书
　　修改配置文件：
　　
　　ssl_cert: /pathto/cert.pem
ssl_key: /pathto/key.pem



desc "generate a self signed SSL certificate (in order to get going easily)"
task :generate_ssl_certificate do
`mkdir -p ssl/newcerts ssl/private`
File.open("ssl/openssl.cnf", "w") do |f|
f.write <<-EOF
#
# OpenSSL configuration file.
#
# Establish working directory.
dir = .
[ ca ]
default_ca = CA_default
[ CA_default ]
serial = $dir/serial
database = $dir/index.txt
new_certs_dir = $dir/newcerts
certificate = $dir/cacert.pem
private_key = $dir/private/cakey.pem
default_days = 365
default_md = md5
preserve = no
email_in_dn = no
nameopt = default_ca
certopt = default_ca
policy = policy_match
[ policy_match ]
countryName = match
stateOrProvinceName = match
organizationName = match
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
[ req ]
default_bits = 1024 # Size of keys
default_keyfile = key.pem # name of generated keys
default_md = md5 # message digest algorithm
string_mask = nombstr # permitted characters
distinguished_name = req_distinguished_name
req_extensions = v3_req
[ req_distinguished_name ]
# Variable name Prompt string
#---------------------- ----------------------------------
0.organizationName = Organization Name (company)
organizationalUnitName = Organizational Unit Name (department, division)
emailAddress = Email Address
emailAddress_max = 40
localityName = Locality Name (city, district)
stateOrProvinceName = State or Province Name (full name)
countryName = Country Name (2 letter code)
countryName_min = 2
countryName_max = 2
commonName = Common Name (hostname, IP, or your name)
commonName_max = 64
# Default values for the above, for consistency and less typing.
# Variable name Value
#------------------------------ ------------------------------
0.organizationName_default = The Sample Company
localityName_default = Metropolis
stateOrProvinceName_default = New York
countryName_default = US
commonName_default = localhost
[ v3_ca ]
basicConstraints = CA:TRUE
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always
[ v3_req ]
basicConstraints = CA:FALSE
subjectKeyIdentifier = hash
EOF
end
`cd ssl && echo '01' > serial`
`cd ssl && touch index.txt`
puts
puts "When asked for a passphrase enter one, for example rubycas"
puts
`cd ssl && openssl req -new -x509 -extensions v3_ca -keyout private/cakey.pem -out cacert.pem -days 365 -config ./openssl.cnf`
`cd ssl && openssl req -new -nodes -out req.pem -config ./openssl.cnf`
`cd ssl && openssl ca -out cert.pem -config ./openssl.cnf -infiles req.pem`
puts
puts "If you are using Firefox and want to access the CAS server through localhost you need to add an exception:"
puts " 1. Go to Preferences > Advanced > Encryption > View Certificates"
puts " 2. Click the Tab Servers"
puts " 3. Click the Button Add Exception"
puts " 4. Enter https://localhost:<port> into the textfield and press Get Certificate"
puts " 5. Then press View"
puts " 6. Then press Confirm Security Exception"
end
desc "clear all generated files for SSL certificate"
task :clear_ssl_certificate do
`rm -rf ssl`
end
　　
　　启动：
　　

rubycas-server(master) $ bundle exec rubycas-server -c config.yml
=> Using custom config file "config.yml"
>>> Redirecting RubyCAS-Server log to /home/abc/Downloads/rubycas-server/log/casserver.log

>>> Running migrations to make sure your database schema is up to date...
(1.1ms)  SELECT `schema_migrations`.`version` FROM `schema_migrations`
Migrating to CreateInitialStructure (1)
Migrating to AddIndexesForPerformance (2)
>>> Your database is now up to date.
== RubyCAS-Server is starting up on port 3200 for development with backup from WEBrick
[2015-05-26 18:19:07] INFO  WEBrick 1.3.1
[2015-05-26 18:19:07] INFO  ruby 1.9.3 (2014-11-13) [x86_64-linux]
[2015-05-26 18:19:07] INFO  
Certificate:
Data:
Version: 1 (0x0)
Serial Number: 1 (0x1)
Signature Algorithm: md5WithRSAEncryption
Issuer: O=umeng, OU=umeng/emailAddress=michael_roshen@163.com, L=beijing, ST=beijing, C=zh, CN=localhost
Validity
Not Before: May 26 09:48:37 2015 GMT
Not After : May 25 09:48:37 2016 GMT
Subject: C=zh, ST=beijing, O=umeng, OU=umeng, CN=localhost
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (1024 bit)
Modulus:
00:b8:4f:d9:6a:32:b4:d2:1f:32:1b:9c:09:ec:79:
26:77:c0:14:95:7f:8e:4c:eb:9a:53:a2:54:4f:86:
f9:a6:1e:ab:5d:1e:f9:c0:02:44:77:f3:ee:f7:a4:
f8:ec:aa:0a:ce:47:0b:9c:a3:0a:1d:24:9d:e7:21:
e7:fd:7d:5a:a7:53:47:e1:17:b8:75:16:d9:8b:6c:
7f:d6:84:e5:65:b3:ed:9b:55:68:1c:e9:21:ef:d7:
f9:f8:de:0e:3b:c6:f8:f3:d5:92:29:77:47:c9:a4:
04:9d:8c:92:09:e2:3a:28:d1:24:54:ec:23:d0:75:
c3:57:60:8d:d0:7d:82:1e:ef
Exponent: 65537 (0x10001)
Signature Algorithm: md5WithRSAEncryption
2d:ba:58:25:62:7f:2b:01:00:a9:88:d8:33:71:d0:de:e1:cb:
44:39:af:e1:eb:c8:5f:5e:fb:e1:21:7e:40:a0:cf:47:99:f2:
37:c2:fb:09:05:fe:b0:20:10:0f:7a:9c:ad:7d:48:2c:b1:76:
1a:34:8a:0b:23:8b:52:35:69:fb:f2:5d:7d:10:15:e9:c0:c5:
38:8b:4a:07:d4:3b:5e:c5:af:1a:80:60:7c:a0:dc:37:60:c2:
4f:3c:4d:5a:49:d8:54:9f:60:c0:21:45:42:43:b2:24:97:db:
e2:94:9f:8c:1d:4c:68:28:c9:a2:7f:87:e1:7c:60:5b:23:65:
63:20
[2015-05-26 18:19:07] INFO  WEBrick::HTTPServer#start: pid=9052 port=3200

　　
　　访问：https://localhost:3200/cas/login 显示登录页面