我根据帖子https://apereo.github.io/2019/02/19/cas61-as-oauth-authz-server/配置了OAuth2.0协议(授权码授予类型)的CAS服务器>
我的服务器配置(application.yml)
cas: server: name: https://casoauth.example.org:8443 prefix: ${cas.server.name}/cas authn: accept: users: casuser::demo oauth: refreshToken: timeToKillInSeconds: 2592000 code: timeToKillInSeconds: 14400 numberOfUses: 10 accessToken: timeToKillInSeconds: 14400 maxTimeToLiveInSeconds: 28800 grants: resourceOwner: requireServiceHeader: true userProfileViewType: FLAT ticket: tgt: maxTimeToLiveInSeconds: 28800 timeToKillInSeconds: 14400 st: timeToKillInSeconds: 14400 serviceRegistry: json: location: classpath:/services initFromJson: true logging: config: file:/etc/cas/config/log4j2.xml level: org: apereo: cas: DEBUG
用于注册应用程序的json
{ "@class" : "org.apereo.cas.support.oauth.services.OAuthRegisteredService", "clientId": "client1", "clientSecret": "password1", "serviceId": "^https://casoauth.example.org:9999/.*", "name": "OAuthService", "id": 1000, "bypassApprovalPrompt": false, "supportedGrantTypes": [ "java.util.HashSet", [ "authorization_code" ] ], "supportedResponseTypes": [ "java.util.HashSet", [ "code" ] ] }
应用程序配置
debug: true server: port: 9999 ssl: keyStore: file:/etc/cas/thekeystore keyStorePassword: changeit keyPassword: changeit security: user: password: user ignored: /,/favicon.ico,/index.html,/home.html,/dashboard.html,/js/**,/css/**,/webjars/** sessions: ALWAYS oauth2: sso: loginPath: /dashboard/login management: security: role: HERO logging: level: org.springframework: INFO com.netflix.discovery: 'OFF' --- spring: profiles: cas security: oauth2: client: clientId: client1 clientSecret: password1 accessTokenUri: https://casoauth.example.org:8443/cas/oauth2.0/accessToken userAuthorizationUri: https://casoauth.example.org:8443/cas/oauth2.0/authorize clientAuthenticationScheme: form resource: userInfoUri: https://casoauth.example.org:8443/cas/oauth2.0/profile preferTokenInfo: false
在CAS服务器上进行身份验证后,我得到
Whitelabel错误页面
此应用程序没有针对/ error的显式映射,因此您将其视为备用。
[Cue Jun 04 17:10:41 CEST 2019发生意外错误(类型=未经授权,状态= 401)。身份验证失败:无法获取访问令牌
任何想法有什么问题吗?
我根据https://apereo.github.io/2019/02/19/cas61-as-oauth-authz-server/我的服务器配置,使用OAuth2.0协议(授权代码授予类型)配置了CAS服务器( application.yml)...
我有这个问题。您应该将证书添加到受信任的证书中,问题将会解决。