1. cas架构

2. cas流程，参见官网

https://apereo.github.io/cas/5.2.x/protocol/CAS-Protocol.html

3. 术语：

The TGT (Ticket Granting Ticket), stored in the TGC cookie, represents a SSO session for a user.

The ST (Service Ticket), transmitted as a GET parameter in urls, stands for the access granted by the CAS server to the CASified application for a specific user.

service:指客户端，包含url及其他信息

TGC：服务端认证完成后的写入cookie的名称

4. 常用url及描述

/logincredential requestor / acceptor

/logoutdestroy CAS session (logout)

/validateservice ticket validation

/serviceValidateservice ticket validation [CAS 2.0]

/proxyValidateservice/proxy ticket validation [CAS 2.0]

/proxyproxy ticket service [CAS 2.0]

/p3/serviceValidateservice ticket validation [CAS 3.0]

/p3/proxyValidateservice/proxy ticket validation [CAS 3.0]

5. 参考文章

cas协议流程：客户端和服务端的交互流程

https://apereo.github.io/cas/5.2.x/protocol/CAS-Protocol.html

Cas配置文件详解

https://apereo.github.io/cas/5.2.x/installation/Configuration-Properties.html#authentication-policy

Cas管理面板：

https://apereo.github.io/cas/5.2.x/installation/Monitoring-Statistics.html

CAS 服务器搭建：

https://blog.csdn.net/oumuv/article/details/83377945

Cas客户端搭建：

https://www.cnblogs.com/whu-2017/p/11297447.html

Cas服务端自定义登录页面：

https://apereo.github.io/cas/5.3.x/installation/User-Interface-Customization-Themes.html

https://blog.csdn.net/qq_26710557/article/details/86741874?utm_medium=distribute.pc_relevant.none-task-blog-BlogCommendFromBaidu-3.nonecase&depth_1-utm_source=distribute.pc_relevant.none-task-blog-BlogCommendFromBaidu-3.nonecase

自定义校验器：

https://blog.csdn.net/zhouzhiwengang/article/details/97926358?ops_request_misc=%257B%2522request%255Fid%2522%253A%2522159534502219725222422940%2522%252C%2522scm%2522%253A%252220140713.130102334.pc%255Fall.%2522%257D&request_id=159534502219725222422940&biz_id=0&utm_medium=distribute.pc_search_result.none-task-blog-2~all~first_rank_ecpm_v3~pc_rank_v2-4-97926358.first_rank_ecpm_v3_pc_rank_v2&utm_term=cas+5.3+%E7%99%BB%E9%99%86%E6%B5%81%E7%A8%8B&spm=1018.2118.3001.4187

cas代理认证配置：

https://apereo.github.io/cas/5.2.x/integration/Delegate-Authentication.html

解决url jessionId:

https://www.cnblogs.com/fron/p/jssessionid-20161130.html?utm_source=itdadao&utm_medium=referral

6. 补充说明

客户端登登出如果想再次回到登录页面，服务端需要配置：

#登出后跳转到service路径

cas.logout.followServiceRedirects=true

cas服务端源码解析

Springboot整合Cas客户端源码解析

springboot整合Cas客户端搭建

Cas客户端源码解析

来源：oschina

链接：https://my.oschina.net/woniuyi/blog/4454450

标签

github

utm

validation