三.取消https，直接http访问

1.WEB-INF/deployerConfigContext.xml

在<bean class = "org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler" p:httpClient-ref = "httpClient" />

增加参数 p:requireSecure="false" ，是否需要安全验证，即 HTTPS ， false 为不采用 如下：

<bean class = "org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler" p:httpClient-ref = "httpClient" p:requireSecure= "false" />

2.WEB-INF/spring-configuration/ticketGrantingTicketCookieGenerator.xml

修改 p:cookieSecure="true" 为 p:cookieSecure=" false " ， 即不需要安全 cookie

如下部分：

<bean id = "ticketGrantingTicketCookieGenerator" class = "org.jasig.cas.web.support.CookieRetrievingCookieGenerator"

p:cookieSecure = " false "

p:cookieMaxAge = "-1"

p:cookieName = "CASTGC"

p:cookiePath = "/cas" />

3.WEB-INF\spring-configuration\warnCookieGenerator.xml

修改 p:cookieSecure="true" 为 p:cookieSecure=" false " ， 即不需要安全 cookie

结果如下：

<bean id = "warnCookieGenerator" class = "org.jasig.cas.web.support.CookieRetrievingCookieGenerator"

p:cookieSecure = " false "

p:cookieMaxAge = "-1"

p:cookieName = "CASPRIVACY"

p:cookiePath = "/cas" />

4.修改 services/Apereo-10000002.json下面的serviceId的https改成http

5.修改 services/services\HTTPSandIMAPS-10000001.json下面的serviceId的https改成http

客户端tomcat分别修改login-tomcat-8.0.12\webapps\examples\WEB-INF\web.xml和blog-tomcat-8.0.12\webapps\examples\WEB-INF\web.xml

修改成http和相对于的端口号

访问地址分别为：

http://login.hacker.org:18080/examples/servlets/servlet/HelloWorldExample

http://blog.hacker.org:28080/examples/servlets/servlet/HelloWorldExample

http://server.hacker.org:8080/cas/logout

原文地址：https://www.cnblogs.com/pizhiyun/p/9364497.html