认证方式:默认的用户名密码写死在配置文件中
<bean id="primaryAuthenticationHandler"
class="org.jasig.cas.authentication.AcceptUsersAuthenticationHandler">
<property name="users">
<map>
<entry key="casuser" value="Mellon"/>
</map>
</property>
</bean>
修改为JDBC方式:用户名密码保存在数据库中,cas提供了QueryDatabaseAuthenticationHandler,这里修改为自定义的DoubleMd5AuthenticationHandler,使用两次md5加密处理
<bean id="primaryAuthenticationHandler"
class="org.ittenyear.cas.authentication.DoubleMd5AuthenticationHandler">
<property name="dataSource" ref="dataSource" />
<property name="sql" value="select password,salt from user where lower(username) = lower(?))" />
<property name="passwordEncoder" ref="md5PasswordEncoder"/>
</bean>
<!--连接池使用的c3p0,因此要把c3p0的jar包依赖导进来-->
<!--连接池使用的c3p0,因此要把c3p0的jar包依赖导进来-->
<bean id="dataSource"
class="com.mchange.v2.c3p0.ComboPooledDataSource"
destroy-method="close">
<property name="driverClass">
<value>com.mysql.jdbc.Driver</value>
</property>
<property name="jdbcUrl">
<value>jdbc:mysql://localhost:3306/ittenyear?useUnicode=true&characterEncoding=UTF-8</value>
</property>
<property name="user">
<value>ittenyear</value>
</property>
<property name="password">
<value>123456</value>
</property>
<property name="minPoolSize">
<value>5</value>
</property>
<property name="maxPoolSize">
<value>30</value>
</property>
<property name="initialPoolSize">
<value>10</value>
</property>
<property name="maxIdleTime">
<value>60</value>
</property>
<property name="acquireIncrement">
<value>5</value>
</property>
<property name="idleConnectionTestPeriod">
<value>30</value>
</property>
<property name="acquireRetryAttempts">
<value>30</value>
</property>
<property name="breakAfterAcquireFailure">
<value>false</value>
</property>
</bean>
在数据库表user中插入测试数据即可测试登录
在数据库表user中插入测试数据即可测试登录