因为公司采用的密码加密时sha+盐加密,并且盐也在数据库中存储,所以验证时需要获取盐来对密码进行加密认证,在网上查看了很多资料,终于找到一条可以适用于各种密码加密的操作方式,如果你的密码采用的是其他密码加密也可以用这种办法。
思路就是自定义密码验证方法,然后修改配置文件使默认登录方法为我们自己定义的方法:
首先添加项目所需maven依赖,有可能因为网络问题下载失败,删除在重新添加几次即可。
<!-- jdbc相关依赖 -->
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-jdbc-drivers</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-jdbc</artifactId>
<version>5.2.6</version>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>5.1.38</version>
</dependency>
<!-- -->
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-core-authentication</artifactId>
<version>${cas.version}</version>
</dependency>
<!-- -->
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-core-configuration</artifactId>
<version>${cas.version}</version>
</dependency>
<!-- 这里是我密码加密时所用的依赖,用来对密码进行SHA加密的,各位根据自己的情况添加-->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>1.4.0</version>
</dependency>
下面是代码
新建Login类
import org.apache.shiro.crypto.hash.Sha256Hash;
import org.apereo.cas.authentication.HandlerResult;
import org.apereo.cas.authentication.PreventedException;
import org.apereo.cas.authentication.UsernamePasswordCredential;
import org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.services.ServicesManager;
import org.slf4j.LoggerFactory;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.jdbc.datasource.DriverManagerDataSource;
import javax.security.auth.login.FailedLoginException;
import java.security.GeneralSecurityException;
import java.util.Map;
public class Login extends AbstractUsernamePasswordAuthenticationHandler {
private static final org.slf4j.Logger logger = LoggerFactory.getLogger(Login.class);
public Login(String name, ServicesManager servicesManager, PrincipalFactory principalFactory, Integer order) {
super(name, servicesManager, principalFactory, order);
}
@Override
protected HandlerResult authenticateUsernamePasswordInternal(UsernamePasswordCredential usernamePasswordCredential, String s) throws GeneralSecurityException, PreventedException {
DriverManagerDataSource d=new DriverManagerDataSource();
d.setDriverClassName("com.mysql.jdbc.Driver");
d.setUrl("jdbc:mysql://10.200.8.21:3306/fycc_test");
d.setUsername("root");
d.setPassword("123!");
JdbcTemplate template=new JdbcTemplate();
template.setDataSource(d);
//获取页面输入的用户名和密码
String username = usernamePasswordCredential.getUsername();
String password = usernamePasswordCredential.getPassword();
//获取加密时所需的盐、密码,我在数据库中用 salt 字段存储加密盐
Map<String,Object> user = template.queryForMap("SELECT `password` ,`salt` FROM sys_user WHERE username = ?", usernamePasswordCredential.getUsername());
if(user==null){
throw new FailedLoginException("没有该用户");
}
//对前台获取的密码进行加密
String hashPassword = new Sha256Hash(password, user.get("salt")).toHex();
//判断加密后的输入密码是否与数据库的相同
if(user.get("password").toString().equals(hashPassword)){
return createHandlerResult(usernamePasswordCredential, principalFactory.createPrincipal(username), null);
}
throw new FailedLoginException("Sorry, login attemp failed.");
}
}
在新建CustomAuthConfig配置类
```bash
import org.apereo.cas.authentication.AuthenticationEventExecutionPlan;
import org.apereo.cas.authentication.AuthenticationEventExecutionPlanConfigurer;
import org.apereo.cas.authentication.AuthenticationHandler;
import org.apereo.cas.authentication.principal.DefaultPrincipalFactory;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.services.ServicesManager;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@Configuration("CustomAuthConfig")
@EnableConfigurationProperties(CasConfigurationProperties.class)
public class CustomAuthConfig implements AuthenticationEventExecutionPlanConfigurer {
@Autowired
private CasConfigurationProperties casProperties;
@Autowired
@Qualifier("servicesManager")
private ServicesManager servicesManager;
@Bean
public AuthenticationHandler myAuthenticationHandler() {
final Login handler = new Login(Login.class.getSimpleName(), servicesManager, new DefaultPrincipalFactory(), 10);
return handler;
}
@Override
public void configureAuthenticationExecutionPlan(AuthenticationEventExecutionPlan plan) {
plan.registerAuthenticationHandler(myAuthenticationHandler());
}
}
然后修改resources下META-INF目录下的spring.factories文件如下图所示,将你的CustomAuthConfig类的包路径写在下面
![在这里插入图片描述](https://img-blog.csdnimg.cn/20200409133902338.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3FxXzM4ODkyMTIy,size_16,color_FFFFFF,t_70)
修改application.properties文件,如下图所示,将默认的用户名密码注释掉
![在这里插入图片描述](https://img-blog.csdnimg.cn/20200409134119413.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3FxXzM4ODkyMTIy,size_16,color_FFFFFF,t_70)
在启动项目 build.cmd run 输入数据库里的正确的用户名密码即可