上一篇文章讲了用系统默认的simple验证方式,即用户名=密码来进行CAS的验证。
本文我们尝试用mysql来进行验证
1,下载cas-server-3.4.2-release.zip及mysql-connector-java-5.1.7-CodePub.zip,cas-client-2.0.11.zip三个文件
可能有些您已经下载了,本文中最重要的是mysql-connector-java-5.1.7-CodePub.zip这个文件,它是jdbc连接mysql
的驱动包;
2,copy :
cas-server-3.4.2-release.zip -> modules/cas-server-support-jdbc-3.4.2.jar
mysql-connector-java-5.1.7-CodePub.zip -> mysql-connector-java-5.1.7-bin.jar
cas-client-2.0.11.zip -> java/lib/casclient.jar
三个文件到tomcat_path/webapps/cas/WEB-INF/lib中即可;
3,修改配置文件 tomcat_path/webapps/cas/WEB-INF中deployerConfigContext.xml文件
首先注释以下语句:
<bean
class="org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler" />
更改为:
<bean class="org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler">
<property name="sql" value="select password from auth_user where username=?" />
<property name="dataSource" ref="dataSource" />
</bean>
再在外围加上:
<bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name="driverClassName" value="com.mysql.jdbc.Driver"></property>
<property name="url" value="jdbc:mysql://localhost/zhidao"></property>
<property name="username" value="root"></property>
<property name="password" value="******"></property>
</bean>
我的示例:
<property name="authenticationHandlers">
<list>
<!--
| This is the authentication handler that authenticates services by means of callback via SSL, thereby validating
| a server side SSL certificate.
+-->
<bean class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
p:httpClient-ref="httpClient" />
<!--
| This is the authentication handler declaration that every CAS deployer will need to change before deploying CAS
| into production. The default SimpleTestUsernamePasswordAuthenticationHandler authenticates UsernamePasswordCredentials
| where the username equals the password. You will need to replace this with an AuthenticationHandler that implements your
| local authentication strategy. You might accomplish this by coding a new such handler and declaring
| edu.someschool.its.cas.MySpecialHandler here, or you might use one of the handlers provided in the adaptors modules.
+-->
<!-- <bean
class="org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler"
/> +-->
<bean class="org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler">
<property name="sql" value="select password from auth_user where username=?" />
<property name="dataSource" ref="dataSource" />
</bean>
</list>
</property>
</bean>
<bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name="driverClassName" value="com.mysql.jdbc.Driver"></property>
<property name="url" value="jdbc:mysql://localhost/zhidao"></property>
<property name="username" value="root"></property>
<property name="password" value="******"></property>
</bean>
最后重启tomcat服务器,这时候验证就去你指定的mysql数据库了.
-------------------------------------------------------------------------------------------------------------------------
以上做验证的时候密码必须在数据库中是原文存储的才可以正常,所以您的密码是以某种加密方式存储的还需要要加入规则
以下实现了md5加密;
1,加入password规则
<bean class="org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler">
<property name="dataSource" ref="dataSource" />
<property name="sql" value="select password from auth_user where username = ?" />
<property name="passwordEncoder" ref="myPasswordEncoder" />
</bean>
上面这段,sql定义了一个查询语句,用来判断用户名,密码是否存 在,myPasswordEncoder是我自定义的一个密码的加密类,实现了passwordEncoder接口及其 encode() 方法。
2,配置PasswordEncoder;
<bean id="myPasswordEncoder" class="org.jasig.cas.authentication.handler.MyPasswordEncoder"/>
3,MyPasswordEncoder
给出源 码,大家自己编译成class吧,然后把MyPasswordEncoder.class放到
Tomcat_path\webapps\cas\WEB-INF\lib\cas-server-core-3.4.2.jar中相应的包下,jar包用winrar打 开后,直接把class拖到相应目录下即可
package org.jasig.cas.authentication.handler;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.text.SimpleDateFormat;
import java.util.Date;
import org.springframework.util.StringUtils;
// Referenced classes of package org.jasig.cas.authentication.handler:
// PasswordEncoder
public final class MyPasswordEncoder
implements PasswordEncoder
{
public MyPasswordEncoder(){};
public String encode(String password)
{
char hexDigits[] = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9',
'a', 'b', 'c', 'd', 'e', 'f'};
try {
byte[] strTemp = password.getBytes();
MessageDigest mdTemp = MessageDigest.getInstance("MD5");
mdTemp.update(strTemp);
byte[] md = mdTemp.digest();
int j = md.length;
char str[] = new char[j * 2];
int k = 0;
for (int i = 0; i < j; i++) {
byte byte0 = md[i];
str[k++] = hexDigits[byte0 >>> 4 & 0xf];
str[k++] = hexDigits[byte0 & 0xf];
}
return new String(str);
} catch (Exception e) {
return null;
}
}
public final static String MD5(String s) {
char hexDigits[] = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9',
'a', 'b', 'c', 'd', 'e', 'f'};
try {
byte[] strTemp = s.getBytes();
MessageDigest mdTemp = MessageDigest.getInstance("MD5");
mdTemp.update(strTemp);
byte[] md = mdTemp.digest();
int j = md.length;
char str[] = new char[j * 2];
int k = 0;
for (int i = 0; i < j; i++) {
byte byte0 = md[i];
str[k++] = hexDigits[byte0 >>> 4 & 0xf];
str[k++] = hexDigits[byte0 & 0xf];
}
return new String(str);
} catch (Exception e) {
return null;
}
}
public static Date getDateByString(String dateString) {
try {
SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd");
return dateFormat.parse(dateString);
} catch (Exception e) {
return null;
}
}
public static String getDateString(Date date) {
SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd");
return dateFormat.format(date);
}
}
172
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
