CAS implementation of Single Sign-on (SSO) database query authentication mechanism-xml mode (iii)

followed by the introduction of the CAS-based single sign-on (SSO) demonstration, the service-side authentication mechanism in the demonstration process is the default configuration is CAS Servier The Default user name and password are consistent to log in successfully, then this article will focus on the application, really by querying the user name password to process to verify whether the user can log in.

CAS Server Add related jar packages

Need to add two packages under Lib for Web project: Cas-server-support-jdbc-x.x.x.jar and Mysql-connector-java-x.x.x-bin.jar (specific version number depending on the situation)

Modify The configuration of the CAS Server

Find the following information in%tomcat_cas%/webapps/cas/web_inf/deployerconfigcontext.xml:

<bean class= "Org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler"/ ></span>

Modified to read as follows:

<bean class= "Org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler" >        <property name= " DataSource "ref=" DataSource "></property>        <property name=" SQL "value=" select password from T_user where login_name=? "></property>        <!--<property name=" Passwordencoder "ref=" Md5passwordencoder " ></property>--></bean></span>

Also add datasource and encryption to handle the definition of two beans:

<bean id= "DataSource"        class= "Org.springframework.jdbc.datasource.DriverManagerDataSource" >        < Property Name= "Driverclassname" value= "Com.mysql.jdbc.Driver"/>        <property name= "url" value= "jdbc:mysql:/ /localhost/test "/>        <property name=" username "value=" root "/>        <property name=" password "value=" Root "/></bean><bean id=" Md5passwordencoder "        class=" Org.jasig.cas.authentication.handler.DefaultPasswordEncoder ">        <constructor-arg index=" 0 "value=" MD5 "/ ></bean></span>

The modified effect:

data information added in the local database:

Demo Effect:

Attention:

1. Password encryption process, if not, comment out.

2.QueryDatabaseAuthenticationHandler is the query interface provided by CAS-SERVER-SUPPORT-JDBC one is to configure a SQL statement to isolate the password, match the given password;

3.sql statement is the query which table, this example according to the T_user Table login_name field query password, CAS will match the user input password, if the match is passed;

4.passwordEncoder this is to handle the encryption of the password, if you want your application to save the database is encrypted, such as this example is using MD5 encryption, so configured Md5passwordencoder this handler, CAS built-in MD5 function so only need to configure it, if the actual application of the company's own encryption algorithm then need to write a handler to handle the password, the implementation of the way is relatively simple, Create a class that inherits Org.jasig.cas.authentication.handler.PasswordEncoder and then encrypts the password entered by the user in the Encode method and returns.

Configuring multiple Databases

If you need to configure multiple databases, you can configure multiple Querydatabaseauthenticationhandler and multiple datasource

If there is a user in the A_user: Auser,b_user has a user buser, so you no matter which user login, CAS will first check a_user, if the user name password is correct, then pass, if the A_user failed to verify, then CAS will check b_ User, username and password are correct even if passed, this time is not correct, even if the login verification failed.

Summary:

The above is a simple configuration of the database query data validation process, in the application process of CAs is very common, for our daily application of the needs of CAs to help us to provide a lot of customized ways, the next blog will continue to explain!

CAS implementation of Single Sign-on (SSO) database query authentication mechanism-xml mode (iii)