Use the CAs login module to connect to a database to verify user legitimacy

Use CAS Login Module Connecting application database verifying user legitimacy

For more information on how to configure the CAS login module to integrate into the development WEB application See here:

http://blog.csdn.net/jia20003/article/details/49683827

Based on the CAS server 3.5.0 version configuration implementation.

Here we mainly describe how to take advantage of existing user data tables user_table in the username with the Password Two fields to enable the user to CAS Module Login time Query our application database Basicweb in the user_table table. Verify the user name and password, and actually implement the user's legality check.

the approximate steps need to be configured as follows to first open CAS server of the War package Then in Web-inf found in the directory Deployerconfigcontext.xml This file opens to find:

<bean class= "Org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler"/ >

替换为：

<bean id= "Searchmodesearchdatabaseauthenticationhandler"  class= " Org.jasig.cas.adaptors.jdbc.SearchModeSearchDatabaseAuthenticationHandler "  abstract=" false "lazy-init=" Default "autowire=" Default ">  <property  name=" Tableusers ">   <value>user_table</ value>  </property>  <property name= "Fielduser" >   <value>username</value>  </property>  <property name= "Fieldpassword" >   <value>password</value>  </property>  <property name= "DataSource" ref= "DataSource"/></bean> <bean class= " Org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler ">  <property name=" DataSource "ref=" DataSource "/>  <property name=" SQL "value=" select password from user_table where lower (username) = lower (?) "/ ></bean>

which user_table to be Basicweb tables in the database

username with the Password is its two field name

and then in the outermost Beans Add in Tags DataSource The relevant configuration is as follows:

<bean id= "DataSource" class= "Org.springframework.jdbc.datasource.DriverManagerDataSource" >  < Property Name= "Driverclassname" ><value>com.mysql.jdbc.Driver</value></property>  < Property name= "url" ><value>jdbc:mysql://localhost:3306/basicweb</value></property>  <property name= "username" ><value>root</value></property>  <property name= "password "><value>password123</value></property>  </bean>  

Save later overwriteWarin the original configuration file. Finally, we need to openWarinWeb-infdirectory underLibCatalog toMySQL JDBCConnection SupportJarwith the download goodCas-server-3.5.0-rc1\modules\cas-server-support-jdbc-3.5.0-rc1.jarare added toLibdirectory to go, and then saveWar, redeploy toTomcat\webappsdirectory.

The test finds that the post submits the form without data, and the workaround is to add the following configuration in Web. xml:

<filter><filter-name>cas Validation filter</filter-name><filter-class> Org.jasig.cas.client.validation.cas20proxyreceivingticketvalidationfilter</filter-class><init-param ><param-name>casserverurlprefix</param-name><param-value>http://localhost:8080/cas</ param-value></init-param><init-param><param-name>servername</param-name>< param-value>http://localhost:8080</param-value></init-param><!--Agent--><init-param> <param-name>acceptanyproxy</param-name><param-value>true</param-value></init-param ><!--configured to False, otherwise the parameter passed by the agent is not received--><init-param><param-name>redirectaftervalidation</ Param-name><param-value>false</param-value></init-param></filter>

The reason is that if you do not add it, it will validate ticket and find that the URL we submitted does notticket is not considered legal, re-created the new ticket, resulting in the loss of form data

Copyright NOTICE: This article for Bo Master original article, without Bo Master permission not reproduced.

Use the CAs login module to connect to a database to verify user legitimacy