Custom CAS login verification

Custom CAS login verification

Reprinted by the author:

By: 88250

Blog: http:/blog.csdn.net/dl88250

MSN & Gmail &
QQ: DL88250@gmail.com

Directory

Summary 1

Environment 1

Create Project 1

Add dependency package 2

Write Test Case 2

Write implementation code 3

Engineering Structure 5

Testing and packaging 5

Enable customized login verification 6

Integration Test 7

Conclusion 7

Summary

This article uses liferay and CAS integration as an example to customize CAS login authentication from the same user name/password to liferay user identity for verification.

Environment

• Mysql5.0.5

• JRE 1.6.0.7

• Ubuntu
  8.04

• Liferay
  5.1.1 bundled with Tomcat 6.0

• CAS
  Server 3.3.1

• Yale
  CAS client 2.0.11

• Netbeans
  IDE 6.1

SeeHere.

Create a project

Open netbeans IDE and create a Java
Class Library Project: portalauthhandler.

Add dependency package

Find the following jar from LIB in CaS:

• Cas-server-core-3.3.jar

• Inspektr-core-0.7.0.jar

Download the spring-core.jar (2.5.5) and click here.

Add the Three jar packages to the project portalauthhandler.

Write Test Cases

Create a test case under test packages. The Code is as follows:

Package
Com. jinfonet. developer. Portal;

Import
JUnit. Framework. testcase;

Import
Org. JASIG. Cas. Authentication. handler. passwordencoder;

/**

*

*
@ Author 88250 <DL88250@gmail.com>

*/

Public
Final class base64passwordencodertests extends testcase {

Private
Final passwordencoder = new
Base64passwordencoder ("sha1 ");

Public
Void testhashbase64encoded (){

Assertequals ("quqp5cyxm6yctahz05hph5gvu9m = ",
This. passwordencoder. encode ("test "));

}

Public
Void testnullpassword (){

Assertequals (null,
This. passwordencoder. encode (null ));

}

Public
Void testinvalidencodingtype (){

Final
Passwordencoder Pe = new base64passwordencoder ("invalid
Encoding ");

Try
{

PE. encode ("test ");

Fail ("Exception
Expected .");

}
Catch (final exception e ){

Return;

}

}

}

This test case has three test methods, of which hashbase64encoded is the most important. Because the password _ field in the user _ in the liferay account table is encrypted by sha1 by default, and then stored in base64 encoding. The self-contained password in CAS
Encoder only uses encryption algorithms for encryption steps, without base64 encoding steps. Therefore, we need to write an encoder with base64 encoding function, which must be implemented
Org. JASIG. Cas. Authentication. handler. passwordencoder interface.

Write implementation code

Package
Com. jinfonet. developer. Portal;

Import
Java. Io. unsupportedencodingexception;

Import
Java. Security. messagedigest;

Import
Java. Security. nosuchalgorithmexception;

Import
Org. inspektr. Common. IOC. annotation. notnull;

Import
Org. JASIG. Cas. Authentication. handler. passwordencoder;

Import
Org. springframework. util. stringutils;

Import
Sun. Misc. base64encoder;

/**

*

*
@ Author 88250 <DL88250@gmail.com>

*/

Public
Class base64passwordencoder implements passwordencoder {

Private
Static final char [] hex_digits = {'0', '1', '2', '3', '4', '5 ',

'6 ',
'7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'

};

@ Notnull

Private
Final string encodingalgorithm;

Private
String characterencoding;

Public
Base64passwordencoder (final string encodingalgorithm ){

This. encodingalgorithm
= Encodingalgorithm;

}

Public
String encode (final string password ){

If
(Password = NULL ){

Return
NULL;

}

Try
{

Messagedigest
Messagedigest = messagedigest. getinstance (this. encodingalgorithm );

If
(Stringutils. hastext (this. characterencoding )){

Messagedigest. Update (password. getbytes (this. characterencoding ));

}
Else {

Messagedigest. Update (password. getbytes ());

}

Final
Byte [] digest = messagedigest. Digest ();

Return
Getformattedtext (Digest );

}
Catch (final nosuchalgorithmexception e ){

Throw
New securityexception (E );

}
Catch (final unsupportedencodingexception e ){

Throw
New runtimeexception (E );

}

}

/**

*
Takes the raw bytes from the digest and formats them correct.

*

*
@ Param bytes the raw bytes from the Digest.

*
@ Return the formatted bytes.

*/

Private
String getformattedtext (byte [] bytes ){

Final
Stringbuilder Buf = new stringbuilder (bytes. length * 2 );

Sun. Misc. base64encoder
E = new base64encoder ();

Final
String buf2 = E. encode (bytes );

For
(Int J = 0; j <bytes. length; j ++ ){

Buf. append (hex_digits [(Bytes [J]
> 4) & 0x0f]);

Buf. append (hex_digits [bytes [J]
& 0x0f]);

}

System. Out. println ("final:
"+ Buf2 );

System. Out. println (encodingalgorithm
+ ":" + BUF );

Return
Buf2.tostring ();

}

Public
Final void setcharacterencoding (final string characterencoding ){

This. characterencoding
= Characterencoding;

}

}

Note:Here, we use a restricted class of Sun: base64encoder. If you implement it by yourself, try to use your own.

Engineering Structure

The complete structure of the project is as follows:

Testing and packaging

After the unit test is passed, go to the DIST directory under the project directory and put the class file (
Package) to $ liferay_home/webapps/CAS-Web/cas-server-core-3.3.jar.

Enable custom login verification

Edit the $ liferay_home/webapps/CAS-Web/WEB-INF/deployerconfigcontext. xml file

<Bean class = "org. JASIG. Cas. Authentication. handler. Support. simpletestusernamepasswordauthenticationhandler"/>

Replace

<Bean
Class = "org. JASIG. Cas. adaptors. JDBC. querydatabaseauthenticationhandler">

<Property
Name = "SQL" value = "select password _ from user _ Where
Screenname =? "/>

<Property
Name = "passwordencoder" ref = "base64passwordencoder"/>

<Property
Name = "datasource" ref = "datasource"/>

</Bean>

Note:In liferay, it is best to use screenname as the user name for CAS authentication. emailaddress is not available and the ID method has not been tested.

Then

</List>

</Property>

</Bean>

Add later:

<Bean
Id = "datasource"

Class = "org. springframework. JDBC. datasource. drivermanagerdatasource">

<Property
Name = "driverclassname" value = "$ {dB. Driver}"/>

<Property
Name = "url" value = "$ {dB. url}"/>

<Property
Name = "username" value = "$ {dB. Username}"/>

<Property
Name = "password" value = "$ {dB. Password}"/>

</Bean>

<Bean
Id = "base64passwordencoder"

Class = "com. jinfonet. developer. Portal. base64passwordencoder"
Autowire = "byname">

<Constructor-Arg
Value = "sha1"/>

</Bean>

Finally, modify the configuration of the database connection in the file $ liferay_home/webapps/CAS-Web/WEB-INF/CAS. properties as follows:

# Database. hibernate. dialect = org. hibernate. dialect. oracledialect

Database. hibernate. dialect = org. hibernate. dialect. mysqldialect

# Database. hibernate. dialect = org. hibernate. dialect. hsqldialect

DB. Driver = com. MySQL. JDBC. Driver

DB. url = JDBC: mysql: // localhost: 3306/lportal? Useunicode = true & amp; characterencoding = UTF-8 & amp; usefastdateparsing = false

DB. Username = lportal

DB. Password = dl88250

Integration Test

After liferay and CAs are started, when you log on to liferay (using a non-Portlet), the CAS verification page is automatically displayed. Enter the user name (your
Screen name) and password, if the login is successful, it will automatically jump to your home in liferay.

Summary

This article takes the integration of CAS and liferay as an example to introduce the whole development and configuration process of custom CAS login verification, and also highlights some points that need attention. Use CAs to implement SSO (single
Sign on) in the next article, we will introduce how CAS integrates liferay + scarab. Please pay more attention to it.
:)