SSO single Point series: CAS4.0 CAS consolidated springmvc+mybatis for database validation (04)

Last Update:2016-09-05 Source: Internet

Author: User

Tags cas wrapper

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

First, prepare the required jar package

Join in Cas\web-inf\lib C3p0-0.9.1.2.jar bags,mysql-connector-java-5.1.21.jar bags and Cas-server-support-jdbc-4.0.0.jar package.

C3P0 jar packages and MySQL-driven jar packages can be pulled down on MAVEN,

Cas-server-support-jdbc-4.0.0.jar This jar package can be found in the Cas-server-4.0.0\modules directory

Second, Cas-server (service side) custom validation rules

1. Open deployerconfigcontext.xml

Find Primaryauthenticationhandler because we need to check with the database in actual development so this code needs to be dropped and then changed to our validation rules.

<!--                   <bean id= "Primaryauthenticationhandler"          class= " Org.jasig.cas.authentication.AcceptUsersAuthenticationHandler ">        <property name=" Users ">            < map>                <entry key= "Casuser" value= "Mellon"/>            </map>        </property>    </bean> -

2. Configure the data source for CAs in deployerconfigcontext.xml

class= "Com.mchange.v2.c3p0.ComboPooledDataSource"        p:driverclass= " Com.mysql.jdbc.Driver "        p:jdbcurl=" jdbc:mysql://localhost:3306/test3?useunicode=true&amp; Characterencoding=utf-8&amp;zerodatetimebehavior=converttonull "        p:user=" xxx "p:password=" xxx "/>

3, in the deployerconfigcontext.xml to define the encryption method

<!--Encryption--         <bean id= "Passwordencoder"      class= " Org.jasig.cas.authentication.handler.DefaultPasswordEncoder "      c:encodingalgorithm=" MD5 "      P: Characterencoding= "UTF-8"/>

4, in the deployerconfigcontext.xml configuration query statement, here the p:passwordencoder corresponds to the encryption method P:datasource This point is to the previously configured data source

<!--query SQL--             <bean id= "Dbauthhandler"      class= " Org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler "      p:datasource-ref=" DataSource "       p:sql= "Select password from cas_user where username=?" and data_status= ' 1 ' "      p:passwordencoder-ref=" Passwordencoder "  />

5, configure the new validation rule in deployerconfigcontext.xml , find this code to take this piece of code out, careful friend may have found Primaryauthenticationhandler

This key points to the default account password configuration provided by CAs, which is the one we're going to call off.

<!--<entry key-ref= "primaryauthenticationhandler" value-ref= "Primaryprincipalresolver"/>-- >

<constructor-arg> <map> <!--|IMPORTANT|every handler requires a unique name. | If more than one instance of the same handlerclassis configured, must explicitly| Set its name to something and than itsdefaultName (typically the simpleclassname). --<entry key-ref= "Proxyauthenticationhandler" value-ref= "Proxyprincipalresolver"/>                <!--<entry key-ref= "Primaryauthenticationhandler" value-ref= "Primaryprincipalresolver"/>-- <entry key-ref= "Dbauthhandler" value-ref= "Primaryprincipalresolver"/> </map> </constru Ctor-arg>

Third, cas-client (client) configuration

1. Open the pom.xml file into the client (clients) JAR Package

                <!--the required jar for integrating CAS--        <dependency>            <groupId>org.jasig.cas.client</groupId>            <artifactId>cas-client-core</artifactId>            <version>3.2.1</version>        </ Dependency>

2. Open the Web. XML configuration to join the CAS configuration

<!--This filter is used for single-point logout, optional configuration. -<filter> <filter-name>cas filter</filter-name> <filter-class>org.jasig.cas.client.session.singlesignoutfilter</filter-class> </filter> <!--the filter is responsible for the user's certification work, it must be enabled--<filter> <filter-name>cas Authenticati On filter</filter-name> <filter-class>org.jasig.cas.client.authentication.authenticationfilter</filter-class> <init-param> <param-name>casServerLoginUrl</param-name> <param-valu E>http://localhost:8080/cas/login</param-value></init-param> <init-param> <param-name>serverName</param-name> <pa Ram-value>http://localhost:8080</param-value></init-param> </filter> <!--The filter is responsible for verifying the ticket, it must be enabled--<filter> <filter-name >cas Validation filter</filter-name> <filter-class>org.jasig.cas.client.validation.cas10ticketvalidationfilter</filter-class> <init-param> <param-name>casServerUrlPrefix</param-name> <param-val Ue>http://localhost:8080/cas</param-value></init-param> <init-param> <param-name>serverName</param-name> <pa Ram-value>http://localhost:8080</param-value></init-param> <init-param> <param-name>redirectAfterValidation</param-name> <param-value>true</param-value> </init-param> </filter> <!--This filter is responsible for implementing HttpServletRequest-requested packages, such as allowing developers to pass HT The Tpservletrequest Getremoteuser () method obtains the login name of the SSO login user, optional configuration. -<filter> <filter-name>cas httpservletrequest Wrapper filter</filter-name> <fi lter-class>org.jasig.cas.client.util.httpservletrequestwrapperfilter</filter-class> </filter> <!--This filter allows developers to get the user's login name through Org.jasig.cas.client.util.AssertionHolder. such as Assertionholder.getassertion (). Getprincipal (). GetName (). -<filter> <filter-name>cas Assertion Thread Local filter</filter-name> <filter -class>org.jasig.cas.client.util.assertionthreadlocalfilter</filter-class> </filter> <filter-mapping> <filter-name>cas filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>cas authentication Fil ter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping&        Gt <filter-name>cas Validation filter</filter-name> <url-pattern>/*</url-pattern> </filt er-mapping> <filter-mapping> <filter-name>cas httpservletrequest Wrapper FILTER&LT;/FILTER-NAME&G        T <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>c As assertion Thread Local filter</filter-name> <url-pattern>/*</url-pattern> </filter-mappi Ng> <listener> <listener-class>org.jasig.cas.client.session.singlesignouthttpsessionlistener</ Listener-class> </listener> <!--======================== Single Sign-on/logout end ========================-

Iv. running the test

CAS automatic interception (PS: No login of course to intercept)

Just enter the information to see if the verification is successful.

Enter the correct account password login system success

SSO single Point series: CAS4.0 CAS consolidated springmvc+mybatis for database validation (04)

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More