Four SSO CAS framework single Sign-on, custom authentication login mode

Source: Internet
Author: User

In response to changes in demand, when logging in to CAS, the default is based on user name and password verification, if you add a user name, password and a system ID to verify it? How to do it?

We know the CAS default login interface, enter the user name and password, and then configure the Deployerconfigcontext.xml this file in the bean Org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler this tag, write the corresponding SQL, and in <bean id= "DataSource" class= " Org.springframework.jdbc.datasource.DriverManagerDataSource "> Configure database Driver, database name, login password, etc.

What if we add another validation?

1 based on the hints of the bean tag in the XML, the container finds this class Querydatabaseauthenticationhandler.java class, first modifies the login-webflow.xml, and modifies the code as follows:

 <  binder               >  <  binding  property  = "username"               />  <  binding  property  = "Password"          />  <  binding  property  = "SystemID"           />  </ binder  >  

where <bingding property= "SystemID"/> With the interface passed over the implied domain consistent.

2 The added JS code in casloginview.jsp is shown below, passing parameters from the URL of the login address.

<script language= "javascript"  type= "Text/javascript" >       window.onload=function() // with the OnLoad event of  window, when the form is finished loading {     //dosomething     var result = Location.search.match (  New RegExp ("[\?\&]" + ' systemid ' + "= ([^\&]+)", "I"));         if Null | | Result.length < 1) {            = "";      }                       $ ("#systemId") [0].value=result[1];  }         </script>  

The login page address is https://www.cdvcloud.com:8443/cas/login?systemId=vms2.0, which will carry these two parameters at the first login interface https://www.cdvcloud.com : 8443/cas/login?service=http%3a%2f%2f172.16.3.101%3a8080%2fvms2.0%2fuser%2ftomain%2f One of our custom system identities, The second one verifies that the database is successfully transferred to the main interface for CAs.

3 hidden is added to the login interface, which is passed to the CAs.

<type= "hidden"  name= "SystemID"  ID= "SystemID"  >

4 Modify the CAS source code, Usernamepasswordcredentials.java, as shown in the code below.

/** Copyright Ja-sig Collaborative. All rights reserved. See license * Distributed with the This file and available online at *http://www.ja-sig.org/products/cas/overview/license/  */   PackageOrg.jasig.cas.authentication.principal; ImportJavax.validation.constraints.NotNull; Importjavax.validation.constraints.Size; /*** Usernamepasswordcredentials respresents the username and password that a user * could provide in order to prove the  Authenticity of who they say they is. *   * @authorScott Battaglia *@version$Revision: 1.2 $ $Date: 2007/01/22 20:35:26 $ *@since3.0 * <p> * This is a published and supported CAS Server 3 API. * </p>*/   Public classUsernamepasswordcredentialsImplementsCredentials {/**Unique ID for serialization.*/      Private Static Final LongSerialversionuid = -8343864967200862794l; /**The username.*/@NotNull @Size (min=1,message = "Required.username")      PrivateString username; /**The password.*/@NotNull @Size (min=1, message = "Required.password")      PrivateString password; /**The systemid for vms2.0 for SQL Validate XX add 2014?? 7?? 21st?? 16:12:51.*/@NotNull @Size (min=1, message = "Required.systemid")      PrivateString SystemID; /*SystemID begin*/        /**      * @returnReturns the SystemID. */            PublicString Getsystemid () {returnSystemID; }         Public voidSetsystemid (String systemid) { This. SystemID =SystemID; }          PublicString Tostringsystemid () {return"[SystemID:" + This. SystemID + "]"; }        /*End*/          /**      * @returnReturns the password. */       Public FinalString GetPassword () {return  This. Password; }        /**      * @parampassword the password to set. */       Public Final voidSetPassword (FinalString Password) {           This. Password =password; }        /**      * @returnReturns the UserName. */       Public FinalString GetUserName () {return  This. Username; }        /**      * @paramUserName the UserName to set. */       Public Final voidSetusername (FinalString UserName) {           This. Username =UserName; }         PublicString toString () {return"[Username:" + This. Username + "]"; } @Override Public BooleanequalsFinalObject o) {          if( This= = O)return true; if(O = =NULL|| GetClass ()! = O.getclass ())return false; Usernamepasswordcredentials that=(usernamepasswordcredentials) o; if(Password! =NULL!password.equals (That.password): That.password! =NULL)return false; if(Username! =NULL!username.equals (that.username): That.username! =NULL)return false; return true; } @Override Public inthashcode () {intresult = Username! =NULL? Username.hashcode (): 0; Result= to * result + (password! =NULL? Password.hashcode (): 0); returnresult; }  }  

In addition to CAS own user name and password, add your own systemid identity.

5 Modify the Querydatabaseauthenticationhandler.java class, as shown in the code below.

/** Copyright Ja-sig Collaborative. All rights reserved. See license * Distributed with the This file and available online at *http://www.ja-sig.org/products/cas/overview/license/  */   PackageOrg.jasig.cas.adaptors.jdbc; Importorg.jasig.cas.authentication.handler.AuthenticationException; Importorg.jasig.cas.authentication.principal.UsernamePasswordCredentials; Importorg.springframework.dao.IncorrectResultSizeDataAccessException; ImportJavax.validation.constraints.NotNull; /*** Class that if provided a query this returns a password (parameter of query * must be username) would compare that Password to a translated version of the * password provided by the user.  If They match, then authentication succeeds.  * Default Password Translator is plaintext translator. *   * @authorScott Battaglia *@authorDmitriy Kopylenko *@version$Revision $ $Date $ *@since3.0*/   Public Final classQuerydatabaseauthenticationhandlerextendsAbstractjdbcusernamepasswordauthenticationhandler {@NotNullPrivateString SQL; protected Final BooleanAuthenticateusernamepasswordinternal (FinalUsernamepasswordcredentials credentials)throwsauthenticationexception {FinalString username =Getprincipalnametransformer (). Transform (Credentials.getusername ()); FinalString Password =Credentials.getpassword (); //xx add 7 16:27:58 for vms2.0 SystemID begin----------//final String systemid = Credentials.getsystemid (); String Mysystemid =Credentials.getsystemid (); String[] Systemidgroup=mysystemid.split (","); String SystemID= Systemidgroup[0]; System.out.println ("SystemID---------" +systemid+ "----------------systemid value"); //Xxadd 7 16:27:58 for vms2.0 SystemID end----------        FinalString Encryptedpassword = This. Getpasswordencoder (). encode (password); Try {              FinalString Dbpassword =getjdbctemplate (). queryForObject ( This. sql, String.class, Username,systemid); returndbpassword.equals (Encryptedpassword); } Catch(Finalincorrectresultsizedataaccessexception e) {              //This means the username is not found.             return false; }      }        /**      * @paramSQL the SQL to set. */       Public voidSetSQL (FinalString SQL) {           This. sql =SQL; }  }  

Four SSO CAS framework single Sign-on, custom authentication login mode

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.