Modifying the MD5 encryption specification for CAS

2.4.1, BackgroundThe CAS version that this article uses is 4.0.0

CAS Service and third party docking, the third party uses the MD5 encryption specification is 64 bits, and the CAS MD5 encryption specification is 32 bits. Because the data in the third-party database is numerous, it is not easy to modify. Therefore, the cryptographic specification that needs to be modified for CAS is MD5 64 bits. 2.4.2, Operation 2.4.2.1, get Cas-server-core-4.0.0.jar

Open the CAS Linux installation directory, and under Path/apache-tomcat-7.0.68/webapps/cas/web-inf/lib, get the Cas-server-core-4.0.0.jar file and download the file to your local environment. 2.4.2.2, obtaining CAs's Defaultpasswordencoder encryption class

Locate the previous step to download to the local Cas-server-core-4.0.0.jar, right-click the jar package, and select the extract to current directory option. In the extracted folder, follow the path org\jasig\cas\authentication\handler in turn, as shown in Figure 2.4.2.2.1:

Figure 2.4.2.2.1

We're going to rewrite the Defaultpasswordencoder class, which implements the Passwordencoder interface, so you need to import the interface when overriding the class.

Use the Anti-compilation tool to decompile the two. class files into a. java file, which will be used in the next step for each of the two Java files. 2.4.2.3, rewriting CAs for defaultpasswordencoder encryption classes

Create WebService Project project in Eclipse or MyEclipse, and project name is optional. Under this project, create a package named Org.jasig.cas.authentication.handler. Under the package, create an interface named Passwordencoder and create a class named Defaultpasswordencoder. Copy the contents of the Java file obtained from 2.4.2.2 Decompile to the newly created class.

Rewrite the Defaultpasswordencoder class, add the EncoderPwdByMd5 method, and rewrite the contents of the Encode method as follows:

Package Org.jasig.cas.authentication.handler;

Import java.io.UnsupportedEncodingException;

Import Java.security.MessageDigest;

Import java.security.NoSuchAlgorithmException;

 

Import Sun.misc.BASE64Encoder; Publicclassdefaultpasswordencoder implements passwordencoder{//Generate MD5 publicstaticfinal STRINGENCODERPWDBYMD

        5 (String str) {string newstr = "";

          try {messagedigest MD5 = messagedigest.getinstance ("MD5");

         

          Base64encoder base64en = new Base64encoder ();

        Newstr =base64en.encode (Md5.digest (Str.getbytes ("Utf-8"));

        } catch (NoSuchAlgorithmException e) {e.printstacktrace ();

        } catch (Unsupportedencodingexception e) {e.printstacktrace ();

      } return NEWSTR;

        } @Override Public String encode (stringparamstring) {//TODO auto-generated method stub Return EncodeRPWDBYMD5 (paramstring); } privatestaticfinalchar[] hex_digits = {' 0 ', ' 1 ', ' 2 ', ' 3 ', ' 4 ', ' 5 ', ' 6 ', ' 7 ', ' 8 ', ' 9 ', ' A ', ' B ', ' C ', ' d '

 

      , ' e ', ' f '};

      Privatefinalstring Encodingalgorithm;

     

      Private String characterencoding;

      Public Defaultpasswordencoder (String encodingalgorithm) {this.encodingalgorithm = Encodingalgorithm; } private String getformattedtext (byte[] bytes) {StringBuilder buf = new StringBuilder (

        Bytes.length * 2);

          for (int j = 0; J < Bytes.length; J + +) {buf.append (hex_digits[(Bytes[j] >> 4 & 0xF)]);

        Buf.append (hex_digits[(Bytes[j] & 0xF)]);

      } return buf.tostring (); } publicfinalvoidsetcharacterencoding (String characterencoding) {this.characterencoding = c

      haracterencoding; } Static {}}

Save the Modified class. 2.4.2.4, modify Cas-server-core-4.0.0.jar

Open the Eclipse/myeclipse workspace, as shown in Figure 2.4.2.4.1

Figure 2.4.2.4.1

Select the WEB Service Project project that you created in 2.4.2.3, for example, my project is named Test1, and then open the following path: \webroot\web-inf\classes\org\jasig\cas\ Authentication\handler. The display is shown in Figure 2.4.2.4.2:

Figure 2.4.2.4.2

Leave the window, and the next step is to use it.

Find 2.4.2.1 downloaded Cas-server-core-4.0.0.jar, right-click the jar package, select the Open compressed File option, pop up the page as shown in Figure 2.4.2.4.3

Figure 2.4.2.4.3

Follow the path org\jasig\cas\authentication\handler\ in turn, as shown in Figure 2.4.2.4.4:

Figure 2.4.2.4.4

Drag the Defaultpasswordencoder.class file in Figure 2.4.2.4.2 to the diagram 2.4.2.4.4, close the Diagram 2.4.2.4.4 window 2.4.2.5, Post the modified Cas-server-core-4.0.0.jar

  Open the CAS Linux installation directory, under Path/apache-tomcat-7.0.68/webapps/cas/web-inf/lib, Use the modified Cas-server-core-4.0.0.jar file to overwrite the original Cas-server-core-4.0.0.jar in the path and restart the service. The rewrite of CAS MD5 encryption specification was completed.