"Test water CAS-4.0.3" No. 04 section _cas Server Authentication user through database

Source: Internet
Author: User
Tags cas sha1

This article source code download: http://download.csdn.net/detail/jadyer/8911139

/** * @see------------------------------------------------------------------------------------------------------- -----------------* @see CAS server through the database authentication user * @see Implementation of two ways, one is to write the database to obtain the user name password re-authentication class, one is the use of CAS-4.0.3 with the JDBC support to achieve certification, the following are introduced * @see   "Write your own certification class (recommended)" * @see 1. Before we know CSA-4.0.3 's default login user password is configured in Deployerconfigcontext.xml, so go to deployerconfigcontext.xml inside to find * @see Find <bean id= "Primaryauthenticationhandler" class= "   Org.jasig.cas.authentication.AcceptUsersAuthenticationHandler "> * @see We found in Acceptusersauthenticationhandler.java that the CAs are reading the configured user passwords to the global map<string, string> * @see 2.   And Acceptusersauthenticationhandler.java is a certification that is realized by inheriting Abstractusernamepasswordauthenticationhandler.java * @see So create Com.msxf.sso.authentication.UserAuthenticationHandler extends Abstractusernamepasswordauthenticationhandler * @see then rewrite the Authenticateusernamepasswordinternal () method, get the user password entered in the foreground page, and then go to the database. * @see 3. Next Create the \web-inf\ Spring-configuration\applicationcontext-datasource.xml, it will be loaded automatically at startup (set in Web. xml) * @see in ApplicaTioncontext-datasource.xml Configuration database connection pool, connection pool user name password can be configured in \web-inf\cas.properties * @see and add <context:component-scan Base-package= "Com.msxf.sso"/> makes it possible to apply spring annotations in a custom class * @see 4. Create a new Userdaojdbc.java class that accesses the database using the Spring JDBC template * @see because you want to connect to the database, you also add Druid-1.0.14.jar and Mysql-connector-java-5.1.35.jar to the Lib directory * @see 5.   Finally remember to deployerconfigcontext.xml this bean to comment out <bean id= "Primaryauthenticationhandler" > * @see   and use @component (value= "Primaryauthenticationhandler") in our custom Userauthenticationhandler.java to declare it as a bean * @see   Note that the name should be Primaryauthenticationhandler, because the other configuration of deployerconfigcontext.xml references the Primaryauthenticationhandler * @see Otherwise you'll find a location referencing the Primaryauthenticationhandler modified to the new Bean * @see "Cas-server-support-jdbc-4.0.3.jar" * @see 1. This is a simple way to First introduce C3p0-0.9.1.2.jar and Cas-server-support-jdbc-4.0.3.jar * @see 2. Modify Deployerconfigcontext.xml, comment out <bean id= " Primaryauthenticationhandler "> * @see and add <bean id=" DataSource "><bean id=" Passwordencoder "><bean ID = "MssousersauthenticationHandler "> (Specific code will be posted below) * @see also here is the database connection user password read from Cas.properties * @see 3. Because during the certification process is through <bean id="   AuthenticationManager "> refers to <bean id=" Primaryauthenticationhandler "> to implement the * @see So modify the Primaryauthenticationhandler here for our new Mssousersauthenticationhandler * @see 4. By looking at the Org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler source code will find * @see this way with the above to write their own authentication class, the principle is the same, are directly or indirectly extended Abstractusernamepasswordauthenticationhandler * @see-------------------------------------------------- ----------------------------------------------------------------------* @create 2015-7-18 Morning 10:00:39 * @author Xuan Yu 

The following is a custom Userdaojdbc.java

package com.msxf.sso.authentication;import Javax.annotation.resource;import Javax.sql.datasource;import Org.springframework.dao.emptyresultdataaccessexception;import Org.springframework.jdbc.core.jdbctemplate;import org.springframework.stereotype.Repository; @Repositorypublic Class Userdaojdbc {private static final String Sql_verify_account = "Select COUNT (*) from Permission_operator WHERE Operat Or_login=? and OPERATOR_PWD=SHA1 (?) "; Private JdbcTemplate jdbctemplate; @Resourcepublic void Setdatasource (DataSource DataSource) {this.jdbctemplate = new JdbcTemplate (DataSource);} /** * Verify the username and password are correct * @create 2015-7-17 pm 3:56:54 * @author Jade 
The following is a custom authentication class Userauthenticationhandler.java
Package Com.msxf.sso.authentication;import Java.security.generalsecurityexception;import Javax.annotation.resource;import Javax.security.auth.login.failedloginexception;import Org.jasig.cas.authentication.handlerresult;import Org.jasig.cas.authentication.preventedexception;import Org.jasig.cas.authentication.usernamepasswordcredential;import Org.jasig.cas.authentication.handler.support.abstractusernamepasswordauthenticationhandler;import Org.jasig.cas.authentication.principal.simpleprincipal;import org.springframework.stereotype.component;/** * Custom User Login Authentication class * @create 2015-7-17 3:48:44 * @author Xuan Yu The following is the newly created \web-inf\spring-configuration\applicationcontext-datasource.xml
<?xml version= "1.0" encoding= "UTF-8"? ><beans xmlns= "Http://www.springframework.org/schema/beans" xmlns: Xsi= "Http://www.w3.org/2001/XMLSchema-instance" xmlns:tx= "Http://www.springframework.org/schema/tx" xmlns: context= "Http://www.springframework.org/schema/context" xsi:schemalocation= "http://www.springframework.org/ Schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd http://www.springframework.org/ Schema/tx http://www.springframework.org/schema/tx/spring-tx-3.2.xsdhttp://www.springframework.org/schema/ Contexthttp://www.springframework.org/schema/context/spring-context-3.2.xsd "><bean id=" DataSource "class=" Com.alibaba.druid.pool.DruidDataSource "init-method=" Init "destroy-method=" close "><property name=" url "value = "${jdbc.url}"/><property name= "username" value= "${jdbc.username}"/><property name= "password" value= "$ {Jdbc.password} "/><!--configuration initialization size, MIN, max--><property name=" InitialSize "value=" 1 "/><property name=" Minidle " Value= "1"/><property name= "maxactive" value= "\"/><!--configuration Get connection wait time out--><property name= "maxWait" Value= "60000"/><!--configuration interval to detect the idle connection that needs to be closed, in milliseconds--><property name= "Timebetweenevictionrunsmillis" Value= "60000"/><!--Configure the minimum time for a connection to survive in a pool, in milliseconds--><property name= "Minevictableidletimemillis" value= " 300000 "/><property name=" validationquery "value=" select ' X ' "/><property name=" Testwhileidle "value=" True "/><property name=" Testonborrow "value=" false "/><property name=" Testonreturn "value=" false "/> <!--open Pscache, and specify the size of Pscache on each connection--><!--Pscache (PreparedStatement) has a huge performance boost for cursors-enabled databases, such as Oracle/db2/sql Server, under MySQL is recommended to close--><property name= "Poolpreparedstatements" value= "false"/><property name= " Maxpoolpreparedstatementperconnectionsize "value="-1 "/><!--Configuration Monitoring Statistics interception filters--><property Name=" Filters "value=" Wall,mergestat "/></bean><bean id=" Txmanager "class=" Org.springframework.jdbc.datasouRce. Datasourcetransactionmanager "><property name=" DataSource "ref=" DataSource "/&GT;&LT;/BEAN&GT;&LT;TX: Annotation-driven transaction-manager= "Txmanager"/><context:component-scan base-package= "Com.msxf.sso"/ ></beans>
The following is the configuration of the newly added database meta-information in Cas.properties
#<< database meta-Information >>jdbc.url=jdbc:mysql://192.168.2.41:3306/turtle?useunicode=true&characterencoding= utf8&zerodatetimebehavior=converttonull&autoreconnect=true&failoverreadonly=false& Maxreconnects=10jdbc.username=turtlejdbc.password=turtle
and finally, the deployerconfigcontext.xml part of the change.
<!--The following is a bean configuration using Cas-server-support-jdbc-4.0.3.jar for database authentication--><!--Configuring the data source, declaring the password encryption method, specifying the user name password of the authenticator <bean id= " DataSource "class=" Com.mchange.v2.c3p0.ComboPooledDataSource "p:driverclass=" Com.mysql.jdbc.Driver "p:jdbcurl=" ${ Jdbc.url} "p:user=" ${jdbc.username} "p:password=" ${jdbc.password} "/><bean id=" Passwordencoder "class=" Org.jasig.cas.authentication.handler.DefaultPasswordEncoder "c:encodingalgorithm=" SHA1 "p:characterencoding=" UTF-8 "/><bean id=" Mssousersauthenticationhandler "class=" Org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler "p:datasource-ref=" DataSource "P: passwordencoder-ref= "Passwordencoder" p:sql= "select Operator_pwd from Permission_operator WHERE operator_login=?" />--><bean id= "AuthenticationManager" class= " Org.jasig.cas.authentication.PolicyBasedAuthenticationManager "><constructor-arg><map><entry key-ref= "Proxyauthenticationhandler" value-ref= "Proxyprincipalresolver"/><entry key-ref= " PrimaryauthenticationhandleR "value-ref=" Primaryprincipalresolver "/><!--The following is a bean declaration that implements database authentication with Cas-server-support-jdbc-4.0.3.jar <!--<entry key-ref= "Mssousersauthenticationhandler" value-ref= "Primaryprincipalresolver"/>--></ Map></constructor-arg><property name= "Authenticationpolicy" ><bean class= " Org.jasig.cas.authentication.AnyAuthenticationPolicy "/></property></bean><!--to cancel the default user name and password, Instead of our own user name and password queried from the database--><!--<bean id= "Primaryauthenticationhandler" class= " Org.jasig.cas.authentication.AcceptUsersAuthenticationHandler "><property name=" users "><map>< Entry key= "Xuanyu" value= "Xuanyu"/></map></property></bean>--

Copyright NOTICE: This article for Bo Master original article, without Bo Master permission not reproduced.

"Test water CAS-4.0.3" No. 04 section _cas Server Authentication user through database

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.