随笔 - 1313, 文章 - 2, 评论 - 154, 阅读 - 424万
  首页  :: 新随笔  :: 管理

cas重新实现登陆认证逻辑

Posted on   季枫  阅读(1799)  评论(0编辑  收藏  举报
?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
package com.ucit.cas;
 
import java.security.NoSuchAlgorithmException;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.List;
 
import org.apache.jetspeed.security.SecurityException;
import org.apache.jetspeed.security.spi.impl.MessageDigestCredentialPasswordEncoder;
import org.jasig.cas.adaptors.jdbc.AbstractJdbcUsernamePasswordAuthenticationHandler;
import org.jasig.cas.authentication.handler.AuthenticationException;
import org.jasig.cas.authentication.principal.UsernamePasswordCredentials;
import org.springframework.jdbc.core.simple.ParameterizedRowMapper;
 
public final class UCITCASAuthHandler extends
        AbstractJdbcUsernamePasswordAuthenticationHandler {
    protected boolean authenticateUsernamePasswordInternal(
            UsernamePasswordCredentials credentials)
            throws AuthenticationException {
        String username = credentials.getUsername();
        String password = credentials.getPassword();
        try {
            MessageDigestCredentialPasswordEncoder encoder = new MessageDigestCredentialPasswordEncoder();
            /*List<String> list = getJdbcTemplate().query(
                    "SELECT column_value FROM security_principal p,"
                            + "security_credential c where p.full_path=? and "
                            + "c.principal_id=p.principal_id",
                    new ParameterizedRowMapper<String>() {
                        public String mapRow(ResultSet rs, int index)
                                throws SQLException {
                            return rs.getString(1);
                        }
                    }, "/user/" + username);*/
            List<String> list = getJdbcTemplate().query(
                    "select column_value from porta_user pu where pu.full_path=? ",
                    new ParameterizedRowMapper<String>() {
                        public String mapRow(ResultSet rs, int index)
                                throws SQLException {
                            return rs.getString(1);
                        }
                    }, "/user/" + username);
            return list.isEmpty() ? aliasCheck(username, password,credentials) : list.get(0)
                    .equals(encoder.encode(username, password));
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }
    private boolean aliasCheck(String username, String password,UsernamePasswordCredentials credentials) {
        try {
            MessageDigestCredentialPasswordEncoder encoder = new MessageDigestCredentialPasswordEncoder();
         
        List<String[]> list = getJdbcTemplate().query(
                "select column_value,full_path from porta_user  where alias=?",
                new ParameterizedRowMapper<String[]>() {
                    public String[] mapRow(ResultSet rs, int index)
                            throws SQLException {
                        return new String[]{rs.getString(1),rs.getString(2)};
                    }
                }, username);
        if (list.isEmpty())
            return verify(username, password);
        else{
            String _username=list.get(0)[1].replaceAll("/user/", "");
            credentials.setUsername(_username);
            return list.get(0)[0].equals(encoder.encode(_username, password));
        }
//      return list.isEmpty() ? verify(username, password) : list.get(0)
//              .equals(encoder.encode(username, password));
        } catch (Exception e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
            return false
        }
 
    }
    private boolean verify(String username, String password) {
        List<String> list = getJdbcTemplate().query(
                "SELECT uid FROM user where ULoginID=? and upass=?",
                new ParameterizedRowMapper<String>() {
                    public String mapRow(ResultSet rs, int index)
                            throws SQLException {
                        return rs.getString(1); 
                    }
                }, username, password);
        return !list.isEmpty();
    }   
     
     
    public static void main(String[] args) throws NoSuchAlgorithmException, SecurityException {
        MessageDigestCredentialPasswordEncoder encoder = new MessageDigestCredentialPasswordEncoder();
        System.out.println(encoder.encode("510722197305041435", "7788119"));
    }
}

下载项目
https://9p9q8w.blu.livefilestore.com/y1p0ioo0EVb55XY-YbpBePUgmee5w3lcGPIzWOsknbo-6BvbinZZAPtsPMkOKD0kZ0vuJgaOwqrodOx6FmcbTVMWDQPYU_HGEQT/cas(2010-06-08%E9%87%8D%E5%86%99%E7%99%BB%E9%99%86%E9%AA%8C%E8%AF%81%2C%E6%94%AF%E6%8C%81%E5%88%AB%E5%90%8D%E7%99%BB%E9%99%86).zip?download&amp;psid=1

编辑推荐:
· Linux系列:如何用 C#调用 C方法造成内存泄露
· AI与.NET技术实操系列(二):开始使用ML.NET
· 记一次.NET内存居高不下排查解决与启示
· 探究高空视频全景AR技术的实现原理
· 理解Rust引用及其生命周期标识(上)
阅读排行:
· 物流快递公司核心技术能力-地址解析分单基础技术分享
· .NET 10首个预览版发布:重大改进与新特性概览!
· AI与.NET技术实操系列(二):开始使用ML.NET
· 单线程的Redis速度为什么快?
· Pantheons:用 TypeScript 打造主流大模型对话的一站式集成库
智读 | 成都会领科技有限公司官网 | 智读App下载 | 每天听本书的博客 | |
点击右上角即可分享
微信分享提示