cas-server配置数据库验证
创建一个MySQL数据库,新建一张users表,添加username和password字段
第七步、配置数据库认证
参考官方文档:https://apereo.github.io/cas/4.2.x/installation/Database-Authentication.html#database-components
首先拷贝MySQL驱动到cas-server-webapp项目的lib目录下
然后到下载的CAS源码的cas-server-support-jdbc目录下gradle build编译jdbc的支持jar包
编译好之后,同样到build》libs目录下拷贝cas-server-support-jdbc-4.2.7.jar包到cas-server-webapp项目的lib目录下
打开deployerConfigContext.xml配置文件
将<alias name="acceptUsersAuthenticationHandler" alias="primaryAuthenticationHandler" />这一行注释掉
加入
<alias name="queryDatabaseAuthenticationHandler" alias="primaryAuthenticationHandler" />
<alias name="dataSource" alias="queryDatabaseDataSource" />
<bean id="dataSource"
class="com.mchange.v2.c3p0.ComboPooledDataSource"
p:driverClass="${database.driverClass}"
p:jdbcUrl="${database.url}"
p:user="${database.user}"
p:password="${database.password}"
p:initialPoolSize="${database.pool.minSize}"
p:minPoolSize="${database.pool.minSize}"
p:maxPoolSize="${database.pool.maxSize}"
p:maxIdleTimeExcessConnections="${database.pool.maxIdleTime}"
p:checkoutTimeout="${database.pool.maxWait}"
p:acquireIncrement="${database.pool.acquireIncrement}"
p:acquireRetryAttempts="${database.pool.acquireRetryAttempts}"
p:acquireRetryDelay="${database.pool.acquireRetryDelay}"
p:idleConnectionTestPeriod="${database.pool.idleConnectionTestPeriod}"
p:preferredTestQuery="${database.pool.connectionHealthQuery}" />
,然后打开cas.properties,加入数据库的相关配置如下:(请修改为自己的数据库地址,用户名和密码)
# == Basic database connection pool configuration == database.driverClass=com.mysql.jdbc.Driver database.url=jdbc:mysql://127.0.0.1:3306/sso_test?useUnicode=true&characterEncoding=UTF-8& database.user=root database.password=admin database.pool.minSize=6 database.pool.maxSize=18 # Maximum amount of time to wait in ms for a connection to become # available when the pool is exhausted database.pool.maxWait=10000 # Amount of time in seconds after which idle connections # in excess of minimum size are pruned. database.pool.maxIdleTime=120 # Number of connections to obtain on pool exhaustion condition. # The maximum pool size is always respected when acquiring # new connections. database.pool.acquireIncrement=6 # == Connection testing settings == # Period in s at which a health query will be issued on idle # connections to determine connection liveliness. database.pool.idleConnectionTestPeriod=30 # Query executed periodically to test health database.pool.connectionHealthQuery=select 1 # == Database recovery settings == # Number of times to retry acquiring a _new_ connection # when an error is encountered during acquisition. database.pool.acquireRetryAttempts=5 # Amount of time in ms to wait between successive aquire retry attempts. database.pool.acquireRetryDelay=2000
对cas.propeities进行修改,去掉“cas.jdbc.authn.query.sql=”前的注释符,改为适合项目的语句,比如:
cas.jdbc.authn.query.sql=select password from sso_user where username=?
4) 允许注销后可重定向(可选)
修改cas.propeities,去掉“cas.logout.followServiceRedirects=false”前的注释符,改为:
cas.logout.followServiceRedirects=true
5) 修改TGT为永不失效策略
修改deployerConfigContext.xml,注释掉原来的grantingTicketExpirationPolicy,修改为:
<!--<alias name="ticketGrantingTicketExpirationPolicy" alias="grantingTicketExpirationPolicy" />--> <alias name="neverExpiresExpirationPolicy" alias="grantingTicketExpirationPolicy" />
然后重启tomcat,验证登录
输入数据库的账号密码
参考:https://www.cnblogs.com/wggj/p/7550361.html 和 https://www.cnblogs.com/jay763190097/p/6492005.html
