【SSO单点系列】(5):CAS4.0 之JDBC
deployerConfigContext.xml
修改对应添加以下代码
<bean id="SearchModeSearchDatabaseAuthenticationHandler" class="org.jasig.cas.adaptors.jdbc.SearchModeSearchDatabaseAuthenticationHandler" abstract="false" lazy-init="default" autowire="default" > <property name="tableUsers"> <value>tenant_user</value> </property> <property name="fieldUser"> <value>login_name</value> </property> <property name="fieldPassword"> <value>login_password</value> </property> <property name="dataSource" ref="dataSource" /> </bean> <!-- DB2 connector--> <bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource"> <property name="driverClassName"> <value>com.ibm.db2.jcc.DB2Driver</value> </property> <property name="url"> <value>jdbc:db2://127.0.0.1:50000/SAMPLE</value> </property> <property name="username"> <value>administrator</value> </property> <property name="password"> <value>111111</value> </property> </bean> <!-- MySQL connector --> <bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource"> <property name="driverClassName"> <value>com.mysql.jdbc.Driver</value> </property> <property name="url"> <value>jdbc:mysql://127.0.0.1:3306/partycloud</value> </property> <property name="username"> <value>root</value> </property> <property name="password"> <value>root</value> </property> </bean>
修改加密方法
SearchModeSearchDatabaseAuthenticationHandler.java
@Override protected final HandlerResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential credential) throws GeneralSecurityException, PreventedException { final Logger logger = LoggerFactory.getLogger(this.getClass()); final String username = credential.getUsername(); final String encyptedPassword = getPasswordEncoder().encode(credential.getPassword()); int count=0; try { PasswordEncoder passwordEncoder = new DefaultPasswordEncoder("MD5"); //count = getJdbcTemplate().queryForObject(this.sql, Integer.class, username, encyptedPassword); List list=getJdbcTemplate().queryForList("select * from tenant_user t where login_name=? ",username ); if(list.size()>0){ HashMap<String,String > map = (HashMap<String, String>) list.get(0); String salt=map.get("SALT").toUpperCase(); String loginPassword=map.get("LOGIN_PASSWORD"); String md5pass = passwordEncoder.encode( credential.getPassword()).toUpperCase() ; String saltpass = passwordEncoder.encode( md5pass+salt ) ; logger.info(" MD5:"+saltpass); if(saltpass.toUpperCase().equals(loginPassword.toUpperCase())){ count=1; } } } catch (final DataAccessException e) { e.printStackTrace(); throw new PreventedException("SQL exception while executing query for " + username, e); } if (count == 0) { throw new FailedLoginException(username + " not found with SQL query."); } return createHandlerResult(credential, new SimplePrincipal(username), null); }
CAS4.0 之JDBC
deployerConfigContext.xml
修改对应添加以下代码
<bean id="SearchModeSearchDatabaseAuthenticationHandler"
class="org.jasig.cas.adaptors.jdbc.SearchModeSearchDatabaseAuthenticationHandler"
abstract="false" lazy-init="default"
autowire="default" >
<property name="tableUsers">
<value>tenant_user</value>
</property>
<property name="fieldUser">
<value>login_name</value>
</property>
<property name="fieldPassword">
<value>login_password</value>
</property>
<property name="dataSource" ref="dataSource" />
</bean>
<!-- DB2 connector-->
<bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource">
<property name="driverClassName">
<value>com.ibm.db2.jcc.DB2Driver</value>
</property>
<property name="url">
<value>jdbc:db2://127.0.0.1:50000/SAMPLE</value>
</property>
<property name="username">
<value>administrator</value>
</property>
<property name="password">
<value>111111</value>
</property>
</bean>
<!-- MySQL connector -->
<bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource">
<property name="driverClassName">
<value>com.mysql.jdbc.Driver</value>
</property>
<property name="url">
<value>jdbc:mysql://127.0.0.1:3306/partycloud</value>
</property>
<property name="username">
<value>root</value>
</property>
<property name="password">
<value>root</value>
</property>
</bean>
修改加密方法
SearchModeSearchDatabaseAuthenticationHandler.java
@Override
protected final HandlerResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential credential)
throws GeneralSecurityException, PreventedException {
final Logger logger = LoggerFactory.getLogger(this.getClass());
final String username = credential.getUsername();
final String encyptedPassword = getPasswordEncoder().encode(credential.getPassword());
int count=0;
try {
PasswordEncoder passwordEncoder = new DefaultPasswordEncoder("MD5");
//count = getJdbcTemplate().queryForObject(this.sql, Integer.class, username, encyptedPassword);
List list=getJdbcTemplate().queryForList("select * from tenant_user t where login_name=? ",username );
if(list.size()>0){
HashMap<String,String > map = (HashMap<String, String>) list.get(0);
String salt=map.get("SALT").toUpperCase();
String loginPassword=map.get("LOGIN_PASSWORD");
String md5pass = passwordEncoder.encode( credential.getPassword()).toUpperCase() ;
String saltpass = passwordEncoder.encode( md5pass+salt ) ;
logger.info(" MD5:"+saltpass);
if(saltpass.toUpperCase().equals(loginPassword.toUpperCase())){
count=1;
}
}
} catch (final DataAccessException e) {
e.printStackTrace();
throw new PreventedException("SQL exception while executing query for " + username, e);
}
if (count == 0) {
throw new FailedLoginException(username + " not found with SQL query.");
}
return createHandlerResult(credential, new SimplePrincipal(username), null);
}
