最近在做CAS配置的时候,遇到了数据源不提供密码等数据的情况下,怎样实现密码输入认证呢?
第一步:新建Java项目,根据假面算法生成CAS加密工具
出于保密需要不提供自定义的加密工具,在您的实际项目中,你可采用cas默认的加密方式比如md5.
第二步:修改CAS源码
找到cas-server-support-jdbc子模块找到包路径cas-server-support-jdbc\src\main\java\org\jasig\cas\adaptors\jdbc\,在复制一份QueryDatabaseAuthenticationHandler.java并重新命名未TyQueryDatabaseAuthenticationHandler.java(记得修改并确保类名与文件名一致)
修改代码至如下
package org.jasig.cas.adaptors.jdbc;
import java.security.GeneralSecurityException;
import org.jasig.cas.authentication.HandlerResult;
import org.jasig.cas.authentication.PreventedException;
import org.jasig.cas.authentication.UsernamePasswordCredential;
import org.jasig.cas.authentication.principal.SimplePrincipal;
import org.springframework.dao.DataAccessException;
import org.springframework.dao.IncorrectResultSizeDataAccessException;
import javax.security.auth.login.AccountNotFoundException;
import javax.security.auth.login.FailedLoginException;
import javax.validation.constraints.NotNull;
/**
* Class that if provided a query that returns a password (parameter of query
* must be username) will compare that password to a translated version of the
* password provided by the user. If they match, then authentication succeeds.
* Default password translator is plaintext translator.
*
* @author Scott Battaglia
* @author Dmitriy Kopylenko
* @author Marvin S. Addison
*
* @since 3.0
*/
public class TyQueryDatabaseAuthenticationHandler extends AbstractJdbcUsernamePasswordAuthenticationHandler {
@NotNull
private String sql;
private boolean useDefaultPassword;
private String defaultPassword;
/** {@inheritDoc} */
@Override
protected final HandlerResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential credential)
throws GeneralSecurityException, PreventedException {
final String username = credential.getUsername();
final String password = useDefaultPassword ? defaultPassword : credential.getPassword();
final String encryptedPassword = this.getPasswordEncoder().encode(password);
try {
final String dbPassword = getJdbcTemplate().queryForObject(this.sql, String.class, username);
if (!dbPassword.equals(encryptedPassword)) {
throw new FailedLoginException("Password does not match value on record.");
}
} catch (final IncorrectResultSizeDataAccessException e) {
if (e.getActualSize() == 0) {
throw new AccountNotFoundException(username + " not found with SQL query");
} else {
throw new FailedLoginException("Multiple records found for " + username);
}
} catch (final DataAccessException e) {
throw new PreventedException("SQL exception while executing query for " + username, e);
}
return createHandlerResult(credential, new SimplePrincipal(username), null);
}
/**
* @param sql The sql to set.
*/
public void setSql(final String sql) {
this.sql = sql;
}
/**
* @param iSUSEDefaultPassword The useDefaultPassword to set.
*/
public void setUseDefaultPassword(final boolean isUseDefaultPassword) {
this.useDefaultPassword = isUseDefaultPassword;
}
/**
* @param defaultPassword The defaultPassword to set.
*/
public void setDefaultPassword(final String defaultPassword) {
this.defaultPassword = defaultPassword;
}
}
第三步:修改你的CAS部署包代码
解压你的部署包,找到文件deployerConfigContext.xml
如果你的代码修改代码如下: