铸造覆膜砂:CAS3.0 定制验证
来源:百度文库 编辑:九乡新闻网 时间:2024/10/05 21:56:23
CAS3.0 定制验证
edu.yale.its.tp.cas.authHandler
edu.yale.its.tp.cas.auth.provider.KerberosAuthHandler
contextConfigLocation
/WEB-INF/applicationContext.xml,
/WEB-INF/mydeployerConfigContext.xml
contextConfigLocation属性名在Spring MVC体系中,会自动获取. ---------------------------- deployerConfigContext.xml文件是所有CAS deployer应该关心的东西,在这里,你可以对CAS的三个核心玩意进行自己的定制:
1.AuthenticationManager
2.credentialsToPrincipalResolvers
3.authenticationHandlers
这个authenticationHandler可是所有CAS用户都需要修改的地方
contextConfigLocation
/WEB-INF/applicationContext.xml,
/WEB-INF/mydeployerConfigContext.xml
C:web.xml加入DS引用
Resource reference to a factory for java.sql.Connection
instances that may be used for talking to a particular
database that is configured in the server.xml file.
jdbc/EmployeeDB
javax.sql.DataSource
Container
D:添加mydeployerConfigContext.xml 内容如下:
http://www.springframework.org/dtd/spring-beans.dtd">
class="org.jasig.cas.authentication.AuthenticationManagerImpl">
E:编写DsHandlers package cn.com.tiansky.cas.authenticationHandlers; import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.Statement; import javax.naming.Context;
import javax.naming.InitialContext;
import javax.sql.DataSource; import org.apache.log4j.Logger;
import org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler;
import org.jasig.cas.authentication.principal.UsernamePasswordCredentials; import cn.com.tiansky.tool.MD5;
/**
* 支援CAS3,。实现自己的Handler(未自定义credentials,如因业务需要而修改,则需要同时
* 修改LoginFormAction和定义自己的credentialsToPrincipalResolvers)\
* ,你的需求也许包括了需要通过检索数据库来比配credential中的username和password,
* 也可能不是数据库,而是LDAP什么的,总之你得开始制作自己的handler了!
* credential的种类是很多的,有的基于用户名和密码,有的基于http请求,
* 如果你有你自己的credential的话,就得为它制作有一个handler,
* 来告诉CAS如何处理这种特有的credential。
* @author tiansky
* @version 1.0
*
*/
public final class DsHandlers extends
AbstractUsernamePasswordAuthenticationHandler{ /**
* Logger log:log4j日志
*/
private Logger log=Logger.getLogger(AbstractUsernamePasswordAuthenticationHandler.class);
/**
* 相关的数据库配置DS对应的jndi
*/
private String _jndi="jdbc/EmployeeDB";
/* (non-Javadoc)
* @see org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler#authenticateUsernamePasswordInternal(org.jasig.cas.authentication.principal.UsernamePasswordCredentials)
*/
public boolean authenticateUsernamePasswordInternal(
final UsernamePasswordCredentials credentials) {
String username = credentials.getUsername();
String password = credentials.getPassword();
log.info("username:"+username);
log.info("password:"+password);
try {
password = MD5.encrypt(password);
log.debug("md5password" + password);
} catch (Exception e) {
log.warn("MD5加密出错", e);
//throw new Exception("MD5加密出错");
return false;
}
/*
if (StringUtils.hasText(username) && StringUtils.hasText(password)
&& username.equals(getPasswordEncoder().encode(password))) {
getLog().debug(
"User [" + username + "] was successfully authenticated.");
return true;
}
*/
try
{
if(checkuser(username,password)==1)
{
getLog().info("认证成功!");
return true;
}
}
catch(Exception e)
{
getLog().error("User [" + username + "] failed authentication",e);
}
return false;
}
private int checkuser(String user, String pwd) throws Exception {
int rei = 0;
// Obtain our environment naming context
log.debug("Obtain our environment naming context");
Context initCtx = new InitialContext();
Context envCtx = (Context) initCtx.lookup("java:comp/env"); // Look up our data source
DataSource ds = (DataSource) envCtx.lookup(this._jndi);
log.debug("获取ds成功!");
// Allocate and use a connection from the pool
Connection conn = ds.getConnection();
log.debug("获取conn成功!");
// ... use this connection to access the database ...
String sql = "select OPERATORID from operator where OPERATORLOGINNAME='"
+ user + "' and OPERATORPASSWORD='" + pwd + "' ";
log.info("sql!= "+sql);
Statement st = conn.createStatement();
ResultSet rs = st.executeQuery(sql);
if (rs.next()) {
//String oid = rs.getString("OPERATORID");
/*
_op = new Operator(oid);
_op.setName("操作员");
_op.setLoginname(user);
_op.setPwd(pwd);
*/
rei = 1;
} else {
System.out.println("帐号不存在或密码错误!");
}
conn.close();
return rei; }
/* (non-Javadoc)
* @see org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler#afterPropertiesSetInternal()
*/
protected void afterPropertiesSetInternal() throws Exception {
super.afterPropertiesSetInternal();
getLog()
.warn(
this.getClass().getName()
+ " is only to be used in a production environment.");
} }
F:ant 发布 G:运行调试 附录:ANT脚本
basedir="."
includes="**/*.class"
/>
classpath="hello.jar"
fork="true"
/>
- 前言:
edu.yale.its.tp.cas.auth.provider.KerberosAuthHandler
- 改变:
- 涉及点分析:
/WEB-INF/applicationContext.xml,
/WEB-INF/mydeployerConfigContext.xml
1.AuthenticationManager
2.credentialsToPrincipalResolvers
3.authenticationHandlers
这个authenticationHandler可是所有CAS用户都需要修改的地方
- 实现:
/WEB-INF/applicationContext.xml,
/WEB-INF/mydeployerConfigContext.xml
Resource reference to a factory for java.sql.Connection
instances that may be used for talking to a particular
database that is configured in the server.xml file.
jdbc/EmployeeDB
javax.sql.DataSource
Container
http://www.springframework.org/dtd/spring-beans.dtd">
E:编写DsHandlers package cn.com.tiansky.cas.authenticationHandlers; import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.Statement; import javax.naming.Context;
import javax.naming.InitialContext;
import javax.sql.DataSource; import org.apache.log4j.Logger;
import org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler;
import org.jasig.cas.authentication.principal.UsernamePasswordCredentials; import cn.com.tiansky.tool.MD5;
/**
* 支援CAS3,。实现自己的Handler(未自定义credentials,如因业务需要而修改,则需要同时
* 修改LoginFormAction和定义自己的credentialsToPrincipalResolvers)\
* ,你的需求也许包括了需要通过检索数据库来比配credential中的username和password,
* 也可能不是数据库,而是LDAP什么的,总之你得开始制作自己的handler了!
* credential的种类是很多的,有的基于用户名和密码,有的基于http请求,
* 如果你有你自己的credential的话,就得为它制作有一个handler,
* 来告诉CAS如何处理这种特有的credential。
* @author tiansky
* @version 1.0
*
*/
public final class DsHandlers extends
AbstractUsernamePasswordAuthenticationHandler{ /**
* Logger log:log4j日志
*/
private Logger log=Logger.getLogger(AbstractUsernamePasswordAuthenticationHandler.class);
/**
* 相关的数据库配置DS对应的jndi
*/
private String _jndi="jdbc/EmployeeDB";
/* (non-Javadoc)
* @see org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler#authenticateUsernamePasswordInternal(org.jasig.cas.authentication.principal.UsernamePasswordCredentials)
*/
public boolean authenticateUsernamePasswordInternal(
final UsernamePasswordCredentials credentials) {
String username = credentials.getUsername();
String password = credentials.getPassword();
log.info("username:"+username);
log.info("password:"+password);
try {
password = MD5.encrypt(password);
log.debug("md5password" + password);
} catch (Exception e) {
log.warn("MD5加密出错", e);
//throw new Exception("MD5加密出错");
return false;
}
/*
if (StringUtils.hasText(username) && StringUtils.hasText(password)
&& username.equals(getPasswordEncoder().encode(password))) {
getLog().debug(
"User [" + username + "] was successfully authenticated.");
return true;
}
*/
try
{
if(checkuser(username,password)==1)
{
getLog().info("认证成功!");
return true;
}
}
catch(Exception e)
{
getLog().error("User [" + username + "] failed authentication",e);
}
return false;
}
private int checkuser(String user, String pwd) throws Exception {
int rei = 0;
// Obtain our environment naming context
log.debug("Obtain our environment naming context");
Context initCtx = new InitialContext();
Context envCtx = (Context) initCtx.lookup("java:comp/env"); // Look up our data source
DataSource ds = (DataSource) envCtx.lookup(this._jndi);
log.debug("获取ds成功!");
// Allocate and use a connection from the pool
Connection conn = ds.getConnection();
log.debug("获取conn成功!");
// ... use this connection to access the database ...
String sql = "select OPERATORID from operator where OPERATORLOGINNAME='"
+ user + "' and OPERATORPASSWORD='" + pwd + "' ";
log.info("sql!= "+sql);
Statement st = conn.createStatement();
ResultSet rs = st.executeQuery(sql);
if (rs.next()) {
//String oid = rs.getString("OPERATORID");
/*
_op = new Operator(oid);
_op.setName("操作员");
_op.setLoginname(user);
_op.setPwd(pwd);
*/
rei = 1;
} else {
System.out.println("帐号不存在或密码错误!");
}
conn.close();
return rei; }
/* (non-Javadoc)
* @see org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler#afterPropertiesSetInternal()
*/
protected void afterPropertiesSetInternal() throws Exception {
super.afterPropertiesSetInternal();
getLog()
.warn(
this.getClass().getName()
+ " is only to be used in a production environment.");
} }
F:ant 发布 G:运行调试 附录:ANT脚本
includes="**/*.class"
/>
fork="true"
/>
CAS3.0 定制验证
定制电子相册
秦皇汉武谈建章定制
定制视图
如何绕过ie7.0 正版验证
如何绕过ie7.0正版验证!!!
好利来月饼定制,成都月饼定制,南宁月饼定制
电信定制华为Echolife HG522-C家庭网关的破解0
飞适网护肤品定制
定制体检谢绝忽悠
电影也定制
珠宝定制会所探秘
民意不要“被定制”
精英人士游艇定制
量身定制电子相册
千人验证一次即效,永不牙痛奇方0
如何删除Windows XP的正版验证0
眼神真能杀人?科学验证揭开死亡真相0
无验证
处方验证
定制家具行业乱象显现 引发“定制”门风波
[转] 定制Apache索引样式
Grub4dos定制自己的启
量身定制电子相册【20110521】