CAS之5.2x版本配置密码加密(MD5和SHA)-yellowcong
2017-12-15 14:04
417 查看
在上一篇,俺说到了如何配置CAS如何通过访问数据库进行验证操作,这篇讲解如何通过MD5加密算法验证,和自定义密码的加密策略
http://blog.csdn.net/u010475041/article/category/7156505
修改加密方式
修改application.properties 配置文件设定MD5加密
默认是不加密
#无加密的策略,默认不加密 #cas.authn.jdbc.query[0].passwordEncoder.type=NONE
MD5加密
cas.authn.jdbc.query[0].passwordEncoder.type=DEFAULT cas.authn.jdbc.query[0].passwordEncoder.characterEncoding=UTF-8 #MD5加密策略 cas.authn.jdbc.query[0].passwordEncoder.encodingAlgorithm=MD5
SHA加密
cas.authn.jdbc.query[0].passwordEncoder.type=DEFAULT cas.authn.jdbc.query[0].passwordEncoder.characterEncoding=UTF-8 #SHA加密的策略 cas.authn.jdbc.query[0].passwordEncoder.encodingAlgorithm=SHA
完整配置
这个配置里面,我是使用的Mysql配置,如果你也是,注意搭建环境的时候,需要导入的依赖包。##
# CAS Server Context Configuration
#
server.context-path=/cas
server.port=8443
#添加认证服务
cas.serviceRegistry.initFromJson=true
#STEP 4签发证书,如果是用spring boot之类嵌入式的容器,则需要改这里的配置,如果是直接部在tomcat中,则需要把tomcat改成https的
#server.ssl.key-store=file:/etc/cas/thekeystore
#server.ssl.key-store-password=changeit
#server.ssl.key-password=changeit
# server.ssl.ciphers=
# server.ssl.client-auth=
# server.ssl.enabled=
# server.ssl.key-alias=
# server.ssl.key-store-provider=
# server.ssl.key-store-type=
# server.ssl.protocol=
# server.ssl.trust-store=
# server.ssl.trust-store-password=
# server.ssl.trust-store-provider=
# server.ssl.trust-store-type=
#server.max-http-header-size=2097152
#server.use-forward-headers=true
#server.connection-timeout=20000
#server.error.include-stacktrace=ALWAYS
#server.compression.enabled=true
#server.compression.mime-types=application/javascript,application/json,application/xml,text/html,text/xml,text/plain
#server.tomcat.max-http-post-size=2097152
#server.tomcat.basedir=build/tomcat
#server.tomcat.accesslog.enabled=true
#server.tomcat.accesslog.pattern=%t %a "%r" %s (%D ms)
#server.tomcat.accesslog.suffix=.log
#server.tomcat.max-threads=10
#server.tomcat.port-header=X-Forwarded-Port
#server.tomcat.protocol-header=X-Forwarded-Proto
#server.tomcat.protocol-header-https-value=https
#server.tomcat.remote-ip-header=X-FORWARDED-FOR
#server.tomcat.uri-encoding=UTF-8
spring.http.encoding.charset=UTF-8
spring.http.encoding.enabled=true
spring.http.encoding.force=true
##
# CAS Cloud Bus Configuration
#
spring.cloud.bus.enabled=false
# spring.cloud.bus.refresh.enabled=true
# spring.cloud.bus.env.enabled=true
# spring.cloud.bus.destination=CasCloudBus
# spring.cloud.bus.ack.enabled=true
endpoints.enabled=false
endpoints.sensitive=true
endpoints.restart.enabled=false
endpoints.shutdown.enabled=false
management.security.enabled=true
management.security.roles=ACTUATOR,ADMIN
management.security.sessions=if_required
management.context-path=/status
management.add-application-context-header=false
security.basic.authorize-mode=role
security.basic.enabled=false
security.basic.path=/cas/status/**
##
# CAS Web Application Session Configuration
#
server.session.timeout=300
server.session.cookie.http-only=true
server.session.tracking-modes=COOKIE
##
# CAS Thymeleaf View Configuration
#
spring.thymeleaf.encoding=UTF-8
spring.thymeleaf.cache=false
spring.thymeleaf.mode=HTML
##
# CAS Log4j Configuration
#
# logging.config=file:/etc/cas/log4j2.xml
server.context-parameters.isLog4jAutoInitializationDisabled=true
##
# CAS AspectJ Configuration
#
spring.aop.auto=true
spring.aop.proxy-target-class=true
##
# CAS Authentication Credentials
#
#cas.authn.accept.users=casuser::Mellon
#SELECT id, name, value FROM CAS_SETTINGS_TABLE
#SELECT username,password,enabled FROM users WHERE username=?
cas.authn.jdbc.query[0].sql=SELECT * FROM yellowcong_users WHERE user_name =?
#select * from cms_auth_user where user_name=?
cas.authn.jdbc.query[0].healthQuery=
cas.authn.jdbc.query[0].isolateInternalQueries=false
cas.authn.jdbc.query[0].url=jdbc:mysql://127.0.0.1:3306/yellowcong?useUnicode=true&characterEncoding=UTF-8&autoReconnect=true&useSSL=false
cas.authn.jdbc.query[0].failFast=true
cas.authn.jdbc.query[0].isolationLevelName=ISOLATION_READ_COMMITTED
cas.authn.jdbc.query[0].dialect=org.hibernate.dialect.MySQLDialect
cas.authn.jdbc.query[0].leakThreshold=10
cas.authn.jdbc.query[0].propagationBehaviorName=PROPAGATION_REQUIRED
cas.authn.jdbc.query[0].batchSize=1
cas.authn.jdbc.query[0].user=root
#cas.authn.jdbc.query[0].ddlAuto=create-drop
cas.authn.jdbc.query[0].maxAgeDays=180
cas.authn.jdbc.query[0].password=root
cas.authn.jdbc.query[0].autocommit=false
cas.authn.jdbc.query[0].driverClass=com.mysql.jdbc.Driver
cas.authn.jdbc.query[0].idleTimeout=5000
# cas.authn.jdbc.query[0].credentialCriteria=
# cas.authn.jdbc.query[0].name=
# cas.authn.jdbc.query[0].order=0
# cas.authn.jdbc.query[0].dataSourceName=
# cas.authn.jdbc.query[0].dataSourceProxy=false
cas.authn.jdbc.query[0].fieldPassword=PASSWORD
#多属性
cas.authn.attributeRepository.jdbc[0].singleRow=true
cas.authn.attributeRepository.jdbc[0].order=0
cas.authn.attributeRepository.jdbc[0].url=jdbc:mysql://127.0.0.1:3306/yellowcong?useUnicode=true&characterEncoding=UTF-8&autoReconnect=true&useSSL=false
cas.authn.attributeRepository.jdbc[0].username=user_name
cas.authn.attributeRepository.jdbc[0].user=root
cas.authn.attributeRepository.jdbc[0].password=root
cas.authn.attributeRepository.jdbc[0].sql=select * from yellowcong_users where {0}
cas.authn.attributeRepository.jdbc[0].dialect=org.hibernate.dialect.MySQLDialect
cas.authn.attributeRepository.jdbc[0].ddlAuto=none
cas.authn.attributeRepository.jdbc[0].driverClass=com.mysql.jdbc.Driver
cas.authn.attributeRepository.jdbc[0].leakThreshold=10
cas.authn.attributeRepository.jdbc[0].propagationBehaviorName=PROPAGATION_REQUIRED
cas.authn.attributeRepository.jdbc[0].batchSize=1
cas.authn.attributeRepository.jdbc[0].healthQuery=SELECT 1
cas.authn.attributeRepository.jdbc[0].failFast=true
#默认加密策略,通过encodingAlgorithm来指定算法,默认NONE不加密
#无加密的策略,默认不加密 #cas.authn.jdbc.query[0].passwordEncoder.type=NONE
#采用MD5加密
cas.authn.jdbc.query[0].passwordEncoder.type=DEFAULT cas.authn.jdbc.query[0].passwordEncoder.characterEncoding=UTF-8 #MD5加密策略 cas.authn.jdbc.query[0].passwordEncoder.encodingAlgorithm=MD5
#加密操作
#cas.authn.jdbc.query[0].passwordEncoder.type=com.example.CustomPasswordEncoder
#cas.authn.jdbc.query[0].passwordEncoder.characterEncoding=UTF-8
#cas.authn.jdbc.query[0].passwordEncoder.encodingAlgorithm=MD5
#cas.authn.jdbc.query[0].passwordEncoder.secret=
#cas.authn.jdbc.query[0].passwordEncoder.strength=16
参考文章
http://www.cnblogs.com/flying607/p/7600947.htmlhttp://blog.csdn.net/u010475041/article/category/7156505
相关文章推荐
- CAS之5.2x版本之通过yml的方式配置cas-yellowcong
- CAS之5.2x版本之jdbc配置多返回值-yellowcong
- CAS之 5.2x版本配置数据库认证-yellowcong
- CAS之5.2x版本自定义密码验证-yellowcong
- 单点登录之cas4.2.7服务端数据库配置(读数据库验证用户并对密码进行加密)
- 单点登录之cas4.2.7服务端数据库配置(读数据库验证用户并对密码进行加密)
- CAS之5.2x版本之客户端集成(传统web项目)-yellowcong
- CAS之5.2x版本之REST验证ticket(跨系统访问资源)-yellowcong
- CAS 4.2.5 配置密码MD5
- CAS之5.2x版本自定义登录,多数据源登录-yellowcong
- CAS之5.2x版本自定义返回消息-yellowcong
- CAS之5.2x版本单点登录服务安装-yellowcong
- spring security中配置密码为md5的带salt加密
- CAS之5.2x版本自定义登录页面-yellowcong
- CAS之5.2x版本之服务器开发调试(eclipse调试cas)-yellowcong
- CAS之5.2x版本之中文返回值乱码问题-yellowcong
- IHS配置安全漏洞: 支持不推荐使用的 SSL 版本、在降级的旧加密上填充 Oracle、检测到 RC4 密码套件、支持弱 SSL 密码套件、 重构 RSA 导出键(又称为 FREAK)
- CAS之5.2x版本之客户端集成(Springboot)-yellowcong
- CAS之5.2x版本存储Ticket到redis-yellowcong
- CAS之5.2x版本自定义JDBC认证-yellowcong