springboot+cas5.x+shiro+pac4j实现sso集成自定义数据库认证(二)
2018-05-18 10:25
716 查看
现在咱们开发环境搭好了就一切好办了
只需要增加两个类,修改两个配置文件就ok了
第一个类,登录验证类
类里面用到了 com.mysql.jdbc.Driver,所以你们懂得,记得在pom里面加入对mysql驱动的依赖,上一篇里提到过了
package com.hugeo.cas;
import org.apereo.cas.authentication.HandlerResult;
import org.apereo.cas.authentication.PreventedException;
import org.apereo.cas.authentication.UsernamePasswordCredential;
import org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.services.ServicesManager;
import org.slf4j.LoggerFactory;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.jdbc.datasource.DriverManagerDataSource;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import javax.security.auth.login.FailedLoginException;
import java.security.GeneralSecurityException;
import java.util.HashMap;
import java.util.Map;
public class Login extends AbstractUsernamePasswordAuthenticationHandler {
private static final org.slf4j.Logger logger = LoggerFactory.getLogger(Login.class);
public Login(String name, ServicesManager servicesManager, PrincipalFactory principalFactory, Integer order) {
super(name, servicesManager, principalFactory, order);
}
@Override
protected HandlerResult authenticateUsernamePasswordInternal(UsernamePasswordCredential transformedCredential, String originalPassword) throws GeneralSecurityException, PreventedException {
DriverManagerDataSource d=new DriverManagerDataSource();
d.setDriverClassName("com.mysql.jdbc.Driver");
d.setUrl("jdbc:mysql://127.0.0.1:3306/orange");
d.setUsername("root");
d.setPassword("123456");
JdbcTemplate template=new JdbcTemplate();
template.setDataSource(d);
String username=transformedCredential.getUsername();
String pd=transformedCredential.getPassword();
//查询数据库加密的的密码
Map<String,Object> user = template.queryForMap("SELECT `password` FROM sys_user WHERE username = ?", transformedCredential.getUsername());
if(user==null){
throw new FailedLoginException("没有该用户");
}
//返回多属性(暂时不知道怎么用,没研究)
Map<String, Object> map=new HashMap<>();
map.put("email", "XXXXX@qq.com");
BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
if(encoder.matches(transformedCredential.getPassword(),user.get("password").toString())){
return createHandlerResult(transformedCredential, principalFactory.createPrincipal(username, map), null);
}
throw new FailedLoginException("Sorry, login attemp failed.");
}
}- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
第二个类 登录验证配置
package com.hugeo.cas;
import org.apereo.cas.authentication.AuthenticationEventExecutionPlan;
import org.apereo.cas.authentication.AuthenticationEventExecutionPlanConfigurer;
import org.apereo.cas.authentication.AuthenticationHandler;
import org.apereo.cas.authentication.principal.DefaultPrincipalFactory;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.services.ServicesManager;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@Configuration("CustomAuthConfig")
@EnableConfigurationProperties(CasConfigurationProperties.class)
public class CustomAuthConfig implements AuthenticationEventExecutionPlanConfigurer{
@Autowired
private CasConfigurationProperties casProperties;
@Autowired
@Qualifier("servicesManager")
private ServicesManager servicesManager;
@Bean
public AuthenticationHandler myAuthenticationHandler() {
final Login handler = new Login(Login.class.getSimpleName(), servicesManager, new DefaultPrincipalFactory(), 10);
return handler;
}
@Override
public void configureAuthenticationExecutionPlan(AuthenticationEventExecutionPlan plan) {
plan.registerAuthenticationHandler(myAuthenticationHandler());
}
}- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
把配置文件里写死的用户名密码注释掉
修改spring.factories里的配置
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- CAS 实现单点登录(SSO)数据库查询认证机制-自定义编码方式(四)
- spring集成shiro实现登录认证自定义验证功能(认证采用国密SM4算法)
- springboot+cas5.x+shiro+pac4j实现sso集成客户端(三)
- CAS 实现单点登录(SSO)数据库查询认证机制-xml方式(三)
- springboot+cas5.x+shiro+pac4j实现sso集成客户端(四)
- shiro授权,自定义realm实现授权,shiro与项目集成,在项目中实现认证及授权
- spring 集成hibernate 连接多数据库 java BaseDao 实现
- shiro 权限认证框集成到spring中,实现登陆与权限拦截
- MongoDB自动增长id实现、自定义函数调用、与Spring集成
- spring boot 集成quartz 2.0 实现前端动态配置(获取spring上下文)的两种方式,启动数据库中已开启定时任务
- IT忍者神龟之基于CAS实现单点登录(SSO)之配置CAS服务端的数据库查询认证机制(一)
- spring boot 集成quartz 2.0 实现前端动态配置(获取spring上下文)的两种方式,启动数据库中已开启定时任务
- spring 集成quartz 用数据库实现quartz的集群
- Spring-Boot 集成Redis实现查询缓存提高查询效率减轻数据库访问压力(涉及key的添加和删除)
- MongoDB自动增长id实现、自定义函数调用、与Spring集成
- SpringBoot:集成Shiro之自定义Realm实现认证授权
- Spring集成quartz框架实现定时任务(一)
- 自定义注解+Spring AOP实现记录用户操作日志
- Spring+MyBatis实现数据库读写分离方案
- spring实现数据库读写分离