springboot+cas5.x+shiro+pac4j实现sso集成自定义数据库认证(二)
2018-05-18 10:25
716 查看
现在咱们开发环境搭好了就一切好办了
只需要增加两个类,修改两个配置文件就ok了
第一个类,登录验证类
类里面用到了 com.mysql.jdbc.Driver,所以你们懂得,记得在pom里面加入对mysql驱动的依赖,上一篇里提到过了
package com.hugeo.cas; import org.apereo.cas.authentication.HandlerResult; import org.apereo.cas.authentication.PreventedException; import org.apereo.cas.authentication.UsernamePasswordCredential; import org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler; import org.apereo.cas.authentication.principal.PrincipalFactory; import org.apereo.cas.services.ServicesManager; import org.slf4j.LoggerFactory; import org.springframework.jdbc.core.JdbcTemplate; import org.springframework.jdbc.datasource.DriverManagerDataSource; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import javax.security.auth.login.FailedLoginException; import java.security.GeneralSecurityException; import java.util.HashMap; import java.util.Map; public class Login extends AbstractUsernamePasswordAuthenticationHandler { private static final org.slf4j.Logger logger = LoggerFactory.getLogger(Login.class); public Login(String name, ServicesManager servicesManager, PrincipalFactory principalFactory, Integer order) { super(name, servicesManager, principalFactory, order); } @Override protected HandlerResult authenticateUsernamePasswordInternal(UsernamePasswordCredential transformedCredential, String originalPassword) throws GeneralSecurityException, PreventedException { DriverManagerDataSource d=new DriverManagerDataSource(); d.setDriverClassName("com.mysql.jdbc.Driver"); d.setUrl("jdbc:mysql://127.0.0.1:3306/orange"); d.setUsername("root"); d.setPassword("123456"); JdbcTemplate template=new JdbcTemplate(); template.setDataSource(d); String username=transformedCredential.getUsername(); String pd=transformedCredential.getPassword(); //查询数据库加密的的密码 Map<String,Object> user = template.queryForMap("SELECT `password` FROM sys_user WHERE username = ?", transformedCredential.getUsername()); if(user==null){ throw new FailedLoginException("没有该用户"); } //返回多属性(暂时不知道怎么用,没研究) Map<String, Object> map=new HashMap<>(); map.put("email", "XXXXX@qq.com"); BCryptPasswordEncoder encoder = new BCryptPasswordEncoder(); if(encoder.matches(transformedCredential.getPassword(),user.get("password").toString())){ return createHandlerResult(transformedCredential, principalFactory.createPrincipal(username, map), null); } throw new FailedLoginException("Sorry, login attemp failed."); } }
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
第二个类 登录验证配置
package com.hugeo.cas; import org.apereo.cas.authentication.AuthenticationEventExecutionPlan; import org.apereo.cas.authentication.AuthenticationEventExecutionPlanConfigurer; import org.apereo.cas.authentication.AuthenticationHandler; import org.apereo.cas.authentication.principal.DefaultPrincipalFactory; import org.apereo.cas.configuration.CasConfigurationProperties; import org.apereo.cas.services.ServicesManager; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.boot.context.properties.EnableConfigurationProperties; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @Configuration("CustomAuthConfig") @EnableConfigurationProperties(CasConfigurationProperties.class) public class CustomAuthConfig implements AuthenticationEventExecutionPlanConfigurer{ @Autowired private CasConfigurationProperties casProperties; @Autowired @Qualifier("servicesManager") private ServicesManager servicesManager; @Bean public AuthenticationHandler myAuthenticationHandler() { final Login handler = new Login(Login.class.getSimpleName(), servicesManager, new DefaultPrincipalFactory(), 10); return handler; } @Override public void configureAuthenticationExecutionPlan(AuthenticationEventExecutionPlan plan) { plan.registerAuthenticationHandler(myAuthenticationHandler()); } }
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
把配置文件里写死的用户名密码注释掉
修改spring.factories里的配置
大功告成了
阅读更多相关文章推荐
- CAS 实现单点登录(SSO)数据库查询认证机制-自定义编码方式(四)
- spring集成shiro实现登录认证自定义验证功能(认证采用国密SM4算法)
- springboot+cas5.x+shiro+pac4j实现sso集成客户端(三)
- CAS 实现单点登录(SSO)数据库查询认证机制-xml方式(三)
- springboot+cas5.x+shiro+pac4j实现sso集成客户端(四)
- shiro授权,自定义realm实现授权,shiro与项目集成,在项目中实现认证及授权
- spring 集成hibernate 连接多数据库 java BaseDao 实现
- shiro 权限认证框集成到spring中,实现登陆与权限拦截
- MongoDB自动增长id实现、自定义函数调用、与Spring集成
- spring boot 集成quartz 2.0 实现前端动态配置(获取spring上下文)的两种方式,启动数据库中已开启定时任务
- IT忍者神龟之基于CAS实现单点登录(SSO)之配置CAS服务端的数据库查询认证机制(一)
- spring boot 集成quartz 2.0 实现前端动态配置(获取spring上下文)的两种方式,启动数据库中已开启定时任务
- spring 集成quartz 用数据库实现quartz的集群
- Spring-Boot 集成Redis实现查询缓存提高查询效率减轻数据库访问压力(涉及key的添加和删除)
- MongoDB自动增长id实现、自定义函数调用、与Spring集成
- SpringBoot:集成Shiro之自定义Realm实现认证授权
- Spring集成quartz框架实现定时任务(一)
- 自定义注解+Spring AOP实现记录用户操作日志
- Spring+MyBatis实现数据库读写分离方案
- spring实现数据库读写分离