jasig-cas单点登录之自定义验证--jdbc

?

cas-servlet.xml中使用的是spring-webflow这么个玩意，找到ID=authenticationViaFormAction的bean,

该实体BEAN的p:centralAuthenticationService-ref="centralAuthenticationService"引用的就是applicationContext.xml中的centralAuthenticationService，该centralAuthenticationService引用了authenticationManager(deployerConfigContext.xml中定义了)，deployerConfigContext.xml中的authenticationManager就是最终的处理认证的责任人，属性credentialsToPrincipalResolvers下面的列表是被溶解的对象，authenticationHandlers属性下面的列表是指用什么样的方式来溶解上面指定的对象(jdbc或其他的)。

jdbc方式就有几种现成的，在cas-server-support-jdbc-3.3.5.jar包里面，下面以org.jasig.cas.adaptors.jdbc.SearchModeSearchDatabaseAuthenticationHandler为例子进行配置。

将org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler替换成

?

?

?

<bean class="org.jasig.cas.adaptors.jdbc.SearchModeSearchDatabaseAuthenticationHandler">
	                    <property name="tableUsers">
	                        <value>t_bs_eps_users</value>
	                    </property>
	                    <property name="fieldUser">
	                        <value>user_id</value>
	                    </property>
	                    <property name="fieldPassword">
							<value>passwd</value>
	                    </property>
	                    <property name="dataSource" ref="dataSourceTargetOracle"/>
	                    <property name="passwordEncoder" ref="passwordEncoder"/>
               		 </bean>

?

?并且在下面配置好

?

?

<bean id="passwordEncoder" class="org.jasig.cas.util.MD5PasswordEncoder"></bean>
	<bean id="dataSourceTargetOracle" class="com.mchange.v2.c3p0.ComboPooledDataSource" lazy-init="true"
          destroy-method="close">      
         <property name="driverClass" value="com.p6spy.engine.spy.P6SpyDriver"/>
        <property name="driverClass" value="oracle.jdbc.driver.OracleDriver"/>
        <property name="user" value="pss"/>
        <property name="password" value="pss"/>
		<property name="jdbcUrl" value="jdbc:oracle:thin:@10.60.65.24:1521:rzrun"/>
        <property name="initialPoolSize" value="0"/>
        <property name="maxPoolSize" value="100"/>
        <property name="automaticTestTable" value="dual"/>
        <property name="testConnectionOnCheckin" value="true"/>
        <property name="testConnectionOnCheckout" value="false"/>
    </bean>

?

?并且引入包：c3p0-0.9.0.2.jar、c3p0-oracle-thin-extras-0.9.0.2.jar、ojdbc14.jar、p6spy.jar

不要忘记加密方式，本人用的MD5

?

public class org.jasig.cas.util.MD5PasswordEncoder implements PasswordEncoder{

//用MD5加密密码

}

?

?

?

package org.jasig.cas.util;

/*******************************************************************************
 * md5 类实现了RSA Data Security, Inc.在提交给IETF 的RFC1321中的MD5 message-digest 算法??
 ******************************************************************************/

public class MD5 {
	// 下面这些S11-S44实际上是????4*4的矩阵，这样写是方便修改
	static final int S11 = 7;

	static final int S12 = 12;

	static final int S13 = 17;

	static final int S14 = 22;

	static final int S21 = 5;

	static final int S22 = 9;

	static final int S23 = 14;

	static final int S24 = 20;

	static final int S31 = 4;

	static final int S32 = 11;

	static final int S33 = 16;

	static final int S34 = 23;

	static final int S41 = 6;

	static final int S42 = 10;

	static final int S43 = 15;

	static final int S44 = 21;

	static final byte[] PADDING = { -128, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
			0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
			0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,