日期:2014-05-16 浏览次数:20483 次
?
cas-servlet.xml中使用的是spring-webflow这么个玩意,找到ID=authenticationViaFormAction的bean,
该实体BEAN的p:centralAuthenticationService-ref="centralAuthenticationService"引用的就是applicationContext.xml中的centralAuthenticationService,该centralAuthenticationService引用了authenticationManager(deployerConfigContext.xml中定义了),deployerConfigContext.xml中的authenticationManager就是最终的处理认证的责任人,属性credentialsToPrincipalResolvers下面的列表是被溶解的对象,authenticationHandlers属性下面的列表是指用什么样的方式来溶解上面指定的对象(jdbc或其他的)。
jdbc方式就有几种现成的,在cas-server-support-jdbc-3.3.5.jar包里面,下面以org.jasig.cas.adaptors.jdbc.SearchModeSearchDatabaseAuthenticationHandler为例子进行配置。
将org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler替换成
?
?
?
<bean class="org.jasig.cas.adaptors.jdbc.SearchModeSearchDatabaseAuthenticationHandler"> <property name="tableUsers"> <value>t_bs_eps_users</value> </property> <property name="fieldUser"> <value>user_id</value> </property> <property name="fieldPassword"> <value>passwd</value> </property> <property name="dataSource" ref="dataSourceTargetOracle"/> <property name="passwordEncoder" ref="passwordEncoder"/> </bean>
?
?并且在下面配置好
?
?
<bean id="passwordEncoder" class="org.jasig.cas.util.MD5PasswordEncoder"></bean> <bean id="dataSourceTargetOracle" class="com.mchange.v2.c3p0.ComboPooledDataSource" lazy-init="true" destroy-method="close"> <property name="driverClass" value="com.p6spy.engine.spy.P6SpyDriver"/> <property name="driverClass" value="oracle.jdbc.driver.OracleDriver"/> <property name="user" value="pss"/> <property name="password" value="pss"/> <property name="jdbcUrl" value="jdbc:oracle:thin:@10.60.65.24:1521:rzrun"/> <property name="initialPoolSize" value="0"/> <property name="maxPoolSize" value="100"/> <property name="automaticTestTable" value="dual"/> <property name="testConnectionOnCheckin" value="true"/> <property name="testConnectionOnCheckout" value="false"/> </bean>
?
?并且引入包:c3p0-0.9.0.2.jar、c3p0-oracle-thin-extras-0.9.0.2.jar、ojdbc14.jar、p6spy.jar
不要忘记加密方式,本人用的MD5
?
public class org.jasig.cas.util.MD5PasswordEncoder implements PasswordEncoder{
//用MD5加密密码
}
?
?
?
package org.jasig.cas.util; /******************************************************************************* * md5 类实现了RSA Data Security, Inc.在提交给IETF 的RFC1321中的MD5 message-digest 算法?? ******************************************************************************/ public class MD5 { // 下面这些S11-S44实际上是????4*4的矩阵,这样写是方便修改 static final int S11 = 7; static final int S12 = 12; static final int S13 = 17; static final int S14 = 22; static final int S21 = 5; static final int S22 = 9; static final int S23 = 14; static final int S24 = 20; static final int S31 = 4; static final int S32 = 11; static final int S33 = 16; static final int S34 = 23; static final int S41 = 6; static final int S42 = 10; static final int S43 = 15; static final int S44 = 21; static final byte[] PADDING = { -128, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,