手把手教Apereo CAS5.2.3服务端 查数据库验证身份

hugeo的CAS系列:https://blog.csdn.net/u010588262/article/category/7548325
DEMO下载:https://download.csdn.net/download/u010588262/10327539

现在咱们开发环境搭好了就一切好办了
只需要增加两个类,修改两个配置文件就ok了

第一个类,登录验证类

类里面用到了 com.mysql.jdbc.Driver,所以你们懂得,记得在pom里面加入对mysql驱动的依赖,上一篇里提到过了

package com.hugeo.cas;


import org.apereo.cas.authentication.HandlerResult;
import org.apereo.cas.authentication.PreventedException;
import org.apereo.cas.authentication.UsernamePasswordCredential;
import org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.services.ServicesManager;
import org.slf4j.LoggerFactory;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.jdbc.datasource.DriverManagerDataSource;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

import javax.security.auth.login.FailedLoginException;
import java.security.GeneralSecurityException;
import java.util.HashMap;
import java.util.Map;

public class Login extends AbstractUsernamePasswordAuthenticationHandler {
    private static final org.slf4j.Logger logger = LoggerFactory.getLogger(Login.class);

    public Login(String name, ServicesManager servicesManager, PrincipalFactory principalFactory, Integer order) {
        super(name, servicesManager, principalFactory, order);
    }

    @Override
    protected HandlerResult authenticateUsernamePasswordInternal(UsernamePasswordCredential transformedCredential, String originalPassword) throws GeneralSecurityException, PreventedException {
        DriverManagerDataSource d=new DriverManagerDataSource();
        d.setDriverClassName("com.mysql.jdbc.Driver");
        d.setUrl("jdbc:mysql://127.0.0.1:3306/orange");
        d.setUsername("root");
        d.setPassword("123456");
        JdbcTemplate template=new JdbcTemplate();
        template.setDataSource(d);




        String username=transformedCredential.getUsername();
        String pd=transformedCredential.getPassword();
        //查询数据库加密的的密码
        Map user = template.queryForMap("SELECT `password` FROM sys_user WHERE username = ?", transformedCredential.getUsername());

        if(user==null){
            throw new FailedLoginException("没有该用户");
        }

        //返回多属性(暂时不知道怎么用,没研究)
        Map map=new HashMap<>();
        map.put("email", "[email protected]");

        BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
        if(encoder.matches(transformedCredential.getPassword(),user.get("password").toString())){
            return createHandlerResult(transformedCredential, principalFactory.createPrincipal(username, map), null);
        }
        throw new FailedLoginException("Sorry, login attemp failed.");
    }
}

第二个类 登录验证配置

package com.hugeo.cas;

import org.apereo.cas.authentication.AuthenticationEventExecutionPlan;
import org.apereo.cas.authentication.AuthenticationEventExecutionPlanConfigurer;
import org.apereo.cas.authentication.AuthenticationHandler;
import org.apereo.cas.authentication.principal.DefaultPrincipalFactory;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.services.ServicesManager;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@Configuration("CustomAuthConfig")
@EnableConfigurationProperties(CasConfigurationProperties.class)
public class CustomAuthConfig implements AuthenticationEventExecutionPlanConfigurer{

    @Autowired
    private CasConfigurationProperties casProperties;

    @Autowired
    @Qualifier("servicesManager")
    private ServicesManager servicesManager;

    @Bean
    public AuthenticationHandler myAuthenticationHandler() {
        final Login handler = new Login(Login.class.getSimpleName(), servicesManager, new DefaultPrincipalFactory(), 10);
        return handler;
    }

    @Override
    public void configureAuthenticationExecutionPlan(AuthenticationEventExecutionPlan plan) {
        plan.registerAuthenticationHandler(myAuthenticationHandler());
    }
}

把配置文件里写死的用户名密码注释掉

这里写图片描述

修改spring.factories里的配置

这里写图片描述

大功告成了

你可能感兴趣的:(CAS)