cas重新实现登陆认证逻辑

package com.ucit.cas;



import java.security.NoSuchAlgorithmException;

import java.sql.ResultSet;

import java.sql.SQLException;

import java.util.List;



import org.apache.jetspeed.security.SecurityException;

import org.apache.jetspeed.security.spi.impl.MessageDigestCredentialPasswordEncoder;

import org.jasig.cas.adaptors.jdbc.AbstractJdbcUsernamePasswordAuthenticationHandler;

import org.jasig.cas.authentication.handler.AuthenticationException;

import org.jasig.cas.authentication.principal.UsernamePasswordCredentials;

import org.springframework.jdbc.core.simple.ParameterizedRowMapper;



public final class UCITCASAuthHandler extends

		AbstractJdbcUsernamePasswordAuthenticationHandler {

	protected boolean authenticateUsernamePasswordInternal(

			UsernamePasswordCredentials credentials)

			throws AuthenticationException {

		String username = credentials.getUsername();

		String password = credentials.getPassword();

		try {

			MessageDigestCredentialPasswordEncoder encoder = new MessageDigestCredentialPasswordEncoder();

			/*List<String> list = getJdbcTemplate().query(

					"SELECT column_value FROM security_principal p,"

							+ "security_credential c where p.full_path=? and "

							+ "c.principal_id=p.principal_id",

					new ParameterizedRowMapper<String>() {

						public String mapRow(ResultSet rs, int index)

								throws SQLException {

							return rs.getString(1);

						}

					}, "/user/" + username);*/

			List<String> list = getJdbcTemplate().query(

					"select column_value from porta_user pu where pu.full_path=? ",

					new ParameterizedRowMapper<String>() {

						public String mapRow(ResultSet rs, int index)

								throws SQLException {

							return rs.getString(1);

						}

					}, "/user/" + username);

			return list.isEmpty() ? aliasCheck(username, password,credentials) : list.get(0)

					.equals(encoder.encode(username, password));

		} catch (Exception e) {

			e.printStackTrace();

			return false;

		}

	}

	private boolean aliasCheck(String username, String password,UsernamePasswordCredentials credentials) {

		try {

			MessageDigestCredentialPasswordEncoder encoder = new MessageDigestCredentialPasswordEncoder();

		

		List<String[]> list = getJdbcTemplate().query(

				"select column_value,full_path from porta_user  where alias=?",

				new ParameterizedRowMapper<String[]>() {

					public String[] mapRow(ResultSet rs, int index)

							throws SQLException {

						return new String[]{rs.getString(1),rs.getString(2)};

					}

				}, username);

		if (list.isEmpty())

			return verify(username, password);

		else{

			String _username=list.get(0)[1].replaceAll("/user/", "");

			credentials.setUsername(_username);

			return list.get(0)[0].equals(encoder.encode(_username, password));

		}

//		return list.isEmpty() ? verify(username, password) : list.get(0)

//				.equals(encoder.encode(username, password));

		} catch (Exception e) {

			// TODO Auto-generated catch block

			e.printStackTrace(); 

			return false;  

		}



	}

	private boolean verify(String username, String password) {

		List<String> list = getJdbcTemplate().query(

				"SELECT uid FROM user where ULoginID=? and upass=?",

				new ParameterizedRowMapper<String>() {

					public String mapRow(ResultSet rs, int index)

							throws SQLException {

						return rs.getString(1);  

					}

				}, username, password);

		return !list.isEmpty();

	}    

	

	

	public static void main(String[] args) throws NoSuchAlgorithmException, SecurityException {

		MessageDigestCredentialPasswordEncoder encoder = new MessageDigestCredentialPasswordEncoder();

		System.out.println(encoder.encode("510722197305041435", "7788119"));

	}

}

下载项目
https://9p9q8w.blu.livefilestore.com/y1p0ioo0EVb55XY-YbpBePUgmee5w3lcGPIzWOsknbo-6BvbinZZAPtsPMkOKD0kZ0vuJgaOwqrodOx6FmcbTVMWDQPYU_HGEQT/cas(2010-06-08%E9%87%8D%E5%86%99%E7%99%BB%E9%99%86%E9%AA%8C%E8%AF%81%2C%E6%94%AF%E6%8C%81%E5%88%AB%E5%90%8D%E7%99%BB%E9%99%86).zip?download&psid=1