cas重新实现登陆认证逻辑
package com.ucit.cas;
import java.security.NoSuchAlgorithmException;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.List;
import org.apache.jetspeed.security.SecurityException;
import org.apache.jetspeed.security.spi.impl.MessageDigestCredentialPasswordEncoder;
import org.jasig.cas.adaptors.jdbc.AbstractJdbcUsernamePasswordAuthenticationHandler;
import org.jasig.cas.authentication.handler.AuthenticationException;
import org.jasig.cas.authentication.principal.UsernamePasswordCredentials;
import org.springframework.jdbc.core.simple.ParameterizedRowMapper;
public final class UCITCASAuthHandler extends
AbstractJdbcUsernamePasswordAuthenticationHandler {
protected boolean authenticateUsernamePasswordInternal(
UsernamePasswordCredentials credentials)
throws AuthenticationException {
String username = credentials.getUsername();
String password = credentials.getPassword();
try {
MessageDigestCredentialPasswordEncoder encoder = new MessageDigestCredentialPasswordEncoder();
/*List<String> list = getJdbcTemplate().query(
"SELECT column_value FROM security_principal p,"
+ "security_credential c where p.full_path=? and "
+ "c.principal_id=p.principal_id",
new ParameterizedRowMapper<String>() {
public String mapRow(ResultSet rs, int index)
throws SQLException {
return rs.getString(1);
}
}, "/user/" + username);*/
List<String> list = getJdbcTemplate().query(
"select column_value from porta_user pu where pu.full_path=? ",
new ParameterizedRowMapper<String>() {
public String mapRow(ResultSet rs, int index)
throws SQLException {
return rs.getString(1);
}
}, "/user/" + username);
return list.isEmpty() ? aliasCheck(username, password,credentials) : list.get(0)
.equals(encoder.encode(username, password));
} catch (Exception e) {
e.printStackTrace();
return false;
}
}
private boolean aliasCheck(String username, String password,UsernamePasswordCredentials credentials) {
try {
MessageDigestCredentialPasswordEncoder encoder = new MessageDigestCredentialPasswordEncoder();
List<String[]> list = getJdbcTemplate().query(
"select column_value,full_path from porta_user where alias=?",
new ParameterizedRowMapper<String[]>() {
public String[] mapRow(ResultSet rs, int index)
throws SQLException {
return new String[]{rs.getString(1),rs.getString(2)};
}
}, username);
if (list.isEmpty())
return verify(username, password);
else{
String _username=list.get(0)[1].replaceAll("/user/", "");
credentials.setUsername(_username);
return list.get(0)[0].equals(encoder.encode(_username, password));
}
// return list.isEmpty() ? verify(username, password) : list.get(0)
// .equals(encoder.encode(username, password));
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
return false;
}
}
private boolean verify(String username, String password) {
List<String> list = getJdbcTemplate().query(
"SELECT uid FROM user where ULoginID=? and upass=?",
new ParameterizedRowMapper<String>() {
public String mapRow(ResultSet rs, int index)
throws SQLException {
return rs.getString(1);
}
}, username, password);
return !list.isEmpty();
}
public static void main(String[] args) throws NoSuchAlgorithmException, SecurityException {
MessageDigestCredentialPasswordEncoder encoder = new MessageDigestCredentialPasswordEncoder();
System.out.println(encoder.encode("510722197305041435", "7788119"));
}
}
下载项目
https://9p9q8w.blu.livefilestore.com/y1p0ioo0EVb55XY-YbpBePUgmee5w3lcGPIzWOsknbo-6BvbinZZAPtsPMkOKD0kZ0vuJgaOwqrodOx6FmcbTVMWDQPYU_HGEQT/cas(2010-06-08%E9%87%8D%E5%86%99%E7%99%BB%E9%99%86%E9%AA%8C%E8%AF%81%2C%E6%94%AF%E6%8C%81%E5%88%AB%E5%90%8D%E7%99%BB%E9%99%86).zip?download&psid=1