配置CAS登录验证 -- 知识铺

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87

package com.hugeo.cas;

import org.apereo.cas.authentication.HandlerResult;

import org.apereo.cas.authentication.PreventedException;

import org.apereo.cas.authentication.UsernamePasswordCredential;

import org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler;

import org.apereo.cas.authentication.principal.PrincipalFactory;

import org.apereo.cas.services.ServicesManager;

import org.slf4j.LoggerFactory;

import org.springframework.jdbc.core.JdbcTemplate;

import org.springframework.jdbc.datasource.DriverManagerDataSource;

import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

import javax.security.auth.login.FailedLoginException;

import java.security.GeneralSecurityException;

import java.util.HashMap;

import java.util.Map;

public class Login extends AbstractUsernamePasswordAuthenticationHandler {

private static final org.slf4j.Logger logger = LoggerFactory.getLogger(Login.class);

public Login(String name, ServicesManager servicesManager, PrincipalFactory principalFactory, Integer order) {

super(name, servicesManager, principalFactory, order);

}

@Override

protected HandlerResult authenticateUsernamePasswordInternal(UsernamePasswordCredential transformedCredential, String originalPassword) throws GeneralSecurityException, PreventedException {

DriverManagerDataSource d=new DriverManagerDataSource();

d.setDriverClassName("com.mysql.jdbc.Driver");

d.setUrl("jdbc:mysql://127.0.0.1:3306/orange");

d.setUsername("root");

d.setPassword("123456");

JdbcTemplate template=new JdbcTemplate();

template.setDataSource(d);

String username=transformedCredential.getUsername();

String pd=transformedCredential.getPassword();

Map<String,Object> user = template.queryForMap("SELECT `password` FROM sys_user WHERE username = ?", transformedCredential.getUsername());

if(user==null){

throw new FailedLoginException("没有该用户");

}

Map<String, Object> map=new HashMap<>();

map.put("email", "XXXXX@qq.com");

BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();

if(encoder.matches(transformedCredential.getPassword(),user.get("password").toString())){

return createHandlerResult(transformedCredential, principalFactory.createPrincipal(username, map), null);

}

throw new FailedLoginException("Sorry, login attemp failed.");

}

}

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59

package com.hugeo.cas;

import org.apereo.cas.authentication.AuthenticationEventExecutionPlan;

import org.apereo.cas.authentication.AuthenticationEventExecutionPlanConfigurer;

import org.apereo.cas.authentication.AuthenticationHandler;

import org.apereo.cas.authentication.principal.DefaultPrincipalFactory;

import org.apereo.cas.configuration.CasConfigurationProperties;

import org.apereo.cas.services.ServicesManager;

import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.beans.factory.annotation.Qualifier;

import org.springframework.boot.context.properties.EnableConfigurationProperties;

import org.springframework.context.annotation.Bean;

import org.springframework.context.annotation.Configuration;

@Configuration("CustomAuthConfig")

@EnableConfigurationProperties(CasConfigurationProperties.class)

public class CustomAuthConfig implements AuthenticationEventExecutionPlanConfigurer{

@Autowired

private CasConfigurationProperties casProperties;

@Autowired

@Qualifier("servicesManager")

private ServicesManager servicesManager;

@Bean

public AuthenticationHandler myAuthenticationHandler() {

final Login handler = new Login(Login.class.getSimpleName(), servicesManager, new DefaultPrincipalFactory(), 10);

return handler;

}

@Override

public void configureAuthenticationExecutionPlan(AuthenticationEventExecutionPlan plan) {

plan.registerAuthenticationHandler(myAuthenticationHandler());

}

}