应需求的变化,在登录cas的时候,默认根据用户名和密码进行验证,如果加上用户名,密码和一个系统标识进行验证呢?该如何做呢?
我们知道cas默认的登录界面中,输入的用户名和密码,再配置一下deployerConfigContext.xml 这个文件中的bean org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler 的这个标签,写上对应的sql,以及在<bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">中配置数据库驱动,数据库名称,以及登陆密码等。
如果再加上一个其他的验证该怎么做呢?
1 根据xml中bean标签的提示,很容器找到这个类QueryDatabaseAuthenticationHandler.java类,首先先修改login-webflow.xml,修改代码如下所示:
<binder>
<binding property="username" />
<binding property="password" />
<binding property="systemId" />
</binder>
其中<bingding property="systemId" />与界面中传递过来的隐含域一致。
2 casLoginView.jsp中增加的js代码如下所示,从登陆地址的url传递参数。
<script language="javascript" type="text/javascript">
window.onload=function()//用window的onload事件,窗体加载完毕的时候
{
//do something
var result = location.search.match(new RegExp("[\?\&]" + 'systemId'+ "=([^\&]+)","i"));
if(result == null || result.length < 1){ result ="";
} $("#systemId")[0].value=result[1];
} </script>
参登陆页面地址为https://www.cdvcloud.com:8443/cas/login?systemId=vms2.0 ,在第一次登陆界面的时候会携带这两个参数https://www.cdvcloud.com:8443/cas/login?service=http%3A%2F%2F172.16.3.101%3A8080%2Fvms2.0%2Fuser%2FtoMain%2F 其中的一个为我们的自定义的系统标识,第二个为cas验证数据库成功后转到的主界面。
3 在登录界面中加上了hidden,以此来传递给CAS。
<input type="hidden" name="systemId" id="systemId">
4 修改CAS源代码,UsernamePasswordCredentials.java,代码如下所示。
/*
* Copyright 2007 The JA-SIG Collaborative. All rights reserved. See license
* distributed with this file and available online at
* http://www.ja-sig.org/products/cas/overview/license/
*/
package org.jasig.cas.authentication.principal; import javax.validation.constraints.NotNull;
import javax.validation.constraints.Size; /**
* UsernamePasswordCredentials respresents the username and password that a user
* may provide in order to prove the authenticity of who they say they are.
*
* @author Scott Battaglia
* @version $Revision: 1.2 $ $Date: 2007/01/22 20:35:26 $
* @since 3.0
* <p>
* This is a published and supported CAS Server 3 API.
* </p>
*/
public class UsernamePasswordCredentials implements Credentials { /** Unique ID for serialization. */
private static final long serialVersionUID = -8343864967200862794L; /** The username. */
@NotNull
@Size(min=1,message = "required.username")
private String username; /** The password. */
@NotNull
@Size(min=1, message = "required.password")
private String password; /** The systemId for vms2.0 for sql validate xx add 2014��7��21��16:12:51. */
@NotNull
@Size(min=1, message = "required.systemId")
private String systemId;
/*systemId begin*/ /**
* @return Returns the systemId.
*/ public String getSystemId() {
return systemId;
} public void setSystemId(String systemId) {
this.systemId = systemId;
} public String toStringSystemId() {
return "[systemId: " + this.systemId + "]";
} /*end */ /**
* @return Returns the password.
*/
public final String getPassword() {
return this.password;
} /**
* @param password The password to set.
*/
public final void setPassword(final String password) {
this.password = password;
} /**
* @return Returns the userName.
*/
public final String getUsername() {
return this.username;
} /**
* @param userName The userName to set.
*/
public final void setUsername(final String userName) {
this.username = userName;
} public String toString() {
return "[username: " + this.username + "]";
} @Override
public boolean equals(final Object o) {
if (this == o) return true;
if (o == null || getClass() != o.getClass()) return false; UsernamePasswordCredentials that = (UsernamePasswordCredentials) o; if (password != null ? !password.equals(that.password) : that.password != null) return false;
if (username != null ? !username.equals(that.username) : that.username != null) return false; return true;
} @Override
public int hashCode() {
int result = username != null ? username.hashCode() : 0;
result = 31 * result + (password != null ? password.hashCode() : 0);
return result;
}
}
除了cas自己的用户名和密码,添加自己的systemId标识。
5 修改QueryDatabaseAuthenticationHandler.java类 , 代码如下所示。
/*
* Copyright 2007 The JA-SIG Collaborative. All rights reserved. See license
* distributed with this file and available online at
* http://www.ja-sig.org/products/cas/overview/license/
*/
package org.jasig.cas.adaptors.jdbc; import org.jasig.cas.authentication.handler.AuthenticationException;
import org.jasig.cas.authentication.principal.UsernamePasswordCredentials;
import org.springframework.dao.IncorrectResultSizeDataAccessException; import javax.validation.constraints.NotNull; /**
* Class that if provided a query that returns a password (parameter of query
* must be username) will compare that password to a translated version of the
* password provided by the user. If they match, then authentication succeeds.
* Default password translator is plaintext translator.
*
* @author Scott Battaglia
* @author Dmitriy Kopylenko
* @version $Revision$ $Date$
* @since 3.0
*/
public final class QueryDatabaseAuthenticationHandler extends
AbstractJdbcUsernamePasswordAuthenticationHandler { @NotNull
private String sql; protected final boolean authenticateUsernamePasswordInternal(final UsernamePasswordCredentials credentials) throws AuthenticationException {
final String username = getPrincipalNameTransformer().transform(credentials.getUsername());
final String password = credentials.getPassword();
//xx add 2014 7 21 16:27:58 for vms2.0 systemid begin----------
//final String systemId = credentials.getSystemId();
String mySystemId = credentials.getSystemId();
String[] systemIdGroup=mySystemId.split(",");
String systemId= systemIdGroup[0];
System.out.println("systemId---------"+systemId+"----------------systemid value");
//xxadd 2014 7 21 16:27:58 for vms2.0 systemid end----------
final String encryptedPassword = this.getPasswordEncoder().encode(
password); try {
final String dbPassword = getJdbcTemplate().queryForObject(
this.sql, String.class, username,systemId);
return dbPassword.equals(encryptedPassword);
} catch (final IncorrectResultSizeDataAccessException e) {
// this means the username was not found.
return false;
}
} /**
* @param sql The sql to set.
*/
public void setSql(final String sql) {
this.sql = sql;
}
}