cas单点登录-jdbc认证(三)
时间:2021-07-01 10:21:17
帮助过:8人阅读
xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0
</modelVersion>
<parent>
<groupId>com.carl.auth
</groupId>
<artifactId>sso
</artifactId>
<version>1.0.0
</version>
<relativePath>../pom.xml
</relativePath>
</parent>
<artifactId>sso-server
</artifactId>
<packaging>war
</packaging>
<name>sso-server
</name>
<description>CAS认证服务,负责各系统的鉴权的鉴权
</description>
<dependencies>
<dependency>
<groupId>org.apereo.cas
</groupId>
<artifactId>cas-server-webapp-tomcat
</artifactId>
<version>${cas.version}
</version>
<type>war
</type>
<scope>runtime
</scope>
</dependency>
<!--新增支持jdbc验证-->
<dependency>
<groupId>org.apereo.cas
</groupId>
<artifactId>cas-server-support-jdbc
</artifactId>
<version>${cas.version}
</version>
</dependency>
<!--使用mysql驱动-->
<dependency>
<groupId>mysql
</groupId>
<artifactId>mysql-connector-java
</artifactId>
<version>${mysql.version}
</version>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.apereo.cas
</groupId>
<artifactId>cas-server-support-bom
</artifactId>
<version>${cas.version}
</version>
<type>pom
</type>
<scope>import
</scope>
</dependency>
</dependencies>
</dependencyManagement>
<build>
<plugins>
<plugin>
<groupId>com.rimerosolutions.maven.plugins
</groupId>
<artifactId>wrapper-maven-plugin
</artifactId>
<version>0.0.5
</version>
<configuration>
<verifyDownload>true
</verifyDownload>
<checksumAlgorithm>MD5
</checksumAlgorithm>
</configuration>
</plugin>
<plugin>
<groupId>org.springframework.boot
</groupId>
<artifactId>spring-boot-maven-plugin
</artifactId>
<version>${springboot.version}
</version>
<configuration>
<mainClass>org.springframework.boot.loader.WarLauncher
</mainClass>
<addResources>true
</addResources>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins
</groupId>
<artifactId>maven-war-plugin
</artifactId>
<version>3.1.0
</version>
<configuration>
<warName>cas
</warName>
<failOnMissingWebXml>false
</failOnMissingWebXml>
<recompressZippedFiles>false
</recompressZippedFiles>
<archive>
<compress>false
</compress>
<manifestFile>${project.build.directory}/war/work/org.apereo.cas/cas-server-webapp-tomcat/META-INF/MANIFEST.MF
</manifestFile>
</archive>
<overlays>
<overlay>
<groupId>org.apereo.cas
</groupId>
<artifactId>cas-server-webapp-tomcat
</artifactId>
</overlay>
</overlays>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins
</groupId>
<artifactId>maven-compiler-plugin
</artifactId>
<version>3.3
</version>
</plugin>
</plugins>
<finalName>cas
</finalName>
</build>
</project>
3.3、application.properties新增配置
#jdbc验证配置
#Query Database Authentication 数据库查询校验用户名开始
#查询账号密码sql,必须包含密码字段
cas.authn.jdbc.query[0].sql=select * from sys_user where username=?
#指定上面的sql查询字段名(必须)
cas.authn.jdbc.query[0].fieldPassword=password
#指定过期字段,1为过期,若过期需要修改密码
cas.authn.jdbc.query[0].fieldExpired=expired
#为不可用字段段,1为不可用,
cas.authn.jdbc.query[0].fieldDisabled=disabled
#数据库方言hibernate的知识
cas.authn.jdbc.query[0].dialect=org.hibernate.dialect.MySQLDialect
#数据库驱动
cas.authn.jdbc.query[0].driverClass=com.mysql.jdbc.Driver
#数据库连接
cas.authn.jdbc.query[0].url=jdbc:mysql://localhost:53306/cas?useUnicode=true&characterEncoding=UTF-8
#数据库用户名
cas.authn.jdbc.query[0].user=root
#数据库密码
cas.authn.jdbc.query[0].password=123456
#默认加密策略,通过encodingAlgorithm来指定算法,默认NONE不加密
cas.authn.jdbc.query[0].passwordEncoder.type=DEFAULT
cas.authn.jdbc.query[0].passwordEncoder.characterEncoding=UTF-8
cas.authn.jdbc.query[0].passwordEncoder.encodingAlgorithm=MD5
#Query Database Authentication 数据库查询校验用户名结束 #jdbc验证配置
以上配置,如驱动,查询数据库等等需要根据不同的场景进行调整
- 若密码无加密,调整
passwordEncoder.type=NONE
- 若密码加密策略为SHA,调整
passwordEncoder.encodingAlgorithm=SHA
- 若算法为自定义,实现
org.springframework.security.crypto.password.PasswordEncoder
接口,并且把类名配置在passwordEncoder.type
3.4、执行流程
例如:输入admin/xiaoxiao
3.5、对密码进行盐值处理再加密,application.properties配置文件修改
#Encode Database Authentication 开始
#加密次数
cas.authn.jdbc.encode[0].numberOfIterations=2
#该列名的值可替代上面的值,但对密码加密时必须取该值进行处理
cas.authn.jdbc.encode[0].numberOfIterationsFieldName=
# 盐值固定列
cas.authn.jdbc.encode[0].saltFieldName=username
#静态盐值
cas.authn.jdbc.encode[0].staticSalt=.
cas.authn.jdbc.encode[0].sql=select * from sys_user_encode where username=?
#对处理盐值后的算法
cas.authn.jdbc.encode[0].algorithmName=MD5
cas.authn.jdbc.encode[0].passwordFieldName=password
cas.authn.jdbc.encode[0].expiredFieldName=expired
cas.authn.jdbc.encode[0].disabledFieldName=disabled
cas.authn.jdbc.encode[0].url=jdbc:hsqldb:mem:cas-hsql-database
cas.authn.jdbc.encode[0].dialect=jdbc:mysql://localhost:53306/cas?useUnicode=true&characterEncoding=UTF-8
cas.authn.jdbc.encode[0].user=root
cas.authn.jdbc.encode[0].password=123456
cas.authn.jdbc.encode[0].driverClass=com.mysql.jdbc.Driver
#Encode Database Authentication 结束
4、验证
4.1、输入admin/xiaoxiao
4.2、输入、jacky/321
4.3、输入zhangsan/789
5、总结
- pom.xm配置引入jdbc支持包,和 数据库驱动包
- application.properties增加数据连接配置和加密方式
cas单点登录-jdbc认证(三)
标签:des query car led 并且 coding 原理 用户 path