免费视频淫片aa毛片_日韩高清在线亚洲专区vr_日韩大片免费观看视频播放_亚洲欧美国产精品完整版

OpenJWeb應(yīng)用開發(fā)平臺(tái)與CAS的單點(diǎn)登錄產(chǎn)品進(jìn)行了集成, CAS單點(diǎn)登錄產(chǎn)品的默認(rèn)的認(rèn)證類是SimpleTestUsernamePasswordAuthenticationHandler,這個(gè)類的實(shí)現(xiàn)是當(dāng)用戶名和口令相等時(shí)認(rèn)證通過,所以這個(gè)類肯定不能在生產(chǎn)環(huán)境使用的,現(xiàn)在需要將此類替換掉,實(shí)現(xiàn)一個(gè)基于數(shù)據(jù)庫(kù)訪問的認(rèn)證方式.本文講述如何實(shí)現(xiàn)這個(gè)類(數(shù)據(jù)源在tomcat中如何配置從略,我想大家都知道配置方式).

    在CAS的WEB-INF目錄下有個(gè)deployerConfigContext.xml文件,將<bean
     class="org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler" />改為

<bean
     class="org.jasig.cas.authentication.handler.support.CasDaoAuthenticationHandler" />

其中CasDaoAuthenticationHandler是我自己開發(fā)的實(shí)現(xiàn)類,代碼如下:

package org.jasig.cas.authentication.handler.support;

import java.sql.Connection;
import java.sql.ResultSet;

import javax.naming.Context;
import javax.naming.InitialContext;
import javax.sql.DataSource;
 
import org.jasig.cas.authentication.principal.UsernamePasswordCredentials;

public final class CasDaoAuthenticationHandler extends AbstractUsernamePasswordAuthenticationHandler
{
    public CasDaoAuthenticationHandler()
     {
     }

     public boolean authenticateUsernamePasswordInternal(UsernamePasswordCredentials credentials)
     {
      boolean bool = false;
         String username = credentials.getUsername();
         String password = credentials.getPassword();
         System.out.println("開始CAS認(rèn)證......");
            System.out.println("userName:"+username);
            System.out.println("password:"+password);
         //首先連接權(quán)限數(shù)據(jù)庫(kù)
         try
         {
          DataSource ds = null;
             InitialContext ctx=new InitialContext();
             Context contx = (Context)ctx.lookup("java:comp/env");
             ds = (DataSource) contx.lookup("jdbc/mysql");
             Connection con =  ds.getConnection();
             if(con == null)
             System.out.println("con is null");

             String sql  = "select count(*)  from eas_login_user where  user_id='"+username+"' and user_password='"+password+"'";
             ResultSet res = con.prepareStatement(sql).executeQuery();
             while(res.next())
             {
              int i = Integer.parseInt(res.getObject(1).toString());
              if(i>0)
              {
               System.out.println("認(rèn)證成功!");
               bool = true;
               break;
              }
             }
            con.close();
         }
         catch(Exception ex)
         {
          ex.printStackTrace();
          System.out.println("數(shù)據(jù)庫(kù)連接失敗!");
          return bool;
         }
        
         return bool;
     }

     protected void afterPropertiesSetInternal()
         throws Exception
     {
         super.afterPropertiesSetInternal();
     }

}

上面的代碼是取CAS登錄頁面的用戶名和口令到數(shù)據(jù)庫(kù)檢驗(yàn)是否存在用戶名和口令相同的記錄,當(dāng)然在生產(chǎn)環(huán)境中

用戶口令是加密存儲(chǔ)的,所以實(shí)際應(yīng)用中增加一個(gè)加密算法就可以了.