《CAS登录验证(密码MD5、SHA加密后,再进行Base64加密实现代码),与Liferay的用户身份验证对应》由会员分享,可在线阅读,更多相关《CAS登录验证(密码MD5、SHA加密后,再进行Base64加密实现代码),与Liferay的用户身份验证对应(10页珍藏版)》请在金锄头文库上搜索。
1、定制CAS登录验证,用Liferay的用户身份进行验证摘要本文以Liferay与CAS整合为例,将CAS登录验证从输入相同的用户名/密码定制为以Liferay的用户身份进行验证。环境 MySQL5.0.5 JRE 1.6.0.7 Ubuntu 8.04 Liferay 5.1.1 Bundled with Tomcat 6.0 CAS Server 3.3.1 Yale CAS Client 2.0.11 NetBeans IDE 6.1在进行本文示例前,请参考这里。新建工程打开NetBeans IDE,新建Java Class Library工程:PortalAuthHandler。添加依赖
2、包从CAS中的lib下找到如下jar: cas-server-core-3.3.jar inspektr-core-0.7.0.jar下载spring-core.jar(2.5.5),点这里。将这三个jar包添加到工程PortalAuthHandler下。编写测试用例在Test Packages下建立测试用例,代码如下:package com.jinfonet.developer.portal;import junit.framework.TestCase;import org.jasig.cas.authentication.handler.PasswordEncoder;/* author
3、 88250 */public final class Base64PasswordEncoderTests extends TestCase private final PasswordEncoder passwordEncoder = new Base64PasswordEncoder(SHA1);public void testHashBase64Encoded() assertEquals(qUqP5cyxm6YcTAhz05Hph5gvu9M=, this.passwordEncoder.encode(test);public void testNullPassword() asse
4、rtEquals(null, this.passwordEncoder.encode(null);public void testInvalidEncodingType() final PasswordEncoder pe = new Base64PasswordEncoder(invalid encoding);try pe.encode(test);fail(exception expected.); catch (final Exception e) return;这个测试用例有三个测试方法,其中HashBase64Encoded最为重要。因为在Liferay的帐户表User_中的pas
5、sword_字段默认是以SHA1进行加密,然后再以Base64进行编码存放的。而CAS中自带的Password Encoder只有用加密算法进行加密的步骤,没有Base64编码的步骤,所以我们要写一个带有Base64编码功能的Encoder,且必须是实现org.jasig.cas.authentication.handler.PasswordEncoder接口的。编写实现代码注:代码已测试。package com.jinfonet.developer.portal;import java.io.UnsupportedEncodingException;import java.security.
6、MessageDigest;import java.security.NoSuchAlgorithmException;/import mon.ioc.annotation.NotNull;import org.jasig.cas.authentication.handler.PasswordEncoder;import org.springframework.util.StringUtils;import sun.misc.BASE64Encoder;/* author 88250 */public class Base64PasswordEncoder implements Passwor
7、dEncoder private static final char HEX_DIGITS = 0, 1, 2, 3, 4, 5,6, 7, 8, 9, a, b, c, d, e, f;/NotNullprivate final String encodingAlgorithm;private String characterEncoding;public Base64PasswordEncoder(final String encodingAlgorithm) this.encodingAlgorithm = encodingAlgorithm;public String encode(f
8、inal String password) if (password = null) return null;try MessageDigest messageDigest = MessageDigest.getInstance(this.encodingAlgorithm);if (StringUtils.hasText(this.characterEncoding) messageDigest.update(password.getBytes(this.characterEncoding); else messageDigest.update(password.getBytes();fin
9、al byte digest = messageDigest.digest();return getFormattedText(digest); catch (final NoSuchAlgorithmException e) throw new SecurityException(e); catch (final UnsupportedEncodingException e) throw new RuntimeException(e);/* Takes the raw bytes from the digest and formats them correct.* param bytes t
10、he raw bytes from the digest.* return the formatted bytes.*/private String getFormattedText(byte bytes) final StringBuilder buf = new StringBuilder(bytes.length * 2);sun.misc.BASE64Encoder e = new BASE64Encoder();final String buf2 = e.encode(bytes);for (int j = 0; j 4) & 0x0f);buf.append(HEX_DIGITSb
11、ytesj & 0x0f);System.out.println(Final: + buf2);System.out.println(encodingAlgorithm + : + buf);return buf2.toString();public final void setCharacterEncoding(final String characterEncoding) this.characterEncoding = characterEncoding;注意:这里,我们使用了Sun的一个受限类:BASE64Encoder。如果你自己有实现,尽量用自己的。工程结构截图工程的完整结构截图如下:测试与打包单元测通过后到工程目录下的dist目录下把Build出的jar中的class文件(with package)打包到$LIFERAY_HOME/webapps/cas-web/cas-server-core-3.3.jar中。启用定制后的登录验证编辑$LIFERAY_HOME/webapps/cas-web/WEB-INF/deployerConfigContext.xml文件,将替换为注意:在Liferay中最好使用screenName作为CAS验证的用户名,emailAddress是不能用的,ID方式没经过测试。然后,在紧跟的后加入:constru
