# cas_server
**Repository Path**: kaikai_chang/cas_server
## Basic Information
- **Project Name**: cas_server
- **Description**: 单点登录服务端(基于cas_overlay_template-5.3)
- **Primary Language**: Java
- **License**: Apache-2.0
- **Default Branch**: develop
- **Homepage**: None
- **GVP Project**: No
## Statistics
- **Stars**: 3
- **Forks**: 2
- **Created**: 2022-03-25
- **Last Updated**: 2024-06-03
## Categories & Tags
**Categories**: Uncategorized
**Tags**: None
## README
# cas_server
#### 介绍
单点登录服务端(基于cas_overlay_template-5.3)
#### 软件架构
本项目基于cas_overlay_template-5.3进行升级
#### 安装教程
1. 配置HTTPS访问,具体网上查找教程
2. 修改配置文件
2. 配置自定义验证
3. 配置druid连接池
#### 使用说明
##### 1.修改配置:
```json
1.HTTPSandIMAPS-10000001.json文件(配置支持HTTP协议的客户端)
{
"@class" : "org.apereo.cas.services.RegexRegisteredService",
"serviceId" : "^(https|http|imaps)://.*",
"name" : "HTTPS, HTTP and IMAPS",
"id" : 10000001,
"description" : "This service definition authorizes all application urls that support HTTPS, HTTP and IMAPS protocols.",
"evaluationOrder" : 10000
}
2.application.properties文件
配置证书私钥
server.ssl.key-store=D:\\mycas\\casserver.keystore
server.ssl.key-store-password=changeit
server.ssl.key-password=changeit
#从Json初始服务注册表
cas.serviceRegistry.initFromJson=true
#改为false以支持HTTP协议的客户端
cas.tgc.secure=false
#退出跳转到service定义的url
cas.logout.followServiceRedirects=true
```
##### 2.配置自定义验证
```pom
1.引入依赖
org.apereo.cas
cas-server-support-jdbc
${cas.version}
org.apereo.cas
cas-server-support-jdbc-drivers
${cas.version}
mysql
mysql-connector-java
8.0.11
org.apereo.cas
cas-server-core-authentication
${cas.version}
org.apereo.cas
cas-server-core-authentication-api
${cas.version}
org.apereo.cas
cas-server-core-webflow
${cas.version}
com.alibaba
druid
1.2.4
```
```java
2.自定义验证类继承AbstractUsernamePasswordAuthenticationHandler类
package org.ncp.handler;
import org.apereo.cas.authentication.AuthenticationHandlerExecutionResult;
import org.apereo.cas.authentication.PreventedException;
import org.apereo.cas.authentication.UsernamePasswordCredential;
import org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.services.ServicesManager;
import org.ncp.dto.User;
import org.ncp.util.DBConnection;
import org.ncp.util.MD5Util;
import org.ncp.util.PasswordUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.jdbc.core.BeanPropertyRowMapper;
import org.springframework.jdbc.core.JdbcTemplate;
import javax.security.auth.login.AccountException;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
/**
* 自定义验证类
*/
public class MyAuthenticationHandler extends AbstractUsernamePasswordAuthenticationHandler {
private Integer USER_FREEZE = 2;
private final static Logger logger = LoggerFactory.getLogger(MyAuthenticationHandler.class);
public MyAuthenticationHandler(String name, ServicesManager servicesManager, PrincipalFactory principalFactory, Integer order) {
super(name, servicesManager, principalFactory, order);
}
@Override
protected AuthenticationHandlerExecutionResult authenticateUsernamePasswordInternal(UsernamePasswordCredential credential, String originalPassword) throws GeneralSecurityException, PreventedException {
//1.密码MD5加密,与平台保持一致
String passwordMD5Encode = MD5Util.MD5Encode(credential.getPassword(), "utf-8");
String username = credential.getUsername();
logger.info("认证用户 username = {}", username);
System.out.println("认证用户:" + username);
//2.查询数据库
JdbcTemplate jdbcTemplate = new JdbcTemplate(DBConnection.getDataSource());
String sql = "select id, username, password, salt, status from sys_user where del_flag = 0 and username = ?";
User info = jdbcTemplate.queryForObject(sql, new Object[]{username}, new BeanPropertyRowMapper<>(User.class));
//3.进行验证
if (info == null) {
logger.info("用户不存在!");
System.out.println("用户不存在!");
throw new AccountException("用户不存在!");
}
if (USER_FREEZE.equals(info.getStatus())) {
logger.info("该用户已冻结!");
System.out.println("该用户已冻结!");
throw new AccountException("该用户已冻结!");
}
String passwordFinalEncode = PasswordUtil.encrypt(username, MD5Util.MD5Encode(passwordMD5Encode,"utf-8"), info.getSalt());
if (!passwordFinalEncode.equals(info.getPassword())) {
logger.info("用户名或密码错误!");
System.out.println("用户名或密码错误!");
throw new AccountException("用户名或密码错误!");
}
logger.info("用户 username = {},认证通过!", username);
System.out.println("用户:" + username + ",认证通过!");
Map resInfo = new HashMap<>();
resInfo.put("id", info.getId());
resInfo.put("username", info.getUsername());
return createHandlerResult(credential,
this.principalFactory.createPrincipal(credential.getUsername(), resInfo),
new ArrayList<>(0));
}
}
```
```java
3.配置类MyAuthenticationConfiguration 实现AuthenticationEventExecutionPlanConfigurer接口
package org.ncp.config;
import org.apereo.cas.authentication.AuthenticationEventExecutionPlan;
import org.apereo.cas.authentication.AuthenticationEventExecutionPlanConfigurer;
import org.apereo.cas.authentication.AuthenticationHandler;
import org.apereo.cas.authentication.principal.DefaultPrincipalFactory;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.services.ServicesManager;
import org.ncp.handler.MyAuthenticationHandler;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@Configuration("myAuthenticationConfiguration")
@EnableConfigurationProperties(CasConfigurationProperties.class)
public class MyAuthenticationConfiguration implements AuthenticationEventExecutionPlanConfigurer {
@Autowired
private CasConfigurationProperties casProperties;
@Autowired
@Qualifier("servicesManager")
private ServicesManager servicesManager;
@Bean
public AuthenticationHandler myAuthenticationHandler() {
MyAuthenticationHandler handler = new MyAuthenticationHandler(MyAuthenticationHandler.class.getSimpleName(), servicesManager, new DefaultPrincipalFactory(), 1);
return handler;
}
@Override
public void configureAuthenticationExecutionPlan(AuthenticationEventExecutionPlan plan) {
plan.registerAuthenticationHandler(myAuthenticationHandler());
}
}
```
```properties
4.配置META-INF下的spring.factories
org.springframework.boot.autoconfigure.EnableAutoConfiguration=org.ncp.config.MyAuthenticationConfiguration
```