环境要求
1、cas项目下载地址:
https://github.com/apereo/cas-overlay-template/tree/5.3
2、使用idea导入cas-overlay-template-5.3项目引入所需mysql、rest、jdbc等jar包并打包
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-jdbc</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-jdbc-drivers</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>5.1.36</version>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-rest</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-core-configuration</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-core-authentication</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>1.4.0</version>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<version>3.1.0</version>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-core-webflow</artifactId>
<version>${cas.version}</version>
</dependency>
3、打包成功后会在cas-overlay-template-5.3目录下生成target文件,
3.1、打开cas-overlay-template-5.3\target\cas\WEB-INF\classes修改application.properties在后面追加下面代码;
#cas.authn.accept.users=casuser::Mellon
cas.tgc.secure=false
cas.serviceRegistry.initFromJson=true
#Query Database Authentication 数据库查询校验用户名开始
#数据库连接
cas.authn.jdbc.encode[0].url=jdbc:mysql://192.168.x.xxx:3306/test?useUnicode=true&characterEncoding=UTF-8&serverTimezone=UTC&useSSL=false
cas.authn.jdbc.encode[0].driverClass=com.mysql.jdbc.Driver
cas.authn.jdbc.encode[0].user=root
cas.authn.jdbc.encode[0].password=root
cas.authn.jdbc.encode[0].sql=SELECT * FROM sys_user WHERE username =?
#加密迭代次数
cas.authn.jdbc.encode[0].numberOfIterations=2
#该列名的值可替代上面的值,但对密码加密时必须取该值进行处理
cas.authn.jdbc.encode[0].numberOfIterationsFieldName=
#盐值列
cas.authn.jdbc.encode[0].saltFieldName=salt
#对处理盐值后的算法
cas.authn.jdbc.encode[0].algorithmName=SHA-256
cas.authn.jdbc.encode[0].passwordFieldName=password
cas.authn.jdbc.encode[0].expiredFieldName=expired
cas.authn.jdbc.encode[0].disabledFieldName=disabled
3.2、打开cas-overlay-template-5.3\target\cas\WEB-INF\classes\services修改HTTPSandIMAPS-10000001.json
{
"@class" : "org.apereo.cas.services.RegexRegisteredService",
"serviceId" : "^(https|http|imaps)://.*",
"name" : "HTTPS and IMAPS",
"id" : 10000001,
"description" : "This service definition authorizes all application urls that support HTTPS and IMAPS protocols.",
"evaluationOrder" : 10000
}
4、把target下的cas文件放到tomcats的webapps目录下并双击startup.bat启动tomcat
5、盐值密码加密
import org.apache.shiro.crypto.RandomNumberGenerator;
import org.apache.shiro.crypto.SecureRandomNumberGenerator;
import org.apache.shiro.crypto.hash.DefaultHashService;
import org.apache.shiro.crypto.hash.HashRequest;
import org.junit.Test;
public class PasswordSaltTest {
@Test
public void test(){
String passWord = "123456";
DefaultHashService hashService = new DefaultHashService();
hashService.setHashAlgorithmName("SHA-256");
Long numOfIterations = 2L;
hashService.setHashIterations(numOfIterations.intValue());
RandomNumberGenerator randomNumberGenerator = new SecureRandomNumberGenerator();
String salt = randomNumberGenerator.nextBytes().toHex();
HashRequest hq = new HashRequest.Builder()
.setSalt(salt)
.setSource(passWord)
.build();
String digestedPassWord = hashService.computeHash(hq).toHex();
System.out.println("加密后的密码:" + digestedPassWord);
System.out.println("加密的盐:" + salt);
}
}
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)