在生产环境中,我们不会明码保存用户的密码,一般都保存加密后的密码,cas当然也提供这种方式做自定义的密码。
- 主要修改deployerConfigContext.xml文件
deployerConfigContext.xml里面已经加入了默认cas的passwordEncoder,如果需要自定实现passwordEncoder的话PasswordEncoder接口,替换掉deployerConfigContext.xml里面的默认的passwordEncoder即可,实现,源代码如下:
public final class DefaultPasswordEncoder implements PasswordEncoder { private static final char[] HEX_DIGITS = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'}; @NotNull private final String encodingAlgorithm; private String characterEncoding; public DefaultPasswordEncoder(final String encodingAlgorithm) { this.encodingAlgorithm = encodingAlgorithm; } public String encode(final String password) { if (password == null) { return null; } try { MessageDigest messageDigest = MessageDigest .getInstance(this.encodingAlgorithm); if (StringUtils.hasText(this.characterEncoding)) { messageDigest.update(password.getBytes(this.characterEncoding)); } else { messageDigest.update(password.getBytes()); } final byte[] digest = messageDigest.digest(); return getFormattedText(digest); } catch (final NoSuchAlgorithmException e) { throw new SecurityException(e); } catch (final UnsupportedEncodingException e) { throw new RuntimeException(e); } } /** * Takes the raw bytes from the digest and formats them correct. * * @param bytes the raw bytes from the digest. * @return the formatted bytes. */ private String getFormattedText(byte[] bytes) { final StringBuilder buf = new StringBuilder(bytes.length * 2); for (int j = 0; j < bytes.length; j++) { buf.append(HEX_DIGITS[(bytes[j] >> 4) & 0x0f]); buf.append(HEX_DIGITS[bytes[j] & 0x0f]); } return buf.toString(); } public final void setCharacterEncoding(final String characterEncoding) { this.characterEncoding = characterEncoding; } }