輕松搭建CAS 5.x系列(5)-增加密碼找回和密碼修改功能

本文轉載自查看原文 2018-07-07 21:24 2551 統一登錄/ CAS/ 統一權限管理/ 單點登錄/ SSO

概述說明

CAS內置了密碼找回和密碼修改的功能；密碼找回功能是，系統會吧密碼重置的連接通過郵件或短信方式發送給用戶，用戶點擊鏈接后就可以重置密碼，cas還支持預留密碼重置的問題，只有回答對了，才可以重置密碼；系統可配置密碼重置后，是否自動登錄；密碼修改功能是，用戶登錄后輸入新密碼即可完成密碼修改。

安裝步驟

`1. 首先，搭建好cas sso server

您需要按照《輕松搭建CAS 5.x系列文章》系列的前3篇文章

-2. 數據庫增加用戶的email字段和密碼找回的安全問題表

--創建數據庫表空間
USE test_cas; --創建帳號信息表
DROP TABLE IF EXISTS `cas_user_base`; CREATE TABLE `cas_user_base` ( `id` INT(11) NOT NULL AUTO_INCREMENT, `user_name` VARCHAR(45) DEFAULT NULL, `user_psd` VARCHAR(45) DEFAULT NULL, `user_email` VARCHAR(255) DEFAULT NULL, PRIMARY KEY (`id`) ); --插入登錄帳號數據
INSERT INTO `cas_user_base` VALUES (1,'admin','123456','chenshiming0802@163.com'); DROP TABLE IF EXISTS `cas_user_psdquestion`; CREATE TABLE `cas_userpsd_question` ( `id` INT(11) NOT NULL AUTO_INCREMENT, `user_id` INT(11) NOT NULL , `question` VARCHAR(255) DEFAULT NULL, `answer` VARCHAR(255) DEFAULT NULL, PRIMARY KEY (`id`) ); --插入登錄帳號數據
INSERT INTO `cas_user_psdquestion` VALUES (1,1,'Your Name','jpeanut');

-3. 在pom.xml增加依賴包cas-server-support-pm-jdbc

        <!-- Password Management JDBC Begin -->
        <dependency>
            <groupId>org.apereo.cas</groupId>
            <artifactId>cas-server-support-pm-jdbc</artifactId>
            <version>${cas.version}</version>
        </dependency>
        <!-- Password Management JDBC End -->

-4. application.properties增加密碼找回的配置

（該文件所在目錄：D:\casoverlay\cas-overlay-template\src\main\resources）

cas.authn.pm.jdbc.sqlSecurityQuestions=SELECT t2.question,t2.answer FROM cas_user_base t1,cas_userpsd_question t2 WHERE t1.id=t2.user_id AND t1.user_name=? cas.authn.pm.jdbc.sqlFindEmail=SELECT t1.user_email FROM cas_user_base t1 WHERE t1.user_name=? cas.authn.pm.jdbc.sqlChangePassword=UPDATE cas_user_base SET user_psd=? WHERE user_name=? cas.authn.pm.jdbc.healthQuery= SELECT 1 cas.authn.pm.jdbc.isolateInternalQueries=false cas.authn.pm.jdbc.url=jdbc:mysql://localhost:3306/test_cas?useUnicode=true&characterEncoding=UTF-8&autoReconnect=true&useSSL=false&serverTimezone=UTC cas.authn.pm.jdbc.failFastTimeout=1 cas.authn.pm.jdbc.isolationLevelName=ISOLATION_READ_COMMITTED #cas.authn.pm.jdbc.dialect=org.hibernate.dialect.HSQLDialect cas.authn.pm.jdbc.dialect=org.hibernate.dialect.MySQLDialect cas.authn.pm.jdbc.leakThreshold=10 cas.authn.pm.jdbc.propagationBehaviorName=PROPAGATION_REQUIRED cas.authn.pm.jdbc.batchSize=1 cas.authn.pm.jdbc.user=root cas.authn.pm.jdbc.ddlAuto=create-drop cas.authn.pm.jdbc.maxAgeDays=180 cas.authn.pm.jdbc.password= cas.authn.pm.jdbc.autocommit=false #cas.authn.pm.jdbc.driverClass=org.hsqldb.jdbcDriver cas.authn.pm.jdbc.driverClass=com.mysql.jdbc.Driver cas.authn.pm.jdbc.idleTimeout=5000 cas.authn.pm.jdbc.dataSourceName= cas.authn.pm.jdbc.dataSourceProxy=false cas.authn.pm.jdbc.properties.propertyName=propertyValue spring.mail.host=smtp.163.com spring.mail.port=25 spring.mail.username=chenshiming0802@163.com spring.mail.password=xxxxxxx #請輸入發送郵件的密碼 spring.mail.testConnection=true spring.mail.properties.mail.smtp.auth=true spring.mail.properties.mail.smtp.starttls.enable=true cas.authn.pm.enabled=true # Minimum 8 and Maximum 10 characters at least 1 Uppercase Alphabet, 1 Lowercase Alphabet, 1 Number and 1 Special Character cas.authn.pm.policyPattern=^(?=.*[a-z])(?=.*[A-Z])(?=.*\\d)(?=.*[$@$!%*?&])[A-Za-z\\d$@$!%*?&]{8,10} cas.authn.pm.reset.text=Reset your password with this link: %s cas.authn.pm.reset.subject=Password Reset Request cas.authn.pm.reset.from=chenshiming0802@163.com cas.authn.pm.reset.expirationMinutes=1 cas.authn.pm.reset.emailAttribute=mail cas.authn.pm.reset.securityQuestionsEnabled=true # Automatically log in after successful password change cas.authn.pm.autoLogin=false # Used to sign/encrypt the password-reset link cas.authn.pm.reset.crypto.encryption.key= cas.authn.pm.reset.crypto.signing.key= cas.authn.pm.reset.crypto.enabled=true