CAS 5.3.1系列之自定義JDBC認證策略（三）

CAS 5.3.1系列之自定義JDBC認證策略（三）

CAS官方文檔是介紹基於配置實現jdbc認證的，可以參考我博客：CAS 5.3.1系列之支持JDBC認證登錄（二），不過我們也可以通過自定義認證策略的方式實現jdbc認證，pom先加入相關jar

<!-- Custom Authentication -->
        <dependency>
            <groupId>org.apereo.cas</groupId>
            <artifactId>cas-server-core-authentication-api</artifactId>
            <version>${cas.version}</version>
        </dependency>

        <!-- Custom Configuration -->
        <dependency>
            <groupId>org.apereo.cas</groupId>
            <artifactId>cas-server-core-configuration-api</artifactId>
            <version>${cas.version}</version>
        </dependency>

        <dependency>
            <groupId>org.apereo.cas</groupId>
            <artifactId>cas-server-support-generic</artifactId>
            <version>${cas.version}</version>
        </dependency>

5.3.1版本可以實現AbstractPreAndPostProcessingAuthenticationHandler抽象類，重寫doAuthentication方法實現：

package org.muses.jeeplatform.cas.authentication.handler;


import org.apereo.cas.authentication.*;
import org.apereo.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.services.ServicesManager;
import org.muses.jeeplatform.cas.user.model.User;
import org.slf4j.LoggerFactory;
import org.springframework.jdbc.core.BeanPropertyRowMapper;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.jdbc.datasource.DriverManagerDataSource;

import javax.security.auth.login.AccountException;
import javax.security.auth.login.FailedLoginException;
import java.security.GeneralSecurityException;
import java.util.*;

public class UsernamePasswordAuthenticationHandler extends AbstractPreAndPostProcessingAuthenticationHandler {
    private static final org.slf4j.Logger logger = LoggerFactory.getLogger(UsernamePasswordAuthenticationHandler.class);

    public UsernamePasswordAuthenticationHandler(String name, ServicesManager servicesManager, PrincipalFactory principalFactory, Integer order) {
        super(name, servicesManager, principalFactory, order);
    }

    @Override
    protected AuthenticationHandlerExecutionResult doAuthentication(Credential credential) throws GeneralSecurityException, PreventedException {
        UsernamePasswordCredential usernamePasswordCredential = (UsernamePasswordCredential) credential;

        String username = usernamePasswordCredential.getUsername();
        String password = usernamePasswordCredential.getPassword();


        // 先構建數據庫驅動連接池
        DriverManagerDataSource dataSource = new DriverManagerDataSource();
        dataSource.setDriverClassName("com.mysql.jdbc.Driver");
        dataSource.setUrl("jdbc:mysql://192.169.0.198:33306/jeeplatform");
        dataSource.setUsername("root");
        dataSource.setPassword("root");

        // 創建JDBC模板
        JdbcTemplate jdbcTemplate = new JdbcTemplate();
        jdbcTemplate.setDataSource(dataSource);

        String sql = "SELECT * FROM sys_user WHERE username = ?";

        User info = (User) jdbcTemplate.queryForObject(sql, new Object[]{username}, new BeanPropertyRowMapper(User.class));


        if (info == null) {
            throw new AccountException("Sorry, username not found!");
        }

        if (!info.getPassword().equals(password)) {
            throw new FailedLoginException("Sorry, password not correct!");
        } else {

            final List<MessageDescriptor> list = new ArrayList<>();

            return createHandlerResult(usernamePasswordCredential,
                    this.principalFactory.createPrincipal(username, Collections.emptyMap()), list);
        }
    }


    @Override
    public boolean supports(Credential credential) {
        return credential instanceof UsernamePasswordCredential;
    }
}

新增一個配置類，實現AuthenticationEventExecutionPlanConfigurer接口

package org.muses.jeeplatform.cas.authentication.config;


import org.apereo.cas.authentication.*;
import org.apereo.cas.authentication.principal.DefaultPrincipalFactory;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.services.ServicesManager;
import org.muses.jeeplatform.cas.authentication.handler.UsernamePasswordAuthenticationHandler;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;


@Configuration("UsernamePasswordAuthConfig")
@EnableConfigurationProperties(CasConfigurationProperties.class)
public class UsernamePasswordAuthConfig implements AuthenticationEventExecutionPlanConfigurer {

    @Autowired
    private CasConfigurationProperties casProperties;

    @Autowired
    @Qualifier("servicesManager")
    private ServicesManager servicesManager;


    @Bean
    public PrePostAuthenticationHandler myAuthenticationHandler() {
        return new UsernamePasswordAuthenticationHandler(UsernamePasswordAuthenticationHandler.class.getName(),
                servicesManager, new DefaultPrincipalFactory(), 1);
    }

    @Override
    public void configureAuthenticationExecutionPlan(AuthenticationEventExecutionPlan plan) {
        plan.registerAuthenticationHandler(myAuthenticationHandler());
    }
}

在META-INF文件夾，新增一個命名為spring.factories的文件

org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
org.muses.jeeplatform.cas.authentication.config.UsernamePasswordAuthConfig

為什么要這樣做？因為這樣做才能將配置類加載到spring容器，詳情需要跟下源碼，可以參考我博客：SpringBoot源碼學習系列之自動配置原理簡介

代碼例子參考：github下載鏈接

詳情可以參考官方文檔：https://apereo.github.io/cas/5.3.x/installation/Configuration-Properties.html

優質參考博客：
https://www.cnblogs.com/jpeanut/tag/CAS/
https://blog.csdn.net/anumbrella/category_7765386.html