创建java类
/* * Licensed to Jasig under one or more contributor license * agreements. See the NOTICE file distributed with this work * for additional information regarding copyright ownership. * Jasig licenses this file to you under the Apache License, * Version 2.0 (the "License"); you may not use this file * except in compliance with the License. You may obtain a * copy of the License at the following location: * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, * software distributed under the License is distributed on an * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * KIND, either express or implied. See the License for the * specific language governing permissions and limitations * under the License. */ package org.jasig.cas.adaptors.jdbc; import org.jasig.cas.authentication.handler.AuthenticationException; import org.jasig.cas.authentication.principal.UsernamePasswordCredentials; import org.springframework.dao.IncorrectResultSizeDataAccessException; import com.liferay.portal.PwdEncryptorException; import com.liferay.portal.security.pwd.BCryptPasswordEncryptor; import com.liferay.portal.security.pwd.CompositePasswordEncryptor; import com.liferay.portal.security.pwd.CryptPasswordEncryptor; import com.liferay.portal.security.pwd.DefaultPasswordEncryptor; import com.liferay.portal.security.pwd.NullPasswordEncryptor; import com.liferay.portal.security.pwd.PBKDF2PasswordEncryptor; import com.liferay.portal.security.pwd.PasswordEncryptor; import com.liferay.portal.security.pwd.SSHAPasswordEncryptor; import java.util.ArrayList; import java.util.List; import javax.validation.constraints.NotNull; /** * Class that if provided a query that returns a password (parameter of query * must be username) will compare that password to a translated version of the * password provided by the user. If they match, then authentication succeeds. * Default password translator is plaintext translator. * * @author Scott Battaglia * @author Dmitriy Kopylenko * @version $Revision$ $Date$ * @since 3.0 */ public class LiferayQueryDatabaseAuthenticationHandler extends AbstractJdbcUsernamePasswordAuthenticationHandler { private static CompositePasswordEncryptor compositePasswordEncryptor = new CompositePasswordEncryptor(); public LiferayQueryDatabaseAuthenticationHandler() { super(); compositePasswordEncryptor.setDefaultPasswordEncryptor(new DefaultPasswordEncryptor()); List<PasswordEncryptor> passwordEncryptors = new ArrayList<PasswordEncryptor>(); passwordEncryptors.add(new BCryptPasswordEncryptor()); passwordEncryptors.add(new CryptPasswordEncryptor()); passwordEncryptors.add(new NullPasswordEncryptor()); passwordEncryptors.add(new PBKDF2PasswordEncryptor()); passwordEncryptors.add(new SSHAPasswordEncryptor()); compositePasswordEncryptor.setPasswordEncryptors(passwordEncryptors); } @NotNull private String sql; protected final boolean authenticateUsernamePasswordInternal(final UsernamePasswordCredentials credentials) throws AuthenticationException { final String username = getPrincipalNameTransformer().transform(credentials.getUsername()); try { final String dbPassword = getJdbcTemplate().queryForObject(this.sql, String.class, username); final String encryptedPassword = compositePasswordEncryptor.encrypt("PBKDF2WITHHMACSHA1/160/128000", credentials.getPassword(), dbPassword); return dbPassword.equals(encryptedPassword); } catch (final IncorrectResultSizeDataAccessException e) { // this means the username was not found. return false; } catch (PwdEncryptorException e) { return false; } } /** * @param sql The sql to set. */ public void setSql(final String sql) { this.sql = sql; } }
修改\cas\WEB-INF 目录下的deployerConfigContext.xml文件部分如下:
<property name="authenticationHandlers"> <list> <!-- | This is the authentication handler that authenticates services by means of callback via SSL, thereby validating | a server side SSL certificate. +--> <bean class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler" p:httpClient-ref="httpClient" /> <!-- | This is the authentication handler declaration that every CAS deployer will need to change before deploying CAS | into production. The default SimpleTestUsernamePasswordAuthenticationHandler authenticates UsernamePasswordCredentials | where the username equals the password. You will need to replace this with an AuthenticationHandler that implements your | local authentication strategy. You might accomplish this by coding a new such handler and declaring | edu.someschool.its.cas.MySpecialHandler here, or you might use one of the handlers provided in the adaptors modules. +--> <!-- <bean class="org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler" /> --> <bean class="org.jasig.cas.adaptors.jdbc.LiferayQueryDatabaseAuthenticationHandler"> <property name="sql" value="select password_ from user_ where screenName=?" /> <property name="dataSource" ref="dataSource" /> <!-- <property name="passwordEncoder" ref="myPasswordEncoder" /> --> </bean> </list> </property> </bean> <bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource"> <property name="driverClassName" value="com.mysql.jdbc.Driver" /> <property name="url" value="jdbc:mysql://localhost:3306/liferay_portal" /> <property name="username" value="root" /> <property name="password" value="passw0rd" /> </bean>
缺少几个jar包,添加到lib目录下:
portal-impl-6.2.5.jar
portal-service-6.2.5.jar
cas-server-support-jdbc-4.2.4.jar
MySQL-connector-java-5.1.36-bin.jar
最后在Liferay中配置CAS连接信息。
相关推荐
liferay portal 开发指南liferay portal 开发指南liferay portal 开发指南liferay portal 开发指南
Using Liferay Portal 6.1
里面有四个小型的liferay portal mvc实例,所需要的jar文件大家可以在eclipse里面新建一个portlet项目,再将里面的实例代码拷贝进去即可运行
Liferay Portal 内容管理
liferay Portal 学习书籍,外国人编写的,非常好。
包含liferay portal开发,帮助,架构,代码,等portlet中文文档 ,PDF格式
liferay portal 6文档,使用说明
liferay portal system development 高清pdf
Liferay Portal Liferay IDE
Liferay Portal数据库读写说明
关于liferay portal介绍的ppt
liferay是一个现成的,即开即用的,功能完备的门户网站Liferay Portal,是一个完美的桌面协同办公组合,完全为企业和机构设计
Liferay Portal 二次开发指南,内容比较详细。
[Packt Publishing] Liferay Portal 性能调优最佳实践 (英文版) [Packt Publishing] Liferay Portal Performance Best Practices (E-Book) ☆ 出版信息:☆ [作者信息] Samir Bhatt [出版机构] Packt Publishing...
我最近由于工作需要在学习PORTAL开发,公司用的是LIFERAY的,因此上网找了些资料,贡献给大家!希望对喜欢LIFERAY PORTAL的开发人员有用!!
非常好的Liferay Portal 开发资料,基于v5.2.x版本,packt网站售价$50的,强烈推荐! 欢迎高手与我一起交流liferay的相关二次开发技术。 QQ:258184782 Liferay portal is one of the most mature portal frameworks...
Liferay Portal 二次开发指南 pdf格式,本文从Liferay Portal的架构入手,详细讲解Portal的用户策略、内容布局、桌面和品质的要素,引导读者完成Liferay Portal初步的二次开发,在Liferay Portal上定制自己的Portlet...
一份比较全面的介绍Liferay Portal的文档
(英文版)liferay portal 6 企业网络版(Liferay Portal 6 Enterprise Intranets.pdf)
Liferay Portal 数据库介绍