cas配置數據庫身份校驗

依託CAS已經實現的功能進行擴張。此實現方式是用本身編寫dao層（非官方的實現方式）,以便更容易的對CAS的登陸流程有更深入的瞭解。也能夠使用官方提供的配置方式進行配置（只須要修改配置文件便可修改）

1.源碼增長依賴（pom.xml）

<!-- 加入阿里的druid數據庫鏈接池配置，可配置本身的喜歡的數據庫鏈接池 -->
<dependency>
  <groupId>com.alibaba</groupId>
  <artifactId>druid</artifactId>
  <version>1.1.5</version>
</dependency>
<!-- 加入ORCALE 的jdbc包 -->
<dependency>
  <groupId>ojdbc6</groupId>
  <artifactId>ojdbc6</artifactId>
  <version>1.0</version>
  <scope>system</scope>
  <systemPath>${project.basedir}/src/main/webapp/WEB-INF/lib/ojdbc6.jar</systemPath>
</dependency>
<!-- cas-server-support-jdbc -->
<dependency>
  <groupId>org.jasig.cas</groupId>
  <artifactId>cas-server-support-jdbc</artifactId>
  <version>${project.version}</version>
</dependency>

2.增長DAO 層

public interface AccountDao {
    public Account getAccountInfo(String name);
}

public class AccountDaoImpl implements AccountDao {

    public JdbcTemplate jdbcTemplate;

    public JdbcTemplate getJdbcTemplate() {
        return jdbcTemplate;
    }

    public void setJdbcTemplate(JdbcTemplate jdbcTemplate) {
        this.jdbcTemplate = jdbcTemplate;
    }

    @Override
    public Account getAccountInfo(String name) {
        return jdbcTemplate.queryForObject("select * from sys_account where username = "+name,Account.class);
    }
}

3.增長SERCICE

public interface AccountService {
    boolean checkAccount(String username, String password);
}

public class AccountServiceImpl implements AccountService {

    public AccountDao accountDao;
    /**
     * 加密器
     */
    public PasswordEncoder passwordEncoder;

    @Override
    public boolean checkAccount(String username, String password) {
        Account account = accountDao.getAccountInfo(username);
        if(account != null)
        {
            password = passwordEncoder.encode(password);

            if(password.equals(account.getPassWord()))
            {
                return true;
            }
        }
        return false;
    }

    public PasswordEncoder getPasswordEncoder() {
        return passwordEncoder;
    }

    public void setPasswordEncoder(PasswordEncoder passwordEncoder) {
        this.passwordEncoder = passwordEncoder;
    }

    public AccountDao getAccountDao() {
        return accountDao;
    }

    public void setAccountDao(AccountDao accountDao) {
        this.accountDao = accountDao;
    }
}

4.增長用戶登陸校驗處理器

public class UsersAuthenticationHandler extends AbstractUsernamePasswordAuthenticationHandler {

    private AccountService accountService;

    public UsersAuthenticationHandler() {
    }

    protected final HandlerResult authenticateUsernamePasswordInternal(UsernamePasswordCredential credential) throws GeneralSecurityException, PreventedException {
        String username = credential.getUsername();
        String password = credential.getPassword();

        if(password == null) {
            this.logger.debug("{} was not found in the map.", username);
            throw new AccountNotFoundException(username + " not found in backing map.");
        }
        else {
            boolean flag = accountService.checkAccount(username, password);
            if (!flag) {
                throw new FailedLoginException();
            }
            else {
                return this.createHandlerResult(credential, this.principalFactory.createPrincipal(username), (List)null);
            }
        }
    }

    public AccountService getAccountService() {
        return accountService;
    }

    public void setAccountService(AccountService accountService) {
        this.accountService = accountService;
    }
}

5.增長數據庫配置文件（\webapp\WEB-INF\spring-configuration\applicationContext-datasource.xml）

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:p="http://www.springframework.org/schema/p"
       xmlns:aop="http://www.springframework.org/schema/aop"
       xmlns:tx="http://www.springframework.org/schema/tx"
       xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
        http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
        http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.1.xsd">
    <description>datasource</description>

    <bean id="casDataSource" class="com.alibaba.druid.pool.DruidDataSource" init-method="init" destroy-method="close">
        <property name="url" value="${url}" />
        <property name="username" value="${username}" />
        <property name="password" value="${password}" />
        <property name="driverClassName" value="${driverClassName}" />

        <property name="maxActive" value="${maxActive}" />
        <property name="initialSize" value="${initialSize}" />
        <property name="maxWait" value="${maxWait}" />
        <property name="minIdle" value="${minIdle}" />

        <property name="timeBetweenEvictionRunsMillis" value="${timeBetweenEvictionRunsMillis}" />
        <property name="minEvictableIdleTimeMillis" value="${minEvictableIdleTimeMillis}" />

        <property name="validationQuery" value="${validationQuery}" />
        <property name="testWhileIdle" value="${testWhileIdle}" />
        <property name="testOnBorrow" value="${testOnBorrow}" />
        <property name="testOnReturn" value="${testOnReturn}" />
        <property name="maxOpenPreparedStatements" value="${maxOpenPreparedStatements}" />
        <property name="removeAbandoned" value="${removeAbandoned}" /> <!-- 打開removeAbandoned功能 -->
        <property name="removeAbandonedTimeout" value="${removeAbandonedTimeout}" /> <!-- 1800秒，也就是30分鐘 -->
        <property name="logAbandoned" value="${logAbandoned}" /> <!-- 關閉abanded鏈接時輸出錯誤日誌 -->
    </bean>

    <bean id="jdbcTemplate" class="org.springframework.jdbc.core.JdbcTemplate" p:dataSource-ref="casDataSource" />

    <bean id="transactionManager" class="org.springframework.jdbc.datasource.DataSourceTransactionManager"
          p:dataSource-ref="casDataSource" />

    <!-- 經過AOP配置提供事務加強，讓AccountService下全部Bean的全部方法擁有事務 -->
    <aop:config>
        <aop:pointcut id="serviceMethod" expression=" execution(* com.ucap.igsd.cas.service.impl..*(..))" />
        <aop:advisor pointcut-ref="serviceMethod" advice-ref="txAdvice" />
    </aop:config>
    <tx:advice id="txAdvice" transaction-manager="transactionManager">
        <tx:attributes>
            <tx:method name="get*" propagation="REQUIRED" read-only="true"  />
            <tx:method name="update*" propagation="REQUIRED" />
        </tx:attributes>
    </tx:advice>

    <!-- 注入相關的beans -->
    <bean id="accountService" class="com.ucap.igsd.cas.service.impl.AccountServiceImpl" p:accountDao-ref="accountDao" p:passwordEncoder-ref="MD5PasswordEncoder"/>
    <bean id="accountDao" class="com.ucap.igsd.cas.dao.impl.AccountDaoImpl"  p:jdbcTemplate-ref="jdbcTemplate"/>

</beans>

6.增長數據庫屬性文件（\webapp\WEB-INF\dbconfig.properties）

driverClassName:oracle.jdbc.driver.OracleDriver
url:jdbc:oracle:thin:@localhost:1521:ORCL
username:test
password:123456

filters:stat
maxActive:20
initialSize:1
maxWait:60000
minIdle:10
maxIdle:15
timeBetweenEvictionRunsMillis:60000
minEvictableIdleTimeMillis:300000
validationQuery:SELECT 'x'
testWhileIdle:true
testOnBorrow:false
testOnReturn:false
maxOpenPreparedStatements:20
removeAbandoned:true
removeAbandonedTimeout:1800
logAbandoned:true

7.修改屬性文件讀取配置（propertyFileConfigurer.xml）,否則數據庫的屬性讀取不到

<!-- 
<util:properties id="casProperties" location="${cas.properties.filepath:/WEB-INF/cas.properties}"/>
    <context:property-placeholder properties-ref="casProperties"/>
-->


<util:properties id="casProperties" location="${cas.properties.filepath:/WEB-INF/*.properties}"/>
    <context:property-placeholder properties-ref="casProperties"/>

8.修改用戶驗證配置deployerConfigContext.xml

<!-- 註釋原有的固定配置 -->
<!--
<bean id="primaryAuthenticationHandler"
      class="org.jasig.cas.authentication.AcceptUsersAuthenticationHandler">
    <property name="users">
        <map>
            <entry key="casuser" value="Mellon"/>
        </map>
    </property>
</bean>
-->

<!-- 注入密碼加密beans -->
<bean  id="MD5PasswordEncoder"   class="org.jasig.cas.authentication.handler.DefaultPasswordEncoder"   autowire="byName">
        <constructor-arg  value="MD5"/>
    </bean>
    
<!-- 添加自定義用戶校驗方法 -->
<bean id="primaryAuthenticationHandler" class="com.ucap.igsd.cas.handler.UsersAuthenticationHandler">
        <property name="accountService" ref="accountService" />
    </bean>

==大功告成！！重啓tomcat吧。。。==