在修改cas-server(二)中,雖然修改了jdbc,但是還是隻能判斷用戶名/密碼。
如果需要多增加一個參數,如systemid,則需要修改cas-server-core.jar的源碼。
參考:http://blog.csdn.net/lovesummerforever/article/details/38023385
1.修改login-webflow.xml
<binder>
<binding property="username" />
<binding property="password" />
<binding property="systemId" />
</binder>
2.修改casLoginView.jsp
增加系統id
<div class="row fl-controls-left">
<label for="systemId" class="fl-label">系統id:</label>
<input id="systemId" name="systemId" class="required" tabindex="2" accesskey="p" size="25" autocomplete="off">
</div>
3.修改cas-server-core.jar的源代碼。
修改UsernamePasswordCredentials.java
/*
* Copyright 2007 The JA-SIG Collaborative. All rights reserved. See license
* distributed with this file and available online at
* http://www.ja-sig.org/products/cas/overview/license/
*/
package org.jasig.cas.authentication.principal;
import javax.validation.constraints.NotNull;
import javax.validation.constraints.Size;
/**
* UsernamePasswordCredentials respresents the username and password that a user
* may provide in order to prove the authenticity of who they say they are.
*
* @author Scott Battaglia
* @version $Revision: 1.2 $ $Date: 2007/01/22 20:35:26 $
* @since 3.0
* <p>
* This is a published and supported CAS Server 3 API.
* </p>
*/
public class UsernamePasswordCredentials implements Credentials {
/** Unique ID for serialization. */
private static final long serialVersionUID = -8343864967200862794L;
/** The username. */
@NotNull
@Size(min=1,message = "required.username")
private String username;
/** The password. */
@NotNull
@Size(min=1, message = "required.password")
private String password;
/** The systemId for xxx2.0 for sql validate xx add 2014��7��21��16:12:51. */
@NotNull
@Size(min=1, message = "required.systemId")
private String systemId;
/*systemId begin*/
/**
* @return Returns the systemId.
*/
public String getSystemId() {
return systemId;
}
public void setSystemId(String systemId) {
this.systemId = systemId;
}
public String toStringSystemId() {
return "[systemId: " + this.systemId + "]";
}
/*end */
/**
* @return Returns the password.
*/
public final String getPassword() {
return this.password;
}
/**
* @param password The password to set.
*/
public final void setPassword(final String password) {
this.password = password;
}
/**
* @return Returns the userName.
*/
public final String getUsername() {
return this.username;
}
/**
* @param userName The userName to set.
*/
public final void setUsername(final String userName) {
this.username = userName;
}
public String toString() {
return "[username: " + this.username + "]";
}
@Override
public boolean equals(final Object o) {
if (this == o) return true;
if (o == null || getClass() != o.getClass()) return false;
UsernamePasswordCredentials that = (UsernamePasswordCredentials) o;
if (password != null ? !password.equals(that.password) : that.password != null) return false;
if (username != null ? !username.equals(that.username) : that.username != null) return false;
return true;
}
@Override
public int hashCode() {
int result = username != null ? username.hashCode() : 0;
result = 31 * result + (password != null ? password.hashCode() : 0);
return result;
}
}
4.修改上一篇文章的RsCasDaoAuthenticationHandler.java
package org.jasig.cas.authentication.handler;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import javax.sql.DataSource;
import org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler;
import org.jasig.cas.authentication.handler.util.Crypt;
import org.jasig.cas.authentication.principal.UsernamePasswordCredentials;
/**
* ClassName:RsCasDaoAuthenticationHandler <br/>
* Function: TODO ADD FUNCTION. <br/>
* Reason: TODO ADD REASON. <br/>
* Date: 2013-4-25 下午04:20:35 <br/>
*
* @author Administrator
* @version
* @since JDK 1.5
* @see
*/
public final class RsCasDaoAuthenticationHandler extends
AbstractUsernamePasswordAuthenticationHandler
{
private DataSource dataSource;
// 構造方法
public RsCasDaoAuthenticationHandler()
{
}
@Override
protected boolean authenticateUsernamePasswordInternal(
UsernamePasswordCredentials credentials) throws AuthenticationException
{
// 標誌位
Boolean bool = false;
String username = credentials.getUsername();
String password = credentials.getPassword();
String systemid = credentials.getSystemId();
// 取得MD5加密後的字符串
password = new Crypt().encode(password);
System.out.println("開始CAS認證方式 RsCasDaoAuthenticationHandler......");
System.out.println("userName:" + username);
System.out.println("password:" + password);
// 連接數據庫
Connection conn = null;
PreparedStatement ps = null;
ResultSet rs = null;
String user = "root";
String pwd = "123456";
String url = "jdbc:mysql://localhost:3306/frj-cas?useUnicode=true&characterEncoding=UTF-8";
try
{
try
{
Class.forName("com.mysql.jdbc.Driver");
}
catch(ClassNotFoundException e)
{
e.printStackTrace();
}
conn = dataSource.getConnection();
//conn = DriverManager.getConnection(url, user, pwd);
String sql = "select count(*) from user2 where username='"
+ username + "' and password='" + password + "' and systemid='"+systemid;
ps = conn.prepareStatement(sql);
rs = ps.executeQuery();
if (rs != null && rs.next())
{
int i = rs.getInt(1);
if (i > 0)
{
// 只要有對應的一條記錄通過,就返回true
bool = true;
}
}
}
catch(SQLException sql)
{
sql.printStackTrace();
}
finally
{
try
{
if (rs != null)
{
rs.close();
}
if (ps != null)
{
ps.close();
}
if (conn != null)
{
conn.close();
}
}
catch(SQLException e)
{
e.printStackTrace();
}
}
return bool;
}
public DataSource getDataSource()
{
return dataSource;
}
public void setDataSource(DataSource dataSource)
{
this.dataSource = dataSource;
}
}