package org.jasig.cas.adaptors.jdbc;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.List;
import javax.security.auth.login.AccountNotFoundException;
import javax.security.auth.login.FailedLoginException;
import javax.sql.DataSource;
import javax.validation.constraints.NotNull;
import org.apache.commons.lang3.StringUtils;
import org.jasig.cas.authentication.HandlerResult;
import org.jasig.cas.authentication.PreventedException;
import org.jasig.cas.authentication.UsernamePasswordCredential;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.dao.DataAccessException;
import org.springframework.dao.IncorrectResultSizeDataAccessException;
import org.springframework.stereotype.Component;
import com.liferay.portal.PwdEncryptorException;
import com.liferay.portal.security.pwd.BCryptPasswordEncryptor;
import com.liferay.portal.security.pwd.CompositePasswordEncryptor;
import com.liferay.portal.security.pwd.CryptPasswordEncryptor;
import com.liferay.portal.security.pwd.DefaultPasswordEncryptor;
import com.liferay.portal.security.pwd.NullPasswordEncryptor;
import com.liferay.portal.security.pwd.PBKDF2PasswordEncryptor;
import com.liferay.portal.security.pwd.PasswordEncryptor;
import com.liferay.portal.security.pwd.SSHAPasswordEncryptor;
/**
* Class that if provided a query that returns a password (parameter of query
* must be username) will compare that password to a translated version of the
* password provided by the user. If they match, then authentication succeeds.
* Default password translator is plaintext translator.
*
* @author Scott Battaglia
* @author Dmitriy Kopylenko
* @author Marvin S. Addison
*
* @since 3.0.0
*/
@Component("queryDatabaseAuthenticationHandler")
public class QueryDatabaseAuthenticationHandler extends AbstractJdbcUsernamePasswordAuthenticationHandler {
private static CompositePasswordEncryptor compositePasswordEncryptor = new CompositePasswordEncryptor();
public QueryDatabaseAuthenticationHandler() {
super();
compositePasswordEncryptor.setDefaultPasswordEncryptor(new DefaultPasswordEncryptor());
List<PasswordEncryptor> passwordEncryptors = new ArrayList<PasswordEncryptor>();
passwordEncryptors.add(new BCryptPasswordEncryptor());
passwordEncryptors.add(new CryptPasswordEncryptor());
passwordEncryptors.add(new NullPasswordEncryptor());
passwordEncryptors.add(new PBKDF2PasswordEncryptor());
passwordEncryptors.add(new SSHAPasswordEncryptor());
compositePasswordEncryptor.setPasswordEncryptors(passwordEncryptors);
}
@NotNull
private String sql;
@Override
protected final HandlerResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential credential)
throws GeneralSecurityException, PreventedException {
if (StringUtils.isBlank(this.sql) || getJdbcTemplate() == null) {
throw new GeneralSecurityException("Authentication handler is not configured correctly");
}
final String username = credential.getUsername();
// final String encryptedPassword =
// this.getPasswordEncoder().encode(credential.getPassword());
try {
final String dbPassword = getJdbcTemplate().queryForObject(this.sql, String.class, username);
final String encryptedPassword = compositePasswordEncryptor.encrypt("PBKDF2WITHHMACSHA1/160/128000",
credential.getPassword(), dbPassword);
if (!dbPassword.equals(encryptedPassword)) {
throw new FailedLoginException("Password does not match value on record.");
}
} catch (final IncorrectResultSizeDataAccessException e) {
if (e.getActualSize() == 0) {
throw new AccountNotFoundException(username + " not found with SQL query");
} else {
throw new FailedLoginException("Multiple records found for " + username);
}
} catch (final DataAccessException e) {
throw new PreventedException("SQL exception while executing query for " + username, e);
} catch (PwdEncryptorException e) {
throw new FailedLoginException("old password error");
}
return createHandlerResult(credential, this.principalFactory.createPrincipal(username), null);
}
/**
* @param sql
* The sql to set.
*/
@Autowired
public void setSql(@Value("${cas.jdbc.authn.query.sql:}") final String sql) {
this.sql = sql;
}
@Override
@Autowired(required = false)
public void setDataSource(@Qualifier("queryDatabaseDataSource") final DataSource dataSource) {
super.setDataSource(dataSource);
}
}
CAS4.2.4 连接Liferay6.2以上版本数据库用户表验证用户 project
需积分: 9 113 浏览量
2016-08-04
10:38:42
上传
评论
收藏 7KB ZIP 举报
chenxf10
- 粉丝: 4
- 资源: 18
最新资源
- 华中农业大学python-Day36-40.rar
- 华中农业大学pythonpython-Day31-35.rar
- 服务器概述服务器概述服务器概述服务器概述.txt
- 华中农业大学python实验题.txt
- 海康威视相机采图交叉编译示例程序,c++
- DETR-基于Tensorflow实现DETR目标检测算法-附流程教程+项目源码-优质项目实战.zip
- 3d激光slam地图发布程序,3d地图点云处理,c++程序
- 送给妈妈的一束鲜花.zip(母亲节祝福HTML源码)
- 稀疏化DETR-基于Pytorch实现稀疏化DETR-SparseDETR-附流程教程+项目源码-优质项目实战.zip
- 人工分类:SLTM的微博评论二分类数据集
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈