CAS实战の自定义登录
由于每个版本的改动较大,所以先把版本号列出:
服务端版本:cas server 4.0.0
客户端版本:cas client 3.3.3
一、自定义登录页面
页面路径:/WebContent/WEB-INF/view/jsp/default/ui/casLoginView.jsp
在定义登录页面的时候,记住include cas自带的两个页面,不能少:
/WebContent/WEB-INF/view/jsp/default/ui/includes/bottom.jsp
/WebContent/WEB-INF/view/jsp/default/ui/includes/top.jsp
注意以下核心代码的替换,其余的依葫芦画瓢:
<div class="fl con"> <div class="login_wrap"> <h1>中央登陆系统</h1> <div class="login"> <form:form method="post" id="fm1" commandName="${commandName}" htmlEscape="true"> <div class="clearfix mb15"> <label for="account" class="fl">登录名:</label><input type="text" name="username" id="username" class="fl" required="true" /> </div> <div class="clearfix mb15"> <label for="psd" class="fl">登录密码</label><input type="password" id="password" name="password" class="fl" required="true" /> </div> <div class="clearfix lastline"> <span class="fl mt10"><input type="checkbox" class="check"><em>记住登录名</em></span> <input class="btn fl" name="submit" value="登陆" accesskey="l" tabindex="4" type="submit" /> </div> <form:errors path="*" id="msg" cssClass="errors" element="div" htmlEscape="false" /> <h1><spring:message code="screen.welcome.instructions" /></h1> <br /> <div id="loadInfo" style="color: #ffffff"></div> <div id="loginRslt" style="color: red"></div> <input type="hidden" name="lt" value="${loginTicket}" /> <input type="hidden" name="execution" value="${flowExecutionKey}" /> <input type="hidden" name="_eventId" value="submit" /> <!-- <input class="btn fl" name="submit" accesskey="l" tabindex="4" type="submit" /> --> </form:form> </div> </div> </div>
标红的,在后台获取的时候必须写法保证一致!
二、自定义登录流程
step1:由于cas在deployerConfigContext.xml中默认配置固定登录方式(用户名:casuser 密码:Mellon),所以第一步先注释如下代码:
<bean id="primaryAuthenticationHandler" class="org.jasig.cas.authentication.AcceptUsersAuthenticationHandler"> <!-- <property name="users"> <map> <entry key="casuser" value="Mellon"/> </map> </property> --> </bean>
step2:自定义认证类,此类继承AbstractUsernamePasswordAuthenticationHandler,重写authenticateUsernamePasswordInternal方法:
@Override protected final HandlerResult authenticateUsernamePasswordInternal( final UsernamePasswordCredential credential) throws GeneralSecurityException, PreventedException { // TODO Auto-generated method stub //表单录入数据 final String userName = credential.getUsername(); final String password = credential.getPassword(); User u = new User(); u.setUserName(userName); u.setPassword(MD5.getMD5(password)); boolean flag = dbService.checkAuth(u); if (flag) { return createHandlerResult(credential, new SimplePrincipal(userName), null); }else if (adService.check(userName,password)) { u = adService.GetADInfo(userName); dbService.addUser(u); return createHandlerResult(credential, new SimplePrincipal(userName), null); }else { throw new FailedLoginException(""); } }
自定义认证,还可以直接在deployerConfigContext.xml配置database,配置用户验证的sql。网上资料丰富,暂且不表。
类编写完之后,注意将deployerConfigContext.xml配置的验证bean的类路径修改为你自定义的认证类:
<bean id="primaryAuthenticationHandler" class="xx.xx.xx"> <!-- <property name="users"> <map> <entry key="casuser" value="Mellon"/> </map> </property> --> </bean>
三、自定义登录提示
提示信息在/src/messages.properties配置,以下是验证失败之后,可以提示内容的配置:
# Authentication failure messages
authenticationFailure.AccountDisabledException=This account has been disabled.
authenticationFailure.AccountLockedException=This account has been locked.
authenticationFailure.CredentialExpiredException=Your password has expired.
authenticationFailure.InvalidLoginLocationException=You cannot login from this workstation.
authenticationFailure.InvalidLoginTimeException=Your account is forbidden to login at this time.
authenticationFailure.AccountNotFoundException=Invalid credentials.
authenticationFailure.FailedLoginException=\u7528\u6237\u540D\u6216\u5BC6\u7801\u9519\u8BEF.
authenticationFailure.UNKNOWN=Invalid credentials.
