# 自定义数据源
在deployConfigContext.xml文件中,找到org.jasig.cas.authentication.AcceptUsersAuthenticationHandler,
首先去掉默认的用户配置<property name="users">,添加上自定义的dataSource,并配置查询密码的sql,及自定义的加密类passwordEncoder,配置完成如下所示:
<bean id="primaryAuthenticationHandler"
class="org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler">
<property name="dataSource" ref="casDataSource"></property>
<property name="sql"
value="select password from account where username=?"></property>
<property name="passwordEncoder" ref="MyPasswordEncoder"></property>
</bean>
我们来看一下QueryDatabaseAuthenticationHandler的源码:
@Override所有的 加密类都必须实现PasswordEncoder接口,通过调用encode方法来进行加密,本人的加密算法很简单:
protected final HandlerResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential credential)
throws GeneralSecurityException, PreventedException {
final String username = credential.getUsername();
// 调用加密算法,可以注入我们自定义的加密类MyPasswordEncoder
final String encryptedPassword = this.getPasswordEncoder().encode(credential.getPassword());
try {
final String dbPassword = getJdbcTemplate().queryForObject(this.sql, String.class, username);
if (!dbPassword.equals(encryptedPassword)) {
throw new FailedLoginException("Password does not match value on record.");
}
} catch (final IncorrectResultSizeDataAccessException e) {
if (e.getActualSize() == 0) {
throw new AccountNotFoundException(username + " not found with SQL query");
} else {
throw new FailedLoginException("Multiple records found for " + username);
}
} catch (final DataAccessException e) {
throw new PreventedException("SQL exception while executing query for " + username, e);
}
return createHandlerResult(credential, new SimplePrincipal(username), null);
}
public final class MyPasswordEncoder implements PasswordEncoder {
public MyPasswordEncoder() {
}
public String encode(final String password) {
return PasswordUtil.encode(password); // 仅此而已
}
}