liferay portal 在cas整合

创建java类

/*
 * Licensed to Jasig under one or more contributor license
 * agreements. See the NOTICE file distributed with this work
 * for additional information regarding copyright ownership.
 * Jasig licenses this file to you under the Apache License,
 * Version 2.0 (the "License"); you may not use this file
 * except in compliance with the License.  You may obtain a
 * copy of the License at the following location:
 *
 *   http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied.  See the License for the
 * specific language governing permissions and limitations
 * under the License.
 */
package org.jasig.cas.adaptors.jdbc;

import org.jasig.cas.authentication.handler.AuthenticationException;
import org.jasig.cas.authentication.principal.UsernamePasswordCredentials;
import org.springframework.dao.IncorrectResultSizeDataAccessException;

import com.liferay.portal.PwdEncryptorException;
import com.liferay.portal.security.pwd.BCryptPasswordEncryptor;
import com.liferay.portal.security.pwd.CompositePasswordEncryptor;
import com.liferay.portal.security.pwd.CryptPasswordEncryptor;
import com.liferay.portal.security.pwd.DefaultPasswordEncryptor;
import com.liferay.portal.security.pwd.NullPasswordEncryptor;
import com.liferay.portal.security.pwd.PBKDF2PasswordEncryptor;
import com.liferay.portal.security.pwd.PasswordEncryptor;
import com.liferay.portal.security.pwd.SSHAPasswordEncryptor;

import java.util.ArrayList;
import java.util.List;

import javax.validation.constraints.NotNull;

/**
 * Class that if provided a query that returns a password (parameter of query
 * must be username) will compare that password to a translated version of the
 * password provided by the user. If they match, then authentication succeeds.
 * Default password translator is plaintext translator.
 * 
 * @author Scott Battaglia
 * @author Dmitriy Kopylenko
 * @version $Revision$ $Date$
 * @since 3.0
 */
public class LiferayQueryDatabaseAuthenticationHandler extends AbstractJdbcUsernamePasswordAuthenticationHandler {

    private static CompositePasswordEncryptor compositePasswordEncryptor = new CompositePasswordEncryptor();

    public LiferayQueryDatabaseAuthenticationHandler() {
        super();
        compositePasswordEncryptor.setDefaultPasswordEncryptor(new DefaultPasswordEncryptor());
        List<PasswordEncryptor> passwordEncryptors = new ArrayList<PasswordEncryptor>();
        passwordEncryptors.add(new BCryptPasswordEncryptor());
        passwordEncryptors.add(new CryptPasswordEncryptor());
        passwordEncryptors.add(new NullPasswordEncryptor());
        passwordEncryptors.add(new PBKDF2PasswordEncryptor());
        passwordEncryptors.add(new SSHAPasswordEncryptor());
        compositePasswordEncryptor.setPasswordEncryptors(passwordEncryptors);
    }

    @NotNull
    private String sql;

    protected final boolean authenticateUsernamePasswordInternal(final UsernamePasswordCredentials credentials) throws AuthenticationException {
        final String username = getPrincipalNameTransformer().transform(credentials.getUsername());

        try {
            final String dbPassword = getJdbcTemplate().queryForObject(this.sql, String.class, username);
            final String encryptedPassword = compositePasswordEncryptor.encrypt("PBKDF2WITHHMACSHA1/160/128000", credentials.getPassword(), dbPassword);
            return dbPassword.equals(encryptedPassword);
        } catch (final IncorrectResultSizeDataAccessException e) {
            // this means the username was not found.
            return false;
        } catch (PwdEncryptorException e) {
            return false;
		}
    }

    /**
     * @param sql The sql to set.
     */
    public void setSql(final String sql) {
        this.sql = sql;
    }
}

修改\cas\WEB-INF 目录下的deployerConfigContext.xml文件部分如下:

		<property name="authenticationHandlers">
			<list>
				<!--
					| This is the authentication handler that authenticates services by means of callback via SSL, thereby validating
					| a server side SSL certificate.
					+-->
				<bean class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
					p:httpClient-ref="httpClient" />
				<!--
					| This is the authentication handler declaration that every CAS deployer will need to change before deploying CAS 
					| into production.  The default SimpleTestUsernamePasswordAuthenticationHandler authenticates UsernamePasswordCredentials
					| where the username equals the password.  You will need to replace this with an AuthenticationHandler that implements your
					| local authentication strategy.  You might accomplish this by coding a new such handler and declaring
					| edu.someschool.its.cas.MySpecialHandler here, or you might use one of the handlers provided in the adaptors modules.
					+-->
				<!--
				<bean 
					class="org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler" />
					-->
				
				<bean class="org.jasig.cas.adaptors.jdbc.LiferayQueryDatabaseAuthenticationHandler"> 
					<property name="sql" value="select password_ from user_ where screenName=?" />
					<property name="dataSource" ref="dataSource" />
					<!-- <property name="passwordEncoder" ref="myPasswordEncoder" /> -->
				</bean>
			</list>
		</property>
	</bean>

	<bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource"> 
		<property name="driverClassName" value="com.mysql.jdbc.Driver" />
		<property name="url" value="jdbc:mysql://localhost:3306/liferay_portal" />
		<property name="username" value="root" />
		<property name="password" value="passw0rd" />
	</bean>

缺少几个jar包，添加到lib目录下：

 

portal-impl-6.2.5.jar 

portal-service-6.2.5.jar 

cas-server-support-jdbc-4.2.4.jar 

MySQL-connector-java-5.1.36-bin.jar

 

最后在Liferay中配置CAS连接信息。