二、CAS单点登录之mysql数据库用户验证

一、CAS认证之mysql数据库认证

　　1、在mysql中新建一个cas数据库并创建user表

CREATE DATABASE /*!32312 IF NOT EXISTS*/`cas` /*!40100 DEFAULT CHARACTER SET gbk */;USE `cas`;/*Table structure for table `user` */DROP TABLE IF EXISTS `user`;CREATE TABLE `user` (  `id` int(11) NOT NULL AUTO_INCREMENT,  `name` varchar(255) NOT NULL,  `password` varchar(255) NOT NULL,  `used` tinyint(2) NOT NULL,  PRIMARY KEY (`id`)) ENGINE=MyISAM AUTO_INCREMENT=2 DEFAULT CHARSET=gbk;/*Data for the table `user` */insert  into `user`(`id`,`name`,`password`,`used`) values (1,'casuser','9414f9301cdb492b4dcd83f8c711d8bb',1);

　　2、CAS的HTTP模式与HTTPS设置（可省略）

      1）cas\WEB-INF\deployerConfigContext.xml，新增p:requireSecure="false"    <bean id="proxyAuthenticationHandler"          class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"          p:httpClient-ref="httpClient" p:requireSecure="false"/>      2）cas\WEB-INF\spring-configuration　　　　ticketGrantingTicketCookieGenerator.xml设置p:cookieSecure="false"　　　　warnCookieGenerator.xml设置p:cookieSecure="false"

　　http://localhost:8080/cas/login，进入登录页面。

　　默认用户为casuser/Mellon，登录成功即配置完成。

　　3、设置利用数据库来验证用户

依赖包：
c3p0-0.9.1.2.jar
mysql-connector-java-5.1.21.jar
cas-server-support-jdbc-4.0.0.jar

cas\WEB-INF\deployerConfigContext.xml  1）更换验证方式 <!--   <bean id="primaryAuthenticationHandler"          class="org.jasig.cas.authentication.AcceptUsersAuthenticationHandler">        <property name="users">            <map>                <entry key="casuser" value="Mellon"/>            </map>        </property>    </bean>    -->   <!-- Define the DB Connection -->   <bean id="dataSource"     class="com.mchange.v2.c3p0.ComboPooledDataSource"     p:driverClass="com.mysql.jdbc.Driver"     p:jdbcUrl="jdbc:mysql://127.0.0.1:3306/cas?useUnicode=true&amp;characterEncoding=UTF-8&amp;zeroDateTimeBehavior=convertToNull"     p:user="root"     p:password="root" />      <!-- Define the encode method-->     <!--<bean id="passwordEncoder"        class="org.jasig.cas.authentication.handler.DefaultPasswordEncoder" autowire="byName">           <constructor-arg value="MD5"/>      </bean> -->    <bean id="passwordEncoder"      class="org.jasig.cas.authentication.handler.DefaultPasswordEncoder"      c:encodingAlgorithm="MD5"      p:characterEncoding="UTF-8" />      <bean id="dbAuthHandler"      class="org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler"      p:dataSource-ref="dataSource"      p:sql="select password from user where name=? and used=1"     p:passwordEncoder-ref="passwordEncoder"/>     <!-- p:passwordEncoder-ref="passwordEncoder" -->    2）更换验证Handle<bean id="authenticationManager" class="org.jasig.cas.authentication.PolicyBasedAuthenticationManager">        <constructor-arg>            <map>                <!--                   | IMPORTANT                   | Every handler requires a unique name.                   | If more than one instance of the same handler class is configured, you must explicitly                   | set its name to something other than its default name (typically the simple class name).                   -->                <entry key-ref="proxyAuthenticationHandler" value-ref="proxyPrincipalResolver" />                <entry key-ref="dbAuthHandler" value-ref="primaryPrincipalResolver" />           <!-- <entry key-ref="primaryAuthenticationHandler" value-ref="primaryPrincipalResolver" /> -->            </map>        </constructor-arg>

　　http://localhost:8080/cas，进入登录页面。如果没有配置http登录，则需要通过http://localhost:8443/cas进行访问

　　默认用户为casuser/Mellon，登录成功即配置完成。

http://www.cnblogs.com/rwxwsblog/p/4954843.html