CAS 5.3.x - One authentication source per service
70 views
Skip to first unread message
Juliano Destroe
Jan 21, 2019, 9:38:55 AM1/21/19
to CAS Community
Hello,
I've been working on CAS for some time now with two authentication sources: LDAP with AD and JDBC with Postgresql. No problem for configuration though I have a question: by having several services (one for each application) can I designate one of these authentication source for a service?
Example: service1 at cas-example.mydomain.com/cas/login?service=https://service1.mydomain.com uses LDAP authentication and service2 at cas-example.mydomain.com/cas/login?service=https://service2.mydomain.com uses JDBC authentication.
Best regards,
Juliano
Andy Ng
Jan 24, 2019, 8:13:48 PM1/24/19
to CAS Community
Hi Juliano,
The following might interest you: https://apereo.github.io/cas/5.3.x/installation/Service-Management.html#registered-services
requiredHandlers | Set of authentication handler names that must successfully authenticate credentials in order to access the service. If defined, only the selected required handlers are chosen to respond to authentication requests from this registered service. See this guide for more details. |
and this for more elaboration: https://apereo.github.io/cas/5.3.x/installation/Configuring-Service-Required-AuthN.html
Don't use it myself so I don't know if it work as intended, I suggest you to try it and see if it work for your scenario.
Cheers!
- Andy
Juliano Destroe
Jan 25, 2019, 4:29:42 AM1/25/19
to CAS Community
First of all, thank you for your answer!
So I managed to go through all the documentation and miss that. Indeed it works.
I have two services for this, one that must use a database and the other my LDAP server and indeed the expected result is the right one.
Thanks again Andy,
Cheers!
Juliano
Andy Ng
Jan 25, 2019, 4:37:58 AM1/25/19
to CAS Community
Awesome! Guess it actually work, great. -Andy
Juliano Destroe
Jan 25, 2019, 5:24:07 AM1/25/19
to CAS Community
Also the handler used when using query (cas.authn.jdbc.query[0].driverClass=org.postgresql.Driver) is QueryDatabaseAuthenticationHandler.
So in your json file to declare the service add this line:
"requiredHandlers" : [ "java.util.HashSet", [ "QueryDatabaseAuthenticationHandler" ] ],
Jeffrey Ramsay
Jan 25, 2019, 8:10:25 AM1/25/19
to CAS Community
Great news! How would you reference a second handler, for example, a definition of:
cas.authn.jdbc.query[1]
Would this default to some form of fall through authentication by handler?
-Jeff
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/e1eddad5-1a9d-4619-a714-6aa68cf2e5be%40apereo.org.
Reply all
Reply to author
Forward
0 new messages