Per-service authentication settings

[Stef Schenkelaars]

Hi Cas Community,

I am currently setting up a cas server (v5.1.4) for multiple services. All users are saved in a postgres database shared by all the services and the cas server. Each user in the database is identified by the combination of the service_id and the email. So I want to change the SQL query depending on the requested service. For example: 

SELECT * FROM users WHERE users.service_id = '1' AND WHERE email = ?

The problem is that I am not able to retrieve the current service within authentication handler QueryAndEncodeDatabaseAuthenticationHandler which allows me to change the query. So then I looked at the custom properties of a service but those where also not available in the authentication handler. My last resort was the requiredHandlers options of the service. So I added a second jdbc encode handler like this:

cas.authn.jdbc.encode[0].sql=SELECT * FROM users WHERE users.service_id = '1' AND WHERE email = ?
cas.authn.jdbc.encode[1].sql=SELECT * FROM users WHERE users.service_id = '2' AND WHERE email = ?

I then hoped I could select the handler for each service, however you can only select the handler class like this

{
  "@class" : "org.apereo.cas.services.RegexRegisteredService",
  "serviceId" : "^http://localhost:3000/.*",
  "name" : "Development",
  "id" : 1,
  "requiredHandlers" : [ "java.util.HashSet", [ "QueryAndEncodeDatabaseAuthenticationHandler" ] ]
}

So if I add more services, the QueryAndEncodeDatabaseAuthenticationHandlers are not distinguishable and the service is still not linked to a specific query.

I hope my problem is clear and that you have some nice ideas to fix this!

Thanks,

Stef