Re: [cas-user] custome passwordEncoder in CAS 5.1
677 views
Skip to first unread message
Dmitriy Kopylenko
May 17, 2017, 9:07:29 AM5/17/17
to cas-...@apereo.org
In 5.1 you do it by means of the following property:
cas.authn.jdbc.query[0].passwordEncoder.type=com.example.CustomPasswordEncoder
Cheers,
D.
From: Mathieu Plasse <mathieu...@gmail.com>
Reply: cas-...@apereo.org <cas-...@apereo.org>
Date: May 17, 2017 at 9:04:39 AM
To: CAS Community <cas-...@apereo.org>
Subject: [cas-user] custome passwordEncoder in CAS 5.1
--I'm trying to configure a custom passwordEncoder on CAS 5.0 . My problem is the PolicyBasedAuthenticationManager as completly changed from 4 to 5 so old deployerConfig.xml do not work.Old 4.0 was like that :<bean id="authenticationManager" class="org.jasig.cas.authentication.PolicyBasedAuthenticationManager"><constructor-arg><map><entry key-ref="primaryAuthenticationHandler" value-ref="dbAuthHandler"/></map></constructor-arg><property name="authenticationPolicy"><bean class="org.jasig.cas.authentication.AnyAuthenticationPolicy" /></property></bean><bean id="proxyAuthenticationHandler" class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"p:httpClient-ref="httpClient" /><bean id="dbAuthHandler" class="org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler"><property name="dataSource"><bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource"><property name="driverClassName" value="com.mysql.jdbc.Driver" /><property name="url" value="jdbc:mysql://localhost:3306/cas?useUnicode=true&characterEncoding=utf-8" /><property name="username" value="root" /><property name="password" value="" /></bean></property><property name="sql" value="my request" /><property name=="passwordEncoder"><bean id="passwordEncoder" class="my.custom.PasswordEncoderClass"/></property></bean>I tried to create a 5.0 file like that :<bean id="authenticationManager" class="org.apereo.cas.authentication.PolicyBasedAuthenticationManager"><constructor-arg><map><entry key-ref="authenticationEventExecutionPlan" value-ref="execPlan"/><entry key-ref="servicesManager" value-ref="serviceMan"/></map></constructor-arg></bean><bean id="execPlan" class="org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan"><property name="authenticationHandler"><bean id="dbAuthHandler" class="org.apereo.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler"><property name="dataSource"><bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource"><property name="driverClassName" value="com.mysql.jdbc.Driver" /><property name="url" value="jdbc:mysql://localhost:3306/foce10?useUnicode=true&characterEncoding=utf-8" /><property name="username" value="force10" /><property name="password" value="force10" /></bean></property><property name="sql" value="my resuest" /><property name="passwordEncoder"><bean id="passwordEncoder" class="my.custom.PasswordEncoderClass"/></property></bean></property></bean><bean id="serviceMan" class= "org.apereo.cas.services.DefaultServicesManagerImpl"/></beans>BUT I can't make it work it just not start without any Log.Does anyone tried this ?Mathieu
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/741f9d7d-b5ad-441a-af75-93a75d98f20d%40apereo.org.
Dmitriy Kopylenko
May 17, 2017, 9:08:23 AM5/17/17
to cas-...@apereo.org
Mathieu Plasse
May 17, 2017, 10:35:23 AM5/17/17
to CAS Community, dkopy...@unicon.net
Ty.
I tried that way with the cas.properties :
##
# CAS Server Context Configuration
#
cas.server.prefix=https://login.planzone.com:8443/cas
server.context-path=/cas
server.port=8443
cas.server.http.enabled=false
cas.tgc.secure=false
cas.ticket.st.timeToKillInSeconds=600
server.ssl.key-store=ssl/casserver.p12
server.ssl.key-store-password=ShaunOfTheDead
#server.ssl.key-password=changeit
#server.max-http-header-size=2097152
#server.max-http-post-size=2097152
#server.use-forward-headers=true
# server.ssl.ciphers=
# server.ssl.client-auth=
# server.ssl.enabled=
server.ssl.key-alias=tomcat
# server.ssl.key-store-provider=
server.ssl.key-store-type=PKCS12
# server.ssl.protocol=
# server.ssl.trust-store=
# server.ssl.trust-store-password=
# server.ssl.trust-store-provider=
# server.ssl.trust-store-type=
server.tomcat.basedir=build/tomcat
server.tomcat.accesslog.enabled=true
server.tomcat.accesslog.pattern=%t %a "%r" %s (%D ms)
server.tomcat.accesslog.suffix=.log
server.tomcat.max-threads=5
server.tomcat.port-header=X-Forwarded-Port
server.tomcat.protocol-header=X-Forwarded-Proto
server.tomcat.protocol-header-https-value=https
server.tomcat.remote-ip-header=X-FORWARDED-FOR
server.tomcat.uri-encoding=UTF-8
spring.http.encoding.charset=UTF-8
spring.http.encoding.enabled=true
spring.http.encoding.force=true
##
# CAS Cloud Bus Configuration
#
spring.cloud.bus.enabled=false
# spring.cloud.bus.refresh.enabled=true
# spring.cloud.bus.env.enabled=true
# spring.cloud.bus.destination=CasCloudBus
# spring.cloud.bus.ack.enabled=true
endpoints.enabled=true
endpoints.sensitive=true
management.context-path=/status
endpoints.restart.enabled=false
endpoints.shutdown.enabled=false
##
# CAS Web Application Session Configuration
#
server.session.timeout=300
server.session.cookie.http-only=true
server.session.tracking-modes=COOKIE
##
# CAS Thymeleaf View Configuration
#
spring.thymeleaf.encoding=UTF-8
spring.thymeleaf.cache=false
##
# CAS Log4j Configuration
#
# logging.config=file:/etc/cas/log4j2.xml
server.context-parameters.isLog4jAutoInitializationDisabled=true
##
# CAS AspectJ Configuration
#
spring.aop.auto=true
spring.aop.proxy-target-class=true
##
# CAS Authentication Credentials
#
cas.authn.accept.users=
##
# CAS Authentication Attributes
#
cas.authn.attributeRepository.attributes.uid=uid
cas.authn.attributeRepository.attributes.displayName=displayName
cas.authn.attributeRepository.attributes.cn=commonName
cas.authn.attributeRepository.attributes.affiliation=groupMembership
##
# Delegate authentication
#
cas.authn.pac4j.cas.loginUrl=https://login.planzone.com:8443/cas/login
# JDBC Authentication
cas.authn.jdbc.query[0].sql=SELECT u.password FROM user u WHERE u.email_address=?
cas.authn.jdbc.query[0].healthQuery=SELECT 1 FROM user
cas.authn.jdbc.query[0].isolateInternalQueries=false
cas.authn.jdbc.query[0].url=jdbc:mysql://localhost:3306/myDB
cas.authn.jdbc.query[0].failFast=true
cas.authn.jdbc.query[0].isolationLevelName=ISOLATION_READ_COMMITTED
cas.authn.jdbc.query[0].dialect=org.hibernate.dialect.MySQLDialect
cas.authn.jdbc.query[0].leakThreshold=10
cas.authn.jdbc.query[0].propagationBehaviorName=PROPAGATION_REQUIRED
cas.authn.jdbc.query[0].batchSize=1
cas.authn.jdbc.query[0].user=dbuser
cas.authn.jdbc.query[0].ddlAuto=create-drop
cas.authn.jdbc.query[0].maxAgeDays=180
cas.authn.jdbc.query[0].password=dbpassword
cas.authn.jdbc.query[0].autocommit=false
cas.authn.jdbc.query[0].driverClass=com.mysql.jdbc.Driver
cas.authn.jdbc.query[0].idleTimeout=5000
cas.authn.jdbc.query[0].credentialCriteria=
cas.authn.jdbc.query[0].passwordEncoder.type=my.custom.PasswordEncrypt
#cas.authn.jdbc.query[0].passwordEncoder.type=com.augeo.security.PlanzonePasswordEncoder
#cas.authn.jdbc.query[0].passwordEncoder.characterEncoding=UTF-8
#cas.authn.jdbc.query[0].passwordEncoder.secret=
#cas.authn.jdbc.query[0].passwordEncoder.strength=16
#cas.authn.jdbc.query[0].principalTransformation.suffix=
#cas.authn.jdbc.query[0].principalTransformation.caseConversion=NONE
#cas.authn.jdbc.query[0].principalTransformation.prefix=
But I go this :
[org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <Authentication has failed. Credentials may be incorrect or CAS cannot find authentication handler that supports [te...@test.com] of type [UsernamePasswordCredential], which suggests a configuration problem.>
ANd I don t see my passwordEncrypt logs
Le mercredi 17 mai 2017 15:08:23 UTC+2, Dmitriy Kopylenko a écrit :
Dmitriy Kopylenko
May 17, 2017, 10:40:04 AM5/17/17
to cas-...@apereo.org
You want to make sure you enable JDBC authentication module by including that module dependency: https://apereo.github.io/cas/development/installation/Database-Authentication.html
D.
From: Mathieu Plasse <mathieu...@gmail.com>
Reply: cas-...@apereo.org <cas-...@apereo.org>
Date: May 17, 2017 at 10:35:27 AM
To: CAS Community <cas-...@apereo.org>
Cc: dkopy...@unicon.net <dkopy...@unicon.net>
Subject: Re: [cas-user] custome passwordEncoder in CAS 5.1
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/dbbe7d0a-db24-4ea6-a811-ce69a9f38813%40apereo.org.
Mathieu Plasse
May 17, 2017, 11:01:25 AM5/17/17
to CAS Community, dkopy...@unicon.net
That module is in my pom :
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.leleuj</groupId>
<artifactId>cas-pac4j-oauth-demo</artifactId>
<version>5.0.0-SNAPSHOT</version>
</parent>
<artifactId>cas-pac4j-oauth-client-demo</artifactId>
<packaging>war</packaging>
<name>CAS Pac4J / OAuth client demo</name>
<description>CAS Pac4J / OAuth client demo</description>
<dependencies>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-webapp</artifactId>
<type>war</type>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-json-service-registry</artifactId>
</dependency>
<dependency>
<groupId>org.pac4j</groupId>
<artifactId>pac4j-http</artifactId>
<version>${pac4j.version}</version>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-jdbc</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>1.10</version>
</dependency>
<dependency>
<groupId>com.sun.xml.security</groupId>
<artifactId>apache-xmlsec</artifactId>
<version>1.0.1</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>3.1.0.RELEASE</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
<configuration>
<warName>cas</warName>
<failOnMissingWebXml>false</failOnMissingWebXml>
<recompressZippedFiles>false</recompressZippedFiles>
<archive>
<compress>false</compress>
<manifestFile>${project.build.directory}/war/work/org.apereo.cas/cas-server-webapp/META-INF/MANIFEST.MF</manifestFile>
</archive>
<overlays>
<overlay>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-webapp</artifactId>
</overlay>
</overlays>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<configuration>
<source>${java.version}</source>
<target>${java.version}</target>
</configuration>
</plugin>
</plugins>
<finalName>cas</finalName>
</build>
<properties>
<pac4j.version>1.9.4</pac4j.version>
</properties>
</project>
Le mercredi 17 mai 2017 16:40:04 UTC+2, Dmitriy Kopylenko a écrit :
You want to make sure you enable JDBC authentication module by including that module dependency: https://apereo.github.io/cas/development/installation/Database-Authentication.htmlD.
Reply all
Reply to author
Forward
0 new messages