PAC4J integration not working properly ?

58 views
Skip to first unread message

Thomas UNG

unread,
Mar 8, 2017, 8:38:30 PM3/8/17
to CAS Community
Hello,

I am using mongodb for authentication 

I have configured CAS with the following the documentation :  https://apereo.github.io/cas/5.0.x/installation/MongoDb-Authentication.html

- I am using cas 5.0.3.1
- I am using tomcat 8 deploying overlay war file
- I have the following in my cas.properties
 
cas.authn.mongo.passwordEncoder.type=BCRYPT
cas.authn.mongo.passwordEncoder.characterEncoding=UTF-8
cas.authn.mongo.passwordEncoder.secret=test
cas.authn.mongo.passwordEncoder.strength=8

logging.level.org.apereo=DEBUG


Due to the documentation instruction (https://apereo.github.io/cas/5.0.x/installation/MongoDb-Authentication.html), it implies the use of 'org.pac4j.mongo.credentials.authenticator.MongoAuthenticator' (?). And the validate method use "pac4j PasswordEncoder", right ?

However, org.apereo.cas.configuration.support.Beans initiates 'org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder' which implements the use of 'org.springframework.security.crypto.password.PasswordEncoder' (?)

pac4j PasswordEncoder and spring PasswordEncoder have different implementations and I figure out that I could not make the authentication work properly. Or did I misconfigure something ?

I had to overwrite 'org.pac4j.mongo.credentials.authenticator.MongoAuthenticator' to the authentication finally works  ...


        final String username = credentials.getUsername();

    PasswordEncoder encoder = new SpringSecurityPasswordEncoder(new BCryptPasswordEncoder(8, new SecureRandom("test".getBytes(StandardCharsets.UTF_8))));
            
        if (!encoder.matches(password, returnedPassword)) {

instead of 

            if (!getPasswordEncoder().matches(credentials.getPassword(), returnedPassword)) {


Any thought If I did the right thing ? And I also do not understand why "credentials.getPassword()" returns an encoded password and not a clear password ... Seems that PAC4J integration is not working correctly ?

Thanks,
Thomas UNG


Thomas UNG

unread,
Mar 8, 2017, 8:42:58 PM3/8/17
to CAS Community
Erratum :
 
I had to overwrite 'org.pac4j.mongo.credentials.authenticator.MongoAuthenticator' to the authentication finally works  ...


        String password = context.getRequestParameter(passwordAttribute);
Reply all
Reply to author
Forward
0 new messages