cas.authn.jdbc.encode throws "Authentication handler is not configured correctly"

422 views

Skip to first unread message

David Bonnes

unread,

Sep 23, 2017, 7:28:48 PM9/23/17

to CAS Community

Hi, I am stuck on cas.authn.jdbc.encode, although I can get cas.authn.jdbc.query to work OK.

cas.authn.jdbc.encode throws "Authentication handler is not configured correctly", maybe is due to (StringUtils.isBlank(this.sql) || StringUtils.isBlank(this.algorithmName) || getJdbcTemplate() == null) ??

** Environment **

- CAS Version: 5.2.0-RC4-SNAPSHOT

- Java Version: 1.8.0_131

- Apache Tomcat Version: Apache Tomcat/8.0.32 (Ubuntu)

- Linux Ubuntu Xenial Version: 16.04.3

** pom.xlm ** Only relevant changes are:

 <cas.version>5.2.0-RC4-SNAPSHOT</cas.version>

...and...

 <dependency>
    <groupId>org.apereo.cas</groupId>
    <artifactId>cas-server-support-jdbc</artifactId>
    <version>${cas.version}</version>
</dependency>
<dependency>
   <groupId>org.apereo.cas</groupId>
   <artifactId>cas-server-support-jdbc-drivers</artifactId>
   <version>${cas.version}</version>
</dependency>

** cas.properties **

Note first, that the following works fine - note the clever trick with fieldPassword=username:

  cas.authn.jdbc.query[0].url=jdbc:mysql://lxc-mysql.home:3306/guacamole_db?useSSL=false
  cas.authn.jdbc.query[0].driverClass=com.mysql.cj.jdbc.Driver
  cas.authn.jdbc.query[0].user=guac_username
  cas.authn.jdbc.query[0].password=guac_password


  cas.authn.jdbc.query[0].sql=SELECT * FROM guacamole_user WHERE username=?
  cas.authn.jdbc.query[0].fieldPassword=username

However, the following does not work (FWIW, this may be a useful reference):

  cas.authn.jdbc.encode[0].url=jdbc:mysql://lxc-mysql.home:3306/guacamole_db?useSSL=false
  cas.authn.jdbc.encode[0].driverClass=com.mysql.cj.jdbc.Driver
  cas.authn.jdbc.encode[0].dialect=org.hibernate.dialect.MySQL5Dialect
  cas.authn.jdbc.encode[0].user=guac_username
  cas.authn.jdbc.encode[0].password=guac_password


  cas.authn.jdbc.encode[0].sql=SELECT * FROM guacamole_user WHERE username=?
  cas.authn.jdbc.encode[0].disabledFieldName=disabled
  cas.authn.jdbc.encode[0].saltFieldName=password_salt
  cas.authn.jdbc.encode[0].passwordFieldName=password_hash
  cas.authn.jdbc.encode[0].passwordEncoder.type=DEFAULT
  cas.authn.jdbc.encode[0].passwordEncoder.characterEncoding=UTF-8
  cas.authn.jdbc.encode[0].passwordEncoder.encodingAlgorithm=SHA-256

Which throws this error:

2017-09-23 23:20:06,446 DEBUG [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <[QueryAndEncodeDatabaseAuthenticationHandler] exception details: [Authentication handler is not configured correctly].>

I see from QueryAndEncodeDatabaseAuthenticationHandler.java that:

 if (StringUtils.isBlank(this.sql) || StringUtils.isBlank(this.algorithmName) || getJdbcTemplate() == null) {
     throw new GeneralSecurityException("Authentication handler is not configured correctly");
 }

Can anyone suggest a solution, or (heaven forbid) is it a bug?

David Bonnes

unread,

Sep 29, 2017, 6:25:29 PM9/29/17

to CAS Community

Solved: I confused

cas.authn.jdbc.encode[0].algorithmName=SHA-256

with

cas.authn.jdbc.encode[0].passwordEncoder.encodingAlgorithm=SHA-256

Reply all

Reply to author

Forward

0 new messages