Thanks, that worked! Once I figured out there was a default deployerConfigContext.xml created by the overlay I edited that and got myself up and running using the following. I still have some customisations to make but I can login from the db now! Thanks to you both for you help! Free beer for all!
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:context="http://www.springframework.org/schema/context"; xmlns:p="http://www.springframework.org/schema/p"; xmlns:c="http://www.springframework.org/schema/c"; xmlns:aop="http://www.springframework.org/schema/aop"; xmlns:tx="http://www.springframework.org/schema/tx"; xmlns:util="http://www.springframework.org/schema/util"; xmlns:sec="http://www.springframework.org/schema/security"; xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd";> <description> Nothing yet - work in progress </description> <!-- Copied from https://github.com/apereo/cas/blob/4.2.x/cas-server-webapp/src/main/webapp/WEB-INF/deployerConfigContext.xml --> <util:map id="authenticationHandlersResolvers"> <!-- https://apereo.github.io/cas/4.2.x/installation/Configuring-Principal-Resolution.html#principalresolver-vs-authenticationhandler we want to use the --> <!-- we want to use the value returned from queryDatabaseAuthenticationHandler --> <entry key-ref="primaryAuthenticationHandler" value="#{null}"/> </util:map> <!-- https://apereo.github.io/cas/4.2.x/installation/Configuring-Authentication-Components.html#default-encoder --> <alias name="defaultPasswordEncoder" alias="passwordEncoder"/> <!-- https://apereo.github.io/cas/4.2.x/installation/Database-Authentication.html --> <alias name="queryDatabaseAuthenticationHandler" alias="primaryAuthenticationHandler"/> <alias name="dataSource" alias="queryDatabaseDataSource"/> <bean id="dataSource" class="com.mchange.v2.c3p0.ComboPooledDataSource" p:driverClass="${database.driverClass}" p:jdbcUrl="${database.url}" p:user="${database.user}" p:password="${database.password}" p:initialPoolSize="${database.pool.minSize}" p:minPoolSize="${database.pool.minSize}" p:maxPoolSize="${database.pool.maxSize}" p:maxIdleTimeExcessConnections="${database.pool.maxIdleTime}" p:checkoutTimeout="${database.pool.maxWait}" p:acquireIncrement="${database.pool.acquireIncrement}" p:acquireRetryAttempts="${database.pool.acquireRetryAttempts}" p:acquireRetryDelay="${database.pool.acquireRetryDelay}" p:idleConnectionTestPeriod="${database.pool.idleConnectionTestPeriod}" p:preferredTestQuery="${database.pool.connectionHealthQuery}"/> <!-- Copied from https://github.com/apereo/cas/blob/4.2.x/cas-server-webapp/src/main/webapp/WEB-INF/deployerConfigContext.xml START--> <util:list id="authenticationMetadataPopulators"> <ref bean="successfulHandlerMetaDataPopulator" /> <ref bean="rememberMeAuthenticationMetaDataPopulator" /> </util:list> <bean id="attributeRepository" class="org.jasig.services.persondir.support.NamedStubPersonAttributeDao" p:backingMap-ref="attrRepoBackingMap" /> <util:map id="attrRepoBackingMap"> <entry key="uid" value="uid" /> <entry key="eduPersonAffiliation" value="eduPersonAffiliation" /> <entry key="groupMembership" value="groupMembership" /> <entry> <key><value>memberOf</value></key> <list> <value>faculty</value> <value>staff</value> <value>org</value> </list> </entry> </util:map> <alias name="ticketGrantingTicketExpirationPolicy" alias="grantingTicketExpirationPolicy" /> <alias name="multiTimeUseOrTimeoutExpirationPolicy" alias="serviceTicketExpirationPolicy" /> <bean id="auditTrailManager" class="org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager" p:entrySeparator="${cas.audit.singleline.separator:|}" p:useSingleLine="${cas.audit.singleline:false}"/> <alias name="neverThrottle" alias="authenticationThrottle" /> <util:list id="monitorsList"> <ref bean="memoryMonitor" /> <ref bean="sessionMonitor" /> </util:list> <alias name="anyAuthenticationPolicy" alias="authenticationPolicy"/> <alias name="acceptAnyAuthenticationPolicyFactory" alias="authenticationPolicyFactory"/> <alias name="serviceThemeResolver" alias="themeResolver"/> <alias name="defaultTicketRegistry" alias="ticketRegistry"/> <alias name="defaultPrincipalFactory" alias="principalFactory"/> <alias name="defaultAuthenticationTransactionManager" alias="authenticationTransactionManager"/> <alias name="defaultPrincipalElectionStrategy" alias="principalElectionStrategy"/> <alias name="tgcCipherExecutor" alias="defaultCookieCipherExecutor"/> <alias name="neverThrottle" alias="authenticationThrottle" /> <!-- Copied from https://github.com/apereo/cas/blob/4.2.x/cas-server-webapp/src/main/webapp/WEB-INF/deployerConfigContext.xml END--> </beans> On Fri, 3 Jun 2016 at 16:56 John Rellis <[email protected]> wrote: > Excellent, thank you! > > On Fri, 3 Jun 2016 at 16:55 Dmitriy Kopylenko <[email protected]> > wrote: > >> Just leave the propertyFileConfigurer.xml alone and customize the >> deployerConfigContext.xml in your overlay. >> >> And check this doc out: >> http://apereo.github.io/cas/4.2.x/installation/Maven-Overlay-Installation.html >> >> D. >> >> On Jun 3, 2016, at 11:50 AM, John Rellis <[email protected]> wrote: >> >> Thanks Dmitriy, >> >> Are you saying that I need to move propertyFileConfigurer.xml from where >> the cas-overlay-template mvn pakage puts it? >> >> I'll try customising what Misagh linked to, thanks to you both. >> Hopefully I won't have to come back with more questions. >> >> Thanks, >> John >> >> On Fri, 3 Jun 2016 at 16:40 Dmitriy Kopylenko <[email protected]> >> wrote: >> >>> Place the custom handler definitions and aliases into >>> WEB-INF/deployerConfigContext.xml As Misagh showed in that link in the >>> previous message. Just get the entire file from the CAS repository, place >>> it in your overlay and override the custom bits. >>> >>> Just an aside note - that kind of local customization will be much >>> easier in CAS v5 ;-) >>> >>> Cheers, >>> D. >>> >>> On Jun 3, 2016, at 11:35 AM, John Rellis <[email protected]> >>> wrote: >>> >>> Hi Dimitry, >>> >>> I am using https://github.com/apereo/cas-overlay-template to create a >>> war and yes propertyFileDescriptor.xml is where I have copied that xml >>> from. >>> >>> Once deployed it is in >>> apache-tomcat-8.0.33/webapps/cas/WEB-INF/spring-configuration/ >>> propertyFileConfigurer.xml >>> >>> Do you need any more info? >>> >>> Thanks! >>> John >>> >>> On Fri, 3 Jun 2016 at 16:26 Dmitriy Kopylenko <[email protected]> >>> wrote: >>> >>>> You mentioned ‘propertyFileDescriptor.xml’. Is that where you define >>>> your beans shown below? Where do you place this file? >>>> >>>> D. >>>> >>>> On Jun 3, 2016, at 11:21 AM, John Rellis <[email protected]> >>>> wrote: >>>> >>>> Thanks but that doesn't use queryDatabaseAuthenticationHandler :( >>>> >>>> On Friday, 3 June 2016 16:11:23 UTC+1, Misagh Moayyed wrote: >>>>> >>>>> Compare your configuration with this: >>>>> >>>>> >>>>> https://github.com/apereo/cas/blob/4.2.x/cas-server-webapp/src/main/webapp/WEB-INF/deployerConfigContext.xml >>>>> >>>>> >>>>> *From:* [email protected] [mailto:[email protected]] *On Behalf Of *John >>>>> Rellis >>>>> *Sent:* Friday, June 3, 2016 7:10 AM >>>>> *To:* CAS Community <[email protected]> >>>>> *Subject:* [cas-user] queryDatabaseAuthenticationHandler not being >>>>> called (CAS 4.2.2) >>>>> >>>>> >>>>> Hello! >>>>> >>>>> >>>>> CAS version 4.2.2 >>>>> >>>>> >>>>> I am following the documentation to try and configure a database >>>>> authentication hander but it looks as though the >>>>> AcceptUsersAuthenticationHandler is the only one being called (logs below) >>>>> >>>>> >>>>> Here's my propertyFileDescriptor.xml. I've been looking at examples >>>>> online that actually define beans for queryDatabaseAuthenticationHandler >>>>> but since this is not in the docs I am assuming this done on older >>>>> versions >>>>> (apologies, I've mainly been working in grails so my spring config >>>>> experience is non-existent). Thanks in advance for any pointers here, I >>>>> feel like I've hit a wall with the docs. >>>>> >>>>> >>>>> I have also set these : >>>>> >>>>> >>>>> cas.authn.password.encoding.char=UTF-8 >>>>> >>>>> cas.authn.password.encoding.alg=SHA-256 >>>>> >>>>> cas.jdbc.authn.query.sql=select password_hash from shiro_user where >>>>> username = ? >>>>> >>>>> >>>>> >>>>> <beans xmlns="http://www.springframework.org/schema/beans"; >>>>> >>>>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; >>>>> >>>>> xmlns:p="http://www.springframework.org/schema/p"; >>>>> >>>>> xmlns:context="http://www.springframework.org/schema/context"; >>>>> >>>>> xmlns:util="http://www.springframework.org/schema/util"; >>>>> >>>>> xsi:schemaLocation="http://www.springframework.org/schema/beans >>>>> http://www.springframework.org/schema/beans/spring-beans.xsd >>>>> >>>>> http://www.springframework.org/schema/context >>>>> http://www.springframework.org/schema/context/spring-context.xsd >>>>> >>>>> http://www.springframework.org/schema/util >>>>> http://www.springframework.org/schema/util/spring-util.xsd";> >>>>> >>>>> <description> >>>>> >>>>> This file lets CAS know where you've stored the >>>>> cas.properties file which details some of the configuration options >>>>> >>>>> that are specific to your environment. You can >>>>> specify the location of the file here. You may wish to place the file >>>>> outside >>>>> >>>>> of the Servlet context if you have options that >>>>> are specific to a tier (i.e. test vs. production) so that the WAR file >>>>> >>>>> can be moved between tiers without modification. >>>>> >>>>> </description> >>>>> >>>>> >>>>> <util:properties id="casProperties" >>>>> location="file:/home/john/cas/cas-overlay-template/etc/cas.properties" /> >>>>> >>>>> >>>>> <context:property-placeholder properties-ref="casProperties" /> >>>>> >>>>> >>>>> <alias name="jsonServiceRegistryDao" alias="serviceRegistryDao" /> >>>>> >>>>> >>>>> <alias name="queryDatabaseAuthenticationHandler" >>>>> alias="primaryAuthenticationHandler" /> >>>>> >>>>> <alias name="dataSource" alias="queryDatabaseDataSource" /> >>>>> >>>>> >>>>> <alias name="defaultPasswordEncoder" alias="passwordEncoder" /> >>>>> >>>>> >>>>> <bean id="dataSource" >>>>> >>>>> class="com.mchange.v2.c3p0.ComboPooledDataSource" >>>>> >>>>> p:driverClass="${database.driverClass}" >>>>> >>>>> p:jdbcUrl="${database.url}" >>>>> >>>>> p:user="${database.user}" >>>>> >>>>> p:password="${database.password}" >>>>> >>>>> p:initialPoolSize="${database.pool.minSize}" >>>>> >>>>> p:minPoolSize="${database.pool.minSize}" >>>>> >>>>> p:maxPoolSize="${database.pool.maxSize}" >>>>> >>>>> p:maxIdleTimeExcessConnections="${database.pool.maxIdleTime}" >>>>> >>>>> p:checkoutTimeout="${database.pool.maxWait}" >>>>> >>>>> p:acquireIncrement="${database.pool.acquireIncrement}" >>>>> >>>>> >>>>> p:acquireRetryAttempts="${database.pool.acquireRetryAttempts}" >>>>> >>>>> p:acquireRetryDelay="${database.pool.acquireRetryDelay}" >>>>> >>>>> >>>>> p:idleConnectionTestPeriod="${database.pool.idleConnectionTestPeriod}" >>>>> >>>>> >>>>> p:preferredTestQuery="${database.pool.connectionHealthQuery}" /> >>>>> >>>>> >>>>> </beans> >>>>> >>>>> >>>>> >>>>> >>>>> 2016-06-03 14:40:07,885 [http-nio-8080-exec-1] DEBUG >>>>> org.jasig.cas.util.RegexUtils - Pattern >>>>> http://localhost:8080/CasTest/shiro-cas is a valid regex. >>>>> >>>>> 2016-06-03 14:40:07,886 [http-nio-8080-exec-1] DEBUG >>>>> org.jasig.cas.services.web.RegisteredServiceThemeBasedViewResolver - View >>>>> resolved: /WEB-INF/view/jsp/default/ui/casLoginView.jsp >>>>> >>>>> 2016-06-03 14:40:07,948 [http-nio-8080-exec-1] INFO >>>>> org.jasig.cas.authentication.PolicyBasedAuthenticationManager - >>>>> *AcceptUsersAuthenticationHandler* failed authenticating admin >>>>> >>>>> 2016-06-03 14:40:07,948 [http-nio-8080-exec-1] DEBUG >>>>> org.jasig.cas.authentication.PolicyBasedAuthenticationManager - >>>>> *AcceptUsersAuthenticationHandler* exception details: No user can be >>>>> accepted because none is defined >>>>> >>>>> 2016-06-03 14:40:07,953 [http-nio-8080-exec-1] DEBUG >>>>> org.jasig.cas.audit.spi.TicketOrCredentialPrincipalResolver - Resolving >>>>> argument [AuthenticationTransaction] for audit >>>>> >>>>> 2016-06-03 14:40:07,954 [http-nio-8080-exec-1] DEBUG >>>>> org.jasig.cas.audit.spi.TicketOrCredentialPrincipalResolver - Resolving >>>>> argument [UsernamePasswordCredential] for audit >>>>> >>>>> 2016-06-03 14:40:07,957 [http-nio-8080-exec-1] INFO >>>>> org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager - Audit >>>>> trail record BEGIN >>>>> >>>>> ============================================================= >>>>> >>>>> WHO: admin >>>>> >>>>> WHAT: Supplied credentials: [admin] >>>>> >>>>> ACTION: AUTHENTICATION_FAILED >>>>> >>>>> APPLICATION: CAS >>>>> >>>>> WHEN: Fri Jun 03 14:40:07 IST 2016 >>>>> >>>>> CLIENT IP ADDRESS: 10.5.5.30 >>>>> >>>>> SERVER IP ADDRESS: 10.5.5.50 >>>>> >>>>> ============================================================= >>>>> >>>>> >>>>> >>>>> 2016-06-03 14:40:07,961 [http-nio-8080-exec-1] DEBUG >>>>> org.jasig.cas.web.flow.AuthenticationViaFormAction - 1 errors, 0 successes >>>>> >>>>> org.jasig.cas.authentication.AuthenticationException: 1 errors, 0 >>>>> successes >>>>> >>>>> -- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "CAS Community" group. >>>>> To unsubscribe from this group and stop receiving emails from it, send >>>>> an email to [email protected]. >>>>> To post to this group, send email to [email protected]. >>>>> Visit this group at >>>>> https://groups.google.com/a/apereo.org/group/cas-user/. >>>>> To view this discussion on the web visit >>>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/45c51101-265a-4b44-b636-e3027304189a%40apereo.org >>>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/45c51101-265a-4b44-b636-e3027304189a%40apereo.org?utm_medium=email&utm_source=footer> >>>>> . >>>>> For more options, visit >>>>> https://groups.google.com/a/apereo.org/d/optout. >>>>> >>>> >>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "CAS Community" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> To post to this group, send email to [email protected]. >>>> Visit this group at >>>> https://groups.google.com/a/apereo.org/group/cas-user/. >>>> To view this discussion on the web visit >>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/1fbd50f6-e9ce-426d-bfd6-c93c0ce239c9%40apereo.org >>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/1fbd50f6-e9ce-426d-bfd6-c93c0ce239c9%40apereo.org?utm_medium=email&utm_source=footer> >>>> . >>>> For more options, visit https://groups.google.com/a/apereo.org/d/optout >>>> . >>>> >>>> >>>> >>> >> -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CADRA4bUL%2Bs29aBgNTD0PPWiAxP3hk1FR42aMT0t5KfOtvepZ6g%40mail.gmail.com. For more options, visit https://groups.google.com/a/apereo.org/d/optout.
