Thanks for the response! You guessed well! Initially, I wished to merge the (automaticaly created) DAOs only with application.properties. That would be great.
Sure, here is the code: *localhost-2.json* { "@class" : "org.apereo.cas.services.RegexRegisteredService", "serviceId" : "^https?://localhost.*", "name" : "localhost", "id" : 2, "description" : "Allows only localhost services", "attributeReleasePolicy" : { "@class" : "org.apereo.cas.services.ReturnAllAttributeReleasePolicy" } } *application.properties* ## # CAS Server Context Configuration # server.name=URL server.context-path=/cas server.port=8433 cas.server.http.enabled=false cas.ticket.st.timeToKillInSeconds=600 server.ssl.enabled=true server.ssl.key-alias=cas server.ssl.key-store=file:/somewhere/.keystore server.ssl.key-store-password=secret server.ssl.key-password=secret server.tomcat.basedir=build/tomcat server.tomcat.accesslog.enabled=true server.tomcat.accesslog.pattern=%t %a "%r" %s (%D ms) server.tomcat.accesslog.suffix=.log server.tomcat.max-threads=5 server.tomcat.port-header=X-Forwarded-Port server.tomcat.protocol-header=X-Forwarded-Proto server.tomcat.protocol-header-https-value=https server.tomcat.remote-ip-header=X-FORWARDED-FOR server.tomcat.uri-encoding=UTF-8 spring.http.encoding.charset=UTF-8 spring.http.encoding.enabled=true spring.http.encoding.force=true ## # CAS Cloud Bus Configuration # spring.cloud.bus.enabled=false endpoints.enabled=true endpoints.sensitive=true management.context-path=/status endpoints.restart.enabled=false endpoints.shutdown.enabled=false ## # CAS Web Application Session Configuration # server.session.timeout=300 server.session.cookie.http-only=true server.session.tracking-modes=COOKIE ## # CAS Thymeleaf View Configuration # spring.thymeleaf.encoding=UTF-8 spring.thymeleaf.cache=false ## # CAS Log4j Configuration # server.context-parameters.isLog4jAutoInitializationDisabled=true ## # CAS AspectJ Configuration # spring.aop.auto=true spring.aop.proxy-target-class=true ## # CAS Authentication Credentials # cas.authn.accept.users= ## # LDAP # cas.authn.ldap[0].ldapUrl=ldap://URL:PORT/ cas.authn.ldap[0].useSsl=false cas.authn.ldap[0].useStartTls=false cas.authn.ldap[0].connectTimeout=5000 cas.authn.ldap[0].baseDn=OU=Users,DC=Company,DC=Com cas.authn.ldap[0].userFilter=sAMAccountName={user} cas.authn.ldap[0].subtreeSearch=true cas.authn.ldap[0].bindDn=manager cas.authn.ldap[0].bindCredential=secret cas.authn.ldap[0].dnFormat=%s...@company.com cas.authn.ldap[0].principalAttributeId=sAMAccountName cas.authn.ldap[0].principalAttributePassword= cas.authn.ldap[0].principalAttributeList=sAMAccountName,sn,co,givenName,displayName,mail,department,telephoneNumber,title cas.authn.ldap[0].type=AD cas.authn.ldap[0].minPoolSize=3 cas.authn.ldap[0].maxPoolSize=10 cas.authn.ldap[0].validateOnCheckout=true cas.authn.ldap[0].validatePeriodically=true cas.authn.ldap[0].validatePeriod=600 cas.authn.ldap[0].failFast=false cas.authn.ldap[0].idleTime=5000 cas.authn.ldap[0].prunePeriod=5000 cas.authn.ldap[0].blockWaitTime=5000 ## # CAS Authentication Attributes # cas.personDirectory.principalAttribute=sAMAccountName cas.personDirectory.returnNull=false ## # JDBC attribute repository # cas.authn.attributeRepository.jdbc.singleRow=true cas.authn.attributeRepository.jdbc.requireAllAttributes=false cas.authn.attributeRepository.jdbc.caseCanonicalization=NONE cas.authn.attributeRepository.jdbc.sql=SELECT u.login AS sAMAccountName, f.name AS name, f.`type` AS `type`, m.value AS value FROM user AS u\ JOIN metadata AS m\ ON u.id = m.user_id\ JOIN field AS f\ ON m.field_id = f.id\ WHERE f.application_id = 1\ AND user = sAMAccountName cas.authn.attributeRepository.jdbc.username=sAMAccountName cas.authn.attributeRepository.jdbc.healthQuery=SELECT 1 FROM INFORMATION_SCHEMA.SYSTEM_VARIABLES cas.authn.attributeRepository.jdbc.isolateInternalQueries=false cas.authn.attributeRepository.jdbc.url=jdbc:mysql://URL/DATABASE cas.authn.attributeRepository.jdbc.failFast=false cas.authn.attributeRepository.jdbc.isolationLevelName=ISOLATION_READ_COMMITTED cas.authn.attributeRepository.jdbc.dialect=org.hibernate.dialect.HSQLDialect cas.authn.attributeRepository.jdbc.leakThreshold=10 cas.authn.attributeRepository.jdbc.propagationBehaviorName=PROPAGATION_REQUIRED cas.authn.attributeRepository.jdbc.batchSize=1 cas.authn.attributeRepository.jdbc.user=mysqlUser cas.authn.attributeRepository.jdbc.ddlAuto=create-drop cas.authn.attributeRepository.jdbc.password=secret cas.authn.attributeRepository.jdbc.autocommit=false cas.authn.attributeRepository.jdbc.driverClass=org.hsqldb.jdbcDriver cas.authn.attributeRepository.jdbc.idleTimeout=5000 cas.authn.attributeRepository.jdbc.pool.suspension=false cas.authn.attributeRepository.jdbc.pool.minSize=6 cas.authn.attributeRepository.jdbc.pool.maxSize=18 cas.authn.attributeRepository.jdbc.pool.maxIdleTime=1000 cas.authn.attributeRepository.jdbc.pool.maxWait=2000 As I said earlier, this works for the LDAP attributes but doesn't merge with the JDBC ones (no query sent). I can open an issue, I don't know what's the best process. Thanks. Le mardi 18 octobre 2016 11:14:17 UTC+2, Misagh Moayyed a écrit : > > What you described earlier is all automated. You don’t need to define > beans for DAOs in XML. > > > In principal, you will need to put in the settings for authentication > attributes based on LDAP and SQL. Then DAOs will be constructed for you > automatically and merged together. If you find this recipe does not work, > either share your settings or open up an issue please. > > -- > Misagh > > From: Erdal Gunyar <gu...@gmail.com> <javascript:> > Reply: Erdal Gunyar <gu...@gmail.com> <javascript:> > Date: October 18, 2016 at 12:27:59 PM > To: CAS Community <cas...@apereo.org> <javascript:> > Subject: [cas-user] CAS 5: Changing the principal resolver in > application.properties > > Hello all, > > I'm quite confused by the CAS 5 documentation : > > https://apereo.github.io/cas/development/installation/Configuration-Properties.html#authentication-attributes > > https://apereo.github.io/cas/development/installation/Configuration-Properties.html#principal-resolution > > I'm reading that I can change the principal resolver only with the > configuration properties. > > For example, change the default LDAP resolver (for the LDAP authentication > handler) by a JDBC resolver. > I've tested that but the default LDAP resolver stays and the SQL is not > even queried. > The JDBC internal DAO must be built though because as soon as I put some > JDBC attribute repo stuff on the config, the app needs for the hssqldb > dependency on the launch. > > The part of the documentation that makes me think it's possible is : > > https://apereo.github.io/cas/development/installation/Configuration-Properties.html#principal-resolution > > >> *Principal Resolution*In the event that a separate resolver is put into >> place, control how the final principal should be constructed by default. >> > # cas.personDirectory.principalAttribute= > # cas.personDirectory.returnNull=false > > But I don't see how here... I'm puzzled. > > Any help, even hint will be greatly appreciated :) > > > -- > CAS gitter chatroom: https://gitter.im/apereo/cas > CAS mailing list guidelines: > https://apereo.github.io/cas/Mailing-Lists.html > CAS documentation website: https://apereo.github.io/cas > CAS project website: https://github.com/apereo/cas > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cas-user+u...@apereo.org <javascript:>. > To post to this group, send email to cas-...@apereo.org <javascript:>. > Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/ > . > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/27c8c5a3-d37b-4d5f-ba45-4103d1b90ab9%40apereo.org > > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/27c8c5a3-d37b-4d5f-ba45-4103d1b90ab9%40apereo.org?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/a/apereo.org/d/optout. > > -- CAS gitter chatroom: https://gitter.im/apereo/cas CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html CAS documentation website: https://apereo.github.io/cas CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To post to this group, send email to cas-user@apereo.org. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/321dfad6-aff7-4c2b-8e3e-1c5ccfd52155%40apereo.org. For more options, visit https://groups.google.com/a/apereo.org/d/optout.