Carlos,
I am not a CAS expert, but I found it very easy to implement
custom-authentication. The first step was to replace an authenticator line
with one that points to my own authenticator:
<!-- bean
class="org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler"
/ -->
<bean class="com.mycompany.mypackage.MyAuthenticationHandler" />
The second step was to write MyAuthenticationHandler class like:
public class MyAuthenticationHandler
extends AbstractUsernamePasswordAuthenticationHandler {
public MyAuthenticationHandler() {
}
public boolean authenticateUsernamePasswordInternal(final
UsernamePasswordCredentials credentials) {
final String username = credentials.getUsername();
final String password = credentials.getPassword();
Attributes attrs = (new MyGenericAuthenticator()).authenticate(username,
password);
if(attrs != null) {
log.debug("My Authentication successful: " + attrs.toString());
return true;
}
log.debug("My Authentication failed for: "+username);
return false;
}
}
Where MyGenericAuthenticator is what we use for apps that are not CASified.
You should also look at the code of the commented out
SimpleTestUsernamePasswordAuthenticationHandler, and google for additional
examples.
bruno
From: Carlos Ortiz Quiros [mailto:[email protected]]
Sent: Wednesday, July 29, 2009 4:06 PM
To: [email protected]
Subject: [cas-user] Question to the CAS community
Hi Thank you for reading this eMail
I have two question
1)True or False, is CAS built using Spring ACEGI or Spring Security framework.
2) I have set this bean in deployerConfigContext.xml as follows
<bean id="SearchModeSearchDatabaseAuthenticationHandler"
class="org.jasig.cas.adaptors.jdbc.SearchModeSearchDatabaseAuthenticationHandler"
abstract="false" lazy-init="default" autowire="default"
dependency-check="default">
<property name="tableUsers">
<value>tblcom_persona</value>
</property>
<property name="fieldUser">
<value>strusuario</value>
</property>
<property name="fieldPassword">
<value>strcontrasenna</value>
</property>
<property name="dataSource" ref="dataSource" />
</bean>
This one validates the main credentials but I am also required to make a
validation like this
The above checks this SQL for credentials.
SELECT *
FROM TBLCOM_PERSONA
WHERE STRUSUARIO = ? and STRCONTASENNA = ?
But after this one passes I need to validate if
SELECT *
FROM TBLCOM_PERSONA P INNER JOIN TBLSEG_RELACION R
ON P.IDPERSONA = R.IDPERSONA
WHERE STRUSUARIO = ? and STRCONTASENNA = ?
returns records...this is a filter. What is the best way to implement it in
CAS?
Carlos Adolfo Ortiz Q
[email protected]<mailto:[email protected]>
blog: theowlo.blogspot.com (English)
hispanictheowlo.blogspot.com (EspaƱol)
P Please consider the environment, don't print this e-mail unless you really
need to.
Por favor, si considera el medio ambiente, no imprima este e-mail a menos que
sea necesario.
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
