Chris,
Thanks for your help. I followed your advice, but it fails to build. Here
is my deployerConfigContext.xml. Any ideas?
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to Apereo under one or more contributor license
agreements. See the NOTICE file distributed with this work
for additional information regarding copyright ownership.
Apereo licenses this file to you under the Apache License,
Version 2.0 (the "License"); you may not use this file
except in compliance with the License. You may obtain a
copy of the License at the following location:
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<!--
| deployerConfigContext.xml centralizes into one file some of the
declarative configuration that
| all CAS deployers will need to modify.
|
| This file declares some of the Spring-managed JavaBeans that make up a
CAS deployment.
| The beans declared in this file are instantiated at context
initialization time by the Spring
| ContextLoaderListener declared in web.xml. It finds this file because
this
| file is among those declared in the context parameter
"contextConfigLocation".
|
| By far the most common change you will need to make in this file is to
change the last bean
| declaration to replace the default authentication handler with
| one implementing your approach for authenticating usernames and passwords.
+-->
<beans xmlns="http://www.springframework.org/schema/beans";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:p="http://www.springframework.org/schema/p";
xmlns:c="http://www.springframework.org/schema/c";
xmlns:tx="http://www.springframework.org/schema/tx";
xmlns:util="http://www.springframework.org/schema/util";
xmlns:sec="http://www.springframework.org/schema/security";
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/tx
http://www.springframework.org/schema/tx/spring-tx.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd
http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util.xsd";>
<!--
| The authentication manager defines security policy for
authentication by specifying at a minimum
| the authentication handlers that will be used to authenticate
credential. While the AuthenticationManager
| interface supports plugging in another implementation, the default
PolicyBasedAuthenticationManager should
| be sufficient in most cases.
+-->
<bean id="authenticationManager"
class="org.jasig.cas.authentication.PolicyBasedAuthenticationManager">
<constructor-arg>
<map>
<!--
| IMPORTANT
| Every handler requires a unique name.
| If more than one instance of the same handler class is
configured, you must explicitly
| set its name to something other than its default name
(typically the simple class name).
-->
<entry key-ref="proxyAuthenticationHandler"
value-ref="proxyPrincipalResolver" />
<entry key-ref="primaryAuthenticationHandler"
value-ref="primaryPrincipalResolver" />
</map>
</constructor-arg>
<!-- Uncomment the metadata populator to allow clearpass to capture
and cache the password
This switch effectively will turn on clearpass.
<property name="authenticationMetaDataPopulators">
<util:list>
<bean
class="org.jasig.cas.extension.clearpass.CacheCredentialsMetaDataPopulator"
c:credentialCache-ref="encryptedMap" />
</util:list>
</property>
-->
<!--
| Defines the security policy around authentication. Some
alternative policies that ship with CAS:
|
| * NotPreventedAuthenticationPolicy - all credential must
either pass or fail authentication
| * AllAuthenticationPolicy - all presented credential must be
authenticated successfully
| * RequiredHandlerAuthenticationPolicy - specifies a handler
that must authenticate its credential to pass
-->
<property name="authenticationPolicy">
<bean
class="org.jasig.cas.authentication.AnyAuthenticationPolicy" />
</property>
</bean>
<!-- Required for proxy ticket mechanism. -->
<bean id="proxyAuthenticationHandler"
class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
p:httpClient-ref="supportsTrustStoreSslSocketFactoryHttpClient" />
<bean id="primaryAuthenticationHandler"
class="org.jasig.cas.adaptors.jdbc.SearchModeSearchDatabaseAuthenticationHandler"
abstract="false" lazy-init="default" autowire="default" >
<property name="tableUsers">
<value>users</value>
</property>
<property name="fieldUser">
<value>root</value>
</property>
<property name="fieldPassword">
<value></value>
</property>
<property name="dataSource" ref="dataSource" />
</bean>
<!-- Required for proxy ticket mechanism -->
<bean id="proxyPrincipalResolver"
class="org.jasig.cas.authentication.principal.BasicPrincipalResolver" />
<!--
| Resolves a principal from a credential using an attribute
repository that is configured to resolve
| against a deployer-specific store (e.g. LDAP).
-->
<bean id="primaryPrincipalResolver"
class="org.jasig.cas.authentication.principal.PersonDirectoryPrincipalResolver"
p:principalFactory-ref="principalFactory"
p:attributeRepository-ref="attributeRepository" />
<!--
Bean that defines the attributes that a service may return. This
example uses the Stub/Mock version. A real implementation
may go against a database or LDAP server. The id should remain
"attributeRepository" though.
+-->
<bean id="attributeRepository"
class="org.jasig.services.persondir.support.NamedStubPersonAttributeDao"
p:backingMap-ref="attrRepoBackingMap" />
<util:map id="attrRepoBackingMap">
<entry key="uid" value="uid" />
<entry key="eduPersonAffiliation" value="eduPersonAffiliation" />
<entry key="groupMembership" value="groupMembership" />
<entry>
<key><value>memberOf</value></key>
<list>
<value>faculty</value>
<value>staff</value>
<value>org</value>
</list>
</entry>
</util:map>
<bean id="serviceRegistryDao"
class="org.jasig.cas.services.JsonServiceRegistryDao"
c:configDirectory="${service.registry.config.location:classpath:services}"
/>
<bean id="auditTrailManager"
class="com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager" />
<bean id="healthCheckMonitor"
class="org.jasig.cas.monitor.HealthCheckMonitor"
p:monitors-ref="monitorsList" />
<util:list id="monitorsList">
<bean class="org.jasig.cas.monitor.MemoryMonitor"
p:freeMemoryWarnThreshold="10" />
<!--
NOTE
The following ticket registries support SessionMonitor:
* DefaultTicketRegistry
* JpaTicketRegistry
Remove this monitor if you use an unsupported registry.
-->
<bean class="org.jasig.cas.monitor.SessionMonitor"
p:ticketRegistry-ref="ticketRegistry"
p:serviceTicketCountWarnThreshold="5000"
p:sessionCountWarnThreshold="100000" />
</util:list>
</beans>
Some of the error output includes:
verifyWiring(org.jasig.cas.WiringTests) Time elapsed: 1.332 sec <<< ERROR!
org.springframework.beans.factory.BeanCreationException: Error creating
bean with name 'handlerMappingC' defined in URL [file:src/main
p/WEB-INF/cas-servlet.xml]: Initialization of bean failed; nested exception
is org.springframework.beans.factory.BeanCreationException
r creating bean with name 'proxyValidateController' defined in URL
[file:src/main/webapp/WEB-INF/cas-servlet.xml]: Cannot resolve refe
to bean 'centralAuthenticationService' while setting bean property
'centralAuthenticationService'; nested exception is org.springframe
eans.factory.BeanCreationException: Error creating bean with name
'centralAuthenticationService' defined in file [c:\cas\local-cas-1\c
-server-webapp\src\main\webapp\WEB-INF\spring-configuration\applicationContext.xml]:
Cannot resolve reference to bean 'authenticationM
' while setting constructor argument; nested exception is
org.springframework.beans.factory.BeanCreationException: Error creating bean
name 'authenticationManager' defined in URL
[file:src/main/webapp/WEB-INF/deployerConfigContext.xml]: Cannot resolve
reference to bean
aryAuthenticationHandler' while setting constructor argument; nested
exception is org.springframework.beans.factory.CannotLoadBeanClas
tion: Cannot find class
[org.jasig.cas.adaptors.jdbc.SearchModeSearchDatabaseAuthenticationHandler]
for bean with name 'primaryAuthent
nHandler' defined in URL
[file:src/main/webapp/WEB-INF/deployerConfigContext.xml]; nested exception
is java.lang.ClassNotFoundExceptio
.jasig.cas.adaptors.jdbc.SearchModeSearchDatabaseAuthenticationHandler
On Wed, Dec 24, 2014 at 4:29 PM, Chris Adams <[email protected]>
wrote:
> Hi Andy,
>
>
>
> It feels strange that I am answering questions, as just last week, I was
> the one searching for answers. I still am, but things are improving.
>
>
>
> Anyway, I recently enabled querying a MySql DB using CAS 4.0.0.
>
>
>
> I used the out of the box .war file from Github. I then modified the
> deployerConfigContext.xml file (
> /usr/local/apache-tomcat-8.0.15/webapps/cas/WEB-INF) .
>
>
>
> I used this resource:
> https://wiki.jasig.org/display/CASUM/Using+JDBC+for+Authentication
>
>
>
> For the part where you are told to replace the bean tag with one of the
> two ways to authenticate (Search vs Query), I chose the Search method. I
> also commented out the PrimaryAuthentictionHandler and when I added the new
> section, it looked like this:
>
>
>
> <bean id="primaryAuthenticationHandler"
> class="org.jasig.cas.adaptors.jdbc.SearchModeSearchDatabaseAuthenticationHandler"
>
> abstract="false" lazy-init="default" autowire="default" >
>
> …..
>
>
>
> …..
>
>
>
> ….
>
>
>
> Then, you also have to add the bean tag that includes your local database
> credential information.
>
>
>
> I hope that helps. I have so much more to do to get this to where I want
> it, but at least the basic MySQL db authentication is happening.
>
>
>
> Regards,
>
>
>
> Christopher Adams
>
>
>
>
>
>
>
> *From:* Andy Turner [mailto:[email protected]]
> *Sent:* Tuesday, December 23, 2014 12:15 PM
> *To:* [email protected]
> *Subject:* [cas-user] cas 4 and mysql?
>
>
>
> After reading the documentation with cas 4, the github cas-server-webapp
> is working prior to any changes, but i cannot get it to work with mysql for
> basic user authentication.
>
>
>
> After 3 days, i am about to give up, i simply cannot figure out how to
> satisfy the requirements of the Database-Authentication.md file.
>
>
>
> Anyone have this working? All of the old documentation from the jasig
> wiki doesn't work due to spring security 3.1 not respecting the old 2.0
> schema of pom.xml, deployerConfigContext.xml, etc, and the
> inter-dependency-hell of complete un-compatibility between hibernate, jpa,
> maven, spring, etc seems too much to bear.
>
>
>
> I would be grateful for a step in the right direction. Everything works
> with 4.0 until i try to persist tickets to the mysql database, then it all
> goes haywire. (404)
>
>
>
> --
>
> Respectfully,
>
> Andy Turner '05
>
> Education Technologist
>
> 312-772-6856 cell
>
> 217-245-3393 desk
>
> calendar:
> *http://www.google.com/calendar/embed?src=andy.turner%40mail.ic.edu&ctz=America/Chicago
> <http://www.google.com/calendar/embed?src=andy.turner%40mail.ic.edu&ctz=America/Chicago>*
>
> Illinois College
>
> Crispin Hall 302
>
> 1101 W. College Ave.
>
> Jacksonville, IL 62650
>
>
>
> Please email [email protected] to generate a work order. We are happy to
> help!
>
>
>
> *"An ocean refuses no river."- Sheila Chandra*
>
>
>
>
>
>
>
> --
>
> You are currently subscribed to [email protected] as:
> [email protected]
>
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
>
> --
> You are currently subscribed to [email protected] as:
> [email protected]
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
>
>
--
Respectfully,
Andy Turner '05
Education Technologist
312-772-6856 cell
217-245-3393 desk
calendar:
*http://www.google.com/calendar/embed?src=andy.turner%40mail.ic.edu&ctz=America/Chicago
<http://www.google.com/calendar/embed?src=andy.turner%40mail.ic.edu&ctz=America/Chicago>*
Illinois College
Crispin Hall 302
1101 W. College Ave.
Jacksonville, IL 62650
Please email [email protected] to generate a work order. We are happy to
help!
*"An ocean refuses no river."- Sheila Chandra*
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
