Thank you for your reply. Yes, I am just logging in to the CAS login page, no service. Here is the result of the test
1. Restart Tomcat 2. Browse to CAS login page, login => SUCCESS 3. Use another browser. Log in as *same user* as in #2 => FAIL #-----Original Message----- #From: Waldbieser, Carl [mailto:[email protected]] #Sent: Wednesday, January 21, 2015 9:20 AM #To: [email protected] #Subject: Re: [cas-user] Authentication problems using MySQL with CAS 4.0.0 #and Tomcat 8 # #Chris, # #What happens in this scenario? # #1) Restart Tomcat. #2) Browse to login page (assuming you mean CAS login with no service) => #SUCCESS #3) Use another browser, log in as *same user* as in #2 => ??? # #Not sure, but I think plain text encoding for the password is probably a #default. For LDAP authN using a simple BIND, you pretty much have to supply #the actual password rather than a hash (though the directory may actually #store a hash). That is a pretty common scenario, I would think. # #Thanks, #Carl Wldbieser #ITS System Programmer #Lafayette College # #----- Original Message ----- #From: "Chris Adams" <[email protected]> #To: [email protected] #Sent: Wednesday, January 21, 2015 11:52:15 AM #Subject: [cas-user] Authentication problems using MySQL with CAS 4.0.0 and #Tomcat 8 # #Hello, # #I have been going around and around with this and am getting nowhere. I #previously posted the issue, but there wasn't much response, so I thought I #would try again. # #I am using CAS 4.0.0 with MySQL as an authentication database. I have CAS #built to use MySQL and have verified that it can connect and sometimes #authenticate. The password in the database is currently just plain text, which #will change after I can get this working. # #If I restart Tomcat, then navigate to the login page, I can usually authenticate #successfully. However, if I either use another browser and log in as another #user, or clear the cookies and log in again as the fist user, it says "invalid #credentials". If I then resubmit the same password, it authenticates #successfully. # #I can see in the cas.log and catalina.out when the authentication is successful #and when it is not, but not much else that explains this. # #I am wondering what I should be using in the deployerConfigContext.xml file #that indicates that I am using a plain text password for authentication? I read #somewhere that the default encoder, if nothing is specified is plain text. Can #someone verify that? Here is what I am currently using. I welcome any ideas #about what might be causing this. # #<!-- JDBC authentication related configuration --> # # <bean id="primaryAuthenticationHandler" #class="org.jasig.cas.adaptors.jdbc.SearchModeSearchDatabaseAuthentication #Handler" # abstract="false" lazy-init="default" autowire="default" > # <property name="tableUsers"><value>main</value></property> # <property name="fieldUser"><value>userid</value></property> # <property name="fieldPassword"><value>ssn</value></property> #<!-- <property name="passwordEncoder" #ref="defaultPasswordEncoder"/> --> # <property name="dataSource" ref="dataSource"/> # </bean> # # <!-- Data source definition --> # # <bean id="dataSource" #class="org.apache.commons.dbcp.BasicDataSource"> # <property name="driverClassName"> # <value>com.mysql.jdbc.Driver</value> # </property> # <property name="url"> # <value>jdbc:mysql://mysql.server.com:3306/mydb</value> # </property> # <property #name="username"><value>mysqluser</value></property> # <property #name="password"><value>mysqlpass</value></property> # </bean> # <bean id="defaultPasswordEncoder" #class="org.jasig.cas.authentication.handler.DefaultPasswordEncoder"> # <constructor-arg index="0" value="NONE" /> # <!-- <constructor-arg value="SHA-256" /> --> # </bean> # # # #-- #You are currently subscribed to [email protected] as: #[email protected] To unsubscribe, change settings or access archives, #see http://www.ja-sig.org/wiki/display/JSG/cas-user # #-- #You are currently subscribed to [email protected] as: #[email protected] To unsubscribe, change settings or access archives, #see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
