Thanks again for your patience,
My real problem is that the custom code I put in the *src/main/java* is
being compiled but not executed!
In other word the server didn't reach the customization code I'm making
even when I add these to the properties file:
cas.authn.policy.requiredHandlerAuthenticationPolicyEnabled=true
cas.authn.policy.req.tryAll=false
cas.authn.policy.req.handlerName=FileAuthenticationHandler
cas.authn.policy.req.enabled=true
I gave up the JDBC handler for now, and trying to make a simpler one like
customizing the *FileAuthenticationHandler*, just copying the structure and
the code into custom ones and trying to operate it.
And still facing the same problem, it isn't running my custom registration
and handler, it runs the generic file ones!!!
Authentication Handler:
package org.custom;
// imports are copied from the original files
public class CustomFileAuthenticationHandler extends
AbstractUsernamePasswordAuthenticationHandler {
/** The default separator in the file. */
public static final String DEFAULT_SEPARATOR = "::";
/** The separator to use. */
private final String separator;
/** The filename to read the list of usernames from. */
private final Resource fileName;
public CustomFileAuthenticationHandler(final String name, final
ServicesManager servicesManager, final PrincipalFactory principalFactory,
final Resource fileName, final String
separator) {
super(name, servicesManager, principalFactory, null);
this.fileName = fileName;
this.separator = separator;
}
@Override
protected HandlerResult authenticateUsernamePasswordInternal(final
UsernamePasswordCredential transformedCredential,
final
String originalPassword)
throws GeneralSecurityException, PreventedException {
try {
if (this.fileName == null) {
throw new FileNotFoundException("Filename does not exist");
}
final String username = transformedCredential.getUsername();
final String passwordOnRecord = getPasswordOnRecord(username);
if (StringUtils.isBlank(passwordOnRecord)) {
throw new AccountNotFoundException(username + " not found
in backing file.");
}
if (matches(originalPassword, passwordOnRecord)) {
return createHandlerResult(transformedCredential, this.
principalFactory.createPrincipal(username), null);
}
} catch (final IOException e) {
throw new PreventedException("IO error reading backing file", e
);
}
throw new FailedLoginException();
}
/**
* Gets the password on record.
*
* @param username the username
* @return the password on record
* @throws IOException Signals that an I/O exception has occurred.
*/
private String getPasswordOnRecord(final String username) throws
IOException {
return Files.lines(fileName.getFile().toPath())
.map(line -> line.split(this.separator))
.filter(lineFields -> {
final String userOnRecord = lineFields[0];
return username.equals(userOnRecord);
})
.map(lineFields -> lineFields[1])
.findFirst()
.orElse(null);
}
}
Registration class:
package org.custom;
// imports are copied from the original
@Configuration("customFileAuthenticationEventExecutionPlanConfiguration")
@EnableConfigurationProperties(CasConfigurationProperties.class)
public class CustomFileAuthenticationEventExecutionPlanConfiguration
implements AuthenticationEventExecutionPlanConfigurer {
private static final Logger LOGGER = LoggerFactory.getLogger(
CustomFileAuthenticationEventExecutionPlanConfiguration.class);
@Autowired(required = false)
@Qualifier("customFilePasswordPolicyConfiguration")
private PasswordPolicyConfiguration
customFilePasswordPolicyConfiguration;
@Autowired
@Qualifier("servicesManager")
private ServicesManager servicesManager;
@Autowired
private CasConfigurationProperties casProperties;
@Autowired
@Qualifier("personDirectoryPrincipalResolver")
private PrincipalResolver personDirectoryPrincipalResolver;
@ConditionalOnMissingBean(name = "filePrincipalFactory")
@Bean
public PrincipalFactory filePrincipalFactory() {
return new DefaultPrincipalFactory();
}
@RefreshScope
@Bean
public AuthenticationHandler customFileAuthenticationHandler() {
final FileAuthenticationProperties fileProperties = casProperties.
getAuthn().getFile();
final FileAuthenticationHandler h = new FileAuthenticationHandler(
fileProperties.getName(), servicesManager, filePrincipalFactory(),
fileProperties.getFilename(), fileProperties.getSeparator
());
h.setPasswordEncoder(Beans.newPasswordEncoder(fileProperties.
getPasswordEncoder()));
if (customFilePasswordPolicyConfiguration != null) {
h.setPasswordPolicyConfiguration(
customFilePasswordPolicyConfiguration);
}
h.setPrincipalNameTransformer(Beans.newPrincipalNameTransformer(
fileProperties.getPrincipalTransformation()));
return h;
}
@Override
public void configureAuthenticationExecutionPlan(final
AuthenticationEventExecutionPlan plan) {
if (casProperties.getAuthn().getFile().getFilename() != null) {
LOGGER.debug("zzz Added file-based authentication handler");
plan.registerAuthenticationHandlerWithPrincipalResolver(
customFileAuthenticationHandler(), personDirectoryPrincipalResolver);
}
}
}
CAS Properties:
cas.authn.file.separator=::
cas.authn.file.filename=file:///etc/cas/usersfile
cas.authn.file.name=usersfile
....
cas.authn.policy.requiredHandlerAuthenticationPolicyEnabled=true
cas.authn.policy.req.tryAll=false
cas.authn.policy.req.handlerName=CustomFileAuthenticationHandler
cas.authn.policy.req.enabled=true
On Wednesday, December 6, 2017 at 11:18:28 PM UTC+2, noumann.f wrote:
>
> Hi,
>
> I need to create a custom JDBC authentication handler, I'd done this
> previously with version 4.x but with new version 5.1.x things have changed
> !!
>
> I'm following the guide in here:
> https://apereo.github.io/2017/02/02/cas51-authn-handlers
> but I need more details about registering the new handler and how to
> create special properties for it in the cas.properties and then reach them
> in the code!
>
> Best regards,
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/d9bf60e4-910c-4518-987d-a3547bc18bb5%40apereo.org.
