I am using Apereo CAS version 6.6.15. Currently, I'm trying to use a
database-driven authentication method by sending queries to multiple
databases.
In the official documentation, it looks like cas.authn.jdbc.query[0], so I
intuitively wrote query[1]. This is my application.yml file.
cas:
authn:
jdbc:
query[0]:
driver-class: "com.mysql.cj.jdbc.Driver"
url: "jdbc:mysql://{my public
IP}:3306/test?autoReconnect=true&allowMultiQuries=true&serverTimezone=UTC"
sql: "select id, login_id, login_pw from test.sso where login_id =
?;"
user: "mysql"
password: "root"
field-password: "login_pw"
password-encoder:
type: "NONE"
query[1]:
driver-class: "com.mysql.cj.jdbc.Driver"
url: "jdbc:mysql://{my public
IP}:3306/test2?autoReconnect=true&allowMultiQueries=true&serverTimezone=UTC"
sql: "select id, username, password from test2.kva_user where
username = ?;"
user: "mysql"
password: "root"
field-password: "password"
password-encoder:
type: "NONE"
User in test DB: ks3254
User in test2 DB: ks32541007
The test DB user corresponding to query[0] is logged in normally, but the
test2 DB user corresponding to query[1] gets a message that there is no
user.
I looked up the official documentation and found that
"CAS's authentication policy consists of multiple handlers, and if
authentication fails in one handler, it will be passed to the next handler."
Based on this sentence, I thought that if there is no value corresponding
to query[0], it does not execute query[1], but just terminates the handler
and moves on to the next handler.
But what I'm puzzled about here is that the developer was led to believe
that it was an array, making them feel like they could create query[1], and
then query[1] wasn't sent, and I don't understand why the database-driven
authentication failed based on the results of query[0] and query[1], the
first of which was query[0].
To my intuition, this seems very odd and it would make more sense to at
least run all the queries you set in application.yml before moving on to
the next handler.
Is my hypothesis correct? Isn't CAS supposed to be able to connect to
multiple databases and fire off multiple queries?
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/cc426f35-1870-4cbe-99f4-a8184aee07ebn%40apereo.org.
