Get Even More Visitors To Your Blog, Upgrade To A Business Listing >>

CAS: Custom validator

1. Introduction

Before following this tutorial I recommend that you take a
look at the previous introduction to CAS, to understand what it
is about and to install the product.

You may also want to customize the CAS interface,
you can
Customizing the interface

Here we will address how to change the Validator that comes standard
with CAS, which is to compare and password and if they are
equal
take it for good, one a little more elaborate than accessing a
database
data to see if the user That password exists.

2. Environment

This tutorial is written using the following environment:

  • Hardware: Mac Book Pro 17 “Notebook (2.6 Ghz Intel Core
    i7, 8 GB
    DDR3)
  • Operating System: Mac OS X Snow Leopard 10.6.4
  • CAS Server 3.4.2.1

3. Creation of the validator

To create the validator we have to create a project and what better way
to do it than with Maven. For this we are going to open a terminal and
execute:

mvn archetype:create -DgroupId=com.autentia.casdemo -DartifactId=casdemo

Now we edit the pom.xml file of the project to
add the
following dependencies:

project
xmlns=“http://maven.apache.org/POM/4.0.0”
xmlns:xsi=“http://www.w3.org/2001/XMLSchema-instance”
xsi:schemaLocation=http://maven.apache.org/POM/4.0.0
http://maven.apache.org/xsd/maven4.0.0.xsd>
modelVersion>4.0.0/modelVersion>
groupId>com.autentia.democas/groupId>
artifactId>democas/artifactId>
version>1.0SNAPSHOT/version>
packaging>jar/packaging>
name>democas/name>
url>http://maven.apache.org/url>
properties>
project.build.sourceEncoding>UTF8/project.build.sourceEncoding>
/properties>
dependencies>
dependency>
groupId>junit/groupId>
artifactId>junit/artifactId>
version>3.8.1/version>
scope>test/scope>
/dependency>
dependency>
groupId>org.jasig.cas/groupId>
artifactId>casservercore/artifactId>
version>3.4.2.1/version>
/dependency>
/dependencies>
/project>
The next thing we have to do is create a new class
that inherits
from the AbstractUsernamePasswordAuthenticationHandler class, which
forces us to implement the
authenticateUsernamePasswordInternal (UsernamePasswordCredentials
credentials) method, where we receive the user and password of the
user that
we want to log. An example of implementation could be
this:
public class DemoCasValidador extends AbstractUsernamePasswordAuthenticationHandler{
public boolean authenticateUsernamePasswordInternal(UsernamePasswordCredentials credentials)
  {
    String username = credentials.getUsername();
    String password = credentials.getPassword();
    boolean valid = false;
    
    Connection con = null;
    Statement sta = null;
    ResultSet rs = null;
    
    
    try {
     //We establish the connection with the datasource
        Context initCtx = new InitialContext();
        Context envCtx = (Context) initCtx.lookup(“java:comp/env”);
        DataSource dataSource = (DataSource) envCtx.lookup(“jdbc/democas”);
        con = dataSource.getConnection();
        con.setAutoCommit(false);
        
        //We instantiate the sentence
        sta = con.createStatement(ResultSet.TYPE_SCROLL_SENSITIVE,
                    ResultSet.CONCUR_UPDATABLE);
        
        //We execute the validation query
        StringBuilder sql = new StringBuilder(“SELECT USERNAME FROM USERS WHERE USERNAME = ‘”).append(username).append(“‘ AND PASSWORD ='”).append(password).append(“‘”);
        rs = sta.executeQuery(sql.toString());
        //If the ResultSet has data, it means that the user is valid
valid
 = rs.next();
} catch (ConfigurationException e) {
e.printStackTrace();
} catch (NamingException e) {
e.printStackTrace();
} catch (SQLException e) {
e.printStackTrace();
}finally{
try {
//We close the connection
rs.close();
sta.close();
con.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
    
return valid;
  }
}

4. CAS configuration

Once the validator has been implemented, we have to configure CAS to
use it instead of the one used by default. For this we are going to
package our project by executing in a terminal “mvn clean
package”, the resulting .war we copy it inside the folder
% CAS_WEBAPP_HOME% / WEB-INF / lib so that the class can be accessed by
CAS.

Finally, we need to edit the file
% CAS_WEBAPP_HOME% / WEB-INF / deployerConfigContext.xml, look for the
“authenticationHandlers” section and replace the class that brings
by
default
( “org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler” )
for ours (com.autentia.democas.DemoCasValidador):

property
name=“authenticationHandlers”>
list>
bean
class=“org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler” p:httpClientref=“httpClient” />
bean class=“com.autentia.democas.DemoCasValidador”
/>
/list>
/property>
To configure the datasource that our class uses,
we will
edit the file% TOMCAT_HOME% / conf / context.xml to add the
datasource declaration in this way:
Resource auth=“Container”
driverClassName=“oracle.jdbc.driver.OracleDriver” maxActive=“10”
maxIdle=“5” maxWait=“5000” name=“jdbc/democas” password=“pass”
type=“javax.sql.DataSource” url=“jdbc:oracle:thin:@localhost:1521:xe”
username=“user”/>

Now we only need to restart the server and check
that now to
validate in CAS you have to be registered in the database.

5. Conclusions

As expected, it is not difficult to modify the validator that CAS
brings
by default for the one that fits our needs. In this
tutorial we have seen how to log in against a database but this is
extendable for any data source such as LDAP or Active
Directory.

The post CAS: Custom validator appeared first on Target Veb.



This post first appeared on Targetveb, please read the originial post: here

Share the post

CAS: Custom validator

×

Subscribe to Targetveb

Get updates delivered right to your inbox!

Thank you for your subscription

×