Reputation: 4497
Apereo CAS 5.2.X how do I use a custom authentication handler
Using jasig CAS 3.5.X, I had a custom authentication method. All I had to do was to add the class extending AbstractUsernamePasswordAuthenticationHandler in deployerConfigContext.xml and add dependencies in the classpath.
I can't seem to find the documentation on how to do this in Apereo 5.2.X. Any hints?
Found this https://apereo.github.io/cas/5.2.x/installation/Configuring-Custom-Authentication.html
but no info on constructor parameters...
Upvotes: 2
Views: 2848
Answers (1)
Reputation: 4959
Having this post as reference you have to follow these steps(quoted from provided link):
- Design the authentication handler
- Register the authentication handler with the CAS authentication engine.
- Tell CAS to recognize the registration record and authentication configuration.
Create a class that extends org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler:
public class CustomAuthenticationHandler extends AbstractUsernamePasswordAuthenticationHandler {
// Constructor
public CustomAuthenticationHandler(String name, ServicesManager servicesManager, PrincipalFactory principalFactory, Integer order) {
super(name, servicesManager, principalFactory, order);
}
@Override
protected AuthenticationHandlerExecutionResult authenticateUsernamePasswordInternal(UsernamePasswordCredential credential, String originalPassword) throws GeneralSecurityException, PreventedException {
// Your logic goes here
return createHandlerResult(credential, this.principalFactory.createPrincipal(credential.getUsername()));
}
}
Then you need to register your authentication handler to cas by adding it to a @Configuration class.
@Configuration
public class CustomAuthenticationConfigurer implements AuthenticationEventExecutionPlanConfigurer{
@Autowired
ServicesManager servicesManager;
@Autowired
PrincipalFactory principalFactory;
@Bean
public AuthenticationHandler authenticationHandler(){
final CustomAuthenticationHandler athenticationHandler =
new CustomAuthenticationHandler(
"CustomAuthenticationHandler",
servicesManager,
principalFactory,
0);
return athenticationHandler;
}
@Override
public void configureAuthenticationExecutionPlan(AuthenticationEventExecutionPlan plan) {
plan.registerAuthenticationHandler(authenticationHandler());
}
}
The last step is to instruct cas to pick up your configuration class at runtime. This is done by adding your configuration class to src/main/resources/META-INF/spring.factories(if it does not exist, create it):
org.springframework.boot.autoconfigure.EnableAutoConfiguration=com.your_package.CustomAuthenticationConfigurer
This is my working setup for 5.3.x version but I assume that it will also be valid for 5.2.x.
I have assumed that your are using cas-overlay-tempalte and java.
Upvotes: 1
Related Questions
- CAS cannot find authentication handler that supports UsernamePasswordCredential
- Apereo CAS 5.3.x: how to get logged user, from CAS server, after login in java cas client
- Specify what CAS should return after authentication
- Setup Apereo Cas Management integrated with CAS server
- CAS Custom Authentication Handler Principal JSON Problem
- How to enable file-based authentication in CAS 5
- using CAS with with custom login page
- JASIG Central Authentication Service 4, custom authentication and custom exception
- cas custom logout
- Spring Security with CAS authentication and custom authorization