Friday, November 18, 2011

CAS(Centralized Authetication Service) - User Authentication using MySQL Database

Today i am going to show you how to configure the CAS server to authenticate users using MySQL database. if you do not know about CAS server, you can refer my initial post on Introduction to CAS Server. 

first execute following SQL commands to create the database and tables that are required in the user authentication process.

/*  command to create the database */
create database cas_login;

/* command to create the table */
create table user_login(
userID int AUTO_INCREMENT PRIMARY KEY,
username varchar(100),
password varchar(100)
);

/* insert the fisrt value to the table. password value is md5 encrypted value of chathuTest */

insert into user_login values('','chathuranga','434442e63b1869afd706c947072ecb44'); 

now the required database (with tables) has been established in your databse server and it is the time to make necessary configurations in the cas server.

1.pom.xml 

add the following dependency declarations for your pom.xml file inside the cas-server-webapp module. (/cas-server-webapp/pom.xml)

   
    <dependency>
            <groupId>mysql</groupId>
            <artifactId>mysql-connector-java</artifactId>
            <version>5.0.5</version>
        </dependency>
        <dependency>
            <groupId>commons-dbcp</groupId>
            <artifactId>commons-dbcp</artifactId>
            <version>1.4</version>
        </dependency>
        <dependency>
            <groupId>${project.groupId}</groupId>
            <artifactId>cas-server-support-jdbc
            </artifactId>
            <version>${project.version}</version>
        </dependency>


mysql-connector-java - mysql connector for making a connection from Java  to  MySql

cas-server-support-jdbc - the module that is developed to provide JDBC authentication for CAS server.

2.deployerConfigContext.xml

Add the following AuthenticationHandler in the list of Authentication Handlers defined inside the /cas-server-webapp/src/main/webapp/WEB-INF/deployerConfigContext.xml file.

  • AuthenticationHandler Declaration

<bean class="org.jasig.cas.adaptors.jdbc.SearchModeSearchDatabaseAuthenticationHandler">
                    <property name="tableUsers"><value>user_login</value></property>
                    <property name="fieldUser"><value>username</value></property>
                    <property name="fieldPassword"><value>password</value></property>
                    <property name="dataSource" ref="dataSource"/>
                    <property name="passwordEncoder" ref="md5PasswordEncoder" />
                </bean>

this bean declaration should be placed inside list under the  the authenticationHandlers  property as follows.    

<property name="authenticationHandlers">
            <list>
 
<bean class="org.jasig.cas.adaptors.jdbc.SearchModeSearchDatabaseAuthenticationHandler">
                    <property name="tableUsers"><value>user_login</value></property>
                    <property name="fieldUser"><value>username</value></property>
                    <property name="fieldPassword"><value>password</value></property>
                    <property name="dataSource" ref="dataSource"/>
                    <property name="passwordEncoder" ref="md5PasswordEncoder" />
                </bean>

            </list>
        </property>

tableUsers - the value should be the database table where the username and password fields exist

fieldUser - the name of the column that contains the username

fieldPassword -  the name of the column that contains the password

dataSource - the database name and other db configuration details. it says that refer to some other bean whose ID named as "dataSource". we will look at this bean few seconds later.

passwordEncoder - this refers to the required bean used for encoding the password that is entered by the user.


  • dataSource bean declaration
     place the following bean declaration in the deployerConfigContext.xml under the beans declaration. (<bean> </beans>)


    <bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource">

        <property name="driverClassName">
            <value>com.mysql.jdbc.Driver</value>
        </property>
        <property name="url">
            <value>jdbc:mysql://localhost:3306/cas_login</value>
        </property>
        <property name="username"><value>root</value></property>
        <property name="password"><value>abc123@#</value></property>

    </bean> 

driverClassName - JDBC Driver class name. here we are going to connect to the MySQL server.

url - the url contains of three parts as described below.
jdbc:mysql://server:port/databaseName

  • server  - IP address of the serverwhere your MySQL server is running (in my case localhost)
  • port - the port number that is allocated to run MySQL server (default is 3306)
  • databaseName - the name of the database where the user credentials are stored.(in my case "cas_login" is the database name that i have given)
 username - username that is used to login to the database server

 password - the password associated with the given username (above username)


  • passwordEncoder declaration
add the following passwordEncoder bean declaration in the /cas-server-webapp/src/main/webapp/WEB-INF/deployerConfigContext.xml file.

    <bean id="md5PasswordEncoder"
        class="org.jasig.cas.authentication.handler.DefaultPasswordEncoder">
        <constructor-arg index="0" value="MD5" />
    </bean>


if you have done all above configurations, now it is the time to build a release of the CAS server that provides support to authenticate users with MySQL database. it is good to compile and build all modules of the CAS server rather than building only the cas-server-webapp module. 

you can use the following command to build the CAS server. (assume that you are in the root of the CAS-Server directory. In my case, the root is /home/chathuranga/Projects/cas-server-3.4.11)

mvn clean install -DskipTests

Once the build process is succesfully completed, deploy the cas.war file in the webapps directory in your tomcat server. the following command can be used to deploy the cas.war file using terminal.

cp  cas-server-webapp/target/cas.war $CATALINA_HOME/webapps/

now you can check whether the cas server my sql authentication is working. try to login to CAS server using following username and password. if the login is successful, congradulations it is working. :) otherwise enable the tomcat logs and check where the failure is.  

username: chathuranga

password:  chathuTest



Hope this will helpful for you!

thanks and regards
Chathuranga Tennakoon
chathuranga.t@gmail.com

No comments:

Post a Comment