Showing posts with label Centralized Authentication Service (CAS). Show all posts
Showing posts with label Centralized Authentication Service (CAS). Show all posts

Friday, November 18, 2011

CAS(Centralized Authetication Service) - User Authentication using MySQL Database

Today i am going to show you how to configure the CAS server to authenticate users using MySQL database. if you do not know about CAS server, you can refer my initial post on Introduction to CAS Server. 

first execute following SQL commands to create the database and tables that are required in the user authentication process.

/*  command to create the database */
create database cas_login;

/* command to create the table */
create table user_login(
userID int AUTO_INCREMENT PRIMARY KEY,
username varchar(100),
password varchar(100)
);

/* insert the fisrt value to the table. password value is md5 encrypted value of chathuTest */

insert into user_login values('','chathuranga','434442e63b1869afd706c947072ecb44'); 


now the required database (with tables) has been established in your databse server and it is the time to make necessary configurations in the cas server.



1.pom.xml 



add the following dependency declarations for your pom.xml file inside the cas-server-webapp module. (/cas-server-webapp/pom.xml)




   
    <dependency>
            <groupId>mysql</groupId>
            <artifactId>mysql-connector-java</artifactId>
            <version>5.0.5</version>
        </dependency>
        <dependency>
            <groupId>commons-dbcp</groupId>
            <artifactId>commons-dbcp</artifactId>
            <version>1.4</version>
        </dependency>
        <dependency>
            <groupId>${project.groupId}</groupId>
            <artifactId>cas-server-support-jdbc
            </artifactId>
            <version>${project.version}</version>
        </dependency>




mysql-connector-java - mysql connector for making a connection from Java  to  MySql



cas-server-support-jdbc - the module that is developed to provide JDBC authentication for CAS server. 



2.deployerConfigContext.xml



Add the following AuthenticationHandler in the list of Authentication Handlers defined inside the /cas-server-webapp/src/main/webapp/WEB-INF/deployerConfigContext.xml file.




  • AuthenticationHandler Declaration 
    • 




<bean class="org.jasig.cas.adaptors.jdbc.SearchModeSearchDatabaseAuthenticationHandler">
                    <property name="tableUsers"><value>user_login</value></property>
                    <property name="fieldUser"><value>username</value></property>
                    <property name="fieldPassword"><value>password</value></property>
                    <property name="dataSource" ref="dataSource"/>
                    <property name="passwordEncoder" ref="md5PasswordEncoder" />
                </bean>




this bean declaration should be placed inside list under the  the authenticationHandlers  property as follows.     



<property name="authenticationHandlers">
            <list>
 
<bean class="org.jasig.cas.adaptors.jdbc.SearchModeSearchDatabaseAuthenticationHandler">
                    <property name="tableUsers"><value>user_login</value></property>
                    <property name="fieldUser"><value>username</value></property>
                    <property name="fieldPassword"><value>password</value></property>
                    <property name="dataSource" ref="dataSource"/>
                    <property name="passwordEncoder" ref="md5PasswordEncoder" />
                </bean>



            </list>
        </property>


tableUsers - the value should be the database table where the username and password fields exist



fieldUser - the name of the column that contains the username



fieldPassword -  the name of the column that contains the password



dataSource - the database name and other db configuration details. it says that refer to some other bean whose ID named as "dataSource". we will look at this bean few seconds later.



passwordEncoder - this refers to the required bean used for encoding the password that is entered by the user.






  • dataSource bean declaration 
    • 

     place the following bean declaration in the deployerConfigContext.xml under the beans declaration. (<bean> </beans>)






    <bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource">

        <property name="driverClassName">
            <value>com.mysql.jdbc.Driver</value>
        </property>
        <property name="url">
            <value>jdbc:mysql://localhost:3306/cas_login</value>
        </property>
        <property name="username"><value>root</value></property>
        <property name="password"><value>abc123@#</value></property>

    </bean> 


driverClassName - JDBC Driver class name. here we are going to connect to the MySQL server.



url - the url contains of three parts as described below.

jdbc:mysql://server:port/databaseName




  •  server  - IP address of the serverwhere your MySQL server is running (in my case localhost)
    • 

  • port - the port number that is allocated to run MySQL server (default is 3306) 
    • 

  • databaseName - the name of the database where the user credentials are stored.(in my case "cas_login" is the database name that i have given)
    • 

 username - username that is used to login to the database server



 password - the password associated with the given username (above username)






  • passwordEncoder declaration
    • 

add the following passwordEncoder bean declaration in the  /cas-server-webapp/src/main/webapp/WEB-INF/deployerConfigContext.xml file.




    <bean id="md5PasswordEncoder"
        class="org.jasig.cas.authentication.handler.DefaultPasswordEncoder">
        <constructor-arg index="0" value="MD5" />
    </bean>





if you have done all above configurations, now it is the time to build a release of the CAS server that provides support to authenticate users with MySQL database. it is good to compile and build all modules of the CAS server rather than building only the cas-server-webapp module. 



you can use the following command to build the CAS server. (assume that you are in the root of the CAS-Server directory. In my case, the root is /home/chathuranga/Projects/cas-server-3.4.11)



mvn clean install -DskipTests 



Once the build process is succesfully completed, deploy the cas.war file in the webapps directory in your tomcat server. the following command can be used to deploy the cas.war file using terminal.



cp  cas-server-webapp/target/cas.war $CATALINA_HOME/webapps/ 



now you can check whether the cas server my sql authentication is working. try to login to CAS server using following username and password. if the login is successful, congradulations it is working. :) otherwise enable the tomcat logs and check where the failure is.   



username: chathuranga



password:  chathuTest









Hope this will helpful for you!



thanks and regards
Chathuranga Tennakoon
chathuranga.t@gmail.com









Posted by
Chathuranga Tennakoon


at
12:49 AM


0
comments

















Labels:
















          

        

          

        

Thursday, July 28, 2011


          

        







CAS (Centralized Authentication Service) Introduction











                                  


CAS is a Java based open source SSO (Single Sign On) solution originally developed by the Yale University. You can just have a Google search to find more on CAS and SSO. The official CAS web page is http://www.jasig.org/cas and you can download the CAS server from there.  Today I am going to give a brief description about how to deploy the CAS server application in your web server. 
CAS is built on Spring Web Flow framework and Apache Maven has been used as the building tool. Therefore if you are going to re build/modify the CAS distribution, it is required to install Apache Maven and Spring web flow in your development environment. In addition, I am going to deploy the CAS sever application in the apache Tomcat server. Therefore it is good if you have installed following software prior to download and deploy CAS server.
  • Java
    • 

  • Apache Tomcat
    • 

  • Apache Maven
    • 

  • Spring Web Flow
    • 







CAS Server is available to download at http://www.jasig.org/cas/download . It is good if you download the latest version of the CAS server distribution. In my case, I have downloaded the cas-server-3.4.10 version. Once the download is completed, extract the CAS server zip file and you will get the CAS server directory with all available modules. Those modules are included in the CAs server directory as follows.









                                      


In order to deploy the CAS server application in your tomcat server, we need to work with the cas-server-webapp module.  That module should be built to get the deployable CAS server web application module (known as war file). You can follow the below steps to build the CAS server web application.( Use command prompt (in wndows) or terminal/vi editor (in linux) to build the cas-server-webapp module.)



1. go to the cas-server-webapp directory using your command prompt.



 In my case, C\cas-server-3.4.10\cas-server-webapp\



2. You can see the standard directory structure of the maven module and you are required to build the module using  Apache maven. In order to build the module, use the following command.



C\cas-server-3.4.10\cas-server-webapp\ mvn clean install 
It will take few times to build the application module because; the required dependencies (as declared in the pom.xml file) should be downloaded from the maven repositories. Once the module is built, you can see a newly built directory called target. Inside the target directory, you will find the cas.war file. This file should be deployed in the webapps ($CATALINA_HOME/webapps) directory of the tomcat installation. After deploying the cas.war file, make sure to restart the tomcat server for reflecting the newly deployed web applications. (Even you can use the touch command also)






3. Now you can access the CAS server application as a web application hosted in your tomcat server.



http://localhost:4287/cas (i have changed the tomcat port from 8080 to 4287. This is because my 8080 port is used by some other application installed in my pc. You are not required to change it and you can use your default port that is 8080)



4. Then you will see the CAS login screen and it requests for your username and password. The CAS in built version authenticates the user credentials using through a simple authentication handler implemented by them. Therefore you have to type the same value for both username and password.



The class definition is available at : org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler 



5. Once you are successfully authenticated, you will be displayed a login success page. Then open  a new tab and try to login again. 



You will again see the login screen even if you have successfully logged in using previous tab. In order to avoid this situation, it is required to make the below configuration to the cas-server-webapp/src/main/webapp/WEB-INF/spring-configuration/TicketGrantingTicketCookieGenerator.xml file. Change the p:cookieSecure="true" property value to the p:cookieSecure="false". Then re-build the application and deploy it in tomcat server. Try to login again using two tabs. The problem may not occur anymore.






The next post will be how to integrate facebook login Authentication system with CAS server to make use of the facebook login for your website login.



Regards 
Chathuranga Tennkoon 












Posted by
Chathuranga Tennakoon


at
9:23 PM


1 comments

















Labels:
















        

      









Subscribe to:
Posts (Atom)