10
回答
cas4.0MySQL数据库验证不成功
【腾讯云】校园拼团福利,1核2G服务器10元/月!>>>   
按照官方文档在deployerConfigContext.xml中配置了一个dbAuthHandler、dataSource还有一个passwordEncoder。配置完成后cas在Tomcat中能够正常启动,但是无论是输入正确的用户名密码还是错误的都显示Invalid Credential。


软件版本:tomcat8.0


相关文件内容:

deployerConfigContext.xml:

<bean id="authenticationManager" class="org.jasig.cas.authentication.PolicyBasedAuthenticationManager">
        <constructor-arg>
            <map>
                <entry key-ref="proxyAuthenticationHandler" value-ref="proxyPrincipalResolver" />
                <entry key-ref="dbAuthHandler" value-ref="primaryPrincipalResolver" />
            </map>
        </constructor-arg>
        <property name="authenticationPolicy">
            <bean class="org.jasig.cas.authentication.AnyAuthenticationPolicy" />
        </property>
    </bean>

 <bean id="dbAuthHandler"
      class="org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler"
      p:dataSource-ref="dataSource"
      p:passwordEncoder-ref="passwordEncoder"
      p:sql="SELECT Password FROM users WHERE lower(Name)=lower(?) and Active=1" />

<bean id="passwordEncoder"
      class="org.jasig.cas.authentication.handler.DefaultPasswordEncoder"
      c:encodingAlgorithm="SHA1"
      p:characterEncoding="UTF-8" />

<bean id="dataSource"
      class="com.mchange.v2.c3p0.ComboPooledDataSource"
      p:driverClass="org.mysql.jdbc.Driver"
      p:jdbcUrl="jdbc:mysql://127.0.0.1:3306/cas"
      p:user="user"
      p:password="passwd" />
举报
kylePen
发帖于4年前 10回/5K+阅
共有10个答案 最后回答: 2年前

<entry key-ref="dbAuthHandler" value-ref="primaryPrincipalResolver" />

改成

<entry key-ref="primaryAuthenticationHandler" value-ref="dbAuthHandler" />

--- 共有 2 条评论 ---
joaboo回复 @kylePen : 抱歉,看差了..感觉应该是primaryPrincipalResolver对应的bean注入的问题. 4年前 回复
kylePen感谢回答。但是key-ref后的值是验证处理器,而value-ref后是用户信息处理器,所以说dbAuthHandler还是应该放前面的。 4年前 回复

我跟你一样的配置,但我启动的时候报错了

org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'authenticationManager' defined in ServletContext resource [/WEB-INF/deployerConfigContext.xml]: Unsatisfied dependency expressed through constructor argument with index 0 of type [java.util.Map]: Could not convert constructor argument value of type [java.util.LinkedHashMap] to required type [java.util.Map]: Failed to convert value of type 'java.util.LinkedHashMap' to required type 'java.util.Map'; nested exception is java.lang.IllegalStateException: Cannot convert value of type [org.jasig.cas.authentication.AcceptUsersAuthenticationHandler] to required type [org.jasig.cas.authentication.principal.PrincipalResolver]: no matching editors or conversion strategy found

我不知道是什么原因,你能够把你的所有配置文件贴出来?谢谢

<entry key-ref="proxyAuthenticationHandler" value-ref="proxyPrincipalResolver" />

把这行删除掉,就可以用数据库密码验证了

我刚测试成功,JDK8 Tomcat8

<?xml version="1.0" encoding="UTF-8"?>

<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p"
xmlns:c="http://www.springframework.org/schema/c" xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:util="http://www.springframework.org/schema/util" xmlns:sec="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
       http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.2.xsd
       http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd
       http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd">


<!-- 原始密码配置 <bean id="authenticationManager" class="org.jasig.cas.authentication.PolicyBasedAuthenticationManager"> 
<constructor-arg> <map> <entry key-ref="proxyAuthenticationHandler" value-ref="proxyPrincipalResolver" 
/> <entry key-ref="primaryAuthenticationHandler" value-ref="primaryPrincipalResolver" 
/> </map> </constructor-arg> <property name="authenticationPolicy"> <bean 
class="org.jasig.cas.authentication.AnyAuthenticationPolicy" /> </property> 
</bean> <bean id="primaryAuthenticationHandler" class="org.jasig.cas.authentication.AcceptUsersAuthenticationHandler"> 
<property name="users"> <map> <entry key="admin" value="admin" /> </map> 
</property> </bean> -->


<bean id="proxyAuthenticationHandler"
class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
p:httpClient-ref="httpClient" />


<bean id="authenticationManager"
class="org.jasig.cas.authentication.PolicyBasedAuthenticationManager">
<constructor-arg>
<map>
<!-- <entry key-ref="proxyAuthenticationHandler" value-ref="proxyPrincipalResolver" /> -->
<entry key-ref="dbAuthHandler" value-ref="primaryPrincipalResolver" />
</map>
</constructor-arg>
<property name="authenticationPolicy">
<bean class="org.jasig.cas.authentication.AnyAuthenticationPolicy" />
</property>
</bean>


<bean id="dataSource" class="com.mchange.v2.c3p0.ComboPooledDataSource"
p:driverClass="com.mysql.jdbc.Driver"
p:jdbcUrl="jdbc:mysql://192.168.0.110:3306/jufeng?useUnicode=true&amp;characterEncoding=UTF-8&amp;zeroDateTimeBehavior=convertToNull"
p:user="root" p:password="123456" />


<!-- 密码加密方式 -->
<bean id="passwordEncoder"
class="org.jasig.cas.authentication.handler.DefaultPasswordEncoder"
c:encodingAlgorithm="SHA1" p:characterEncoding="UTF-8" />


<bean id="dbAuthHandler"
class="org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler"
p:dataSource-ref="dataSource"
p:sql="SELECT PASSWORD FROM JF_USER WHERE USER_NAME=? AND STATUS=0" />
<!-- p:passwordEncoder-ref="passwordEncoder" --><!-- 暂时不使用密码加密 -->




<bean id="proxyPrincipalResolver"
class="org.jasig.cas.authentication.principal.BasicPrincipalResolver" />


<bean id="primaryPrincipalResolver"
class="org.jasig.cas.authentication.principal.PersonDirectoryPrincipalResolver">
<property name="attributeRepository" ref="attributeRepository" />
</bean>


<bean id="attributeRepository"
class="org.jasig.services.persondir.support.StubPersonAttributeDao"
p:backingMap-ref="attrRepoBackingMap" />


<util:map id="attrRepoBackingMap">
<entry key="uid" value="uid" />
<entry key="eduPersonAffiliation" value="eduPersonAffiliation" />
<entry key="groupMembership" value="groupMembership" />
</util:map>


<bean id="serviceRegistryDao" class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl"
p:registeredServices-ref="registeredServicesList" />


<util:list id="registeredServicesList">
<bean class="org.jasig.cas.services.RegexRegisteredService" p:id="0"
p:name="HTTP and IMAP" p:description="Allows HTTP(S) and IMAP(S) protocols"
p:serviceId="^(https?|imaps?)://.*" p:evaluationOrder="10000001" />
</util:list>


<bean id="auditTrailManager"
class="com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager" />


<bean id="healthCheckMonitor" class="org.jasig.cas.monitor.HealthCheckMonitor"
p:monitors-ref="monitorsList" />


<util:list id="monitorsList">
<bean class="org.jasig.cas.monitor.MemoryMonitor"
p:freeMemoryWarnThreshold="10" />
<bean class="org.jasig.cas.monitor.SessionMonitor"
p:ticketRegistry-ref="ticketRegistry"
p:serviceTicketCountWarnThreshold="5000" p:sessionCountWarnThreshold="100000" />
</util:list>
</beans>

你好,我遇到一个问题在cas这块?我部署了也是cas4.0版本,我有2个系统,webapp1,webapp2,我先登录webapp1系统,然后通过里面某一个功能点击进入webapp2中,然后在退出webapp1中,换一个用户登录,然后在跳到webapp2中,发现用户还是上一旧用户登录的。而且我手动访问cas服务端logout,但是我刷新webapp1,发现还能继续访问?请问这是什么问题?
我的系统里面加入了:
<filter>
<filter-name>CAS Single Sign Out Filter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
</filter>


<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>*</url-pattern>
</filter-mapping>


<listener>
<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
</listener>
p:passwordEncoder-ref="passwordEncoder"去掉这句,数据库里面的password没进行加密,所以不要加这个,如果数据库中的密码也加密了再加上这句。默认,发送请求时,cas会对password进行你定义的那种方式加密。所以验证时select去除的password和加密后的不是一样的
顶部