I'm configuring CAS v4.1.1 and I'm trying to return a Map of Parameters, (plus to the ticket) on the response to a Client phpCAS, of a "Custom Bean" (that I design based on the bean org.jasig.cas.adaptors.jdbc.SearchModeSearchDatabaseAuthenticationHandler of the subproject cas-server-support-jdbc) to authenticate, used as "primaryPrincipalResolver" for the "authenticationManager" bean used on my deployerConfigContext.xml
My configuration of deployerConfigContext.xml Looks like something like this:
<beans xmlns="http://www.springframework.org/schema/beans"
...
... />
<bean id="authenticationManager"
class="org.jasig.cas.authentication.PolicyBasedAuthenticationManager">
<constructor-arg>
<map>
<!-- | IMPORTANT | Every handler requires a unique name. | If more than
one instance of the same handler class is configured, you must explicitly
| set its name to something other than its default name (typically the simple
class name). -->
<entry key-ref="proxyAuthenticationHandler" value-ref="proxyPrincipalResolver" />
<!-- Beans de autenticación:
Aquí se enlistan los beans que serán usados para la autenticación. Dependiendo del orden
En que se agreguen, se dará prioridad al método de autenticación que describa el bean. -->
<entry key-ref="SearchDatabaseAuthenticationMovilred" value-ref="primaryPrincipalResolver" />
</map>
</constructor-arg>
<!-- | Defines the security policy around authentication. Some alternative
policies that ship with CAS: | | * NotPreventedAuthenticationPolicy - all
credential must either pass or fail authentication | * AllAuthenticationPolicy
- all presented credential must be authenticated successfully | * RequiredHandlerAuthenticationPolicy
- specifies a handler that must authenticate its credential to pass -->
<property name="authenticationPolicy">
<bean class="org.jasig.cas.authentication.AnyAuthenticationPolicy" />
</property>
</bean>
...
....
<bean id="SearchDatabaseAuthenticationMovilred"
class="com.solidda.cas.jdbc.SearchDatabaseAuthenticationMovilred">
<property name="urlService">
<value> { SOME URL THAT I USE TO POINT TO A SERVICE THAT RETURN A MAP OF DATA } </value>
</property>
<property name="dataSource" ref="dataSource" />
</bean>
...
<!-- Required for proxy ticket mechanism -->
<bean id="proxyPrincipalResolver"
class="org.jasig.cas.authentication.principal.BasicPrincipalResolver" />
<!-- | Resolves a principal from a credential using an attribute repository
that is configured to resolve | against a deployer-specific store (e.g. LDAP). -->
<bean id="primaryPrincipalResolver"
class="org.jasig.cas.authentication.principal.PersonDirectoryPrincipalResolver"
p:principalFactory-ref="principalFactory" p:attributeRepository-ref="attributeRepository" />
<!-- Bean that defines the attributes that a service may return. This example
uses the Stub/Mock version. A real implementation may go against a database
or LDAP server. The id should remain "attributeRepository" though. + -->
<bean id="attributeRepository"
class="org.jasig.services.persondir.support.NamedStubPersonAttributeDao"
p:backingMap-ref="attrRepoBackingMap" />
<util:map id="attrRepoBackingMap">
<entry key="uid" value="uid" />
<entry key="eduPersonAffiliation" value="eduPersonAffiliation" />
<entry key="groupMembership" value="groupMembership" />
<entry>
<key>
<value>memberOf</value>
</key>
<list>
<value>faculty</value>
<value>staff</value>
<value>org</value>
</list>
</entry>
</util:map>
....
And this is something like looks the code of the "custom bean" that I create:
...
public class SearchDatabaseAuthenticationMovilred extends
AbstractJdbcUsernamePasswordAuthenticationHandler {
@NotNull
private String urlService;
/**
* {@inheritDoc}
*/
@Override
protected final HandlerResult authenticateUsernamePasswordInternal(
final UsernamePasswordCredential credential)
throws GeneralSecurityException, PreventedException {
//Get the data to adquire user and password from the petition
final String username = credential.getUsername();
final String password = credential.getPassword();
....
//Creates the petition to the method that call a POST service that returns a Map of data
....
//Maps that decompose the result
final Map<String, Object> result;
final Map<String, Object> dataValues;
//At the end I obtain a Map something like this object bellow
dataValues = new HashMap<String, Object>();
dataValues.put("data", "{\"InfoLogin\": {\"USUA_LOGIN\": "
+ "\"USERNAME\",\"USUA_ID\": SOMEID,\"TPTE_ID\": "
+ "TYPE,\"TERC_ID\": OTHERSOMEID}");
//I send something like this, sending the map to the method "createPrincipal" the map of the result
final HandlerResult a = createHandlerResult(credential,
this.principalFactory.createPrincipal(username, dataValues), null);
return a;
}
....
//Some more code and stuff
And I can't obtain on the response make on the phpCAS the "dataValues" content, like "attributes" or something like that. I'm so screwed up with this, I see a lot of forums and nothing of that works for my case... Can you guys help me, please?
Greetings from Colombia.
Thank You.
-- Cristian Guerrero. A developer verge of a nervous breakdown
Two things: 1. If you wish to use your handler to return attributes back you should null out the corresponding principal resolver. 2. Attributes should be released to CAS clients per attribute release policy. You should list all attributes that need to be released, i.e. data.