23.08.2010

Developing Custom AuthenticationHandler for Central Authentication Services (CAS)

Central Authentication Services provides various types of authentication handlers like jdbc, ldap, X.509 Certificates. In some circumstances developing custom authentication handler for your company can be vital. In this post, you will find how to develop custom authentication handlers for cas.

CAS as you know is a maven project, so it is really easy to code and easy to develop.
1. Create a module in cas-server.pom xml
            CreateModule
2. Create Class named CustomPasswordAuthenticationHandler

package com.yourcompany.cas.adaptors.custom;

import java.net.InetAddress;
import java.net.UnknownHostException;
import java.sql.CallableStatement;
import java.sql.Connection;
import java.sql.SQLException;
import java.sql.Types;

import org.jasig.cas.adaptors.jdbc.AbstractJdbcUsernamePasswordAuthenticationHandler;
import org.jasig.cas.authentication.handler.AuthenticationException;
import org.jasig.cas.authentication.principal.UsernamePasswordCredentials;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.jdbc.core.CallableStatementCallback;
import org.springframework.jdbc.core.CallableStatementCreator;

import com.sun.istack.NotNull;

public class CustomPasswordAuthenticationHandler extends AbstractJdbcUsernamePasswordAuthenticationHandler implements InitializingBean {
@NotNull
private String sql;

public void setSql(String sql) {
this.sql = sql;
}

public void afterPropertiesSet() throws Exception {
// TODO Auto-generated method stub
}

@Override
protected boolean authenticateUsernamePasswordInternal(final UsernamePasswordCredentials credentials) throws AuthenticationException {
return ((String) getJdbcTemplate().getJdbcOperations().execute(new CallableStatementCreator() {
public CallableStatement createCallableStatement(Connection conn) throws SQLException {
CallableStatement cs = conn.prepareCall(sql);
cs.setString(2, credentials.getUsername());
cs.setString(3, credentials.getPassword());
cs.setString(4, getHostName());
cs.setString(5, getHostAddress());
cs.registerOutParameter(1, Types.VARCHAR);
return cs;
}
}, new CallableStatementCallback<String>() {
public String doInCallableStatement(CallableStatement cs) {
try {
cs.execute();
return cs.getString(1);
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return ""; // Whatever is returned here is returned from the jdbcTemplate.execute method
}
})).charAt(0) == '0';
}

private String getHostName() {
try {
return InetAddress.getLocalHost().getHostName();
} catch (UnknownHostException uhe) {
// TODO: Logger
return "";
}
}

private String getHostAddress() {
try {
return InetAddress.getLocalHost().getHostAddress();
} catch (UnknownHostException uhe) {
// TODO: Logger
return "";
}
}
}






3. Add this project as a dependency to cas-server-webapp project





<dependency>
<groupId>${project.groupId}</groupId>
<artifactId>cas-server-support-custom</artifactId>
<version>${project.version}</version>
</dependency>




4. Add your custom AuthenticationHandler to cas-server-webapp/WEB-INF/deployerConfigContext.xml





<bean
class="com.yourcompany.cas.adaptors.custom.CustomPasswordAuthenticationHandler">
<property name="sql">
<value>a SQL code <value>
</property>
<property name="dataSource" ref="yourDatasource"/>
</bean>



Hiç yorum yok: