In the implementation of SSO, the most frequently used the use of the relational database to authenticate the user. It can easily use the ESUP plug-in to easily use DB user authentication methods, this article describes the configuration method of ESUP. The use of ESUP is mainly divided into three authentication modes: binding mode (ie DB users can pass CAS authentication), search mode (ie, users can pass CAS in a table), query mode (ie, use SQL query statements The result obtained can pass the CAS for authentication when matching user information).
.
AS Well As For LDAP Authentication, Fault Tolerance Is Insured by The Redundancy of Database Servers, And Three Access Modes Are Provided (Bind, Search and Query).
Bind mode
In this Mode, User Should Be Decland In The Database, I.E.BETABASE; Authentication Is successful by the information given by the user allows cas to connect to the database.
This mode uses a privileged connection to the database The authentication informations (login and password) are stored in a table;. Authentication is successfull when information provided by the users are found in the database.
user login password admin secret com.mysql.jdbc.Driver jdbc: mysql: // 127.0.0.1 WHEN Using this mode, The Administrator Sserve Specify:
the table of the database users are stored in; the columns storing the users' id and password; the encryption used to store the password (optional); the credentials used to connect to the database (optional).
Query Mode
This mode also uses a privileged connection to the database. The authentication informations are stored anywhere in the database, and authentication is successfull when information provided by the users matches the informations returned by the query.
One May USE:
org.esupportail.cas.server.handlers.database.QueryDatabaseHandler SELECT md5_password FROM user WHERE login = '% u' AND NOT locked md5 admin secret com.mysql.jdbc.Driver jdbc : mysql: //127.0.0.1 When Using this mode, The Administrator Should Specify:
the SQL query used to query the database This query can contain the special "% u" token, which will be replace by the users' netId at runtime;. the encryption used to store the password (plain, des, md5 and pammd5 are allowed , MD5 by default; The Credentials Used to Connect To The Database (Optional).
NOTE: INTERNALLY, A SearchDatabaseHandler Is a QueryDatabaseHandler Using The Following SQL Query:
Select from
Where = '% u'
Database Servers
The Database Servers Are Defined By:
The JDBC URL of The Database; The JDBC Driver That Should Be Used to Access The Database.
When specifying several servers, all the servers are considered as replicates: when authenticationfails on one database, database authentication fails because databases are intended to contain the same data; next (redundant) servers are tried only if the first one does not respond.
JDBC Drivers
CAS GH developers usually place the JARs implementing the JDBC drivers they use into the $ {tomcat.home} / webapps / cas / WEB-INF / lib directory (classes are placed into $ {tomcat.home} / webapps / cas / WEB- INF / CLASSES), OR, WHEN USING ONE OF THE ESUP-CAS-Server and Esup-Cas-Quick-Start Packages, Directly Into The Custom / Cas-Server-Patch / Web / Web-Inf Folder (So The Files Get Deployed With ant) .NO JDBC Driver Is Provideded with Cas GH, But The Following Links May Help To Finding To your database:
