CAS server code is by default configured to run the SimpleTestUsernamePasswordAuthenticationHandler. This handler just checks the username is same as the password to authenticate. This does not require any prior storage for username and password ( ex:username and password stored in a database). This logic implemention can be located in the server code (version 3.4.2.1) at org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler.java.
This has been configured in the deployerConfigContext.xml file. So in order to have your own authentication handler, just Change the handler definition in this xml file to the location where we have defined your new logic.
Building the new war file with Maven
Maven is a Apache build manager for Java projects. Once we have changed the source code, we need to build the new war file reflecting the changes. This is done by using the maven. Go through the follwing link from jasig site for building the new war file. This link also dicusses how to change the default authentication handler to a another simple authentacation logic which is readily provided along with the server code.
The idea for multi-factor authentication is to develop a one-time passcode by an external application and use it along with the password for authentication. The external application would be mobile application which runs on mobile phone. This method is called as mobile-OTP.
Initial Steps
Configure the 1st factor of authentication (i.e. password based authentication)
Set up a small database of username and password
Develop a logic to implement the 2nd factor of authentication and put that in the server side code
Develop a mobile app which implements the same logic
Configuring 1st factor of authentication
This can be done by database with JDBC for mysql (or any other) database system. The handler for supporting JDBC is already provided in the CAS server code as jar file. Then the CAS server should be configured to use this handler. This configuration process is similar to the steps discussed in previous post. Follow this link for JDBC configuration for CAS https://wiki.jasig.org/display/CAS/Examples+to+Configure+CAS
Additional steps to be carried out if you run into issues by following the above link
Typical problems would be missing database drivers, commons-dbcp.jar and commons-pool.jar
These are the files which are not included in pom file as dependency (but used in the handler) while building the war file
Download these jar files
Drop the jar files in to the deployed cas server (in the apache/webapps/cas/WEB-INF/lib)
#1
By kirthiprakash_rCAS server code is by default configured to run the SimpleTestUsernamePasswordAuthenticationHandler. This handler just checks the username is same as the password to authenticate. This does not require any prior storage for username and password ( ex:username and password stored in a database). This logic implemention can be located in the server code (version 3.4.2.1) at org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler.java.
This has been configured in the deployerConfigContext.xml file. So in order to have your own authentication handler, just Change the handler definition in this xml file to the location where we have defined your new logic.
Building the new war file with Maven
Maven is a Apache build manager for Java projects. Once we have changed the source code, we need to build the new war file reflecting the changes. This is done by using the maven. Go through the follwing link from jasig site for building the new war file. This link also dicusses how to change the default authentication handler to a another simple authentacation logic which is readily provided along with the server code.
https://wiki.jasig.org/display/CASUM/Best+Practice+-+Setting+Up+CAS+Loca...
#2
By kirthiprakash_rThe IDEA
The idea for multi-factor authentication is to develop a one-time passcode by an external application and use it along with the password for authentication. The external application would be mobile application which runs on mobile phone. This method is called as mobile-OTP.
Initial Steps
Configuring 1st factor of authentication
This can be done by database with JDBC for mysql (or any other) database system. The handler for supporting JDBC is already provided in the CAS server code as jar file. Then the CAS server should be configured to use this handler. This configuration process is similar to the steps discussed in previous post. Follow this link for JDBC configuration for CAS https://wiki.jasig.org/display/CAS/Examples+to+Configure+CAS
Additional steps to be carried out if you run into issues by following the above link
JDBC configuration for CAS is successful!