Hello, I am using mongodb for authentication
I have configured CAS with the following the documentation : https://apereo.github.io/cas/5.0.x/installation/MongoDb-Authentication.html - I am using cas 5.0.3.1 - I am using tomcat 8 deploying overlay war file - I have the following in my cas.properties cas.authn.mongo.passwordEncoder.type=BCRYPT cas.authn.mongo.passwordEncoder.characterEncoding=UTF-8 cas.authn.mongo.passwordEncoder.secret=test cas.authn.mongo.passwordEncoder.strength=8 logging.level.org.apereo=DEBUG Due to the documentation instruction (https://apereo.github.io/cas/5.0.x/installation/MongoDb-Authentication.html), it implies the use of 'org.pac4j.mongo.credentials.authenticator.MongoAuthenticator' (?). And the validate method use "pac4j PasswordEncoder", right ? However, org.apereo.cas.configuration.support.Beans initiates 'org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder' which implements the use of 'org.springframework.security.crypto.password.PasswordEncoder' (?) pac4j PasswordEncoder and spring PasswordEncoder have different implementations and I figure out that I could not make the authentication work properly. Or did I misconfigure something ? I had to overwrite 'org.pac4j.mongo.credentials.authenticator.MongoAuthenticator' to the authentication finally works ... final String username = credentials.getUsername(); PasswordEncoder encoder = new SpringSecurityPasswordEncoder(new BCryptPasswordEncoder(8, new SecureRandom("test".getBytes(StandardCharsets.UTF_8)))); if (!encoder.matches(password, returnedPassword)) { instead of if (!getPasswordEncoder().matches(credentials.getPassword(), returnedPassword)) { Any thought If I did the right thing ? And I also do not understand why "credentials.getPassword()" returns an encoded password and not a clear password ... Seems that PAC4J integration is not working correctly ? Thanks, Thomas UNG -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/20e2ffba-c236-47e7-86d1-6cda7ecaad73%40apereo.org.
