Andy,
I checked both the logs and the database and neither showed evidence of the
postAuthenticate() method actually being called. Here is my custom handler:
public class CustomAuthenticationHandler extends
QueryDatabaseAuthenticationHandler {
Logger LOGGER = LoggerFactory.getLogger(CustomAuthenticationHandler.class);
private final String sql;
private final String fieldPassword;
private final String fieldExpired;
private final String fieldDisabled;
private final Map<String, Object> principalAttributeMap;
public CustomAuthenticationHandler(final String name,
final ServicesManager
servicesManager,
final PrincipalFactory
principalFactory,
final Integer order,
final DataSource dataSource,
final String sql,
final String fieldPassword,
final String fieldExpired,
final String fieldDisabled,
final Map<String, Object>
attributes) {
super(name, servicesManager, principalFactory, order, dataSource, sql,
fieldPassword, fieldExpired, fieldDisabled, attributes);
this.sql = sql;
this.fieldPassword = fieldPassword;
this.fieldExpired = fieldExpired;
this.fieldDisabled = fieldDisabled;
this.principalAttributeMap = attributes;
if (StringUtils.isBlank(this.fieldPassword)) {
LOGGER.warn("When the password field is left undefined, CAS will
skip comparing database and user passwords for equality "
+ ", (specially if the query results do not contain the
password field),"
+ "and will instead only rely on a successful query
execution with returned results in order to verify credentials");
}
}
@Override
public AuthenticationHandlerExecutionResult postAuthenticate(Credential
credential, AuthenticationHandlerExecutionResult result) {
LOGGER.debug("==================================================INSIDE
POSTAUTHENTICATE==================================================");
Integer updateResult = updateLastLogin((UsernamePasswordCredential)
credential);
if(updateResult != 1)
LOGGER.debug("==================================================BAD
UPDATE==================================================");
else
LOGGER.debug("==================================================GOOD
UPDATE==================================================");
return super.postAuthenticate(credential, result);
}
private Integer updateLastLogin(final UsernamePasswordCredential
credential) {
LOGGER.info("INSIDE updateLastLogin");
return getJdbcTemplate().update("update user_table set last_login =
NOW() WHERE username = '" + credential.getUsername() + "';");
}
}
As previously mentioned, the handler itself seems to be getting picked up
successfully since I'm seeing these messages in the logs:
cas_1 | 2019-11-26 17:09:29,675 TRACE
[org.apereo.cas.authentication.DefaultAuthenticationBuilder] - <Recording
authentication handler result success under key
[CustomAuthenticationHandler]>
cas_1 | 2019-11-26 17:09:29,675 DEBUG
[org.apereo.cas.authentication.PolicyBasedAuthenticationManager] -
<Authentication handler [CustomAuthenticationHandler] successfully
authenticated [UsernamePasswordCredential(username=myusername, source=null,
customFields={})]>
Thanks again!
On Monday, November 25, 2019 at 5:27:41 PM UTC-8, Andy Ng wrote:
>
> Hi Bobby,
>
> > the *postAuthenticate() *method does not seem to be getting called at
> all
> How did you verified that postAuthenticate does not get called? Did you
> use some logs or you just try executing some post JDBC query and they
> didn't get called?
>
> Have you used the keyword *@Override* to make sure your function did
> override the parent function?
>
> Also, mind if you share your custom authentication handler with us (only
> the part that are related is ok)?
>
> I haven't used the postAuthenticate() function myself before, but looking
> at the source code it seems very likely that postAuthenticate should be
> called when authenticate happens...
>
> See that there are one of the Official AuthenticationHandler (i.e.
> TokenAuthenticaiontHandler) uses postAuthenticate here, didn't seems:
> >
> https://github.com/apereo/cas/blob/v6.1.2/support/cas-server-support-token-authentication/src/main/java/org/apereo/cas/token/authentication/TokenAuthenticationHandler.java#L71
>
> Also, postAuthentate logic is here:
> >
> https://github.com/apereo/cas/blob/v6.1.2/core/cas-server-core-authentication-api/src/main/java/org/apereo/cas/authentication/handler/support/AbstractPreAndPostProcessingAuthenticationHandler.java#L43
>
> See if the above helps!
>
> Cheers!
> - Andy
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/893ddebb-4de1-48d1-bb92-b2629bbcc99d%40apereo.org.
