Hi everyone,
I'm working on my Apereo CAS installation to upgrade it from 6.0.x to
the last 6.6.x. My installation has a number of services which must be
accessed on a role-based policy basis and the are configured like this:
/"accessStrategy" : {//
// "@class" :
"org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy",//
// "requiredAttributes" : {//
// "@class" : "java.util.HashMap",//
// "user_type" : [ "java.util.HashSet", [ "o", "a", "u", "c" ] ]//
// }//
// },//
// "properties" : {//
// "@class" : "java.util.HashMap",//
// "jwtAsServiceTicket" : {//
// "@class" :
"org.apereo.cas.services.DefaultRegisteredServiceProperty",//
// "values" : [ "java.util.HashSet", [ "true" ] ]//
// }//
// }/
Attributes are read from db and my CAS properties file contains the
following configuration to access db:
/cas.authn.attributeRepository.expirationTime=5//
//cas.authn.attributeRepository.expirationTimeUnit=SECONDS//
//cas.authn.attributeRepository.maximumCacheSize=1000//
//cas.authn.attributeRepository.merger=REPLACE//
//
//cas.authn.attributeRepository.jdbc[0].singleRow=true//
//cas.authn.attributeRepository.jdbc[0].sql=SELECT * FROM dnshst.users
WHERE {0}//
//cas.authn.attributeRepository.jdbc[0].username=user//
//cas.authn.attributeRepository.jdbc[0].url=${CORE_DB_URL}//
//cas.authn.attributeRepository.jdbc[0].user=${CORE_DB_USER}//
//cas.authn.attributeRepository.jdbc[0].password=${CORE_DB_PASSWORD}//
//cas.authn.attributeRepository.jdbc[0].driverClass=org.mariadb.jdbc.Driver//
//cas.authn.attributeRepository.jdbc[0].autocommit=true//
//
//
//cas.authn.attributeRepository.jdbc[0].attributes.name=name//
//cas.authn.attributeRepository.jdbc[0].attributes.surname=surname//
//cas.authn.attributeRepository.jdbc[0].attributes.iduser=iduser//
//cas.authn.attributeRepository.jdbc[0].attributes.user_type=user_type//
//cas.authn.attributeRepository.jdbc[0].attributes.enabled=enabled//
//cas.authn.attributeRepository.jdbc[0].attributes.ishack=ishack//
//cas.authn.attributeRepository.jdbc[0].attributes.email_user=email_user//
//cas.authn.attributeRepository.jdbc[0].attributes.mfa_enabled=mfa_enabled//
//
//
//cas.authn.attributeRepository.defaultAttributesToRelease=name,
surname, iduser, user_type, enabled, ishack, email_user, mfa_enabled,
surrogateEnabled, surrogatePrincipal, surrogateUser/
During my migration process I was able to reach version 6.2.x without
any problem, but using 6.3.0 CAS it stopped loading attributes from db.
Checking logs I noted that during authentication now I completely miss
any log from QueryDatabaseAuthenticationHandler. Doing further
investigations I tried to run my CAS installation starting with
6.3.0-RC1. Everything worked fine until I tried 6.3.0-RC3 which led to
the problem described above.
Is any of you aware of any change between 6.3.0-RC2 and 6.3.0-RC3 that
could have caused this behavior?
Thank you in advance.
Andrea Del Bene.
PS: these are my application dependencies
/implementation "org.apereo.cas:cas-server-core-api-configuration-model"//
// implementation "org.apereo.cas:cas-server-webapp-init"//
//
// implementation
"org.apereo.cas:cas-server-webapp${project.appServer}" //
// implementation "org.apereo.cas:cas-server-core-tickets-api"//
// implementation
"org.apereo.cas:cas-server-support-jdbc-authentication"//
// implementation "org.apereo.cas:cas-server-support-token-tickets"//
// implementation
"org.apereo.cas:cas-server-support-jpa-ticket-registry"//
// implementation "org.apereo.cas:cas-server-support-pm-jdbc"//
// implementation
"org.apereo.cas:cas-server-support-jpa-service-registry"//
// implementation "org.apereo.cas:cas-server-support-rest"//
// implementation "org.apereo.cas:cas-server-support-rest-tokens"//
// implementation "org.apereo.cas:cas-server-support-throttle-bucket4j"//
// implementation "org.apereo.cas:cas-server-core-util"//
// implementation "org.apereo.cas:cas-server-core-util-api"//
// implementation "org.apereo.cas:cas-server-core-web"//
// implementation "org.apereo.cas:cas-server-core-web-api"//
// //implementation "org.apereo.cas:cas-server-support-captcha"//
// implementation "org.apereo.cas:cas-server-core-webflow"//
// implementation "org.apereo.cas:cas-server-core-webflow-api"//
// implementation "org.apereo.cas:cas-server-support-pac4j-webflow"//
// compileOnly "org.projectlombok:lombok:$lombokVersion"//
// annotationProcessor "org.projectlombok:lombok:$lombokVersion"//
// implementation group: 'org.bitbucket.b_c', name: 'jose4j',
version: '0.6.5'//
// implementation "org.apereo.cas:cas-server-support-surrogate-webflow"//
// implementation
"org.apereo.cas:cas-server-support-surrogate-authentication-jdbc"//
// //implementation "org.apereo.cas:cas-server-support-x509-webflow"//
// implementation "org.apereo.cas:cas-server-core-authentication-api"//
// implementation
"org.apereo.cas:cas-server-support-surrogate-authentication"//
// implementation "org.apereo.cas:cas-server-support-surrogate-api"//
// implementation "org.apereo.cas:cas-server-core-services-api"//
// implementation "org.apereo.cas:cas-server-support-gauth-jpa"//
// implementation "org.apereo.cas:cas-server-support-otp-mfa-core"//
// //implementation "org.apereo.cas:cas-server-support-simple-mfa"//
// implementation "org.apereo.cas:cas-server-support-gauth"/
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/dc57950f-da7b-21f3-84ba-b0913ea8bb91%40host.it.
