Using JDBC for Authentication
PRECONDITIONS
1. Successfully tested cas.war out-of-the-box using the default username=password type of login. (See Quick Start Demo)
2. You would now like to hook-up login to a user table, say, USERS, already in Oracle Database with the clear-text columns called (say) USER_ID and PASSWORD.
DETAILED STEPS
1. Open the file %CATALINA_HOME%/webapps/cas/WEB-INF/deployerConfigContext.xml with you favorite XML editor.
2. At the bottom of this file you will see the following xml that supports the simplistic username=password in CAS login out of the box:
<bean class="org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler" />
3. Replace the above bean tag with *one* of the following bean tags (BTW, these are two of at least three known ways you can hook-up to a JDBC source of user/passwords.) For all other ways, please refer JDBC):
<bean id="SearchModeSearchDatabaseAuthenticationHandler" class="org.jasig.cas.adaptors.jdbc.SearchModeSearchDatabaseAuthenticationHandler" abstract="false" singleton="true" lazy-init="default" autowire="default" dependency-check="default"> <property name="tableUsers"> <value>users</value> </property> <property name="fieldUser"> <value>user_id</value> </property> <property name="fieldPassword"> <value>password</value> </property> <property name="dataSource" ref="dataSource" /> </bean> <bean class="org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler"> <property name="dataSource" ref="dataSource" /> <property name="sql" value="select password from some_table where lower(username) = lower(?)" /> </bean>
4. Move your text editor cursor downward beyond the following (this is a really dumb step, but was critical for me...the technical point being that the datasource bean in the NEXT step needs to be a standalone bean tag in the file deployerConfigContext.xml instead of a sibling tag of the authentication handler tag)
</list> </property> </bean>
5. Add one of the following bean definitions after the </bean> tag but before the last </beans> tag. Make sure you change the url property below to whatever your database url connect string really is. Ditto for username, password tags.
<!-- Oracle connector --> <bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource"> <property name="driverClassName"> <value>oracle.jdbc.driver.OracleDriver</value> </property> <property name="url"> <value>jdbc:oracle:thin:@database-server-name:1521:SID</value> </property> <property name="username"> <value>admusr</value> </property> <property name="password"> <value>admpwd</value> </property> </bean> <!-- MySQL connector --> <bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource"> <property name="driverClassName"> <value>com.mysql.jdbc.Driver</value> </property> <property name="url"> <value>jdbc:mysql://database-server-name:3306/db-name</value> </property> <property name="username"> <value>admusr</value> </property> <property name="password"> <value>admpwd</value> </property> </bean> Â <!-- PostgreSQL connector --> <bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource"> <property name="driverClassName"> <value>org.postgresql.Driver</value> </property> <property name="url"> <value>jdbc:postgresql://database-server-name:5432/db-name</value> </property> <property name="username"> <value>admusr</value> </property> <property name="password"> <value>admpwd</value> </property> </bean>
6. For CAS 3.1.x, Added the required jars through the use of Maven pom.xml file
<dependency> <groupId>org.jasig.cas</groupId> <artifactId>cas-server-support-jdbc</artifactId> <version>${project.version}</version> </dependency> <dependency> <groupId>commons-dbcp</groupId> <artifactId>commons-dbcp</artifactId> <version>1.2.1</version> <scope>runtime</scope> </dependency> <dependency> <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> <version>5.1.5-bin</version> <scope>provided</scope> </dependency>
   For CAS 3.0.x, Drop the following jars (or latest-and-greatest-equivalent-specific-to-your-database-vendor) into %CATALINA_HOME%/webapps/cas/WEB-INF/lib
- older releases might use cas-server-jdbc-3.0.5.jar from http://developer.ja-sig.org/maven/cas/jars/
- ojdbc14.jar (Oracle JDBC Driver), mysql-connector-java-5.1.5-bin.jar (MySQL JDBC driver), or postgresql-9.1-901.[jdbcversion].jar (PostgreSQL JDBC driver)
You will also need the following, but they are already present in a default RHEL5 tomcat install.
- commons-collections-3.2.jar
- commons-dbcp-1.2.1.jar
- commons-pool-1.3.jar
Note: It is recommended commons-dbcp 1.2.1 is used with MySQL instead of the newer version. I found that new version (1.2.2) will cause a Socket write error in MySQL, after your CAS is idle for more that 8 hours, which is the time that MySQL will clean up all idle connections.
7. Bounce the cas context. (Done).  CAS should be using the user/password in your database now (instead of the simplistic user=password that ships with the Demo).