latest
release v2.1.2-1 last update 31-August-2007 11:53AM |
||
Database authentication with CAS GHThis method is esentially used by organizations of which some users, for technical or political reasons, are not registered in their LDAP directory but in a distinct database. As well as for LDAP authentication, fault tolerance is insured by the redundancy of database servers, and three access modes are provided (bind, search and query). Bind modeIn this mode, users should be declared in the database, i.e. be database users; authentication is successfull when the information given by the user allows CAS to connect to the database. One may use: <authentication debug="off"> Search modeThis mode uses a privileged connection to the database. The authentication informations (login and password) are stored in a table; authentication is successfull when information provided by the users are found in the database. One may use: <authentication debug="off"> When using this mode, the administrator should specify:
Query modeThis mode also uses a privileged connection to the database. The authentication informations are stored anywhere in the database, and authentication is successfull when information provided by the users matches the informations returned by the query. One may use: <authentication debug="off"> When using this mode, the administrator should specify:
Note: internally, a SearchDatabaseHandler is a QueryDatabaseHandler using the following SQL query: SELECT <password_column> FROM <table> WHERE <login_column> = '%u' Database serversThe database servers are defined by:
When specifying several servers, all the servers are considered as replicates: when authenticationfails on one database, database authentication fails because databases are intended to contain the same data; next (redundant) servers are tried only if the first one does not respond. JDBC driversCAS GH developers usually place the JARs implementing the JDBC drivers they use into the ${tomcat.home}/webapps/cas/WEB-INF/lib directory (classes are placed into ${tomcat.home}/webapps/cas/WEB-INF/classes), or, when using one of the esup-cas-server and esup-cas-quick-start packages, directly into the custom/cas-server-patch/web/WEB-INF folder (so the files get deployed with ant). No JDBC driver is provided with CAS GH, but the following links may help to find the JDBC driver corresponding to your database:
|
||
Copyright © 2002-2004 - ESUP-Portail consortium |