我已经成功配置Config CAS Overlay模板6.2.x可以对在MongoDB中注册的用户进行身份验证。 这是我的配置:
CAS属性
"name":"cas.authn.mongo.name","value":"users"
"name":"cas.authn.mongo.database-name","value":"users"
"name":"cas.authn.mongo.collection","value":"users"
"name":"cas.authn.mongo.username-attribute","value":"username"
"name":"cas.authn.mongo.password-attribute","value":"password"
"name":"cas.authn.mongo.user-id","value":"casuser"
"name":"cas.authn.mongo.password","value":"Mellon"
"name":"cas.authn.mongo.attributes","value":"lastname,useremail,usertel"
"name":"cas.authn.mongo.clientUri","value":"mongodb://casuser:Mellon@IP:port/users?authSource=admin&readPreference=primary&appname=MongoDB%20Compass%20Community&ssl=false"
这是用户集合中的用户属性
"username":"root",
"password":"root",
"lastname":"root",
"useremail":"xxx",
"usertel":"xxx"
但是,我遇到了有关CAS Management Web App服务的问题。
这是CAS Management Web App日志:
WARN [org.apereo.cas.mgmt.authz.CasRoleBasedAuthorizer] - <Unable to authorize access, since the authenticated profile [#CasProfile# | id: root | attributes: {credentialType=UsernamePasswordCredential, isFromNewLogin=false, authenticationDate=2020-08-26T08:51:16.865441Z[UTC], authenticationMethod=users, successfulAuthenticationHandlers=users, longTermAuthenticationRequestTokenUsed=false} | roles: [] | permissions: [] | isRemembered: false | clientName: CasClient | linkedId: null |] does not contain any required roles>
这是我针对CAS管理Web应用程序的服务注册表:
{
"@class" : "org.apereo.cas.services.RegexRegisteredService",
"serviceId":"^https://cas-server-domain:8088/cas-management.+",
"name" : "casManagement",
"id" : 1,
"evaluationOrder" : 1,
"allowedAttributes":["cn","mail"]
}
CAS服务器成功为用户(id = root)创建并授权了访问令牌,但CAS Management缺少用户角色。
我不知道如何为用户分配ROLE或指示用户角色在服务注册表中已固定。
请帮助我。
谢谢。