CAS找不到支持UsernamePasswordCredential的身份验证处理程序

我觉得你最好用 principalFactory.createPrincipal new SimplePrincipal() .

在你的 AuthenticationEventExecutionPlanConfigurer DatabaseAuthenticationHandler ,添加以下内容:

    @Autowired
    @Qualifier("principalFactory")
    private PrincipalFactory principalFactory;

    @Bean
    public DatabaseAuthenticationHandler databaseAuthenticationHandler() {
         return new DatabaseAuthenticationHandler(principalFactory);
    }

数据库身份验证处理程序

Public class DatabaseAuthenticationHandler extends AbstractJdbcUsernamePasswordAuthenticationHandler {
  private final PrincipalFactory principalFactory;
  public DatabaseAuthenticationHandler (PrincipalFactory principalFactory){
     this.principalFactory = principalFactory;
  }

  @Override
  protected AuthenticationHandlerExecutionResult authenticateUsernamePasswordInternal(
        UsernamePasswordCredential credential, String originalPassword) throws GeneralSecurityException,    PreventedException {

    final String username = credential.getUsername();
    logger.debug("***Username:"+username);
    logger.debug("***Password:"+credential.getPassword());
    /////// below here's the change /////////
    return createHandlerResult(credential, this.principalFactory.createPrincipal(username), null);
  }

  @Override
  public boolean supports(final Credential credential)  {
    return true;
  }
}

看看以上是否有效,谢谢。

此问题的根本原因是您将null参数传递给 createHandlerResult 方法,您可以将其更改为 new ArrayList<> . 我也遇到了这个问题( My CAS version is 5.3.9 )我也试过吴世龙的解决方法,但没有成功,然后我试着自己解决。我在CAS代码中搜索错误消息,并在 PolicyBasedAuthenticationManager

            try {
                  PrincipalResolver resolver = this.getPrincipalResolverLinkedToHandlerIfAny(handler, transaction);
                  LOGGER.debug("Attempting authentication of [{}] using [{}]", credential.getId(), handler.getName());
                  this.authenticateAndResolvePrincipal(builder, credential, resolver, handler);
                  AuthenticationCredentialsThreadLocalBinder.bindInProgress(builder.build());
                  Pair<Boolean, Set<Throwable>> failures = this.evaluateAuthenticationPolicies(builder.build(), transaction);
                  proceedWithNextHandler = !(Boolean)failures.getKey();
                } catch (Exception var15) {
                  LOGGER.error("Authentication has failed. Credentials may be incorrect or CAS cannot find authentication handler that supports [{}] of type [{}]. Examine the configuration to ensure a method of authentication is defined and analyze CAS logs at DEBUG level to trace the authentication event.", credential, credential.getClass().getSimpleName());
                  this.handleAuthenticationException(var15, handler.getName(), builder);
                  proceedWithNextHandler = true;
                }

在上面的代码片段中 authenticateAndResolvePrincipal

 AuthenticationHandlerExecutionResult result = handler.authenticate(credential);

DefaultAuthenticationHandlerExecutionResult 班级。

  public DefaultAuthenticationHandlerExecutionResult(final AuthenticationHandler source, final CredentialMetaData metaData, final Principal p, @NonNull final List<MessageDescriptor> warnings) {
    this(StringUtils.isBlank(source.getName()) ? source.getClass().getSimpleName() : source.getName(), metaData, p, warnings);
    if (warnings == null) {
      throw new NullPointerException("warnings is marked @NonNull but is null");
    }
  }

因此,如果您使用createHandlerResult(credential,new SimplePrincipal(),null),NullPointerException将在运行时抛出 catch (Exception var15) 对bock进行编码并记录您看到的错误消息。