JDBC Attribute Resolution

CAS does allow for attributes to be retrieved from a variety of SQL databases.

Support is enabled by including the following dependency in the WAR overlay:

1
2
3
4
5
<dependency>
    <groupId>org.apereo.cas</groupId>
    <artifactId>cas-server-support-jpa-util</artifactId>
    <version>${cas.version}</version>
</dependency>
1
implementation "org.apereo.cas:cas-server-support-jpa-util:${project.'cas.version'}"
1
2
3
4
5
6
7
8
9
dependencyManagement {
    imports {
        mavenBom "org.apereo.cas:cas-server-support-bom:${project.'cas.version'}"
    }
}

dependencies {
    implementation "org.apereo.cas:cas-server-support-jpa-util"
}
1
2
3
4
5
6
7
8
9
10
dependencies {
    /*
    The following platform references should be included automatically and are listed here for reference only.
            
    implementation enforcedPlatform("org.apereo.cas:cas-server-support-bom:${project.'cas.version'}")
    implementation platform(org.springframework.boot.gradle.plugin.SpringBootPlugin.BOM_COORDINATES)
    */

    implementation "org.apereo.cas:cas-server-support-jpa-util"
}

To learn how to configure database drivers, please see this guide.

The following settings and properties are available from the CAS configuration catalog:

The configuration settings listed below are tagged as Required in the CAS configuration metadata. This flag indicates that the presence of the setting may be needed to activate or affect the behavior of the CAS feature and generally should be reviewed, possibly owned and adjusted. If the setting is assigned a default value, you do not need to strictly put the setting in your copy of the configuration, but should review it nonetheless to make sure it matches your deployment expectations.

  • cas.authn.attribute-repository.jdbc[0].driver-class=org.hsqldb.jdbcDriver
  • The JDBC driver used to connect to the database.

    org.apereo.cas.configuration.model.support.jdbc.JdbcPrincipalAttributesProperties.

    How can I configure this property?

  • cas.authn.attribute-repository.jdbc[0].password=EMPTY
  • The database connection password.

    org.apereo.cas.configuration.model.support.jdbc.JdbcPrincipalAttributesProperties.

    How can I configure this property?

  • cas.authn.attribute-repository.jdbc[0].url=jdbc:hsqldb:mem:cas-hsql-database
  • The database connection URL.

    This setting supports the Spring Expression Language.

    org.apereo.cas.configuration.model.support.jdbc.JdbcPrincipalAttributesProperties.

    How can I configure this property?

  • cas.authn.attribute-repository.jdbc[0].user=sa
  • The database user.

    The database user must have sufficient permissions to be able to handle schema changes and updates, when needed.

    org.apereo.cas.configuration.model.support.jdbc.JdbcPrincipalAttributesProperties.

    How can I configure this property?

    The configuration settings listed below are tagged as Optional in the CAS configuration metadata. This flag indicates that the presence of the setting is not immediately necessary in the end-user CAS configuration, because a default value is assigned or the activation of the feature is not conditionally controlled by the setting value. You should only include this field in your configuration if you need to modify the default value.

  • cas.authn.attribute-repository.jdbc=
  • Retrieve attributes from multiple JDBC repositories.

    org.apereo.cas.configuration.model.core.authentication.PrincipalAttributesProperties.

    How can I configure this property?

  • cas.authn.attribute-repository.jdbc[0].pool.keep-alive-time=0
  • This property controls the keepalive interval for a connection in the pool. An in-use connection will never be tested by the keepalive thread, only when it is idle will it be tested. Default is zero, which disables this feature.

    This settings supports the java.time.Duration syntax [?].

    org.apereo.cas.configuration.model.support.ConnectionPoolingProperties.

    How can I configure this property?

  • cas.authn.attribute-repository.jdbc[0].pool.max-size=18
  • Controls the maximum number of connections to keep in the pool, including both idle and in-use connections.

    org.apereo.cas.configuration.model.support.ConnectionPoolingProperties.

    How can I configure this property?

  • cas.authn.attribute-repository.jdbc[0].pool.max-wait=PT2S
  • Sets the maximum time in seconds that this data source will wait while attempting to connect to a database.

    A value of zero specifies that the timeout is the default system timeout if there is one; otherwise, it specifies that there is no timeout.

    This settings supports the java.time.Duration syntax [?].

    org.apereo.cas.configuration.model.support.ConnectionPoolingProperties.

    How can I configure this property?

  • cas.authn.attribute-repository.jdbc[0].pool.maximum-lifetime=PT10M
  • This property controls the maximum lifetime of a connection in the pool. When a connection reaches this timeout, even if recently used, it will be retired from the pool. An in-use connection will never be retired, only when it is idle will it be removed.

    This settings supports the java.time.Duration syntax [?].

    org.apereo.cas.configuration.model.support.ConnectionPoolingProperties.

    How can I configure this property?

  • cas.authn.attribute-repository.jdbc[0].pool.min-size=6
  • Controls the minimum size that the pool is allowed to reach, including both idle and in-use connections.

    org.apereo.cas.configuration.model.support.ConnectionPoolingProperties.

    How can I configure this property?

  • cas.authn.attribute-repository.jdbc[0].pool.name=
  • Set the name of the connection pool. This is primarily used for the MBean to uniquely identify the pool configuration.

    org.apereo.cas.configuration.model.support.ConnectionPoolingProperties.

    How can I configure this property?

  • cas.authn.attribute-repository.jdbc[0].pool.suspension=
  • Whether or not pool suspension is allowed.

    There is a performance impact when pool suspension is enabled. Unless you need it (for a redundancy system for example) do not enable it.

    org.apereo.cas.configuration.model.support.ConnectionPoolingProperties.

    How can I configure this property?

  • cas.authn.attribute-repository.jdbc[0].pool.timeout-millis=1_000L
  • The maximum number of milliseconds that the pool will wait for a connection to be validated as alive.

    org.apereo.cas.configuration.model.support.ConnectionPoolingProperties.

    How can I configure this property?

  • cas.authn.attribute-repository.jdbc[0].attributes=
  • Map of attributes to fetch from the database. Attributes are defined using a key-value structure where CAS allows the attribute name/key to be renamed virtually to a different attribute. The key is the attribute fetched from the data source and the value is the attribute name CAS should use for virtual renames. Attributes may be allowed to be virtually renamed and remapped. The key in the attribute map is the original attribute, and the value should be the virtually-renamed attribute.

    org.apereo.cas.configuration.model.support.jdbc.JdbcPrincipalAttributesProperties.

    How can I configure this property?

  • cas.authn.attribute-repository.jdbc[0].autocommit=
  • The default auto-commit behavior of connections in the pool. Determined whether queries such as update/insert should be immediately executed without waiting for an underlying transaction.

    org.apereo.cas.configuration.model.support.jdbc.JdbcPrincipalAttributesProperties.

    How can I configure this property?

  • cas.authn.attribute-repository.jdbc[0].batch-size=100
  • A non-zero value enables use of JDBC2 batch updates by Hibernate. e.g.