ERROR CAS WITH LDAP

Carlos Morales

unread,

Jun 25, 2018, 5:59:49 AM6/25/18

to CAS Community

Good morning,

Checking the CAS forum I found this distribution list, where I can expose my problem.

First of all I put you in situation, I have an apache tomcat where the CAS application runs, following one of the official manuals of the same I have managed to install CAS (thus arriving at the login page where we enter user & password default) and we see the connection window, up here well ...

Once with the implementation of the CAS, I am ready to configure the LDAP but when entering the data and configuring it, the TOMCAT instance does not raise showing the following errors:

ERROR [org.springframework.web.context.ContexLoader] - <Context initialization failed>

org.springframework.beans.factory.BeanDefinitionStoreException: Invalid bean definition with name 'connectionConfig' defines in Servletcontext resource [/WEB-INF/deployerConfigContext]: Could not resolver placeholder 'ldap.connectTimeout' in string value "${ldap.connectTimeout}"

ERROR [org.jasig.cas.web.init.SafeContextLoaderListener] - <SafeContextLoaderListener:

The Spring ContexLoaderListener we wrap threw on contextInitialized.

But for our having caugt this error,the web application context would not have initialized.>

org.springframework.beans.factory.BeanDefinitionStoreException: Invalid bean definition with name 'connetionConfig'

defined in ServletContext resource [/WEB-INF/deployerConfigContext.xml]: Could not resolve placeholder 'ldap.connectTimeout' in string value "${ldap.connectTimeout}"

Any suggestion?

thank you!

Ganesh and Sashi Prasad

unread,

Jun 25, 2018, 6:29:28 AM6/25/18

to cas-...@apereo.org

Which version of CAS is this?

It looks like you have a non-numeric value assigned to ldap.connectTimeout,

i.e., something like

ldap.connectTimeout="5000"

instead of

ldap.connectTimeout=5000

Can you check your cas.properties file?

Regards,

Ganesh

--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/eaa615c6-1fba-4bb4-801f-aa98211a46aa%40apereo.org.

Carlos Morales

unread,

Jun 25, 2018, 11:22:20 AM6/25/18

to CAS Community

Version of CAS is cas-server-4.0.0


then I expose the pom.xml file.

To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.

cas.properties

Ganesh and Sashi Prasad

unread,

Jun 25, 2018, 10:11:05 PM6/25/18

to cas-...@apereo.org

Caveat: I jumped straight from CAS 3.5 to 5.2, so I haven't used 4.0.

I think you have configured LDAP by specifying an authentication handler in a Java overlay file.

Since your cas.properties file does not mention ldap.connectTimeout at all, I think it's taking the default value of "" (empty string) for ldap.connectTimeout and failing the numericity test, so the simplest trick would be to put in an explicit line in cas.properties to say

ldap.connectTimeout=5000

and restart Tomcat.

Mind you, this is a quick fix, and I'm sure you'll be tripped up by another problem after this is fixed, so I suggest you look up some comprehensive documentation about how to set up LDAP authentication in CAS 4.0.

Ganesh

To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/230b7506-cccb-4167-8cb1-bbe885f11e5e%40apereo.org.

Carlos Morales

unread,

Jun 26, 2018, 3:45:23 AM6/26/18

to CAS Community

Yes, thank you Ganesh.

I have reconfigured the entire cas.properties file, adding many parameters that I did not have previously configured, however, at this moment it indicates the following error:

Apparently a problem with the ldap and the certificates ...

Let's see if you can help me with it, thank you in advance!

2018-06-26 09:40:20,011 ERROR [org.springframework.web.context.ContextLoader] - <Context initialization failed>
org.springframework.beans.factory.BeanDefinitionStoreException: Invalid bean definition with name 'sslConfig' defined in ServletContext resource [/WEB-INF/deployerConfigContext.xml]: Could not resolve placeholder 'ldap.trustedCert' in string value "${ldap.trustedCert}"
	at org.springframework.beans.factory.config.PlaceholderConfigurerSupport.doProcessProperties(PlaceholderConfigurerSupport.java:209)
	at org.springframework.context.support.PropertySourcesPlaceholderConfigurer.processProperties(PropertySourcesPlaceholderConfigurer.java:174)
	at org.springframework.context.support.PropertySourcesPlaceholderConfigurer.postProcessBeanFactory(PropertySourcesPlaceholderConfigurer.java:151)
	at org.springframework.context.support.AbstractApplicationContext.invokeBeanFactoryPostProcessors(AbstractApplicationContext.java:694

2018-06-26 09:40:20,051 ERROR [org.jasig.cas.web.init.SafeContextLoaderListener] - <SafeContextLoaderListener: 
org.springframework.beans.factory.BeanDefinitionStoreException: Invalid bean definition with name 'sslConfig' defined in ServletContext resource [/WEB-INF/deployerConfigContext.xml]: Could not resolve placeholder 'ldap.trustedCert' in string value "${ldap.trustedCert}"

Tom O'Neill

unread,

Jun 26, 2018, 7:18:44 AM6/26/18

to cas-...@apereo.org

Just curious – is there a reason you aren’t deploying 5.x?

--

- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.

To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/50d3453d-225e-4683-a05b-117780881519%40apereo.org.

Ganesh and Sashi Prasad

unread,

Jun 26, 2018, 8:09:06 AM6/26/18

to cas-...@apereo.org

I'm not sure, but I think you need to put the certificate (say, myfile.cer) in /etc/ssl/certs and then put this line into cas.properties

ldap.trustedCert=/etc/ssl/certs/myfile.cer

This is just my guess. I think you should look for the authoritative documentation.

Regards,

Ganesh

--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.

To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.

Reply all

Reply to author

Forward