Cas overlay ver 6.3.x integration with pure RADIUS (not MFA RADIUS)
128 views
Skip to first unread message
artur miś
Apr 14, 2021, 11:51:08 AM4/14/21
to CAS Community
Dears,
I have cas.propierties like:#Radius
cas.authn.radius.name=Radius
cas.authn.radius.server.protocol=EAP_MSCHAPv2
cas.authn.radius.server.retries=1
cas.authn.radius.client.authenticationPort=1812
cas.authn.radius.client.sharedSecret=somestring
cas.authn.radius.client.inetAddress=IP
cas.authn.radius.client.accountingPort=1813
build.gradle:
dependencies {
// Add modules in format compatible with overlay casModules property
if (project.hasProperty("casModules")) {
def dependencies = project.getProperty("casModules").split(",")
dependencies.each {
def projectsToAdd = rootProject.subprojects.findAll {project ->
project.name == "cas-server-core-${it}" || project.name == "cas-server-support-${it}"
implementation "org.apereo.cas:cas-server-support-radius:${project.'cas.version'}"
// implementation "org.apereo.cas:cas-server-support-simple-mfa:${project.'cas.version'}"
}
projectsToAdd.each {implementation it}
}
}
I am able prepare image of container .Container is opperating. But i cannnot see any hits on network trafic if i try to log to singned services .Of course i cant log in.What more after sudo docker -f logs <name_of_cont> i cannot see any problems with connection to radius side. Dears Any idea ?
{
"@class" : "org.jasig.cas.services.RegexRegisteredService",
"serviceId" : "^(http|https|imaps)://*",
"name" : "PRG_PABLO",
"id" : 3,
"evaluationOrder" : 0,
"theme" : "nextor",
"authenticationPolicy" : {
"@class" : "org.apereo.cas.services.DefaultRegisteredServiceAuthenticationPolicy",
"requiredAuthenticationHandlers" : ["java.util.TreeSet", [ "Radius" ]]
}
}
Is it generaly possible auth via RADIUS in cas 6.3.x noweaday ?
Any debug setting in log4j2.xml ?
artur miś
Apr 19, 2021, 12:15:02 PM4/19/21
to CAS Community, artur miś
cas.authn.radius.server.nasPortId=-1
cas.authn.radius.server.nasRealPort=-1
cas.authn.radius.server.protocol=EAP_MSCHAPv2
cas.authn.radius.server.retries=3
cas.authn.radius.server.nasPortType=-1
cas.authn.radius.server.nasPort=-1
cas.authn.radius.server.nasIpAddress=
cas.authn.radius.server.nasIpv6Address=
cas.authn.radius.server.nasIdentifier=-1
cas.authn.radius.client.authenticationPort=1812
cas.authn.radius.client.sharedSecret=string
cas.authn.radius.client.socketTimeout=0
cas.authn.radius.client.inetAddress=IPadresradius
cas.authn.radius.client.accountingPort=1813
cas.authn.radius.name=Radius
cas.authn.radius.failoverOnException=false
cas.authn.radius.failoverOnAuthenticationFailure=false
But still no restult i cant see any issues in:
docker logs -f container.
I can do like this too but i think it is the same :
${configurationKey}=cas.authn.radius
an then:
${configurationKey}.server.nasPortId=-1 and than the same .
Andy Ng
Apr 22, 2021, 4:47:15 AM4/22/21
to CAS Community, artur...@gmail.com
Hi there,
While it is CAS 6.2.x and it is quite a long time ago so I forget about most of what I did.
But these configuration is what I used for when I successfully login to Radius using CAS 6.2.x during my demo project:
Note:
- I am using Free Radius
- CAS 6.2.x might differs from CAS 6.3.x
- The Github structure is a bit strange because it is suppose to work as a complete demo project, but I think you can get the most important info just from the path I give above
The most important different I see is that I included
- compile "org.apereo.cas:cas-server-support-simple-mfa:${project.'cas.version'}"
And I marked that this is needed for bug fixes, see if adding that will help you as well.
Cheers,
Andy
Reply all
Reply to author
Forward
0 new messages