Cas5 Ldap Authentication
416 views
Skip to first unread message
yashwanth chowdary
Mar 7, 2018, 7:16:16 AM3/7/18
to CAS Community
I was trying to connect ldap using below properties.Getting an errror that failed to bind authn.ldap[0].userFilter .you can observe the error in the attched file.
cas.authn.ldap[0].order=0
cas.authn.ldap[0].name=AD
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].ldapUrl=ldaps://*******.net
cas.authn.ldap[0].useSsl=true
cas.authn.ldap[0].connectTimeout=5000
cas.authn.ldap[0].baseDn=DC=****,DC=**
cas.authn.ldap[0].userFilter=(sAMAccountName={user})
cas.authn.ldap[0].subtreeSearch=true
cas.authn.ldap[0].principalAttributeList=sn,givenName,memberOf,cn
cas.authn.ldap[0].bindDn=CN=wls,CN=users,DC=***,DC=**
cas.authn.ldap[0].bindCredential=*****
David Curry
Mar 7, 2018, 7:53:27 AM3/7/18
to cas-...@apereo.org
You don't say what version you're using, but the userFilter property was renamed to searchFilter between 5.2 and 5.3 as part of the property documentation cleanup.
(Documented here: https://apereo.github.io/2017/12/29/530rc1-release/#documentation-cleanup)
--Dave
--
DAVID A. CURRY, CISSP
DIRECTOR OF INFORMATION SECURITY
INFORMATION TECHNOLOGY
71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 212 229-5300 x4728 • david...@newschool.edu
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/5f038471-77d5-4465-af36-a30fbad54426%40apereo.org.
yashwanth chowdary
Mar 8, 2018, 7:52:46 AM3/8/18
to CAS Community
Hi David ,
Is this the correct way to initialize my principalAttributeList?
By the way , I am using 5.3.0RC2 version
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
David Curry
Mar 8, 2018, 8:12:04 AM3/8/18
to cas-...@apereo.org
It looks right, but I have never used that particular property, so I'm just guessing.
In our environment we have to merge attributes from two different directories, so I have the authentication and attribute resolution configured separately and list the attributes out individually.
Someone else can probably weigh in on whether that's correct, though. I'm pretty sure others are using that property.
--Dave
--
DAVID A. CURRY, CISSP
DIRECTOR OF INFORMATION SECURITY
INFORMATION TECHNOLOGY
71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 212 229-5300 x4728 • david...@newschool.edu
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/0e00fd5f-9590-44be-9ab0-cf3ccd5f84bb%40apereo.org.
yashwanth chowdary
Mar 8, 2018, 8:57:48 AM3/8/18
to CAS Community
Dave can you give a ref for writing our own customization handlers and configuration classes for Ldap
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/0e00fd5f-9590-44be-9ab0-cf3ccd5f84bb%40apereo.org.
David Curry
Mar 8, 2018, 9:04:56 AM3/8/18
to cas-...@apereo.org
Other than the CAS documentation, sorry, no. There are probably other people on the list who can.
We are using out-of-the-box configured-with-plain-old-cas.properties interfaces only, no custom code.
For what it's worth, the configuration we're running (we're putting it into production later this month), with step-by-step instructions for building/configuring it, is documented here:
I haven't gotten time to document the user interface branding and addition of Google Apps SSO support yet, but hope to in the next few weeks.
--Dave
--
DAVID A. CURRY, CISSP
DIRECTOR OF INFORMATION SECURITY
INFORMATION TECHNOLOGY
71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 212 229-5300 x4728 • david...@newschool.edu
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/7d07d053-7bf9-454b-bb02-0b4c56d3806f%40apereo.org.
yashwanth chowdary
Mar 8, 2018, 9:32:52 AM3/8/18
to CAS Community
Dave I have written my .own classes handler,configuration(please refer to the attached files).What i observe is My handler is getting registered properly but when i give the credentials the method "authenticateUsernamePasswordInternal" is not getting called. properties are same as above .
David Curry
Mar 8, 2018, 11:30:26 AM3/8/18
to cas-...@apereo.org
As I said, I have no experience at all with that stuff, sorry. I'm an old 'C' programmer who only writes Java under duress. :-)
David A. Curry, CISSP
Director of Information Security
The New School - Information Technology
71 Fifth Ave., 9th Fl. ~ New York, NY 10003
+1 212 229-5300 x4728 ~ david...@newschool.edu
Sent from my phone; please excuse typos and inane auto-corrections.
David A. Curry, CISSP
Director of Information Security
The New School - Information Technology
71 Fifth Ave., 9th Fl. ~ New York, NY 10003
+1 212 229-5300 x4728 ~ david...@newschool.edu
Sent from my phone; please excuse typos and inane auto-corrections.
On Mar 8, 2018 09:32, "yashwanth chowdary" <ryashwanthk...@gmail.com> wrote:
Dave I have written my .own classes handler,configuration(please refer to the attached files).What i observe is My handler is getting registered properly but when i give the credentials the method "authenticateUsernamePasswordInternal" is not getting called. properties are same as above .
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/8179af60-49fd-44fc-bcb4-6bd00adae092%40apereo.org.
Man H
Mar 8, 2018, 12:09:54 PM3/8/18
to cas-...@apereo.org
2018-03-08 11:32 GMT-03:00 yashwanth chowdary <ryashwanthk...@gmail.com>:
Dave I have written my .own classes handler,configuration(please refer to the attached files).What i observe is My handler is getting registered properly but when i give the credentials the method "authenticateUsernamePasswordInternal" is not getting called. properties are same as above .
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/8179af60-49fd-44fc-bcb4-6bd00adae092%40apereo.org.
Alberto Cabello Sánchez
Mar 9, 2018, 2:33:38 AM3/9/18
to cas-...@apereo.org
On Thu, 8 Mar 2018 06:32:52 -0800 (PST)
yashwanth chowdary <ryashwanthk...@gmail.com> wrote:
> I have written my .own classes handler,configuration(please refer to
> the attached files).What i observe is My handler is getting registered
> properly but when i give the credentials the method
> "authenticateUsernamePasswordInternal" is not getting called.
> Properties are same as above.
yashwanth chowdary <ryashwanthk...@gmail.com> wrote:
> I have written my .own classes handler,configuration(please refer to
> the attached files).What i observe is My handler is getting registered
> properly but when i give the credentials the method
> "authenticateUsernamePasswordInternal" is not getting called.
How does CAS know that cas.authn.ldap[0].* properties refer to your handler
rather than a "regular" LDAP handler?
--
Alberto Cabello Sánchez
Servicio de Informática
Universidad de Extremadura
Ben Howell-Thomas
Mar 21, 2018, 9:37:00 AM3/21/18
to cas-...@apereo.org
Did you work it out?
But the documentation suggests it'll just pick it up and run it (which means I'm doing wrong by overriding LdapAuthenticationConfiguration, creating much more work for myself on upgrades).
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/20180309083359.da0ed1d9e05b1a1b67a65ee4%40unex.es.
This email is sent on behalf of Northgate Public Services (UK) Limited and its associated companies including Rave Technologies (India) Pvt Limited (together "Northgate Public Services") and is strictly confidential and intended solely for the addressee(s).
If you are not the intended recipient of this email you must: (i) not disclose, copy or distribute its contents to any other person nor use its contents in any way or you may be acting unlawfully; (ii) contact Northgate Public Services immediately on +44(0)1442 768445 quoting the name of the sender and the addressee then delete it from your system.
Northgate Public Services has taken reasonable precautions to ensure that no viruses are contained in this email, but does not accept any responsibility once this email has been transmitted. You should scan attachments (if any) for viruses.
Northgate Public Services (UK) Limited, registered in England and Wales under number 00968498 with a registered address of Peoplebuilding 2, Peoplebuilding Estate, Maylands Avenue, Hemel Hempstead, Hertfordshire, HP2 4NW. Rave Technologies (India) Pvt Limited, registered in India under number 117068 with a registered address of 2nd Floor, Ballard House, Adi Marzban Marg, Ballard Estate, Mumbai, Maharashtra, India, 400001.
yashwanth chowdary
Apr 12, 2018, 10:20:26 AM4/12/18
to CAS Community
Hi Manfredo Hopp,
How to send authorities to an application
On Thursday, March 8, 2018 at 11:09:54 AM UTC-6, Manfredo Hopp wrote:
2018-03-08 11:32 GMT-03:00 yashwanth chowdary <ryashwanthk...@gmail.com>:
Dave I have written my .own classes handler,configuration(please refer to the attached files).What i observe is My handler is getting registered properly but when i give the credentials the method "authenticateUsernamePasswordInternal" is not getting called. properties are same as above .
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
Reply all
Reply to author
Forward
0 new messages