cas 5.2.3 and LDAP attributes … failing here
45 views
Skip to first unread message
geoffroy desvernay
Mar 27, 2018, 10:43:16 PM3/27/18
to cas-...@apereo.org
Hi all,
After some hours, I must really miss something trying to make 5.2.x work
as 4.2 (and as 3.x did before)
using DIRECT bind (no administrative binddn/pass), I can log in but no
way to get any attributes from LDAP.
I can search (and find) required data with user credentials on
command-line ldapsearch…
Here is the error (ldaptive debug) attached…
I hope someone can show me my error… or ?
relevant cas.properties lines (with some tests commented):
cas.authn.ldap[0].type=DIRECT
cas.authn.ldap[0].poolPassivator=CLOSE
#cas.authn.ldap[0].poolPassivator=NONE
cas.authn.ldap[0].userFilter=uid={user}
cas.authn.ldap[0].ldapUrl=ldaps://ldapr
cas.authn.ldap[0].baseDn=ou=People,dc=nettest,dc=egim
cas.authn.ldap[0].dnFormat=uid=%s,ou=People,dc=nettest,dc=egim
cas.authn.ldap[0].principalAttributeList=sn,givenName,mailLocalAddress:mail,supannAffectation,eduPersonAffiliation,supannEtuId,supannEmpId,displayName,eduPersonPrincipalName,eduPersonPrimaryAffiliation,postalAddress,telephoneNumber,supannCivilite
cas.authn.ldap[0].principalAttributeId=uid
cas.authn.ldap[0].trustCertificates=file:/etc/ssl/caecm.crt
#cas.authn.ldap[0].enhanceWithEntryResolver=true
#cas.authn.ldap[0].allowMissingPrincipalAttributeValue=true
#cas.authn.attributeRepository.merger=MERGE
cas.authn.ldap[0].passwordPolicy.enabled=false
… And thank you for this great piece of software we are using for more
than 15 years !!!
--
geoffroy desvernay
C.R.I - Administration systèmes et réseaux
Ecole Centrale de Marseille
After some hours, I must really miss something trying to make 5.2.x work
as 4.2 (and as 3.x did before)
using DIRECT bind (no administrative binddn/pass), I can log in but no
way to get any attributes from LDAP.
I can search (and find) required data with user credentials on
command-line ldapsearch…
Here is the error (ldaptive debug) attached…
I hope someone can show me my error… or ?
relevant cas.properties lines (with some tests commented):
cas.authn.ldap[0].type=DIRECT
cas.authn.ldap[0].poolPassivator=CLOSE
#cas.authn.ldap[0].poolPassivator=NONE
cas.authn.ldap[0].userFilter=uid={user}
cas.authn.ldap[0].ldapUrl=ldaps://ldapr
cas.authn.ldap[0].baseDn=ou=People,dc=nettest,dc=egim
cas.authn.ldap[0].dnFormat=uid=%s,ou=People,dc=nettest,dc=egim
cas.authn.ldap[0].principalAttributeList=sn,givenName,mailLocalAddress:mail,supannAffectation,eduPersonAffiliation,supannEtuId,supannEmpId,displayName,eduPersonPrincipalName,eduPersonPrimaryAffiliation,postalAddress,telephoneNumber,supannCivilite
cas.authn.ldap[0].principalAttributeId=uid
cas.authn.ldap[0].trustCertificates=file:/etc/ssl/caecm.crt
#cas.authn.ldap[0].enhanceWithEntryResolver=true
#cas.authn.ldap[0].allowMissingPrincipalAttributeValue=true
#cas.authn.attributeRepository.merger=MERGE
cas.authn.ldap[0].passwordPolicy.enabled=false
… And thank you for this great piece of software we are using for more
than 15 years !!!
--
geoffroy desvernay
C.R.I - Administration systèmes et réseaux
Ecole Centrale de Marseille
0 new messages