CAS 5 does not read cas.properties file
1,627 views
Skip to first unread message
Philippe MARASSE
Aug 8, 2016, 10:42:41 AM8/8/16
to cas-...@apereo.org
Folks,
I'm preparing a new CAS service for our organisation (we use CAS 3.5 for years now :-) ), my plan is to upgrade to v5 in order to use MFA.
I'm using maven overlay (from https://apereo.github.io/cas/development/installation/Maven-Overlay-Installation.html )
and json service registry
Unfortunately, I did not manage to make cas read my customized properties.
1st try : cas/WEB-INF/spring-configuration/propertyFileConfigurer.xml is not read
verified with iwatch tool.
2nd try : moved this file as WEB-INF/deployerConfigContext.xml (the packaged one is empty), this file get read but catalina.out shows :
08-Aug-2016 15:29:35.339 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployWAR Déploiement de l'archive /var/tomcat/inst2/webapps/cas.war de l'application web
08-Aug-2016 15:29:41.429 INFO [localhost-startStop-1] org.apache.jasper.servlet.TldScanner.scanJars At least one JAR was scanned for TLDs yet contained no TLDs. Enable debug logging for this logger for a complete list of JARs that were scanned but no TLDs were found in them. Skipping unneeded JARs during scanning can improve startup time and JSP compilation time.
__ ____ _ ____ __
/ / / ___| / \ / ___| \ \
| | | | / _ \ \___ \ | |
| | | |___ / ___ \ ___) | | |
| | \____|/_/ \_\|____/ | |
\_\ /_/
CAS Version: 5.0.0.RC1-SNAPSHOT
Build Date/Time: 2016-08-08T07:37:10Z
Java Home: /usr/java/jdk1.8.0_101/jre
Java Vendor: Oracle Corporation
Java Version: 1.8.0_101
OS Architecture: i386
OS Name: Linux
OS Version: 3.16.0-4-686-pae
2016-08-08 15:29:45,485 INFO [org.apereo.cas.web.CasWebApplicationServletInitializer] - <The following profiles are active: native>
2016-08-08 15:29:49,005 WARN [org.springframework.context.annotation.ConfigurationClassPostProcessor] - <Cannot enhance @Configuration bean definition 'refreshScope' since its singleton instance has been created too early. The typical cause is a non-static @Bean method with a BeanDefinitionRegistryPostProcessor return type: Consider declaring such methods as 'static'.>
2016-08-08 15:29:49,393 WARN [org.springframework.boot.context.properties.ConfigurationPropertiesBindingPostProcessor] - <Multiple PropertySourcesPlaceholderConfigurer beans registered [placeHolderConfigurer, org.springframework.context.support.PropertySourcesPlaceholderConfigurer#0], falling back to Environment>
2016-08-08 15:29:51,702 INFO [org.apereo.cas.services.AbstractResourceBasedServiceRegistryDao] - <Watching service registry directory at /var/tomcat/inst2/webapps/cas/WEB-INF/classes/services>
2016-08-08 15:29:51,952 INFO [org.apereo.cas.services.DefaultServicesManagerImpl] - <Loaded 2 services from JsonServiceRegistryDao.>
2016-08-08 15:29:58,240 WARN [org.apereo.cas.WebflowConversationStateCipherExecutor] - <Secret key for signing is not defined. CAS will attempt to auto-generate the signing key>
2016-08-08 15:29:58,247 WARN [org.apereo.cas.WebflowConversationStateCipherExecutor] - <Generated signing key UfOXj8N0pNAX6QJQHL4ewu_cvlTAHo6abg0NqUhf7y-vlOT_brv2Eq9sDspXBir1bGXZMME9FaX0II1Jd0CB0g of size 512. The generated key MUST be added to CAS settings.>
2016-08-08 15:29:58,247 WARN [org.apereo.cas.WebflowConversationStateCipherExecutor] - <No encryption key is defined. CAS will attempt to auto-generate keys>
2016-08-08 15:29:58,248 WARN [org.apereo.cas.WebflowConversationStateCipherExecutor] - <Generated encryption key KgExTpQBSNYWtAxn of size 16. The generated key MUST be added to CAS settings.>
2016-08-08 15:30:05,729 INFO [org.apereo.cas.configuration.CasConfigurationRebinder] - <Reloading CAS configuration via cas-org.apereo.cas.configuration.CasConfigurationProperties>
2016-08-08 15:30:05,876 INFO [org.apereo.cas.configuration.CasConfigurationRebinder] - <Reloaded CAS configuration cas-org.apereo.cas.configuration.CasConfigurationProperties>
2016-08-08 15:30:08,132 WARN [org.apereo.cas.util.TicketGrantingCookieCipherExecutor] - <Secret key for encryption is not defined. CAS will attempt to auto-generate the encryption key>
2016-08-08 15:30:08,133 WARN [org.apereo.cas.util.TicketGrantingCookieCipherExecutor] - <Generated encryption key JN9SKOR9JI8cvJs6u7HfICuE24qxfHgzsZ6APedCV2w of size 256. The generated key MUST be added to CAS settings.>
2016-08-08 15:30:08,133 WARN [org.apereo.cas.util.TicketGrantingCookieCipherExecutor] - <Secret key for signing is not defined. CAS will attempt to auto-generate the signing key>
2016-08-08 15:30:08,133 WARN [org.apereo.cas.util.TicketGrantingCookieCipherExecutor] - <Generated signing key O9OEbsskQwZCAn0LgbEIUhMa7LwrLJoaSizSS6upqfBG0AowkzxrYudB-r_e5avpvuTf4ekCcr3iwxXw4cR_ZQ of size 512. The generated key MUST be added to CAS settings.>
2016-08-08 15:30:08,581 INFO [org.apereo.cas.configuration.support.Beans] - <Ticket registry encryption/signing is turned off. This may NOT be safe in a clustered production environment. Consider using other choices to handle encryption, signing and verification of ticket registry tickets.>
2016-08-08 15:30:08,647 INFO [org.apereo.cas.web.CasWebApplicationServletInitializer] - <Started CasWebApplicationServletInitializer in 26.485 seconds (JVM running for 34.81)>
my cas.properties contains these customizations (from maven overlay template) :
tgc.encryption.key=ppL7OCfnABdvhjzCz3z1b7xsngqBTnBBWBsthw_wC7E
tgc.signing.key=JVKEUrcfz0j76Dh6gzyQBuKkSIJpVpFzAflfWcL9DclY4N66kddjT0zFJ35RgbfC6yCWd5DLKmco70zTbKPhfg
tgc.secure=true
service.registry.config.location=/etc/chl/cas5/services
and cas.properties is never read... (json services read from classpath instead of my location, keys generated instead of configured ones)
What am I doing wrong ??
relevant portion of my pom.xml :
<properties>
<!-- Propriétés du projet -->
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<java.source.version>1.8</java.source.version>
<java.target.version>1.8</java.target.version>
...
<!-- Version de CAS support -->
<cas.groupId>org.apereo.cas</cas.groupId>
<cas.version>5.0.0.RC1-SNAPSHOT</cas.version>
</properties>
...
<dependencies>
...
<dependency>
<groupId>${cas.groupId}</groupId>
<artifactId>cas-server-webapp</artifactId>
<version>${cas.version}</version>
<type>war</type>
<scope>runtime</scope>
</dependency>
<!-- Authentification -->
<dependency>
<groupId>${cas.groupId}</groupId>
<artifactId>cas-server-support-spnego</artifactId>
<version>${cas.version}</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>${cas.groupId}</groupId>
<artifactId>cas-server-support-spnego-webflow</artifactId>
<version>${cas.version}</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>${cas.groupId}</groupId>
<artifactId>cas-server-support-json-service-registry</artifactId>
<version>${cas.version}</version>
</dependency>
</dependencies>
Regards.
I'm preparing a new CAS service for our organisation (we use CAS 3.5 for years now :-) ), my plan is to upgrade to v5 in order to use MFA.
I'm using maven overlay (from https://apereo.github.io/cas/development/installation/Maven-Overlay-Installation.html )
and json service registry
Unfortunately, I did not manage to make cas read my customized properties.
1st try : cas/WEB-INF/spring-configuration/propertyFileConfigurer.xml is not read
verified with iwatch tool.
2nd try : moved this file as WEB-INF/deployerConfigContext.xml (the packaged one is empty), this file get read but catalina.out shows :
08-Aug-2016 15:29:35.339 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployWAR Déploiement de l'archive /var/tomcat/inst2/webapps/cas.war de l'application web
08-Aug-2016 15:29:41.429 INFO [localhost-startStop-1] org.apache.jasper.servlet.TldScanner.scanJars At least one JAR was scanned for TLDs yet contained no TLDs. Enable debug logging for this logger for a complete list of JARs that were scanned but no TLDs were found in them. Skipping unneeded JARs during scanning can improve startup time and JSP compilation time.
__ ____ _ ____ __
/ / / ___| / \ / ___| \ \
| | | | / _ \ \___ \ | |
| | | |___ / ___ \ ___) | | |
| | \____|/_/ \_\|____/ | |
\_\ /_/
CAS Version: 5.0.0.RC1-SNAPSHOT
Build Date/Time: 2016-08-08T07:37:10Z
Java Home: /usr/java/jdk1.8.0_101/jre
Java Vendor: Oracle Corporation
Java Version: 1.8.0_101
OS Architecture: i386
OS Name: Linux
OS Version: 3.16.0-4-686-pae
2016-08-08 15:29:45,485 INFO [org.apereo.cas.web.CasWebApplicationServletInitializer] - <The following profiles are active: native>
2016-08-08 15:29:49,005 WARN [org.springframework.context.annotation.ConfigurationClassPostProcessor] - <Cannot enhance @Configuration bean definition 'refreshScope' since its singleton instance has been created too early. The typical cause is a non-static @Bean method with a BeanDefinitionRegistryPostProcessor return type: Consider declaring such methods as 'static'.>
2016-08-08 15:29:49,393 WARN [org.springframework.boot.context.properties.ConfigurationPropertiesBindingPostProcessor] - <Multiple PropertySourcesPlaceholderConfigurer beans registered [placeHolderConfigurer, org.springframework.context.support.PropertySourcesPlaceholderConfigurer#0], falling back to Environment>
2016-08-08 15:29:51,702 INFO [org.apereo.cas.services.AbstractResourceBasedServiceRegistryDao] - <Watching service registry directory at /var/tomcat/inst2/webapps/cas/WEB-INF/classes/services>
2016-08-08 15:29:51,952 INFO [org.apereo.cas.services.DefaultServicesManagerImpl] - <Loaded 2 services from JsonServiceRegistryDao.>
2016-08-08 15:29:58,240 WARN [org.apereo.cas.WebflowConversationStateCipherExecutor] - <Secret key for signing is not defined. CAS will attempt to auto-generate the signing key>
2016-08-08 15:29:58,247 WARN [org.apereo.cas.WebflowConversationStateCipherExecutor] - <Generated signing key UfOXj8N0pNAX6QJQHL4ewu_cvlTAHo6abg0NqUhf7y-vlOT_brv2Eq9sDspXBir1bGXZMME9FaX0II1Jd0CB0g of size 512. The generated key MUST be added to CAS settings.>
2016-08-08 15:29:58,247 WARN [org.apereo.cas.WebflowConversationStateCipherExecutor] - <No encryption key is defined. CAS will attempt to auto-generate keys>
2016-08-08 15:29:58,248 WARN [org.apereo.cas.WebflowConversationStateCipherExecutor] - <Generated encryption key KgExTpQBSNYWtAxn of size 16. The generated key MUST be added to CAS settings.>
2016-08-08 15:30:05,729 INFO [org.apereo.cas.configuration.CasConfigurationRebinder] - <Reloading CAS configuration via cas-org.apereo.cas.configuration.CasConfigurationProperties>
2016-08-08 15:30:05,876 INFO [org.apereo.cas.configuration.CasConfigurationRebinder] - <Reloaded CAS configuration cas-org.apereo.cas.configuration.CasConfigurationProperties>
2016-08-08 15:30:08,132 WARN [org.apereo.cas.util.TicketGrantingCookieCipherExecutor] - <Secret key for encryption is not defined. CAS will attempt to auto-generate the encryption key>
2016-08-08 15:30:08,133 WARN [org.apereo.cas.util.TicketGrantingCookieCipherExecutor] - <Generated encryption key JN9SKOR9JI8cvJs6u7HfICuE24qxfHgzsZ6APedCV2w of size 256. The generated key MUST be added to CAS settings.>
2016-08-08 15:30:08,133 WARN [org.apereo.cas.util.TicketGrantingCookieCipherExecutor] - <Secret key for signing is not defined. CAS will attempt to auto-generate the signing key>
2016-08-08 15:30:08,133 WARN [org.apereo.cas.util.TicketGrantingCookieCipherExecutor] - <Generated signing key O9OEbsskQwZCAn0LgbEIUhMa7LwrLJoaSizSS6upqfBG0AowkzxrYudB-r_e5avpvuTf4ekCcr3iwxXw4cR_ZQ of size 512. The generated key MUST be added to CAS settings.>
2016-08-08 15:30:08,581 INFO [org.apereo.cas.configuration.support.Beans] - <Ticket registry encryption/signing is turned off. This may NOT be safe in a clustered production environment. Consider using other choices to handle encryption, signing and verification of ticket registry tickets.>
2016-08-08 15:30:08,647 INFO [org.apereo.cas.web.CasWebApplicationServletInitializer] - <Started CasWebApplicationServletInitializer in 26.485 seconds (JVM running for 34.81)>
my cas.properties contains these customizations (from maven overlay template) :
tgc.encryption.key=ppL7OCfnABdvhjzCz3z1b7xsngqBTnBBWBsthw_wC7E
tgc.signing.key=JVKEUrcfz0j76Dh6gzyQBuKkSIJpVpFzAflfWcL9DclY4N66kddjT0zFJ35RgbfC6yCWd5DLKmco70zTbKPhfg
tgc.secure=true
service.registry.config.location=/etc/chl/cas5/services
and cas.properties is never read... (json services read from classpath instead of my location, keys generated instead of configured ones)
What am I doing wrong ??
relevant portion of my pom.xml :
<properties>
<!-- Propriétés du projet -->
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<java.source.version>1.8</java.source.version>
<java.target.version>1.8</java.target.version>
...
<!-- Version de CAS support -->
<cas.groupId>org.apereo.cas</cas.groupId>
<cas.version>5.0.0.RC1-SNAPSHOT</cas.version>
</properties>
...
<dependencies>
...
<dependency>
<groupId>${cas.groupId}</groupId>
<artifactId>cas-server-webapp</artifactId>
<version>${cas.version}</version>
<type>war</type>
<scope>runtime</scope>
</dependency>
<!-- Authentification -->
<dependency>
<groupId>${cas.groupId}</groupId>
<artifactId>cas-server-support-spnego</artifactId>
<version>${cas.version}</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>${cas.groupId}</groupId>
<artifactId>cas-server-support-spnego-webflow</artifactId>
<version>${cas.version}</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>${cas.groupId}</groupId>
<artifactId>cas-server-support-json-service-registry</artifactId>
<version>${cas.version}</version>
</dependency>
</dependencies>
Regards.
-- Philippe MARASSE Responsable pôle Infrastructures - DSIO Centre Hospitalier Henri Laborit CS 10587 - 370 avenue Jacques Cœur 86021 Poitiers Cedex Tel : 05.49.44.57.19
Dmitriy Kopylenko
Aug 8, 2016, 11:02:00 AM8/8/16
to Philippe MARASSE, CAS Community
This should shed some light on CAS v5 configuration facilities: https://apereo.github.io/cas/development/installation/Configuration-Management.html
D.
--
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To post to this group, send email to cas-...@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/8a4abe26-6887-caad-333c-fb578208c169%40ch-poitiers.fr.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.
Misagh Moayyed
Aug 8, 2016, 11:02:48 AM8/8/16
to cas-...@apereo.org
Simply put, you should be following the docs here:
There is no “propertyFileConfigurer.xml”. Using “deployerConfigContext.xml” is also useless for most if not all cases.
--
Misagh
Misagh
Philippe MARASSE
Aug 8, 2016, 11:48:24 AM8/8/16
to cas-...@apereo.org
Thanks for your replies,
I was not on the good branch, now I am :-). Following Dmitriy's directions, I've modified application.properties to include :
spring.profiles.active=native
spring.cloud.config.server.native.searchLocations=file:///etc/chl/cas5/config
The properties file is read, but... json files continues to be read from classpath instead of property set. My new cleaned-up cas.properties is now :
##
# CAS Server Host/Prefix
#
cas.server.name=https://id.ch-poitiers.fr
cas.server.prefix=${server.name}/cas
##
# CAS Configuration Cloud Amqp Bus
#
spring.cloud.bus.enabled=false
spring.cloud.bus.refresh.enabled=true
spring.cloud.bus.env.enabled=true
spring.cloud.bus.destination=CasCloudBus
spring.cloud.bus.ack.enabled=true
# spring.activemq.broker-url=
# spring.activemq.in-memory=
# spring.activemq.pooled=
# spring.activemq.user=
# spring.activemq.password=
cas.serviceRegistry.config.location=file:///etc/chl/cas5/services
From log file :
2016-08-08 17:44:16,483 INFO [org.apereo.cas.services.AbstractResourceBasedServiceRegistryDao] - <Watching service registry directory at /var/tomcat/inst2/webapps/cas/WEB-INF/classes/services>
is cas.serviceRegistry.config.location the right property ? (taken from v5 template)
Regards.
I was not on the good branch, now I am :-). Following Dmitriy's directions, I've modified application.properties to include :
spring.profiles.active=native
spring.cloud.config.server.native.searchLocations=file:///etc/chl/cas5/config
The properties file is read, but... json files continues to be read from classpath instead of property set. My new cleaned-up cas.properties is now :
##
# CAS Server Host/Prefix
#
cas.server.name=https://id.ch-poitiers.fr
cas.server.prefix=${server.name}/cas
##
# CAS Configuration Cloud Amqp Bus
#
spring.cloud.bus.enabled=false
spring.cloud.bus.refresh.enabled=true
spring.cloud.bus.env.enabled=true
spring.cloud.bus.destination=CasCloudBus
spring.cloud.bus.ack.enabled=true
# spring.activemq.broker-url=
# spring.activemq.in-memory=
# spring.activemq.pooled=
# spring.activemq.user=
# spring.activemq.password=
cas.serviceRegistry.config.location=file:///etc/chl/cas5/services
From log file :
2016-08-08 17:44:16,483 INFO [org.apereo.cas.services.AbstractResourceBasedServiceRegistryDao] - <Watching service registry directory at /var/tomcat/inst2/webapps/cas/WEB-INF/classes/services>
is cas.serviceRegistry.config.location the right property ? (taken from v5 template)
Regards.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/etPan.57a89f0b.7fb6ac3c.2c03%40unicon.net.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.
David Brown
Nov 17, 2016, 9:23:24 AM11/17/16
to jasig-cas-user, cas-...@apereo.org, philippe...@ch-poitiers.fr
Howdy, I have read thru this thread. I can't see anything to improve the same error condition you describe. Did you ever get CAS to start without stopping? I had a previous version of CAS working on a Linux box. Now I'm on a Mac and can't get it to work. I need this for development purposes only to test application before using the production CAS server. Please advise.
Philippe MARASSE
Nov 17, 2016, 11:02:55 AM11/17/16
to David Brown, cas-...@apereo.org
Hello,
Fortunately, I've found that this property :
spring.cloud.config.server.native.searchLocations=file:/etc/cas5/config
placed in bootstrap.properties file do the job.
on Mac, once JDK (dmg file from Oracle) and Tomcat (from tar.gz) are installed, catalina.sh script should work. Don't forget to set JAVA_HOME environment variable with something like :
/Library/Java/JavaVirtualMachines/jdk1.8.0_111.jdk/Contents/Home
Regards.
Fortunately, I've found that this property :
spring.cloud.config.server.native.searchLocations=file:/etc/cas5/config
placed in bootstrap.properties file do the job.
on Mac, once JDK (dmg file from Oracle) and Tomcat (from tar.gz) are installed, catalina.sh script should work. Don't forget to set JAVA_HOME environment variable with something like :
/Library/Java/JavaVirtualMachines/jdk1.8.0_111.jdk/Contents/Home
Regards.
Message has been deleted
Baron Fujimoto
Mar 23, 2017, 2:39:09 PM3/23/17
to cas-...@apereo.org
On Wed, Mar 22, 2017 at 04:36:57PM -0700, sergey kovalchuk wrote:
>
>I have faced with the same problem Philippe MARASSE described: system reads
>services from classpath only
>How to specify a directory insted of classpath?
We've used the following to customize our config location:
In the overlay, src/main/resources/bootstap.properties:
spring.cloud.config.server.native.searchLocations=file:///path/to/cas/config_dir
HTH,
-baron
--
Baron Fujimoto <ba...@hawaii.edu> :: UH Information Technology Services
minutas cantorum, minutas balorum, minutas carboratum desendus pantorum
>
>I have faced with the same problem Philippe MARASSE described: system reads
>services from classpath only
>How to specify a directory insted of classpath?
We've used the following to customize our config location:
In the overlay, src/main/resources/bootstap.properties:
spring.cloud.config.server.native.searchLocations=file:///path/to/cas/config_dir
HTH,
-baron
--
Baron Fujimoto <ba...@hawaii.edu> :: UH Information Technology Services
minutas cantorum, minutas balorum, minutas carboratum desendus pantorum
Reply all
Reply to author
Forward
0 new messages