Problem CAS 4.2.3 SPENGO
112 views
Skip to first unread message
vosido cedric
Jul 20, 2016, 3:05:46 AM7/20/16
to CAS Community
Hi,
I try to install on a Redhat 7 apache with ssl(proxy ajp), Cas 4.2.3 and use SPENGO to authenticate active directory users.
On my CAS web page i have CAS is Unavailable.
On the cas log i have when i start the service tomcat :
2016-07-20 08:46:40,327 ERROR [org.jasig.cas.util.WebflowCipherExecutor] - Unable to init cipher instance.
org.apache.shiro.crypto.CryptoException: Unable to init cipher instance.
at org.apache.shiro.crypto.JcaCipherService.init(JcaCipherService.java:495)
at org.apache.shiro.crypto.JcaCipherService.initNewCipher(JcaCipherService.java:598)
at org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherService.java:444)
at org.apache.shiro.crypto.JcaCipherService.encrypt(JcaCipherService.java:324)
at org.apache.shiro.crypto.JcaCipherService.encrypt(JcaCipherService.java:313)
...
org.apache.shiro.crypto.CryptoException: Unable to init cipher instance.
at org.apache.shiro.crypto.JcaCipherService.init(JcaCipherService.java:495)
at org.apache.shiro.crypto.JcaCipherService.initNewCipher(JcaCipherService.java:598)
at org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherService.java:444)
at org.apache.shiro.crypto.JcaCipherService.encrypt(JcaCipherService.java:324)
at org.apache.shiro.crypto.JcaCipherService.encrypt(JcaCipherService.java:313)
...
Caused by: java.security.InvalidKeyException: Invalid AES key length: 45 bytes
at com.sun.crypto.provider.AESCrypt.init(AESCrypt.java:87)
at com.sun.crypto.provider.CipherBlockChaining.init(CipherBlockChaining.java:91)
at com.sun.crypto.provider.CipherCore.init(CipherCore.java:582)
at com.sun.crypto.provider.AESCipher.engineInit(AESCipher.java:339)
at javax.crypto.Cipher.implInit(Cipher.java:806)
at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
at javax.crypto.Cipher.init(Cipher.java:1396)
at javax.crypto.Cipher.init(Cipher.java:1327)
at org.apache.shiro.crypto.JcaCipherService.init(JcaCipherService.java:488)
at com.sun.crypto.provider.AESCrypt.init(AESCrypt.java:87)
at com.sun.crypto.provider.CipherBlockChaining.init(CipherBlockChaining.java:91)
at com.sun.crypto.provider.CipherCore.init(CipherCore.java:582)
at com.sun.crypto.provider.AESCipher.engineInit(AESCipher.java:339)
at javax.crypto.Cipher.implInit(Cipher.java:806)
at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
at javax.crypto.Cipher.init(Cipher.java:1396)
at javax.crypto.Cipher.init(Cipher.java:1327)
at org.apache.shiro.crypto.JcaCipherService.init(JcaCipherService.java:488)
on my cas.properties file i have :
tgc.encryption.key=lL584cXnVa0xAVBLdvQAIoU5m_lAZeaJYbW-K2alO-A
tgc.signing.key=SfRb-OdrHCwf8cxad2uoyhKVCzjqezGlakCCw3QsoSZ_A3Eg-nze_Km8eE8ctbLckjEqA1Rr5n5ij4PIyKSCTA
tgc.signing.key=SfRb-OdrHCwf8cxad2uoyhKVCzjqezGlakCCw3QsoSZ_A3Eg-nze_Km8eE8ctbLckjEqA1Rr5n5ij4PIyKSCTA
webflow.encryption.key='qRjMaAQM9tICWG6r_LUAgQBhhWt0oRbMCZ-yvFblO80'
webflow.signing.key='FGfTTobRuvB5tYuRMr8CXrNa9-SeMv6ZQksatx6tuPRzmZpD2v0MKJRM4tDsBimmmwzbUF1kdbmkFzzPG3c1wQ'
# SPNEGO Authentication
#
cas.spnego.ldap.attribute=spnegoattribute
cas.spnego.ldap.filter=host={0}
cas.spnego.ldap.basedn=
cas.spnego.hostname.pattern=.+
cas.spnego.ip.pattern=
cas.spnego.alt.remote.host.attribute
cas.spengo.use.principal.domain=false
cas.spnego.ntlm.allowed=true
cas.spnego.kerb.debug=true
cas.spnego.kerb.realm=TESTO.LOCAL
cas.spnego.kerb.kdc=10.10.50.25
cas.spnego.login.conf.file=/opt/cas-4.2.3/cas-server-webapp/src/main/webapp/WEB-INF/login.conf
cas.spnego.jcifs.domain=
cas.spnego.jcifs.domaincontroller=
cas.spnego.jcifs.netbios.cache.policy:600
cas.spnego.jcifs.netbios.wins=
cas.spnego.jcifs.password=
cas.spnego.jcifs.service.password=
cas.spnego.jcifs.socket.timeout:300000
cas.spnego.jcifs.username=
cas.spnego.kerb.conf=
cas.spnego.ntlm=false
cas.spnego.supportedBrowsers=MSIE,Trident,Firefox,AppleWebKit
cas.spnego.mixed.mode.authn=false
cas.spnego.send.401.authn.failure=false
cas.spnego.principal.resolver.transform=NONE
cas.spnego.service.principal=HTTP/cas.tes...@testo.LOCAL
#
cas.spnego.ldap.attribute=spnegoattribute
cas.spnego.ldap.filter=host={0}
cas.spnego.ldap.basedn=
cas.spnego.hostname.pattern=.+
cas.spnego.ip.pattern=
cas.spnego.alt.remote.host.attribute
cas.spengo.use.principal.domain=false
cas.spnego.ntlm.allowed=true
cas.spnego.kerb.debug=true
cas.spnego.kerb.realm=TESTO.LOCAL
cas.spnego.kerb.kdc=10.10.50.25
cas.spnego.login.conf.file=/opt/cas-4.2.3/cas-server-webapp/src/main/webapp/WEB-INF/login.conf
cas.spnego.jcifs.domain=
cas.spnego.jcifs.domaincontroller=
cas.spnego.jcifs.netbios.cache.policy:600
cas.spnego.jcifs.netbios.wins=
cas.spnego.jcifs.password=
cas.spnego.jcifs.service.password=
cas.spnego.jcifs.socket.timeout:300000
cas.spnego.jcifs.username=
cas.spnego.kerb.conf=
cas.spnego.ntlm=false
cas.spnego.supportedBrowsers=MSIE,Trident,Firefox,AppleWebKit
cas.spnego.mixed.mode.authn=false
cas.spnego.send.401.authn.failure=false
cas.spnego.principal.resolver.transform=NONE
cas.spnego.service.principal=HTTP/cas.tes...@testo.LOCAL
thanks for your help
good day
Reply all
Reply to author
Forward
0 new messages