CAS 6.4 / Netty errors

[hakim yahiaoui]

Hi,

I try to install a version 6.4 (apereo overlay with gradle).

When i set the ldaps (636) configuration, the application does not start with netty errors :

[2022-01-06 12:13:23] [info] #011at io.netty.channel.DefaultChannelPipeline.callHandlerAdded0(DefaultChannelPipeline.java:609) ~[netty-transport-4.1.65.Final.jar:4.1.65.Final]
[2022-01-06 12:13:23] [info] #011... 22 more
[2022-01-06 12:13:23] [info] #033[1;31m2022-01-06 12:13:22,482 ERROR [org.ldaptive.transport.netty.NettyConnection] - <Connection open failed for org.ldaptive.transport.netty.NettyConnection@1411228055::ldapUrl=[org.ldaptive.LdapURL@-1714799616::scheme=ldaps, hostname=ldap-test.xxxxx, port=636, baseDn=null, attributes=null, scope=null, filter=null, inetAddress=null], isOpen=false, connectTime=null, connectionConfig=[org.ldaptive.ConnectionConfig@1966714934::ldapUrl=ldaps://ldap-test.xxxxxxx:636, connectTimeout=PT5S, responseTimeout=PT5S, reconnectTimeout=PT2M, autoReconnect=true, autoReconnectCondition=org.ldaptive.ConnectionConfig$$Lambda$1322/0x0000000840978840@27be85ef, autoReplay=true, sslConfig=[org.ldaptive.ssl.SslConfig@1049244395::credentialConfig=[org.ldaptive.ssl.X509CredentialConfig@188732873::trustCertificates=file:/etc/cas/certldap.crt, authenticationCertificate=null, authenticationKey=null], trustManagers=null, hostnameVerifier=org.ldaptive.ssl.DefaultHostnameVerifier@48d72a79, enabledCipherSuites=null, enabledProtocols=null, handshakeCompletedListeners=null, handshakeTimeout=PT1M], useStartTLS=false, connectionInitializers=[org.ldaptive.BindConnectionInitializer@464174685::bindDn=cn=xxxxxxxxxxxx , bindSaslConfig=null, bindControls=null], connectionStrategy=org.ldaptive.ActivePassiveConnectionStrategy@70579b55, connectionValidator=null, transportOptions={}], channel=null>#033[m
[2022-01-06 12:13:23] [info] org.ldaptive.ConnectException: io.netty.channel.StacklessClosedChannelException

Here is my configuration :

cas.authn.accept.users=
cas.authn.ldap[0].providerClass=org.ldaptive.provider.unboundid.UnboundIDProvider
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].ldap-url=ldaps://XXXXX:636

cas.authn.ldap[0].base-dn=dc=XXXXX,dc=fr
cas.authn.ldap[0].subtreeSearch=true
cas.authn.ldap[0].search-filter=uid={user}
cas.authn.ldap[0].bind-dn=XXXXX
cas.authn.ldap[0].bind-credential=XXXXX

cas.authn.ldap[0].trustCertificates=file:/etc/cas/certldap.crt

Can anybody help me please ? Am i missing a parameter ?

Regards

[Pablo Vidaurri]

Your log shows:

baseDn=null

Looks like it's not picking up your value from your config.

[Pablo Vidaurri]

Also, try removing

cas.authn.ldap[0].providerClass=org.ldaptive.provider.unboundid.UnboundIDProvider

I recall I was using this once, then removed it after an upgrade.

On Thursday, January 6, 2022 at 5:27:22 AM UTC-6 hakim yahiaoui wrote:

[hakim yahiaoui]

thank you for your reply

For the baseDn, it seems that Netty does'nt get the value for this parameter but it doesn't seem to be the problem.

In the LDAP logs on LDAP server, i don't see any connection (not even in error).

The problem is with the class netty-transport-4.1.65.Final.jar . When i remove it, it's working.

[Daniel Fisher]

On Thu, Jan 6, 2022 at 10:03 AM hakim yahiaoui <haki...@msn.com> wrote:

thank you for your reply

For the baseDn, it seems that Netty does'nt get the value for this parameter but it doesn't seem to be the problem.

In the LDAP logs on LDAP server, i don't see any connection (not even in error).

The problem is with the class netty-transport-4.1.65.Final.jar . When i remove it, it's working.

Can you confirm whether you have conflicting netty jars in your classpath?

--Daniel Fisher

[hakim yahiaoui]

I don't see any conflict.

But i found a solution. Until now, i was running CAS application with the tomcat of the distrib Debian 9.

I tried to download from web and install apache tomcat 9 and it's working.

i think i will stay like this.

Thanks