ldapAuthenticationHandler
162 views
Skip to first unread message
Jeffrey Ramsay
Sep 8, 2016, 5:34:13 PM9/8/16
to CAS Community
Ok. I tried to follow the link to setup LDAP authentication and it's not working.
https://apereo.github.io/cas/development/installation/Configuration-Properties.html#ldap-authentication
I configured the following in cas.properties but I'm not sure if I'm on the right path:
##
# CAS Authentication Policy
#
cas.authn.policy.any.tryall=false
cas.authn.policy.req.tryall=true
cas.authn.policy.req.handlername=ldapAuthenticationHandler
#cas.authn.policy.req.handlername=org.apereo.cas.authentication.LdapAuthenticationHandler
cas.authn.policy.req.enabled=true
##
# Ldap Authentication
#
cas.authn.accept.users=
cas.authn.ldap[0].ldapUrl=ldap://localhost:389
cas.authn.ldap[0].useSsl=false
cas.authn.ldap[0].useStartTls=false
cas.authn.ldap[0].connectTimeout=5000
I don't know how to configure the deployerConfigContext.xml if that's even needed at all. I found an overlay someone uploaded and it had something along these lines but it's not correct.
<util:map id="authenticationHandlersAndResolvers">
<entry key-ref="ldapAuthenticationHandler" value-ref="#{null}" />
</util:map>
Any help would be most appreciated.
-Jeff
https://apereo.github.io/cas/development/installation/Configuration-Properties.html#ldap-authentication
I configured the following in cas.properties but I'm not sure if I'm on the right path:
##
# CAS Authentication Policy
#
cas.authn.policy.any.tryall=false
cas.authn.policy.req.tryall=true
cas.authn.policy.req.handlername=ldapAuthenticationHandler
#cas.authn.policy.req.handlername=org.apereo.cas.authentication.LdapAuthenticationHandler
cas.authn.policy.req.enabled=true
##
# Ldap Authentication
#
cas.authn.accept.users=
cas.authn.ldap[0].ldapUrl=ldap://localhost:389
cas.authn.ldap[0].useSsl=false
cas.authn.ldap[0].useStartTls=false
cas.authn.ldap[0].connectTimeout=5000
I don't know how to configure the deployerConfigContext.xml if that's even needed at all. I found an overlay someone uploaded and it had something along these lines but it's not correct.
<util:map id="authenticationHandlersAndResolvers">
<entry key-ref="ldapAuthenticationHandler" value-ref="#{null}" />
</util:map>
Any help would be most appreciated.
-Jeff
Misagh Moayyed
Sep 9, 2016, 3:24:34 AM9/9/16
to Jeffrey Ramsay, CAS Community
You need to define a type. Review the properties in that link once more.
--
Misagh
Misagh
--
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To post to this group, send email to cas-...@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/19c7df38-79f9-4330-be63-6134ba7f21f8%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.
Jeffrey Ramsay
Sep 9, 2016, 1:31:52 PM9/9/16
to CAS Community
Hello -
I was able to fix my earlier oversight and ldap is work however, I'm unable to authenticate because there are no resolver configured for LdapAuthenticationHandler which I don't know how to.
log snippet:
2016-09-09 12:47:40,649 INFO [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <LdapAuthenticationHandler successfully authenticated jramsay>
2016-09-09 12:47:40,652 DEBUG [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <No resolver configured for LdapAuthenticationHandler. Falling back to handler
principal jramsay>
2016-09-09 12:47:40,653 DEBUG [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <Final principal resolved for this authentication event is jramsay>
2016-09-09 12:47:40,664 WARN [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <Authentication has failed. Credentials may be incorrect or CAS cannot find auth
entication handler that supports [jramsay] of type [UsernamePasswordCredential], which suggests a configuration problem.>
2016-09-09 12:47:40,666 DEBUG [org.apereo.cas.audit.spi.ThreadLocalPrincipalResolver] - <Resolving principal at audit point [execution(Authentication org.apereo.cas.authenticat
ion.AbstractAuthenticationManager.authenticate(AuthenticationTransaction))] with thrown exception [org.apereo.cas.authentication.AuthenticationException: 0 errors, 1 successes]
>
2016-09-09 12:47:40,691 DEBUG [org.apereo.cas.web.flow.resolver.impl.InitialAuthenticationAttemptWebflowEventResolver] - <0 errors, 1 successes>
org.apereo.cas.authentication.AuthenticationException: 0 errors, 1 successes
-Jeff
I was able to fix my earlier oversight and ldap is work however, I'm unable to authenticate because there are no resolver configured for LdapAuthenticationHandler which I don't know how to.
log snippet:
2016-09-09 12:47:40,649 INFO [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <LdapAuthenticationHandler successfully authenticated jramsay>
2016-09-09 12:47:40,652 DEBUG [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <No resolver configured for LdapAuthenticationHandler. Falling back to handler
principal jramsay>
2016-09-09 12:47:40,653 DEBUG [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <Final principal resolved for this authentication event is jramsay>
2016-09-09 12:47:40,664 WARN [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <Authentication has failed. Credentials may be incorrect or CAS cannot find auth
entication handler that supports [jramsay] of type [UsernamePasswordCredential], which suggests a configuration problem.>
2016-09-09 12:47:40,666 DEBUG [org.apereo.cas.audit.spi.ThreadLocalPrincipalResolver] - <Resolving principal at audit point [execution(Authentication org.apereo.cas.authenticat
ion.AbstractAuthenticationManager.authenticate(AuthenticationTransaction))] with thrown exception [org.apereo.cas.authentication.AuthenticationException: 0 errors, 1 successes]
>
2016-09-09 12:47:40,691 DEBUG [org.apereo.cas.web.flow.resolver.impl.InitialAuthenticationAttemptWebflowEventResolver] - <0 errors, 1 successes>
org.apereo.cas.authentication.AuthenticationException: 0 errors, 1 successes
-Jeff
Misagh Moayyed
Sep 9, 2016, 1:50:20 PM9/9/16
to Jeffrey Ramsay, CAS Community
Paste the full logs. It’s not resolver related, I don’t think.
--
Misagh
Misagh
From: Jeffrey Ramsay <jeffrey...@gmail.com>
Reply: Jeffrey Ramsay <jeffrey...@gmail.com>
Date: September 9, 2016 at 10:01:57 PM
To: CAS Community <cas-...@apereo.org>
Subject: [cas-user] Re: ldapAuthenticationHandler
--
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To post to this group, send email to cas-...@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/63c14113-f672-43b1-babe-4f71c8077f8f%40apereo.org.
Misagh Moayyed
Sep 9, 2016, 5:01:57 PM9/9/16
to Jeffrey Ramsay, CAS Community
Set cas.authn.policy.req.handlername=ldapAuthenticationHandler to cas.authn.policy.req.handlername=LdapAuthenticationHandler…or turn off the required authn policy and use any.
--
Misagh
Misagh
From: Jeffrey Ramsay <jeffrey...@gmail.com>
Reply: Jeffrey Ramsay <jeffrey...@gmail.com>
Date: September 10, 2016 at 12:54:16 AM
To: CAS Community <cas-...@apereo.org>
Subject: [cas-user] Re: ldapAuthenticationHandler
--
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To post to this group, send email to cas-...@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/a522dea0-415f-4fe7-b670-1d802a2d61cb%40apereo.org.
Jeffrey Ramsay
Sep 9, 2016, 5:34:37 PM9/9/16
to CAS Community
It's working.
Thanks again.
-Jeff
Thanks again.
-Jeff
On Thursday, September 8, 2016 at 5:34:13 PM UTC-4, Jeffrey Ramsay wrote:
Reply all
Reply to author
Forward
0 new messages