[CAS Management Web App Authen User From MongoDB]

[Napoleon Ponaparte]

Hi,

I have a trouble when config CAS Management Web App allow authenticate user in MongoDB (My CAS Overlay 6.2.1 can authenticate user from MongoDB but my CAS Management still didn't worked).

Here is CAS MAnagment error log:

2020-08-26 01:52:25,370 WARN [org.apereo.cas.mgmt.authz.CasRoleBasedAuthorizer] - <Unable to authorize access, since the authenticated profile [#CasProfile# | id: root | attributes: {credentialType=UsernamePasswordCredential, isFromNewLogin=false, authenticationDate=2020-08-26T08:51:16.865441Z[UTC], authenticationMethod=users, successfulAuthenticationHandlers=users, longTermAuthenticationRequestTokenUsed=false} | roles: [] | permissions: [] | isRemembered: false | clientName: CasClient | linkedId: null |] does not contain any required roles>

And here is my config

1. CAS Management's config

"name":"cas.authn.accept.users","value":""
"name":"cas.authn.accept.name","value":""
"name":"cas.authn.accept.credentialCriteria","value":""
"name":"cas.authn.mongo.name","value":"users"
"name":"cas.authn.mongo.database-name","value":"users"
"name":"cas.authn.mongo.collection","value":"users"
"name":"cas.authn.mongo.username-attribute","value":"username"
"name":"cas.authn.mongo.password-attribute","value":"password"
"name":"cas.authn.mongo.user-id","value":"casuser"
"name":"cas.authn.mongo.password","value":"Mellon"
"name":"cas.server.name","value":"https://casoverlay.vdc2.com.vn:8443"
"name":"cas.server.prefix","value":"${cas.server.name}/cas"
"name":"mgmt.serverName","value":"https://casoverlay.vdc2.com.vn:8088"
"name":"spring.thymeleaf.mode","value":"HTML"
"name":"server.port","value":"8088"
"name":"server.ssl.enabled"","value":"true"
"name":"server.ssl.keyStore","value":"file:/etc/cas/thekeystore"
"name":"server.ssl.keyStorePassword","value":"changeit"
"name":"server.ssl.keyPassword","value":"changeit"
"name":"cas.service-registry.mongo.host","value":"203.162.141.22"
"name":"mgmt.adminRoles[0]","value":"ROLE_ADMIN"
"name":"mgmt.userRoles[0]","value":"ROLE_USER"

"name":"cas-management.securityContext.serviceProperties.adminRoles","value":"ROLE_ADMIN"

2. CAS config

I also add this config to CAS properties

"name":"cas-management.securityContext.serviceProperties.adminRoles","value":"ROLE_ADMIN"

3. Here is my users collection in MongoDB

username:"root"
password:"root"
lastname:"VNPT ADMIN"
useremail:"nguyentra...@vnpt.vn"
usertel:"0907888510"
userdate:"19-04-2020"
userstatus:"ACTIVE"
userparentid:null
comid:"VNPT"
comdepartment:"GP2"
usercode:"VNPT001"
usertype:"ADMIN_VNPT"

P/s:

I also see this guide for LDAP (Link: https://git.uwaterloo.ca/ist-unix/cas-server/blob/9d41eb5dacfa14c892e50ac2120d1cd367c66fa8/cas-server-documentation/installation/Service-Management.md)

casuser=notused,ROLE_ADMIN

But I don't know how to apply for MongoDB?

Please help me.

Thank you in advance.