Cant connect to freeradius for authentication users

irvan suryadi

unread,

Oct 30, 2020, 3:25:43 AM10/30/20

to CAS Community

Hello,

I have 6.1.2 cas installation.

in this development i try to use freeradius as my auhtentication provider. but 'till this time it still not working.

Is everyone have the same problem, and solve it before, need help.

Thanks,

Irvan

My build.gradle dependencies :

dependencies {

if (project.hasProperty("casmodules")) {

def dependencies = project.getProperty("casmodules").split(",")

dependencies.each {

implementation "org.apereo.cas:cas-server-${it}:${casServerVersion}"

}

//radius dependencies

compile "org.apereo.cas:cas-server-support-radius:${project.'cas.version'}"

//radius mfa dependencies

implementation "org.apereo.cas:cas-server-support-radius-mfa:${project.'cas.version'}"

// https://mvnrepository.com/artifact/gnu.getopt/java-getopt

//compile group: 'gnu.getopt', name: 'java-getopt', version: '1.0.13'

compile "org.apereo.cas:cas-server-webapp${project.appServer}:${casServerVersion}"

// Other CAS dependencies/modules may be listed here...

//implementation

compile "org.apereo.cas:cas-server-support-json-service-registry:${casServerVersion}"

compile "org.apereo.cas:cas-server-support-radius-mfa:${project.'cas.version'}"

}

my cas.properties files :

cas.server.name=https://cas.example.org:8443

cas.server.prefix=${cas.server.name}/cas

logging.config=file:/etc/cas/config/log4j2.xml

cas.authn.accept.users=

cas.authn.accept.enabled=false

server.port = 8443

#cas.adminPagesSecurity.ip=127\.0\.0\.1

logging.config: file:/etc/cas/config/log4j2.xml

# cas.serviceRegistry.config.location: classpath:/services

# SSL

server.ssl.enabled=true

server.ssl.keyStore=file:/etc/cas/keystore

server.ssl.keyStorePassword=xxxxxx

server.ssl.keyPassword=xxxxxx

${configurationKey}.server.nasPortId=-1

${configurationKey}.server.nasRealPort=-1

${configurationKey}.server.protocol=EAP_MSCHAPv2

${configurationKey}.server.retries=3

${configurationKey}.server.nasPortType=-1

${configurationKey}.server.nasPort=0

${configurationKey}.server.nasIpAddress=192.168.1.1 (my main router ip registered in freeradius)

${configurationKey}.server.nasIpv6Address=

${configurationKey}.server.nasIdentifier=-1

${configurationKey}.client.authenticationPort=1812

${configurationKey}.client.sharedSecret=xxxxx (I've try to use my router nas secret and new secret for my cas pc IP address, but still not working)

${configurationKey}.client.socketTimeout=0

${configurationKey}.client.inetAddress=localhost/my cas server ip address

${configurationKey}.client.accountingPort=1813

#${configurationKey}.failoverOnException=false

#${configurationKey}.failoverOnAuthenticationFailure=false

# cas.authn.mfa.radius.rank=0

# cas.authn.mfa.radius.trusted-device-enabled=false

# cas.authn.mfa.radius.allowed-authentication-attempts=-1

# cas.authn.mfa.radius.name=

# cas.authn.mfa.radius.order=

# cas.authn.mfa.duo[0].duo-secret-key=

# cas.authn.mfa.duo[0].rank=0

# cas.authn.mfa.duo[0].duo-application-key=

# cas.authn.mfa.duo[0].duo-integration-key=

# cas.authn.mfa.duo[0].duo-api-host=

# cas.authn.mfa.duo[0].trusted-device-enabled=false

# cas.authn.mfa.duo[0].id=mfa-duo

# cas.authn.mfa.duo[0].registration-url=https://registration.example.org/duo-enrollment

# cas.authn.mfa.duo[0].name=

# cas.authn.mfa.duo[0].order=

Colin Ryan

unread,

Oct 30, 2020, 6:27:41 AM10/30/20

to cas-...@apereo.org

What's the freeradius logs showing.

I seem to recall that you can only use PAP for authentication.

As well and maybe you just sanitized the configuration but just to state the obvious you have to replace the {configuration key} with the releveant context

So for example, but you must have that right or the CAS wouldn't likely even start properly.

cas.authn.radius.client.sharedSecret=xxxx
cas.authn.radius.client.inetAddress=100.10.1.184

--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/8ca16fc4-d880-4b4c-8005-501e3159a1c4n%40apereo.org.

irvan suryadi

unread,

Nov 6, 2020, 7:47:46 AM11/6/20

to CAS Community, C Ryan

Hai collin,

Thanks for the solution, i will use your recomendation.
I think maybe it was wrong with the configuration key.

And i was read your recomend abaout radius to someone else before about add this dependencies inside:

"org.apereo.cas:cas-server-support-simple-mfa:${project.'cas.version'}"

And after i did that i've got some error like this:

After that i've got an error like this :

* What went wrong:

Execution failed for task ':bootWar'.

> Could not resolve all files for configuration ':runtimeClasspath'.

> Could not resolve net.jradius:jradius-extras:1.1.6.

Required by: