I've been working on CAS 3.4.8 Maven Overlay build for a few weeks
with a BindLdapAuthenticationHandler configured in
deployerConfigContext.xml and working well against AD. I'd like to
move to 3.4.9 as I'm running into the the Inspectr issue that was
resolved and also looking at taking advantage of the new potentially
pool searchContext.
Anyhow...I rev'd the pom to 3.4.9, mvn package, and made no other
changes. Now I'm getting the following error:
The Spring ContextLoaderListener we wrap threw on contextInitialized.
But for our having caught this error, the web application context
would not have initialized.>
org.springframework.beans.factory.BeanCreationException: Error
creating bean with name 'centralAuthenticationService' defined in
ServletContext resource
[/WEB-INF/spring-configuration/applicationContext.xml]: Cannot resolve
reference to bean 'authenticationManager' while setting bean property
'authenticationManager'; nested exception is
org.springframework.beans.factory.BeanCreationException: Error
creating bean with name 'authenticationManager' defined in
ServletContext resource [/WEB-INF/deployerConfigContext.xml]: Cannot
create inner bean
'org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler#df1cbf6' of
type [org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler] while
setting bean property 'authenticationHandlers' with key [1]; nested
exception is org.springframework.beans.factory.BeanCreationException:
Error creating bean with name
'org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler#df1cbf6'
defined in ServletContext resource
[/WEB-INF/deployerConfigContext.xml]: Initialization of bean failed;
nested exception is
org.springframework.beans.factory.BeanInitializationException: Bean
state is invalid: ldapTemplate - may not be null
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:328)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:106)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1325)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1086)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:517)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:291)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:288)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:190)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:580)
at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:895)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:425)
at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:276)
It looks like the ldapTemplate ought to be created by
AbstractLdapUsernamePasswordAuthenticationHandler in
afterPropertiesSet(), so I'm not sure why I'm getting this
BeanInitializationException: Bean state is invalid: ldapTemplate - may
not be null.
deployConfigContext.xml looks like this:
in AuthN Handlers:
<bean class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler" >
<property name="contextSource" ref="contextSource" />
<property name="searchBase" value="${ldap.searchBase}" />
<property name="filter" value="sAMAccountName=%u" />
<property name="ignorePartialResultException" value="yes" />
</bean>
<!-- LdapContextSource used by BindLdapAuthenticationHandler for
primary authentication -->
<bean id="contextSource"
class="org.springframework.ldap.core.support.LdapContextSource">
<!-- pooled should always be set to false for contexts used
for authentication. -->
<property name="pooled" value="false"/>
<property name="urls">
<!-- Authenticate requests should be over SSL to protect
the users credentials. -->
<list>
<value>${ldap.url.1}</value>
<value>${ldap.url.2}</value>
</list>
</property>
<property name="userDn" value="${ldap.cas.dn}"/>
<property name="password" value="${ldap.cas.password}"/>
<property name="baseEnvironmentProperties">
<map>
<entry key="java.naming.security.authentication"
value="simple" />
<!--
Consider ldap timeout settings for speeding up ldap
client failover if you have
multiple LDAP directories.
Set the LDAP connect and read timeout(in ms) for
the java ldap class
See
http://java.sun.com/products/jndi/tutorial/ldap/connect/create.html
<entry key="com.sun.jndi.ldap.connect.timeout" value="2000" />
<entry key="com.sun.jndi.ldap.read.timeout" value="2000" />
-->
</map>
</property>
</bean>
Did the LDAP config change in anyway for 3.4.9? Any clues?
Thanks,
Bill
--
You are currently subscribed to cas-...@lists.jasig.org as: jasig-cas-user...@googlegroups.com
To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
<bean
class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler" >
<property name="contextSource" ref="contextSource" />
<property name="searchContextSource" ref="contextSource" />
<property name="searchBase" value="${ldap.searchBase}" />
<property name="filter" value="sAMAccountName=%u" />
<property name="ignorePartialResultException" value="yes" />
</bean>
Best,
Bill
This is an outcome of https://issues.jasig.org/browse/CAS-987. I'll
update docs today.
M
> Looks like a new searchContext property needs to be set onThis is an outcome of https://issues.jasig.org/browse/CAS-987. I'll
> BindLdapAuthenticationHandler if your using that and want to upgrade
> to 3.4.9.
update docs today.
To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
M
--
LDAP documentation changes completed. I took the opportunity to
rework the content fairly heavily with some much needed discussion of
LDAP connection pooling. Please review and provide feedback,
https://wiki.jasig.org/display/CASUM/LDAP.
To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
Well, it definitely made the error in the logs go away. Do you expect
this safe to do context wide?
Bill
> Thanks
> Scott
> On Tue, Aug 9, 2011 at 10:06 AM, Marvin Addison <marvin....@gmail.com>
> wrote:
>>
>> LDAP documentation changes completed. I took the opportunity to
>> rework the content fairly heavily with some much needed discussion of
>> LDAP connection pooling. Please review and provide feedback,
>> https://wiki.jasig.org/display/CASUM/LDAP.
>>
>> M
>>
>> --
>> You are currently subscribed to cas-...@lists.jasig.org as:
>> scott.b...@gmail.com
>> To unsubscribe, change settings or access archives, see
>> http://www.ja-sig.org/wiki/display/JSG/cas-user
>
> --
> You are currently subscribed to cas-...@lists.jasig.org as:
Yes. My expectation was that was how it actually worked. It doesn't make much sense to me the other way :-)
--