Hi,
I try to install on a Redhat 7 apache with ssl(proxy ajp), Cas 4.2.3 and use SPENGO to authenticate active directory users.
On my CAS web page i have CAS is Unavailable.
On the cas log i have when i start the service tomcat :
2016-07-20 08:46:40,327 ERROR [org.jasig.cas.util.WebflowCipherExecutor] - Unable to init cipher instance.
org.apache.shiro.crypto.CryptoException: Unable to init cipher instance.
at org.apache.shiro.crypto.JcaCipherService.init(JcaCipherService.java:495)
at org.apache.shiro.crypto.JcaCipherService.initNewCipher(JcaCipherService.java:598)
at org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherService.java:444)
at org.apache.shiro.crypto.JcaCipherService.encrypt(JcaCipherService.java:324)
at org.apache.shiro.crypto.JcaCipherService.encrypt(JcaCipherService.java:313)
...
Caused by: java.security.InvalidKeyException: Invalid AES key length: 45 bytes
at com.sun.crypto.provider.AESCrypt.init(AESCrypt.java:87)
at com.sun.crypto.provider.CipherBlockChaining.init(CipherBlockChaining.java:91)
at com.sun.crypto.provider.CipherCore.init(CipherCore.java:582)
at com.sun.crypto.provider.AESCipher.engineInit(AESCipher.java:339)
at javax.crypto.Cipher.implInit(Cipher.java:806)
at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
at javax.crypto.Cipher.init(Cipher.java:1396)
at javax.crypto.Cipher.init(Cipher.java:1327)
at org.apache.shiro.crypto.JcaCipherService.init(JcaCipherService.java:488)
on my cas.properties file i have :
tgc.encryption.key=lL584cXnVa0xAVBLdvQAIoU5m_lAZeaJYbW-K2alO-A
tgc.signing.key=SfRb-OdrHCwf8cxad2uoyhKVCzjqezGlakCCw3QsoSZ_A3Eg-nze_Km8eE8ctbLckjEqA1Rr5n5ij4PIyKSCTA
webflow.encryption.key='qRjMaAQM9tICWG6r_LUAgQBhhWt0oRbMCZ-yvFblO80'
webflow.signing.key='FGfTTobRuvB5tYuRMr8CXrNa9-SeMv6ZQksatx6tuPRzmZpD2v0MKJRM4tDsBimmmwzbUF1kdbmkFzzPG3c1wQ'
# SPNEGO Authentication
#
cas.spnego.ldap.attribute=spnegoattribute
cas.spnego.ldap.filter=host={0}
cas.spnego.ldap.basedn=
cas.spnego.hostname.pattern=.+
cas.spnego.ip.pattern=
cas.spnego.alt.remote.host.attribute
cas.spengo.use.principal.domain=false
cas.spnego.ntlm.allowed=true
cas.spnego.kerb.debug=true
cas.spnego.kerb.realm=TESTO.LOCAL
cas.spnego.kerb.kdc=10.10.50.25
cas.spnego.login.conf.file=/opt/cas-4.2.3/cas-server-webapp/src/main/webapp/WEB-INF/login.conf
cas.spnego.jcifs.domain=
cas.spnego.jcifs.domaincontroller=
cas.spnego.jcifs.netbios.cache.policy:600
cas.spnego.jcifs.netbios.wins=
cas.spnego.jcifs.password=
cas.spnego.jcifs.service.password=
cas.spnego.jcifs.socket.timeout:300000
cas.spnego.jcifs.username=
cas.spnego.kerb.conf=
cas.spnego.ntlm=false
cas.spnego.supportedBrowsers=MSIE,Trident,Firefox,AppleWebKit
cas.spnego.mixed.mode.authn=false
cas.spnego.send.401.authn.failure=false
cas.spnego.principal.resolver.transform=NONE
cas.spnego.service.principal=HTTP/cas.tes...@testo.LOCALthanks for your help
good day
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
.
.
.
.