[cas-user] Problem CAS 4.2.3 SPENGO
46 views
Skip to first unread message
vosido cedric
Jul 20, 2016, 3:05:47 AM7/20/16
to CAS Community
Hi,
I try to install on a Redhat 7 apache with ssl(proxy ajp), Cas 4.2.3 and use SPENGO to authenticate active directory users.
On my CAS web page i have CAS is Unavailable.
On the cas log i have when i start the service tomcat :
2016-07-20 08:46:40,327 ERROR [org.jasig.cas.util.WebflowCipherExecutor] - Unable to init cipher instance.
org.apache.shiro.crypto.CryptoException: Unable to init cipher instance.
at org.apache.shiro.crypto.JcaCipherService.init(JcaCipherService.java:495)
at org.apache.shiro.crypto.JcaCipherService.initNewCipher(JcaCipherService.java:598)
at org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherService.java:444)
at org.apache.shiro.crypto.JcaCipherService.encrypt(JcaCipherService.java:324)
at org.apache.shiro.crypto.JcaCipherService.encrypt(JcaCipherService.java:313)
...
org.apache.shiro.crypto.CryptoException: Unable to init cipher instance.
at org.apache.shiro.crypto.JcaCipherService.init(JcaCipherService.java:495)
at org.apache.shiro.crypto.JcaCipherService.initNewCipher(JcaCipherService.java:598)
at org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherService.java:444)
at org.apache.shiro.crypto.JcaCipherService.encrypt(JcaCipherService.java:324)
at org.apache.shiro.crypto.JcaCipherService.encrypt(JcaCipherService.java:313)
...
Caused by: java.security.InvalidKeyException: Invalid AES key length: 45 bytes
at com.sun.crypto.provider.AESCrypt.init(AESCrypt.java:87)
at com.sun.crypto.provider.CipherBlockChaining.init(CipherBlockChaining.java:91)
at com.sun.crypto.provider.CipherCore.init(CipherCore.java:582)
at com.sun.crypto.provider.AESCipher.engineInit(AESCipher.java:339)
at javax.crypto.Cipher.implInit(Cipher.java:806)
at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
at javax.crypto.Cipher.init(Cipher.java:1396)
at javax.crypto.Cipher.init(Cipher.java:1327)
at org.apache.shiro.crypto.JcaCipherService.init(JcaCipherService.java:488)
at com.sun.crypto.provider.AESCrypt.init(AESCrypt.java:87)
at com.sun.crypto.provider.CipherBlockChaining.init(CipherBlockChaining.java:91)
at com.sun.crypto.provider.CipherCore.init(CipherCore.java:582)
at com.sun.crypto.provider.AESCipher.engineInit(AESCipher.java:339)
at javax.crypto.Cipher.implInit(Cipher.java:806)
at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
at javax.crypto.Cipher.init(Cipher.java:1396)
at javax.crypto.Cipher.init(Cipher.java:1327)
at org.apache.shiro.crypto.JcaCipherService.init(JcaCipherService.java:488)
on my cas.properties file i have :
tgc.encryption.key=lL584cXnVa0xAVBLdvQAIoU5m_lAZeaJYbW-K2alO-A
tgc.signing.key=SfRb-OdrHCwf8cxad2uoyhKVCzjqezGlakCCw3QsoSZ_A3Eg-nze_Km8eE8ctbLckjEqA1Rr5n5ij4PIyKSCTA
tgc.signing.key=SfRb-OdrHCwf8cxad2uoyhKVCzjqezGlakCCw3QsoSZ_A3Eg-nze_Km8eE8ctbLckjEqA1Rr5n5ij4PIyKSCTA
webflow.encryption.key='qRjMaAQM9tICWG6r_LUAgQBhhWt0oRbMCZ-yvFblO80'
webflow.signing.key='FGfTTobRuvB5tYuRMr8CXrNa9-SeMv6ZQksatx6tuPRzmZpD2v0MKJRM4tDsBimmmwzbUF1kdbmkFzzPG3c1wQ'
# SPNEGO Authentication
#
cas.spnego.ldap.attribute=spnegoattribute
cas.spnego.ldap.filter=host={0}
cas.spnego.ldap.basedn=
cas.spnego.hostname.pattern=.+
cas.spnego.ip.pattern=
cas.spnego.alt.remote.host.attribute
cas.spengo.use.principal.domain=false
cas.spnego.ntlm.allowed=true
cas.spnego.kerb.debug=true
cas.spnego.kerb.realm=TESTO.LOCAL
cas.spnego.kerb.kdc=10.10.50.25
cas.spnego.login.conf.file=/opt/cas-4.2.3/cas-server-webapp/src/main/webapp/WEB-INF/login.conf
cas.spnego.jcifs.domain=
cas.spnego.jcifs.domaincontroller=
cas.spnego.jcifs.netbios.cache.policy:600
cas.spnego.jcifs.netbios.wins=
cas.spnego.jcifs.password=
cas.spnego.jcifs.service.password=
cas.spnego.jcifs.socket.timeout:300000
cas.spnego.jcifs.username=
cas.spnego.kerb.conf=
cas.spnego.ntlm=false
cas.spnego.supportedBrowsers=MSIE,Trident,Firefox,AppleWebKit
cas.spnego.mixed.mode.authn=false
cas.spnego.send.401.authn.failure=false
cas.spnego.principal.resolver.transform=NONE
cas.spnego.service.principal=HTTP/cas.tes...@testo.LOCAL
#
cas.spnego.ldap.attribute=spnegoattribute
cas.spnego.ldap.filter=host={0}
cas.spnego.ldap.basedn=
cas.spnego.hostname.pattern=.+
cas.spnego.ip.pattern=
cas.spnego.alt.remote.host.attribute
cas.spengo.use.principal.domain=false
cas.spnego.ntlm.allowed=true
cas.spnego.kerb.debug=true
cas.spnego.kerb.realm=TESTO.LOCAL
cas.spnego.kerb.kdc=10.10.50.25
cas.spnego.login.conf.file=/opt/cas-4.2.3/cas-server-webapp/src/main/webapp/WEB-INF/login.conf
cas.spnego.jcifs.domain=
cas.spnego.jcifs.domaincontroller=
cas.spnego.jcifs.netbios.cache.policy:600
cas.spnego.jcifs.netbios.wins=
cas.spnego.jcifs.password=
cas.spnego.jcifs.service.password=
cas.spnego.jcifs.socket.timeout:300000
cas.spnego.jcifs.username=
cas.spnego.kerb.conf=
cas.spnego.ntlm=false
cas.spnego.supportedBrowsers=MSIE,Trident,Firefox,AppleWebKit
cas.spnego.mixed.mode.authn=false
cas.spnego.send.401.authn.failure=false
cas.spnego.principal.resolver.transform=NONE
cas.spnego.service.principal=HTTP/cas.tes...@testo.LOCAL
thanks for your help
good day
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To post to this group, send email to cas-...@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/76c3ce4a-355a-4751-aaef-0665451d1a9b%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.
Reply all
Reply to author
Forward
0 new messages