We have found a similar thing from what appears to be a bug in the CAS
Management app. If you setup a Service in CAS Management and don’t modify the
“Required Handlers” under the Advanced header, CAS will try all the installed
handlers. If you then modify the “Required Handlers” to include some subset of
the installed handlers, CAS will then only use the specified handlers. This is
what you would expect.
If you then remove the required handlers using the CAS Management application,
you are not back to the state of using all the installed handlers. Instead, you
are left in a state where CAS is told to use an empty set of handlers, and so
you will see the result you are seeing, and will get a log line like:
<Candidate/Registered authentication handlers for this transaction are
[[]]>
To get back to using all handlers, you either need to delete and re-add the
service, or you need to edit the service manually and remove the “Required
Handler” section.
> On Sep 23, 2018, at 2:54 AM, Hoang Anh Duc <[email protected]> wrote:
>
> Hi!
> I'm using CAS 5.3.2 to connect to my Active Directory. But I cannot login.
> When I look at log: I see some thing which maybe the root cause:
>
> 2018-09-23 15:02:02,184 DEBUG
> [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] -
> <Candidate/Registered authentication handlers for this transaction are [[]]>
> 2018-09-23 15:02:02,184 DEBUG
> [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] -
> <Sorted and registered authentication handler resolvers for this transaction
> are
> [[org.apereo.cas.authentication.RegisteredServiceAuthenticationHandlerResolver@3cef88f7]]>
> 2018-09-23 15:02:02,185 DEBUG
> [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] -
> <Authentication handler resolvers for this transaction are
> [[org.apereo.cas.authentication.RegisteredServiceAuthenticationHandlerResolver@3cef88f7]]>
> 2018-09-23 15:02:02,185 DEBUG
> [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] -
> <Authentication handler resolvers produced no candidate authentication
> handler. Using the default handler resolver instead...>
>
>
> and
>
> Caused by: java.security.GeneralSecurityException: No authentication handlers
> could be resolved to support the authentication transaction
>
> Those information mean that I haven't used LDAP authentication handler for my
> CAS? I don't know how to find which method are being used for my CAS
> authentication, and find out if my CAS connected AD or not.
>
> Here's my config and full collected logs for one of my login transaction:
>
> Logs:
>
> 2018-09-23 15:02:02,180 DEBUG
> [org.apereo.cas.authentication.adaptive.DefaultAdaptiveAuthenticationPolicy]
> - <Located client IP address as [86.4.56.4]>
> 2018-09-23 15:02:02,180 DEBUG
> [org.apereo.cas.authentication.adaptive.DefaultAdaptiveAuthenticationPolicy]
> - <User agent [Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36
> (KHTML, like Gecko) coc_coc_browser/72.4.208 Chrome/66.4.3359.208
> Safari/537.36] is authorized to proceed>
> 2018-09-23 15:02:02,180 DEBUG
> [org.apereo.cas.authentication.adaptive.DefaultAdaptiveAuthenticationPolicy]
> - <Adaptive authentication policy has authorized client [86.4.56.4] to
> proceed.>
> 2018-09-23 15:02:02,183 DEBUG
> [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <Invoking
> authentication pre processors for authentication transaction>
> 2018-09-23 15:02:02,183 DEBUG
> [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] -
> <Sorted and registered authentication pre processors for this transaction are
> [[]]>
> 2018-09-23 15:02:02,184 DEBUG
> [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] -
> <Authentication credentials provided for this transaction are
> [[UsernamePasswordCredential(username=castest)]]>
> 2018-09-23 15:02:02,184 DEBUG
> [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] -
> <Candidate/Registered authentication handlers for this transaction are [[]]>
> 2018-09-23 15:02:02,184 DEBUG
> [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] -
> <Sorted and registered authentication handler resolvers for this transaction
> are
> [[org.apereo.cas.authentication.RegisteredServiceAuthenticationHandlerResolver@3cef88f7]]>
> 2018-09-23 15:02:02,185 DEBUG
> [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] -
> <Authentication handler resolvers for this transaction are
> [[org.apereo.cas.authentication.RegisteredServiceAuthenticationHandlerResolver@3cef88f7]]>
> 2018-09-23 15:02:02,185 DEBUG
> [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] -
> <Authentication handler resolvers produced no candidate authentication
> handler. Using the default handler resolver instead...>
> 2018-09-23 15:02:02,186 INFO
> [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit
> trail record BEGIN
> =============================================================
> WHO: castest
> WHAT: Supplied credentials: [UsernamePasswordCredential(username=castest)]
> ACTION: AUTHENTICATION_FAILED
> APPLICATION: CAS
> WHEN: Sun Sep 23 15:02:02 ICT 2018
> CLIENT IP ADDRESS: 86.4.56.4
> SERVER IP ADDRESS: 86.2.58.118
> =============================================================
>
> >
> 2018-09-23 15:02:02,186 INFO
> [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit
> trail record BEGIN
> =============================================================
> WHO: castest
> WHAT: Supplied credentials: [UsernamePasswordCredential(username=castest)]
> ACTION: AUTHENTICATION_FAILED
> APPLICATION: CAS
> WHEN: Sun Sep 23 15:02:02 ICT 2018
> CLIENT IP ADDRESS: 86.4.56.4
> SERVER IP ADDRESS: 86.2.58.118
> =============================================================
>
> >
> 2018-09-23 15:02:02,186 WARN
> [org.apereo.cas.web.flow.resolver.impl.InitialAuthenticationAttemptWebflowEventResolver]
> - <null>
> java.lang.reflect.UndeclaredThrowableException: null
> at
> org.apereo.cas.authentication.PolicyBasedAuthenticationManager$$EnhancerBySpringCGLIB$$50694e96.authenticate(<generated>)
> ~[cas-server-core-authentication-api-5.3.2.jar:5.3.2]
> at
> org.apereo.cas.authentication.DefaultAuthenticationTransactionManager.handle(DefaultAuthenticationTransactionManager.java:29)
> ~[cas-server-core-authentication-api-5.3.2.jar:5.3.2]
> at
> org.apereo.cas.authentication.DefaultAuthenticationSystemSupport.handleAuthenticationTransaction(DefaultAuthenticationSystemSupport.java:48)
> ~[cas-server-core-authentication-api-5.3.2.jar:5.3.2]
> at
> org.apereo.cas.authentication.DefaultAuthenticationSystemSupport.handleInitialAuthenticationTransaction(DefaultAuthenticationSystemSupport.java:34)
> ~[cas-server-core-authentication-api-5.3.2.jar:5.3.2]
> at
> org.apereo.cas.web.flow.resolver.impl.InitialAuthenticationAttemptWebflowEventResolver.resolveInternal(InitialAuthenticationAttemptWebflowEventResolver.java:80)
> ~[cas-server-core-webflow-api-5.3.2.jar:5.3.2]
> at
> org.apereo.cas.web.flow.resolver.impl.AbstractCasWebflowEventResolver.resolve(AbstractCasWebflowEventResolver.java:413)
> ~[cas-server-core-webflow-api-5.3.2.jar:5.3.2]
> at
> org.apereo.cas.web.flow.resolver.impl.AbstractCasWebflowEventResolver.resolveSingle(AbstractCasWebflowEventResolver.java:418)
> ~[cas-server-core-webflow-api-5.3.2.jar:5.3.2]
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> ~[?:1.8.0_171]
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> ~[?:1.8.0_171]
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> ~[?:1.8.0_171]
> at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_171]
> at
> org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:216)
> ~[spring-core-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:470)
> ~[spring-cloud-context-1.3.0.RELEASE.jar:1.3.0.RELEASE]
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
> ~[spring-aop-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213)
> ~[spring-aop-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at com.sun.proxy.$Proxy163.resolveSingle(Unknown Source) ~[?:?]
> at
> org.apereo.cas.web.flow.actions.AbstractAuthenticationAction.doExecute(AbstractAuthenticationAction.java:56)
> ~[cas-server-core-webflow-api-5.3.2.jar:5.3.2]
> at
> org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188)
> ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> ~[?:1.8.0_171]
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> ~[?:1.8.0_171]
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> ~[?:1.8.0_171]
> at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_171]
> at
> org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:216)
> ~[spring-core-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:470)
> ~[spring-cloud-context-1.3.0.RELEASE.jar:1.3.0.RELEASE]
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
> ~[spring-aop-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213)
> ~[spring-aop-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at com.sun.proxy.$Proxy160.execute(Unknown Source) ~[?:?]
> at
> org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51)
> ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
> at
> org.springframework.webflow.action.EvaluateAction.doExecute(EvaluateAction.java:77)
> ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
> at
> org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188)
> ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
> at
> org.springframework.webflow.execution.AnnotatedAction.execute(AnnotatedAction.java:145)
> ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
> at
> org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51)
> ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
> at
> org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:101)
> ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
> at org.springframework.webflow.engine.State.enter(State.java:194)
> ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
> at
> org.springframework.webflow.engine.Transition.execute(Transition.java:228)
> ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
> at
> org.springframework.webflow.engine.impl.FlowExecutionImpl.execute(FlowExecutionImpl.java:395)
> ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
> at
> org.springframework.webflow.engine.impl.RequestControlContextImpl.execute(RequestControlContextImpl.java:214)
> ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
> at
> org.springframework.webflow.engine.TransitionableState.handleEvent(TransitionableState.java:116)
> ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
> at org.springframework.webflow.engine.Flow.handleEvent(Flow.java:547)
> ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
> at
> org.springframework.webflow.engine.impl.FlowExecutionImpl.handleEvent(FlowExecutionImpl.java:390)
> ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
> at
> org.springframework.webflow.engine.impl.RequestControlContextImpl.handleEvent(RequestControlContextImpl.java:210)
> ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
> at
> org.springframework.webflow.engine.ViewState.handleEvent(ViewState.java:231)
> ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
> at
> org.springframework.webflow.engine.ViewState.resume(ViewState.java:195)
> ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
> at org.springframework.webflow.engine.Flow.resume(Flow.java:537)
> ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
> at
> org.springframework.webflow.engine.impl.FlowExecutionImpl.resume(FlowExecutionImpl.java:259)
> ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
> at
> org.springframework.webflow.executor.FlowExecutorImpl.resumeExecution(FlowExecutorImpl.java:168)
> ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> ~[?:1.8.0_171]
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> ~[?:1.8.0_171]
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> ~[?:1.8.0_171]
> at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_171]
> at
> org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:216)
> ~[spring-core-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:470)
> ~[spring-cloud-context-1.3.0.RELEASE.jar:1.3.0.RELEASE]
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
> ~[spring-aop-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213)
> ~[spring-aop-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at com.sun.proxy.$Proxy158.resumeExecution(Unknown Source) ~[?:?]
> at
> org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:254)
> ~[spring-webflow-2.5.0.RELEASE.jar:2.5.0.RELEASE]
> at
> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:967)
> ~[spring-webmvc-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:901)
> ~[spring-webmvc-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970)
> ~[spring-webmvc-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:872)
> ~[spring-webmvc-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:648)
> ~[servlet-api.jar:?]
> at
> org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846)
> ~[spring-webmvc-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
> ~[servlet-api.jar:?]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:292)
> ~[catalina.jar:8.0.32]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
> ~[catalina.jar:8.0.32]
> at
> org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
> ~[tomcat-websocket.jar:8.0.32]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
> ~[catalina.jar:8.0.32]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
> ~[catalina.jar:8.0.32]
> at
> org.apereo.cas.web.support.AuthenticationCredentialsThreadLocalBinderClearingFilter.doFilter(AuthenticationCredentialsThreadLocalBinderClearingFilter.java:30)
> ~[cas-server-core-web-api-5.3.2.jar:5.3.2]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
> ~[catalina.jar:8.0.32]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
> ~[catalina.jar:8.0.32]
> at
> org.apereo.cas.security.RequestParameterPolicyEnforcementFilter.doFilter(RequestParameterPolicyEnforcementFilter.java:261)
> ~[cas-server-security-filter-2.0.10.2.jar:2.0.10.2]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
> ~[catalina.jar:8.0.32]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
> ~[catalina.jar:8.0.32]
> at
> org.apereo.cas.security.ResponseHeadersEnforcementFilter.doFilter(ResponseHeadersEnforcementFilter.java:237)
> ~[cas-server-security-filter-2.0.10.2.jar:2.0.10.2]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
> ~[catalina.jar:8.0.32]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
> ~[catalina.jar:8.0.32]
> at
> org.apereo.cas.security.AddResponseHeadersFilter.doFilter(AddResponseHeadersFilter.java:94)
> ~[cas-server-security-filter-2.0.10.2.jar:2.0.10.2]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
> ~[catalina.jar:8.0.32]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
> ~[catalina.jar:8.0.32]
> at
> org.springframework.boot.actuate.trace.WebRequestTraceFilter.doFilterInternal(WebRequestTraceFilter.java:111)
> ~[spring-boot-actuator-1.5.14.RELEASE.jar:1.5.14.RELEASE]
> at
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
> ~[spring-web-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
> ~[catalina.jar:8.0.32]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
> ~[catalina.jar:8.0.32]
> at
> org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99)
> ~[spring-web-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
> ~[spring-web-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
> ~[catalina.jar:8.0.32]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
> ~[catalina.jar:8.0.32]
> at
> org.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:109)
> ~[spring-web-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
> ~[spring-web-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
> ~[catalina.jar:8.0.32]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
> ~[catalina.jar:8.0.32]
> at
> org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:93)
> ~[spring-web-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
> ~[spring-web-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
> ~[catalina.jar:8.0.32]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
> ~[catalina.jar:8.0.32]
> at
> org.apereo.cas.logging.web.ThreadContextMDCServletFilter.doFilter(ThreadContextMDCServletFilter.java:91)
> ~[cas-server-core-logging-5.3.2.jar:5.3.2]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
> ~[catalina.jar:8.0.32]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
> ~[catalina.jar:8.0.32]
> at
> org.springframework.boot.actuate.autoconfigure.MetricsFilter.doFilterInternal(MetricsFilter.java:106)
> ~[spring-boot-actuator-1.5.14.RELEASE.jar:1.5.14.RELEASE]
> at
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
> ~[spring-web-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
> ~[catalina.jar:8.0.32]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
> ~[catalina.jar:8.0.32]
> at
> org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197)
> ~[spring-web-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
> ~[spring-web-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
> ~[catalina.jar:8.0.32]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
> ~[catalina.jar:8.0.32]
> at
> org.springframework.boot.web.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:130)
> ~[spring-boot-1.5.14.RELEASE.jar:1.5.14.RELEASE]
> at
> org.springframework.boot.web.support.ErrorPageFilter.access$000(ErrorPageFilter.java:66)
> ~[spring-boot-1.5.14.RELEASE.jar:1.5.14.RELEASE]
> at
> org.springframework.boot.web.support.ErrorPageFilter$1.doFilterInternal(ErrorPageFilter.java:105)
> ~[spring-boot-1.5.14.RELEASE.jar:1.5.14.RELEASE]
> at
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
> ~[spring-web-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> org.springframework.boot.web.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:123)
> ~[spring-boot-1.5.14.RELEASE.jar:1.5.14.RELEASE]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
> ~[catalina.jar:8.0.32]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
> ~[catalina.jar:8.0.32]
> at
> org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:66)
> ~[inspektr-common-1.8.3.GA.jar:1.8.3.GA]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
> ~[catalina.jar:8.0.32]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
> ~[catalina.jar:8.0.32]
> at
> org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:71)
> ~[log4j-web-2.11.0.jar:2.11.0]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
> ~[catalina.jar:8.0.32]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
> ~[catalina.jar:8.0.32]
> at
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212)
> ~[catalina.jar:8.0.32]
> at
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106)
> ~[catalina.jar:8.0.32]
> at
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)
> ~[catalina.jar:8.0.32]
> at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141)
> ~[catalina.jar:8.0.32]
> at
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
> ~[catalina.jar:8.0.32]
> at
> org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:616)
> ~[catalina.jar:8.0.32]
> at
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
> ~[catalina.jar:8.0.32]
> at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:522)
> ~[catalina.jar:8.0.32]
> at
> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1095)
> ~[tomcat-coyote.jar:8.0.32]
> at
> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:672)
> ~[tomcat-coyote.jar:8.0.32]
> at
> org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2500)
> ~[tomcat-coyote.jar:8.0.32]
> at
> org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:2489)
> ~[tomcat-coyote.jar:8.0.32]
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
> ~[?:1.8.0_171]
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
> ~[?:1.8.0_171]
> at
> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
> ~[tomcat-util.jar:8.0.32]
> at java.lang.Thread.run(Thread.java:748) [?:1.8.0_171]
> Caused by: java.security.GeneralSecurityException: No authentication handlers
> could be resolved to support the authentication transaction
> at
> org.apereo.cas.authentication.PolicyBasedAuthenticationManager.getAuthenticationHandlersForThisTransaction(PolicyBasedAuthenticationManager.java:270)
> ~[cas-server-core-authentication-api-5.3.2.jar:5.3.2]
> at
> org.apereo.cas.authentication.PolicyBasedAuthenticationManager.authenticateInternal(PolicyBasedAuthenticationManager.java:329)
> ~[cas-server-core-authentication-api-5.3.2.jar:5.3.2]
> at
> org.apereo.cas.authentication.PolicyBasedAuthenticationManager.authenticate(PolicyBasedAuthenticationManager.java:144)
> ~[cas-server-core-authentication-api-5.3.2.jar:5.3.2]
> at
> org.apereo.cas.authentication.PolicyBasedAuthenticationManager$$FastClassBySpringCGLIB$$90e801d3.invoke(<generated>)
> ~[cas-server-core-authentication-api-5.3.2.jar:5.3.2]
> at
> org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
> ~[spring-core-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:736)
> ~[spring-aop-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
> ~[spring-aop-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:84)
> ~[spring-aop-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> org.apereo.inspektr.audit.AuditTrailManagementAspect.handleAuditTrail(AuditTrailManagementAspect.java:135)
> ~[inspektr-audit-1.8.3.GA.jar:1.8.3.GA]
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> ~[?:1.8.0_171]
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> ~[?:1.8.0_171]
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> ~[?:1.8.0_171]
> at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_171]
> at
> org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:627)
> ~[spring-aop-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:616)
> ~[spring-aop-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:70)
> ~[spring-aop-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:168)
> ~[spring-aop-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:92)
> ~[spring-aop-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
> ~[spring-aop-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> com.ryantenney.metrics.spring.MeteredMethodInterceptor.invoke(MeteredMethodInterceptor.java:45)
> ~[metrics-spring-3.1.3.jar:?]
> at
> com.ryantenney.metrics.spring.MeteredMethodInterceptor.invoke(MeteredMethodInterceptor.java:32)
> ~[metrics-spring-3.1.3.jar:?]
> at
> com.ryantenney.metrics.spring.AbstractMetricMethodInterceptor.invoke(AbstractMetricMethodInterceptor.java:59)
> ~[metrics-spring-3.1.3.jar:?]
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
> ~[spring-aop-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> com.ryantenney.metrics.spring.TimedMethodInterceptor.invoke(TimedMethodInterceptor.java:48)
> ~[metrics-spring-3.1.3.jar:?]
> at
> com.ryantenney.metrics.spring.TimedMethodInterceptor.invoke(TimedMethodInterceptor.java:34)
> ~[metrics-spring-3.1.3.jar:?]
> at
> com.ryantenney.metrics.spring.AbstractMetricMethodInterceptor.invoke(AbstractMetricMethodInterceptor.java:59)
> ~[metrics-spring-3.1.3.jar:?]
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
> ~[spring-aop-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> com.ryantenney.metrics.spring.CountedMethodInterceptor.invoke(CountedMethodInterceptor.java:46)
> ~[metrics-spring-3.1.3.jar:?]
> at
> com.ryantenney.metrics.spring.CountedMethodInterceptor.invoke(CountedMethodInterceptor.java:32)
> ~[metrics-spring-3.1.3.jar:?]
> at
> com.ryantenney.metrics.spring.AbstractMetricMethodInterceptor.invoke(AbstractMetricMethodInterceptor.java:59)
> ~[metrics-spring-3.1.3.jar:?]
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
> ~[spring-aop-4.3.18.RELEASE.jar:4.3.18.RELEASE]
> at
> org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:671)
> ~[spring-aop-4.3.18.RELEASE.jar:4.3.18.RELEASE]
>
>
> Config:
>
> cas.server.name: http://86.2.58.119:8081
> cas.server.prefix: http://86.2.58.119:8081/cas
>
> cas.adminPagesSecurity.ip=0\.0\.0\.0
>
> logging.config: file://C:/etc/cas/config/log4j2.xml
> # cas.serviceRegistry.config.location: classpath:/services
>
> # SSL
> server.ssl.enabled=false
>
> cas.serviceRegistry.initFromJson=true
> cas.serviceRegistry.json.location=file://C:/etc/cas/json
>
> cas.monitor.endpoints.enabled: true
> endpoints.enabled: true
>
> cas.monitor.endpoints.sensitive: false
> endpoints.sensitive: false
>
> cas.adminPagesSecurity.loginUrl: ${cas.server.prefix}/login
> cas.adminPagesSecurity.service: ${cas.server.prefix}/status/dashboard
> #cas.adminPagesSecurity.users:
> file:/etc/cas/config/admusers.properties
> cas.adminPagesSecurity.actuatorEndpointsEnabled: true
> cas.adminPagesSecurity.adminRoles[0]: ROLE_ADMIN
>
> cas.tgc.path=/cas
> cas.tgc.maxAge=-1
> cas.tgc.domain=bctt
> cas.tgc.name=TGC
> cas.tgc.secure=false
> cas.tgc.httpOnly=true
> cas.tgc.rememberMeMaxAge=1209600
>
> cas.sso.allowMissingServiceParameter=true
> cas.sso.createSsoCookieOnRenewAuthn=true
> cas.sso.proxyAuthnEnabled=false
> cas.sso.renewAuthnEnabled=false
>
> cas.authn.accept.users=
> #admin::abc12345,casuser::Mellon
>
> ##
> # Ldap Authentication
> #
>
> # Interesting part for Active Directory:
> cas.authn.ldap[0].type=AD
> cas.authn.ldap[0].ldapUrl=ldap://86.2.58.118:389
>
> cas.authn.ldap[0].useSsl=false
> cas.authn.ldap[0].useStartTls=false
> cas.authn.ldap[0].connectTimeout=5000
>
> cas.authn.ldap[0].baseDn=OU=User Account,OU=CAS,DC=liferayadmin,DC=net
> cas.authn.ldap[0].searchFilter=sAMAccountName={username}
> cas.authn.ldap[0].subtreeSearch=true
>
> # AD manager user like [email protected]
> cas.authn.ldap[0].bindDn=CN=casAdmin,OU=Service
> Accounts,OU=CAS,DC=liferayadmin,DC=net
> cas.authn.ldap[0].bindCredential=abc@*123
> cas.authn.ldap[0].dnFormat=cn=%s
> #@liferayadmin.net
>
> #cas.authn.ldap[0].principalAttributeId=sAMAccountName
> #cas.authn.ldap[0].principalAttributePassword=
> cas.authn.ldap[0].principalAttributeList=sAMAccountName,sn,cn,givenName,displayName
>
> cas.authn.ldap[0].failFast=false
>
> # Default values:
> cas.authn.ldap[0].minPoolSize=3
> cas.authn.ldap[0].maxPoolSize=10
> cas.authn.ldap[0].validateOnCheckout=true
> cas.authn.ldap[0].validatePeriodically=true
> cas.authn.ldap[0].validatePeriod=600
> cas.authn.ldap[0].idleTime=5000
> cas.authn.ldap[0].prunePeriod=5000
> cas.authn.ldap[0].blockWaitTime=5000
>
>
> cas.locale.defaultValue=vi
>
>
>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "CAS Developer" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> Visit this group at https://groups.google.com/a/apereo.org/group/cas-dev/.
--
Ray Davison
Senior Systems Consultant
IT Services
Simon Fraser University
778-782-4448
[email protected]
--
You received this message because you are subscribed to the Google Groups "CAS
Developer" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
Visit this group at https://groups.google.com/a/apereo.org/group/cas-dev/.
