Hi, I just came through the same kind of difficulty so 3 things to check : - have you loaded the ldap dependency in pom.xml ? - do you have set the ldaptive logging to "debug" ?
If you did so, you shall see messages from ldaptive in the logs then you can debug what is going on with the ldap logs. If you have no trace from ldaptive, then either the dependy has not been loaded or the loglevel is not debug, but the default log should at least show information on startup Then but nonetheless, I did chose the AUTHENTICATED method, but has writtent your user shall have an SHA-1 encoded password (we use SSHA here). I took me a while to realise that it is clearly written in the doc. (but here you should have traces in your ldap log telling that compare operation failed) Le jeudi 17 novembre 2016 15:01:08 UTC+1, Daniel a écrit : > > Greetings, > > After being unable to authenticate directly to our Oracle 12g database > using the Encoded Query option, we have synced our users to an openLDAP > instance. > > I am receiving the following error: > > 16-Nov-2016 14:57:58.043 INFO [main] > org.apache.catalina.startup.Catalina.start Server startup in 66821 ms > 2016-11-16 14:58:03,745 INFO > [org.apereo.cas.web.flow.InitialFlowSetupAction] - <Setting path for > cookies for warn cookie generator to: /cas/ > > 2016-11-16 14:58:16,081 WARN > [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - > <Authentication has failed. Credentials may be incorrect or CAS cannot find > authentie [UsernamePasswordCredential], which suggests a configuration > problem.> > 2016-11-16 14:58:16,099 INFO > [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit > trail record BEGIN > ============================================================= > WHO: myUsername > WHAT: Supplied credentials: [myUsername] > ACTION: AUTHENTICATION_FAILED > APPLICATION: CAS > WHEN: Wed Nov 16 14:58:16 EST 2016 > CLIENT IP ADDRESS: 192.168.x.x > SERVER IP ADDRESS: 10.25.0.0 > ============================================================= > > > > My configuration (using the maven overlay for CAS 5.0 from github is as > follows: > > cas.server.name: https://cas.example.org:8443 > cas.server.prefix: https://cas.example.org:8443/cas > > cas.adminPagesSecurity.ip=127\.0\.0\.1 > > logging.config: file:/etc/cas/config/log4j2.xml > # cas.serviceRegistry.config.location: classpath:/services > > cas.authn.accept.users= > > > cas.authn.policy.req.handlername=LdapAuthenticationHandler > cas.authn.policy.req.enabled=true > > cas.authn.ldap[0].type=AUTHENTICATED > cas.authn.ldap[0].ldapUrl=ldap://127.0.0.1 > cas.authn.ldap[0].useSsl=false > cas.authn.ldap[0].useStartTls=false > cas.authn.ldap[0].baseDn=ou=bannerAccounts,dc=bannerldap,dc=sunypoly,dc=edu > cas.authn.ldap[0].userFilter=uid={0} > cas.authn.ldap[0].bindDn=cn=Directory Manager,dc=sunypoly,dc=edu > cas.authn.ldap[0].bindCredential=xxxxxxxxxxxxxxxxx > > cas.authn.ldap[0].principalAttributeId=uid > cas.authn.ldap[0].principalAttributePassword= > cas.authn.ldap[0].allowMultiplePrincipalAttributeValues=true > > cas.authn.ldap[0].minPoolSize=3 > cas.authn.ldap[0].maxPoolSize=10 > cas.authn.ldap[0].validateOnCheckout=true > cas.authn.ldap[0].validatePeriodically=true > cas.authn.ldap[0].validatePeriod=600 > > > I have looked through the properties list several time and don't > understand what I could be missing. > > Thank you, > -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/06789239-fa0b-475c-8d00-f667569ef74e%40apereo.org.
