Thank you Elendrys.
I added:
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-jdbc</artifactId>
<version>${cas.version}</version>
</dependency>
to pom.xml and everything is working now.
In our setup we rely on the search to find the DN of a user and then
perform a direct simple bind on that DN wit the supplied password.
Attempted a compare seemed to over complicate things as we would also be
using SSHA passwords.
On Saturday, November 19, 2016 at 5:30:07 AM UTC-5, Elendrys Yagami wrote:
>
> Hi,
>
> I just came through the same kind of difficulty so 3 things to check :
> - have you loaded the ldap dependency in pom.xml ?
> - do you have set the ldaptive logging to "debug" ?
>
> If you did so, you shall see messages from ldaptive in the logs then you
> can debug what is going on with the ldap logs. If you have no trace from
> ldaptive, then either the dependy has not been loaded or the loglevel is
> not debug, but the default log should at least show information on startup
>
> Then but nonetheless, I did chose the AUTHENTICATED method, but has
> writtent your user shall have an SHA-1 encoded password (we use SSHA here).
> I took me a while to realise that it is clearly written in the doc. (but
> here you should have traces in your ldap log telling that compare operation
> failed)
>
> Le jeudi 17 novembre 2016 15:01:08 UTC+1, Daniel a écrit :
>>
>> Greetings,
>>
>> After being unable to authenticate directly to our Oracle 12g database
>> using the Encoded Query option, we have synced our users to an openLDAP
>> instance.
>>
>> I am receiving the following error:
>>
>> 16-Nov-2016 14:57:58.043 INFO [main]
>> org.apache.catalina.startup.Catalina.start Server startup in 66821 ms
>> 2016-11-16 14:58:03,745 INFO
>> [org.apereo.cas.web.flow.InitialFlowSetupAction] - <Setting path for
>> cookies for warn cookie generator to: /cas/ >
>> 2016-11-16 14:58:16,081 WARN
>> [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] -
>> <Authentication has failed. Credentials may be incorrect or CAS cannot find
>> authentie [UsernamePasswordCredential], which suggests a configuration
>> problem.>
>> 2016-11-16 14:58:16,099 INFO
>> [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit
>> trail record BEGIN
>> =============================================================
>> WHO: myUsername
>> WHAT: Supplied credentials: [myUsername]
>> ACTION: AUTHENTICATION_FAILED
>> APPLICATION: CAS
>> WHEN: Wed Nov 16 14:58:16 EST 2016
>> CLIENT IP ADDRESS: 192.168.x.x
>> SERVER IP ADDRESS: 10.25.0.0
>> =============================================================
>>
>>
>>
>> My configuration (using the maven overlay for CAS 5.0 from github is as
>> follows:
>>
>> cas.server.name: https://cas.example.org:8443
>> cas.server.prefix: https://cas.example.org:8443/cas
>>
>> cas.adminPagesSecurity.ip=127\.0\.0\.1
>>
>> logging.config: file:/etc/cas/config/log4j2.xml
>> # cas.serviceRegistry.config.location: classpath:/services
>>
>> cas.authn.accept.users=
>>
>>
>> cas.authn.policy.req.handlername=LdapAuthenticationHandler
>> cas.authn.policy.req.enabled=true
>>
>> cas.authn.ldap[0].type=AUTHENTICATED
>> cas.authn.ldap[0].ldapUrl=ldap://127.0.0.1
>> cas.authn.ldap[0].useSsl=false
>> cas.authn.ldap[0].useStartTls=false
>>
>> cas.authn.ldap[0].baseDn=ou=bannerAccounts,dc=bannerldap,dc=sunypoly,dc=edu
>> cas.authn.ldap[0].userFilter=uid={0}
>> cas.authn.ldap[0].bindDn=cn=Directory Manager,dc=sunypoly,dc=edu
>> cas.authn.ldap[0].bindCredential=xxxxxxxxxxxxxxxxx
>>
>> cas.authn.ldap[0].principalAttributeId=uid
>> cas.authn.ldap[0].principalAttributePassword=
>> cas.authn.ldap[0].allowMultiplePrincipalAttributeValues=true
>>
>> cas.authn.ldap[0].minPoolSize=3
>> cas.authn.ldap[0].maxPoolSize=10
>> cas.authn.ldap[0].validateOnCheckout=true
>> cas.authn.ldap[0].validatePeriodically=true
>> cas.authn.ldap[0].validatePeriod=600
>>
>>
>> I have looked through the properties list several time and don't
>> understand what I could be missing.
>>
>> Thank you,
>>
>
--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/b991bdf5-295b-4c8f-8f51-541c0541740c%40apereo.org.
