Salam everyone,
I v spent last week triyng to get cas authenticate againts my openLDAP
server, I'm using CAS Overlay.
these are my settings, i'v tried to do like in :
https://apereo.github.io/cas/development/installation/Configuration-Properties.html#authentication-attributes
But nothing seems to work, please if someone had already got cas 5.0.3
authenticate against OPENLDAP, please share.
CAS version : 5.0.3.1
i already add on my pom.xml :
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-ldap</artifactId>
<version>${cas.version}</version>
</dependency>
my cas.properties :
cas.server.name=https://localhost:8443
cas.server.prefix=https://localhost:8443/cas
cas.adminPagesSecurity.ip=127\.0\.0\.1
logging.config=file:/etc/cas/config/log4j2.xml
# cas.serviceRegistry.config.location: classpath:/services
cas.authn.accept.users=
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].ldapUrl=ldap://localhost:389
# cas.authn.ldap[0].connectionStrategy=
cas.authn.ldap[0].useSsl=false
cas.authn.ldap[0].useStartTls=false
cas.authn.ldap[0].connectTimeout=5000
cas.authn.ldap[0].baseDn=dc=ump,dc=ma
cas.authn.ldap[0].userFilter=uid={user}
# cas.authn.ldap[0].subtreeSearch=true
# cas.authn.ldap[0].usePasswordPolicy=true
cas.authn.ldap[0].bindDn=cn=Manager,dc=ump,dc=ma
cas.authn.ldap[0].bindCredential=mymanagerpassword
# cas.authn.ldap[0].enhanceWithEntryResolver=true
cas.authn.ldap[0].dnFormat=uid=%s,ou=People,dc=ump,dc=ma
cas.authn.ldap[0].principalAttributeId=uid
cas.authn.ldap[0].principalAttributePassword=userPassword
#
cas.authn.ldap[0].principalAttributeList=sn,cn:commonName,givenName,eduPersonTargettedId:SOME_IDENTIFIER
# cas.authn.ldap[0].allowMultiplePrincipalAttributeValues=true
# cas.authn.ldap[0].allowMissingPrincipalAttributeValue=true
# cas.authn.ldap[0].additionalAttributes=
# cas.authn.ldap[0].credentialCriteria=
the cas.log :
2017-02-27 22:46:40,549 WARN
[org.apereo.cas.util.cipher.WebflowConversationStateCipherExecutor] -
<Generated signing key BqPY9cpKbBB
PlQVuml2wYKBxFOBwZAp74eUa9aQXjE3Udj6KfZdb9LVGPENdu_OE1uNozbY61HQZSwbz_iQoqg
of size 512. The generated key MUST be added to CAS setti
ngs.>
2017-02-27 22:46:40,549 WARN
[org.apereo.cas.util.cipher.WebflowConversationStateCipherExecutor] - <No
encryption key is defined. CAS
will attempt to auto-generate keys>
2017-02-27 22:46:40,549 WARN
[org.apereo.cas.util.cipher.WebflowConversationStateCipherExecutor] -
<Generated encryption key LLruBckm
XiSTvndn of size 16. The generated key MUST be added to CAS settings.>
2017-02-27 22:46:50,782 INFO
[org.apereo.cas.web.flow.InitialFlowSetupAction] - <Setting path for
cookies for warn cookie generator t
o: /cas/ >
2017-02-27 22:47:05,542 WARN
[org.apereo.cas.authentication.PolicyBasedAuthenticationManager] -
<Authentication has failed. Credentia
ls may be incorrect or CAS cannot find authentication handler that supports
[m.hosni] of type [UsernamePasswordCredential], which sug
gests a configuration problem.>
2017-02-27 22:47:05,549 INFO
[org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit
trail record BEGIN
=============================================================

WHO: m.hosni
WHAT: Supplied credentials: [m.hosni]
ACTION: AUTHENTICATION_FAILED
APPLICATION: CAS
WHEN: Mon Feb 27 22:47:05 WET 2017
CLIENT IP ADDRESS: 127.0.0.1
SERVER IP ADDRESS: 127.0.0.1
=============================================================
>
If someone can detect something wrong or missing configuration :(
thanks in advance.
--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/bcdd235d-723e-4850-bcc9-af69db51b33d%40apereo.org.
