Salam, Thanks for : sesharaju sv ([email protected]) who point me to the solution :
Please try with change configuration of the cas.authn.ldap[0].principalAtt ributePassword=userPassword To cas.authn.ldap[0].principalAttributePassword= If you were not using the password encoding in cas. Thanks It works for me, now i will try to secure the thing :) salam Le lundi 27 février 2017 22:48:07 UTC, mohamed abdelbassat Salhi a écrit : > > Salam everyone, > > I v spent last week triyng to get cas authenticate againts my openLDAP > server, I'm using CAS Overlay. > these are my settings, i'v tried to do like in : > https://apereo.github.io/cas/development/installation/Configuration-Properties.html#authentication-attributes > > But nothing seems to work, please if someone had already got cas 5.0.3 > authenticate against OPENLDAP, please share. > > CAS version : 5.0.3.1 > i already add on my pom.xml : > <dependency> > <groupId>org.apereo.cas</groupId> > <artifactId>cas-server-support-ldap</artifactId> > <version>${cas.version}</version> > </dependency> > > my cas.properties : > > cas.server.name=https://localhost:8443 > cas.server.prefix=https://localhost:8443/cas > > cas.adminPagesSecurity.ip=127\.0\.0\.1 > logging.config=file:/etc/cas/config/log4j2.xml > # cas.serviceRegistry.config.location: classpath:/services > cas.authn.accept.users= > > cas.authn.ldap[0].type=AUTHENTICATED > > cas.authn.ldap[0].ldapUrl=ldap://localhost:389 > # cas.authn.ldap[0].connectionStrategy= > cas.authn.ldap[0].useSsl=false > cas.authn.ldap[0].useStartTls=false > cas.authn.ldap[0].connectTimeout=5000 > cas.authn.ldap[0].baseDn=dc=ump,dc=ma > cas.authn.ldap[0].userFilter=uid={user} > # cas.authn.ldap[0].subtreeSearch=true > # cas.authn.ldap[0].usePasswordPolicy=true > cas.authn.ldap[0].bindDn=cn=Manager,dc=ump,dc=ma > cas.authn.ldap[0].bindCredential=mymanagerpassword > > # cas.authn.ldap[0].enhanceWithEntryResolver=true > cas.authn.ldap[0].dnFormat=uid=%s,ou=People,dc=ump,dc=ma > cas.authn.ldap[0].principalAttributeId=uid > cas.authn.ldap[0].principalAttributePassword=userPassword > # > cas.authn.ldap[0].principalAttributeList=sn,cn:commonName,givenName,eduPersonTargettedId:SOME_IDENTIFIER > # cas.authn.ldap[0].allowMultiplePrincipalAttributeValues=true > # cas.authn.ldap[0].allowMissingPrincipalAttributeValue=true > # cas.authn.ldap[0].additionalAttributes= > # cas.authn.ldap[0].credentialCriteria= > > the cas.log : > > 2017-02-27 22:46:40,549 WARN > [org.apereo.cas.util.cipher.WebflowConversationStateCipherExecutor] - > <Generated signing key BqPY9cpKbBB > PlQVuml2wYKBxFOBwZAp74eUa9aQXjE3Udj6KfZdb9LVGPENdu_OE1uNozbY61HQZSwbz_iQoqg > of size 512. The generated key MUST be added to CAS setti > ngs.> > 2017-02-27 22:46:40,549 WARN > [org.apereo.cas.util.cipher.WebflowConversationStateCipherExecutor] - <No > encryption key is defined. CAS > will attempt to auto-generate keys> > 2017-02-27 22:46:40,549 WARN > [org.apereo.cas.util.cipher.WebflowConversationStateCipherExecutor] - > <Generated encryption key LLruBckm > XiSTvndn of size 16. The generated key MUST be added to CAS settings.> > 2017-02-27 22:46:50,782 INFO > [org.apereo.cas.web.flow.InitialFlowSetupAction] - <Setting path for > cookies for warn cookie generator t > o: /cas/ > > 2017-02-27 22:47:05,542 WARN > [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - > <Authentication has failed. Credentia > ls may be incorrect or CAS cannot find authentication handler that > supports [m.hosni] of type [UsernamePasswordCredential], which sug > gests a configuration problem.> > 2017-02-27 22:47:05,549 INFO > [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit > trail record BEGIN > ============================================================= >  > WHO: m.hosni > WHAT: Supplied credentials: [m.hosni] > ACTION: AUTHENTICATION_FAILED > APPLICATION: CAS > WHEN: Mon Feb 27 22:47:05 WET 2017 > CLIENT IP ADDRESS: 127.0.0.1 > SERVER IP ADDRESS: 127.0.0.1 > ============================================================= > > > > > If someone can detect something wrong or missing configuration :( > > thanks in advance. > -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/269bde01-c2a5-4c49-adea-7f5ac65abaaa%40apereo.org.
