Everything was working properly with CAS 5.0.5 with cas.authn.ldap[0].type=SASL, but now, this type is removed in 5.1.0, I can't anymore authenticate my users.
Cas can find my LDAP user, but it can't be authenticated. I suspect that CAS can't authenticate my user, because, by default AUTHENTICATED mode return SHA encrypted value of my password (https://apereo.github.io/cas/5.1.x/installation/Configuration-Properties.html) and compare with my LDAP SSHA encrypted password. I tried diffrent kind of password encoder, but it seems to not working. I can confirm that, my LDAP username/password are OK. Here is the config : cas.authn.ldap[0].type=AUTHENTICATED cas.authn.ldap[0].ldapUrl=ldap://XXXXXXX:XXX cas.authn.ldap[0].useSsl=false cas.authn.ldap[0].useStartTls=false cas.authn.ldap[0].connectTimeout=5000 cas.authn.ldap[0].bindDn=cn=XXXXXXXX,dc=XXXXXXX,dc=com cas.authn.ldap[0].baseDn=ou=XXXXXX,dc=XXXXXXXX,dc=com cas.authn.ldap[0].userFilter=mail={user} cas.authn.ldap[0].subtreeSearch=true cas.authn.ldap[0].usePasswordPolicy=false cas.authn.ldap[0].bindCredential=XXXXXXXXX #cas.authn.ldap[0].poolPassivator=NONE cas.authn.ldap[0].enhanceWithEntryResolver=false cas.authn.ldap[0].dnFormat=cn=%s,ou=XXXXXXX,dc=XXXXXXX,dc=com cas.authn.ldap[0].principalAttributeId=uid cas.authn.ldap[0].principalAttributePassword=userPassword # Give an attribute list released from LDAP to CAS, could be used with attributeRepository.defaultAttributesToRelease to be visible on CAS P3 serviceValidate cas.authn.ldap[0].principalAttributeList=uid,sn,cn:commonName,mail,givenName cas.authn.ldap[0].allowMultiplePrincipalAttributeValues=false # cas.authn.ldap[0].additionalAttributes= # cas.authn.ldap[0].credentialCriteria= # cas.authn.ldap[0].saslMechanism=GSSAPI|DIGEST_MD5|CRAM_MD5|EXTERNAL # cas.authn.ldap[0].saslRealm=EXAMPLE.COM # cas.authn.ldap[0].saslAuthorizationId= # cas.authn.ldap[0].saslMutualAuth= # cas.authn.ldap[0].saslQualityOfProtection= # cas.authn.ldap[0].saslSecurityStrength= # cas.authn.ldap[0].trustCertificates= # cas.authn.ldap[0].keystore= # cas.authn.ldap[0].keystorePassword= # cas.authn.ldap[0].keystoreType=JKS|JCEKS|PKCS12 cas.authn.ldap[0].minPoolSize=1 cas.authn.ldap[0].maxPoolSize=10 cas.authn.ldap[0].validateOnCheckout=true cas.authn.ldap[0].validatePeriodically=false # cas.authn.ldap[0].validatePeriod=600 # cas.authn.ldap[0].failFast=true cas.authn.ldap[0].idleTime=600 cas.authn.ldap[0].prunePeriod=300 cas.authn.ldap[0].blockWaitTime=5000 cas.authn.ldap[0].timeOut=3000 cas.authn.ldap[0].providerClass=org.ldaptive.provider.unboundid.UnboundIDProvider cas.authn.ldap[0].allowMultipleDns=false #cas.authn.ldap[0].passwordEncoder.type=DEFAULT #cas.authn.ldap[0].passwordEncoder.characterEncoding=UTF-8 #cas.authn.ldap[0].passwordEncoder.encodingAlgorithm=SHA-512 # cas.authn.ldap[0].passwordEncoder.secret= # cas.authn.ldap[0].passwordEncoder.strength=16 # cas.authn.ldap[0].principalTransformation.suffix= # cas.authn.ldap[0].principalTransformation.caseConversion=NONE|UPPERCASE|LOWERCASE # cas.authn.ldap[0].principalTransformation.prefix= cas.authn.ldap[0].passwordPolicy.enabled=true cas.authn.ldap[0].passwordPolicy.policyAttributes.accountLocked=javax.security.auth.login.AccountLockedException cas.authn.ldap[0].passwordPolicy.loginFailures=5 cas.authn.ldap[0].passwordPolicy.warningAttributeValue= cas.authn.ldap[0].passwordPolicy.warningAttributeName= cas.authn.ldap[0].passwordPolicy.displayWarningOnMatch=true cas.authn.ldap[0].passwordPolicy.warnAll=true cas.authn.ldap[0].passwordPolicy.warningDays=30 Here is the log : 2017-05-31 09:49:02,968 DEBUG [org.apereo.cas.authentication.RegisteredServiceAuthenticationHandlerResolver] - <No specific authentication handlers are required for this transaction> 2017-05-31 09:49:02,970 DEBUG [org.apereo.cas.authentication.RegisteredServiceAuthenticationHandlerResolver] - <Authentication handlers used for this transaction are [OpenIdCredentialsAuthenticationHandlerHttpBasedServiceCredentialsAuthenticationHandlerLdapAuthenticationHandler]> 2017-05-31 09:49:02,977 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Transforming credential username via [org.apereo.cas.configuration.support.Beans$$Lambda$77/1077246245]> 2017-05-31 09:49:02,978 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Attempting to encode credential password via [org.springframework.security.crypto.password.NoOpPasswordEncoder] for [[email protected]]> 2017-05-31 09:49:02,979 DEBUG [org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler] - <Attempting authentication internally for transformed credential [[email protected]]> 2017-05-31 09:49:02,982 DEBUG [org.apereo.cas.authentication.LdapAuthenticationHandler] - <Attempting LDAP authentication for [[email protected]]. Authenticator pre-configured attributes are [null], additional requested attributes for this authentication request are [[uid, mail, givenName, sn, cn]]> 2017-05-31 09:49:02,986 DEBUG [org.ldaptive.auth.PooledSearchDnResolver] - <resolve user=[org.ldaptive.auth.User@1810991362::[email protected], context=null]> 2017-05-31 09:49:02,986 DEBUG [org.ldaptive.auth.PooledSearchDnResolver] - <searching for DN using userFilter> 2017-05-31 09:49:02,991 DEBUG [org.ldaptive.SearchOperation] - <execute request=[org.ldaptive.SearchRequest@-577997831::baseDn=, searchFilter=[org.ldaptive.SearchFilter@1642584434::filter=(objectClass=*), parameters={}], returnAttributes=[1.1], searchScope=OBJECT, timeLimit=PT0S, sizeLimit=1, derefAliases=null, typesOnly=false, binaryAttributes=null, sortBehavior=UNORDERED, searchEntryHandlers=null, searchReferenceHandlers=[org.ldaptive.referral.SearchReferralHandler$SearchReferenceHandler@2c95d987], controls=null, referralHandler=org.ldaptive.referral.SearchReferralHandler@7d707b9c, intermediateResponseHandlers=null] with connection=[org.ldaptive.DefaultConnectionFactory$DefaultConnection@1101123226::config=[org.ldaptive.ConnectionConfig@1520253722::ldapUrl=ldap://xxxx:xxxx, connectTimeout=PT1H23M20S, responseTimeout=PT5S, sslConfig=[org.ldaptive.ssl.SslConfig@2079692145::credentialConfig=null, trustManagers=null, enabledCipherSuites=null, enabledProtocols=null, handshakeCompletedListeners=null], useSSL=false, useStartTLS=false, connectionInitializer=[org.ldaptive.BindConnectionInitializer@2039028212::bindDn=cn=xxxxxxxx,dc=xxxxxxxx,dc=com, bindSaslConfig=null, bindControls=null], connectionStrategy=org.ldaptive.DefaultConnectionStrategy@255e3579], providerConnectionFactory=[org.ldaptive.provider.unboundid.UnboundIDConnectionFactory@1884695011::metadata=[ldapUrl=ldap://xxxx:xxxx, count=1], providerConfig=[org.ldaptive.provider.unboundid.UnboundIDProviderConfig@611790701::operationExceptionResultCodes=[SERVER_DOWN], properties={}, controlProcessor=org.ldaptive.provider.ControlProcessor@76f4ed47, connectionOptions=null, socketFactory=null, sslSocketFactory=null, searchIgnoreResultCodes=[TIME_LIMIT_EXCEEDED, SIZE_LIMIT_EXCEEDED, REFERRAL]]], providerConnection=org.ldaptive.provider.unboundid.UnboundIDConnection@39ee281d]> 2017-05-31 09:49:03,024 DEBUG [org.ldaptive.provider.unboundid.UnboundIDConnection] - <performing search: SearchRequest(baseDN='', scope=BASE, deref=NEVER, sizeLimit=1, timeLimit=0, filter='(objectClass=*)', attrs={1.1})> 2017-05-31 09:49:03,053 DEBUG [org.ldaptive.provider.unboundid.UnboundIDConnection] - <created response: [org.ldaptive.Response@789486597::result=null, resultCode=SUCCESS, message=null, matchedDn=null, responseControls=null, referralURLs=[], messageId=2]> 2017-05-31 09:49:03,055 DEBUG [org.ldaptive.SearchOperation] - <execute response=[org.ldaptive.Response@1317418705::result=[org.ldaptive.SearchResult@-1951902882::entries=[[dn=[], responseControls=null, messageId=2]], references=[]], resultCode=SUCCESS, message=null, matchedDn=null, responseControls=null, referralURLs=[], messageId=2] for request=[org.ldaptive.SearchRequest@-577997831::baseDn=, searchFilter=[org.ldaptive.SearchFilter@1642584434::filter=(objectClass=*), parameters={}], returnAttributes=[1.1], searchScope=OBJECT, timeLimit=PT0S, sizeLimit=1, derefAliases=null, typesOnly=false, binaryAttributes=null, sortBehavior=UNORDERED, searchEntryHandlers=null, searchReferenceHandlers=[org.ldaptive.referral.SearchReferralHandler$SearchReferenceHandler@2c95d987], controls=null, referralHandler=org.ldaptive.referral.SearchReferralHandler@7d707b9c, intermediateResponseHandlers=null] with connection=[org.ldaptive.DefaultConnectionFactory$DefaultConnection@1101123226::config=[org.ldaptive.ConnectionConfig@1520253722::ldapUrl=ldap://xxxx:xxxx, connectTimeout=PT1H23M20S, responseTimeout=PT5S, sslConfig=[org.ldaptive.ssl.SslConfig@2079692145::credentialConfig=null, trustManagers=null, enabledCipherSuites=null, enabledProtocols=null, handshakeCompletedListeners=null], useSSL=false, useStartTLS=false, connectionInitializer=[org.ldaptive.BindConnectionInitializer@2039028212::bindDn=cn=xxxxxxxx,dc=xxxxxxxx,dc=com, bindSaslConfig=null, bindControls=null], connectionStrategy=org.ldaptive.DefaultConnectionStrategy@255e3579], providerConnectionFactory=[org.ldaptive.provider.unboundid.UnboundIDConnectionFactory@1884695011::metadata=[ldapUrl=ldap://xxxx:xxxx, count=1], providerConfig=[org.ldaptive.provider.unboundid.UnboundIDProviderConfig@611790701::operationExceptionResultCodes=[SERVER_DOWN], properties={}, controlProcessor=org.ldaptive.provider.ControlProcessor@76f4ed47, connectionOptions=null, socketFactory=null, sslSocketFactory=null, searchIgnoreResultCodes=[TIME_LIMIT_EXCEEDED, SIZE_LIMIT_EXCEEDED, REFERRAL]]], providerConnection=org.ldaptive.provider.unboundid.UnboundIDConnection@39ee281d]> 2017-05-31 09:49:03,056 DEBUG [org.ldaptive.SearchOperation] - <execute request=[org.ldaptive.SearchRequest@1041964045::baseDn=ou=individuel,dc=xxxxxxxx,dc=com, searchFilter=[org.ldaptive.SearchFilter@-489204262::filter=mail={user}, parameters={context=null, [email protected]}], returnAttributes=[1.1], searchScope=SUBTREE, timeLimit=PT0S, sizeLimit=0, derefAliases=null, typesOnly=false, binaryAttributes=null, sortBehavior=UNORDERED, searchEntryHandlers=null, searchReferenceHandlers=null, controls=null, referralHandler=null, intermediateResponseHandlers=null] with connection=[org.ldaptive.DefaultConnectionFactory$DefaultConnection@1101123226::config=[org.ldaptive.ConnectionConfig@1520253722::ldapUrl=ldap://xxxx:xxxx, connectTimeout=PT1H23M20S, responseTimeout=PT5S, sslConfig=[org.ldaptive.ssl.SslConfig@2079692145::credentialConfig=null, trustManagers=null, enabledCipherSuites=null, enabledProtocols=null, handshakeCompletedListeners=null], useSSL=false, useStartTLS=false, connectionInitializer=[org.ldaptive.BindConnectionInitializer@2039028212::bindDn=cn=xxxxxxxx,dc=xxxxxxxx,dc=com, bindSaslConfig=null, bindControls=null], connectionStrategy=org.ldaptive.DefaultConnectionStrategy@255e3579], providerConnectionFactory=[org.ldaptive.provider.unboundid.UnboundIDConnectionFactory@1884695011::metadata=[ldapUrl=ldap://xxxx:xxxx, count=1], providerConfig=[org.ldaptive.provider.unboundid.UnboundIDProviderConfig@611790701::operationExceptionResultCodes=[SERVER_DOWN], properties={}, controlProcessor=org.ldaptive.provider.ControlProcessor@76f4ed47, connectionOptions=null, socketFactory=null, sslSocketFactory=null, searchIgnoreResultCodes=[TIME_LIMIT_EXCEEDED, SIZE_LIMIT_EXCEEDED, REFERRAL]]], providerConnection=org.ldaptive.provider.unboundid.UnboundIDConnection@39ee281d]> 2017-05-31 09:49:03,057 DEBUG [org.ldaptive.provider.unboundid.UnboundIDConnection] - <performing search: SearchRequest(baseDN='ou=individuel,dc=xxxxxxxx,dc=com', scope=SUB, deref=NEVER, sizeLimit=0, timeLimit=0, filter='[email protected]', attrs={1.1})> 2017-05-31 09:49:03,060 DEBUG [org.ldaptive.provider.unboundid.UnboundIDConnection] - <created response: [org.ldaptive.Response@1895138053::result=null, resultCode=SUCCESS, message=null, matchedDn=null, responseControls=null, referralURLs=[], messageId=3]> 2017-05-31 09:49:03,060 DEBUG [org.ldaptive.SearchOperation] - <execute response=[org.ldaptive.Response@725665706::result=[org.ldaptive.SearchResult@191229211::entries=[[dn=cn=inf10771,ou=xxxxxx,ou=xxxxxx,ou=individuel,dc=xxxxxxxx,dc=com[], responseControls=null, messageId=3]], references=[]], resultCode=SUCCESS, message=null, matchedDn=null, responseControls=null, referralURLs=[], messageId=3] for request=[org.ldaptive.SearchRequest@1041964045::baseDn=ou=individuel,dc=xxxxxxxx,dc=com, searchFilter=[org.ldaptive.SearchFilter@-489204262::filter=mail={user}, parameters={context=null, [email protected]}], returnAttributes=[1.1], searchScope=SUBTREE, timeLimit=PT0S, sizeLimit=0, derefAliases=null, typesOnly=false, binaryAttributes=null, sortBehavior=UNORDERED, searchEntryHandlers=null, searchReferenceHandlers=null, controls=null, referralHandler=null, intermediateResponseHandlers=null] with connection=[org.ldaptive.DefaultConnectionFactory$DefaultConnection@1101123226::config=[org.ldaptive.ConnectionConfig@1520253722::ldapUrl=ldap://xxxx:xxxx, connectTimeout=PT1H23M20S, responseTimeout=PT5S, sslConfig=[org.ldaptive.ssl.SslConfig@2079692145::credentialConfig=null, trustManagers=null, enabledCipherSuites=null, enabledProtocols=null, handshakeCompletedListeners=null], useSSL=false, useStartTLS=false, connectionInitializer=[org.ldaptive.BindConnectionInitializer@2039028212::bindDn=cn=xxxxxxxx,dc=xxxxxxxx,dc=com, bindSaslConfig=null, bindControls=null], connectionStrategy=org.ldaptive.DefaultConnectionStrategy@255e3579], providerConnectionFactory=[org.ldaptive.provider.unboundid.UnboundIDConnectionFactory@1884695011::metadata=[ldapUrl=ldap://xxxx:xxxx, count=1], providerConfig=[org.ldaptive.provider.unboundid.UnboundIDProviderConfig@611790701::operationExceptionResultCodes=[SERVER_DOWN], properties={}, controlProcessor=org.ldaptive.provider.ControlProcessor@76f4ed47, connectionOptions=null, socketFactory=null, sslSocketFactory=null, searchIgnoreResultCodes=[TIME_LIMIT_EXCEEDED, SIZE_LIMIT_EXCEEDED, REFERRAL]]], providerConnection=org.ldaptive.provider.unboundid.UnboundIDConnection@39ee281d]> 2017-05-31 09:49:03,060 DEBUG [org.ldaptive.BindOperation] - <execute request=[org.ldaptive.BindRequest@1997076822::bindDn=cn=xxxxxxxx,dc=xxxxxxxx,dc=com, saslConfig=null, controls=null, referralHandler=null, intermediateResponseHandlers=null] with connection=[org.ldaptive.DefaultConnectionFactory$DefaultConnection@1101123226::config=[org.ldaptive.ConnectionConfig@1520253722::ldapUrl=ldap://xxxx:xxxx, connectTimeout=PT1H23M20S, responseTimeout=PT5S, sslConfig=[org.ldaptive.ssl.SslConfig@2079692145::credentialConfig=null, trustManagers=null, enabledCipherSuites=null, enabledProtocols=null, handshakeCompletedListeners=null], useSSL=false, useStartTLS=false, connectionInitializer=[org.ldaptive.BindConnectionInitializer@2039028212::bindDn=cn=xxxxxxxx,dc=xxxxxxxx,dc=com, bindSaslConfig=null, bindControls=null], connectionStrategy=org.ldaptive.DefaultConnectionStrategy@255e3579], providerConnectionFactory=[org.ldaptive.provider.unboundid.UnboundIDConnectionFactory@1884695011::metadata=[ldapUrl=ldap://xxxx:xxxx, count=1], providerConfig=[org.ldaptive.provider.unboundid.UnboundIDProviderConfig@611790701::operationExceptionResultCodes=[SERVER_DOWN], properties={}, controlProcessor=org.ldaptive.provider.ControlProcessor@76f4ed47, connectionOptions=null, socketFactory=null, sslSocketFactory=null, searchIgnoreResultCodes=[TIME_LIMIT_EXCEEDED, SIZE_LIMIT_EXCEEDED, REFERRAL]]], providerConnection=org.ldaptive.provider.unboundid.UnboundIDConnection@39ee281d]> 2017-05-31 09:49:03,070 DEBUG [org.ldaptive.BindOperation] - <execute response=[org.ldaptive.Response@1418681517::result=null, resultCode=SUCCESS, message=null, matchedDn=null, responseControls=null, referralURLs=[], messageId=4] for request=[org.ldaptive.BindRequest@1997076822::bindDn=cn=xxxxxxxx,dc=xxxxxxxx,dc=com, saslConfig=null, controls=null, referralHandler=null, intermediateResponseHandlers=null] with connection=[org.ldaptive.DefaultConnectionFactory$DefaultConnection@1101123226::config=[org.ldaptive.ConnectionConfig@1520253722::ldapUrl=ldap://xxxx:xxxx, connectTimeout=PT1H23M20S, responseTimeout=PT5S, sslConfig=[org.ldaptive.ssl.SslConfig@2079692145::credentialConfig=null, trustManagers=null, enabledCipherSuites=null, enabledProtocols=null, handshakeCompletedListeners=null], useSSL=false, useStartTLS=false, connectionInitializer=[org.ldaptive.BindConnectionInitializer@2039028212::bindDn=cn=xxxxxxxx,dc=xxxxxxxx,dc=com, bindSaslConfig=null, bindControls=null], connectionStrategy=org.ldaptive.DefaultConnectionStrategy@255e3579], providerConnectionFactory=[org.ldaptive.provider.unboundid.UnboundIDConnectionFactory@1884695011::metadata=[ldapUrl=ldap://xxxx:xxxx, count=1], providerConfig=[org.ldaptive.provider.unboundid.UnboundIDProviderConfig@611790701::operationExceptionResultCodes=[SERVER_DOWN], properties={}, controlProcessor=org.ldaptive.provider.ControlProcessor@76f4ed47, connectionOptions=null, socketFactory=null, sslSocketFactory=null, searchIgnoreResultCodes=[TIME_LIMIT_EXCEEDED, SIZE_LIMIT_EXCEEDED, REFERRAL]]], providerConnection=org.ldaptive.provider.unboundid.UnboundIDConnection@39ee281d]> 2017-05-31 09:49:03,071 DEBUG [org.ldaptive.auth.PooledSearchDnResolver] - <resolved dn=cn=inf10771,ou=xxxxxx,ou=xxxxxx,ou=individuel,dc=xxxxxxxx,dc=com for user=[org.ldaptive.auth.User@1810991362::[email protected], context=null]> 2017-05-31 09:49:03,075 DEBUG [org.ldaptive.auth.Authenticator] - <authenticate dn=cn=inf10771,ou=xxxxxx,ou=xxxxxx,ou=individuel,dc=xxxxxxxx,dc=com with request=[org.ldaptive.auth.AuthenticationRequest@518364974::user=[org.ldaptive.auth.User@1810991362::[email protected], context=null], returnAttributes=[uid, mail, givenName, sn, cn]]> 2017-05-31 09:49:03,077 DEBUG [org.ldaptive.auth.PooledCompareAuthenticationHandler] - <authenticate criteria=[org.ldaptive.auth.AuthenticationCriteria@1112853084::dn=cn=inf10771,ou=xxxxxx,ou=xxxxxx,ou=individuel,dc=xxxxxxxx,dc=com, authenticationRequest=[org.ldaptive.auth.AuthenticationRequest@518364974::user=[org.ldaptive.auth.User@1810991362::[email protected], context=null], returnAttributes=[uid, mail, givenName, sn, cn]]]> 2017-05-31 09:49:03,077 DEBUG [org.ldaptive.SearchOperation] - <execute request=[org.ldaptive.SearchRequest@1891521909::baseDn=, searchFilter=[org.ldaptive.SearchFilter@1642584434::filter=(objectClass=*), parameters={}], returnAttributes=[1.1], searchScope=OBJECT, timeLimit=PT0S, sizeLimit=1, derefAliases=null, typesOnly=false, binaryAttributes=null, sortBehavior=UNORDERED, searchEntryHandlers=null, searchReferenceHandlers=[org.ldaptive.referral.SearchReferralHandler$SearchReferenceHandler@10f62397], controls=null, referralHandler=org.ldaptive.referral.SearchReferralHandler@5f1c09c8, intermediateResponseHandlers=null] with connection=[org.ldaptive.DefaultConnectionFactory$DefaultConnection@1656964227::config=[org.ldaptive.ConnectionConfig@1763680363::ldapUrl=ldap://xxxx:xxxx, connectTimeout=PT1H23M20S, responseTimeout=PT5S, sslConfig=[org.ldaptive.ssl.SslConfig@1442941949::credentialConfig=null, trustManagers=null, enabledCipherSuites=null, enabledProtocols=null, handshakeCompletedListeners=null], useSSL=false, useStartTLS=false, connectionInitializer=[org.ldaptive.BindConnectionInitializer@1878521940::bindDn=cn=xxxxxxxx,dc=xxxxxxxx,dc=com, bindSaslConfig=null, bindControls=null], connectionStrategy=org.ldaptive.DefaultConnectionStrategy@2ccf8f1f], providerConnectionFactory=[org.ldaptive.provider.unboundid.UnboundIDConnectionFactory@849749463::metadata=[ldapUrl=ldap://xxxx:xxxx, count=1], providerConfig=[org.ldaptive.provider.unboundid.UnboundIDProviderConfig@1648485355::operationExceptionResultCodes=[SERVER_DOWN], properties={}, controlProcessor=org.ldaptive.provider.ControlProcessor@61f51e70, connectionOptions=null, socketFactory=null, sslSocketFactory=null, searchIgnoreResultCodes=[TIME_LIMIT_EXCEEDED, SIZE_LIMIT_EXCEEDED, REFERRAL]]], providerConnection=org.ldaptive.provider.unboundid.UnboundIDConnection@196ab991]> 2017-05-31 09:49:03,078 DEBUG [org.ldaptive.provider.unboundid.UnboundIDConnection] - <performing search: SearchRequest(baseDN='', scope=BASE, deref=NEVER, sizeLimit=1, timeLimit=0, filter='(objectClass=*)', attrs={1.1})> 2017-05-31 09:49:03,081 DEBUG [org.ldaptive.provider.unboundid.UnboundIDConnection] - <created response: [org.ldaptive.Response@1870936107::result=null, resultCode=SUCCESS, message=null, matchedDn=null, responseControls=null, referralURLs=[], messageId=2]> 2017-05-31 09:49:03,081 DEBUG [org.ldaptive.SearchOperation] - <execute response=[org.ldaptive.Response@1103129410::result=[org.ldaptive.SearchResult@-1951902882::entries=[[dn=[], responseControls=null, messageId=2]], references=[]], resultCode=SUCCESS, message=null, matchedDn=null, responseControls=null, referralURLs=[], messageId=2] for request=[org.ldaptive.SearchRequest@1891521909::baseDn=, searchFilter=[org.ldaptive.SearchFilter@1642584434::filter=(objectClass=*), parameters={}], returnAttributes=[1.1], searchScope=OBJECT, timeLimit=PT0S, sizeLimit=1, derefAliases=null, typesOnly=false, binaryAttributes=null, sortBehavior=UNORDERED, searchEntryHandlers=null, searchReferenceHandlers=[org.ldaptive.referral.SearchReferralHandler$SearchReferenceHandler@10f62397], controls=null, referralHandler=org.ldaptive.referral.SearchReferralHandler@5f1c09c8, intermediateResponseHandlers=null] with connection=[org.ldaptive.DefaultConnectionFactory$DefaultConnection@1656964227::config=[org.ldaptive.ConnectionConfig@1763680363::ldapUrl=ldap://xxxx:xxxx, connectTimeout=PT1H23M20S, responseTimeout=PT5S, sslConfig=[org.ldaptive.ssl.SslConfig@1442941949::credentialConfig=null, trustManagers=null, enabledCipherSuites=null, enabledProtocols=null, handshakeCompletedListeners=null], useSSL=false, useStartTLS=false, connectionInitializer=[org.ldaptive.BindConnectionInitializer@1878521940::bindDn=cn=xxxxxxxx,dc=xxxxxxxx,dc=com, bindSaslConfig=null, bindControls=null], connectionStrategy=org.ldaptive.DefaultConnectionStrategy@2ccf8f1f], providerConnectionFactory=[org.ldaptive.provider.unboundid.UnboundIDConnectionFactory@849749463::metadata=[ldapUrl=ldap://xxxx:xxxx, count=1], providerConfig=[org.ldaptive.provider.unboundid.UnboundIDProviderConfig@1648485355::operationExceptionResultCodes=[SERVER_DOWN], properties={}, controlProcessor=org.ldaptive.provider.ControlProcessor@61f51e70, connectionOptions=null, socketFactory=null, sslSocketFactory=null, searchIgnoreResultCodes=[TIME_LIMIT_EXCEEDED, SIZE_LIMIT_EXCEEDED, REFERRAL]]], providerConnection=org.ldaptive.provider.unboundid.UnboundIDConnection@196ab991]> 2017-05-31 09:49:03,087 DEBUG [org.ldaptive.CompareOperation] - <execute request=[org.ldaptive.CompareRequest@1936625851::compareDn=cn=inf10771,ou=xxxxxx,ou=xxxxxx,ou=individuel,dc=xxxxxxxx,dc=com, attribute=[userPassword[e1NIQX1xeWlINUdPc2xQbmpvNnlvcUd3bGh1V0c3b2c9]], controls=null, referralHandler=null, intermediateResponseHandlers=null] with connection=[org.ldaptive.DefaultConnectionFactory$DefaultConnection@1656964227::config=[org.ldaptive.ConnectionConfig@1763680363::ldapUrl=ldap://xxxx:xxxx, connectTimeout=PT1H23M20S, responseTimeout=PT5S, sslConfig=[org.ldaptive.ssl.SslConfig@1442941949::credentialConfig=null, trustManagers=null, enabledCipherSuites=null, enabledProtocols=null, handshakeCompletedListeners=null], useSSL=false, useStartTLS=false, connectionInitializer=[org.ldaptive.BindConnectionInitializer@1878521940::bindDn=cn=xxxxxxxx,dc=xxxxxxxx,dc=com, bindSaslConfig=null, bindControls=null], connectionStrategy=org.ldaptive.DefaultConnectionStrategy@2ccf8f1f], providerConnectionFactory=[org.ldaptive.provider.unboundid.UnboundIDConnectionFactory@849749463::metadata=[ldapUrl=ldap://xxxx:xxxx, count=1], providerConfig=[org.ldaptive.provider.unboundid.UnboundIDProviderConfig@1648485355::operationExceptionResultCodes=[SERVER_DOWN], properties={}, controlProcessor=org.ldaptive.provider.ControlProcessor@61f51e70, connectionOptions=null, socketFactory=null, sslSocketFactory=null, searchIgnoreResultCodes=[TIME_LIMIT_EXCEEDED, SIZE_LIMIT_EXCEEDED, REFERRAL]]], providerConnection=org.ldaptive.provider.unboundid.UnboundIDConnection@196ab991]> 2017-05-31 09:49:03,096 DEBUG [org.ldaptive.CompareOperation] - <execute response=[org.ldaptive.Response@467627795::result=false, resultCode=COMPARE_FALSE, message=null, matchedDn=null, responseControls=null, referralURLs=[], messageId=3] for request=[org.ldaptive.CompareRequest@1936625851::compareDn=cn=inf10771,ou=xxxxxx,ou=xxxxxx,ou=individuel,dc=xxxxxxxx,dc=com, attribute=[userPassword[e1NIQX1xeWlINUdPc2xQbmpvNnlvcUd3bGh1V0c3b2c9]], controls=null, referralHandler=null, intermediateResponseHandlers=null] with connection=[org.ldaptive.DefaultConnectionFactory$DefaultConnection@1656964227::config=[org.ldaptive.ConnectionConfig@1763680363::ldapUrl=ldap://xxxx:xxxx, connectTimeout=PT1H23M20S, responseTimeout=PT5S, sslConfig=[org.ldaptive.ssl.SslConfig@1442941949::credentialConfig=null, trustManagers=null, enabledCipherSuites=null, enabledProtocols=null, handshakeCompletedListeners=null], useSSL=false, useStartTLS=false, connectionInitializer=[org.ldaptive.BindConnectionInitializer@1878521940::bindDn=cn=xxxxxxxx,dc=xxxxxxxx,dc=com, bindSaslConfig=null, bindControls=null], connectionStrategy=org.ldaptive.DefaultConnectionStrategy@2ccf8f1f], providerConnectionFactory=[org.ldaptive.provider.unboundid.UnboundIDConnectionFactory@849749463::metadata=[ldapUrl=ldap://xxxx:xxxx, count=1], providerConfig=[org.ldaptive.provider.unboundid.UnboundIDProviderConfig@1648485355::operationExceptionResultCodes=[SERVER_DOWN], properties={}, controlProcessor=org.ldaptive.provider.ControlProcessor@61f51e70, connectionOptions=null, socketFactory=null, sslSocketFactory=null, searchIgnoreResultCodes=[TIME_LIMIT_EXCEEDED, SIZE_LIMIT_EXCEEDED, REFERRAL]]], providerConnection=org.ldaptive.provider.unboundid.UnboundIDConnection@196ab991]> 2017-05-31 09:49:03,097 DEBUG [org.ldaptive.auth.PooledCompareAuthenticationHandler] - <authenticate response=[org.ldaptive.auth.AuthenticationHandlerResponse@481550235::connection=[org.ldaptive.DefaultConnectionFactory$DefaultConnection@1656964227::config=[org.ldaptive.ConnectionConfig@1763680363::ldapUrl=ldap://xxxx:xxxx, connectTimeout=PT1H23M20S, responseTimeout=PT5S, sslConfig=[org.ldaptive.ssl.SslConfig@1442941949::credentialConfig=null, trustManagers=null, enabledCipherSuites=null, enabledProtocols=null, handshakeCompletedListeners=null], useSSL=false, useStartTLS=false, connectionInitializer=[org.ldaptive.BindConnectionInitializer@1878521940::bindDn=cn=xxxxxxxx,dc=xxxxxxxx,dc=com, bindSaslConfig=null, bindControls=null], connectionStrategy=org.ldaptive.DefaultConnectionStrategy@2ccf8f1f], providerConnectionFactory=[org.ldaptive.provider.unboundid.UnboundIDConnectionFactory@849749463::metadata=[ldapUrl=ldap://xxxx:xxxx, count=1], providerConfig=[org.ldaptive.provider.unboundid.UnboundIDProviderConfig@1648485355::operationExceptionResultCodes=[SERVER_DOWN], properties={}, controlProcessor=org.ldaptive.provider.ControlProcessor@61f51e70, connectionOptions=null, socketFactory=null, sslSocketFactory=null, searchIgnoreResultCodes=[TIME_LIMIT_EXCEEDED, SIZE_LIMIT_EXCEEDED, REFERRAL]]], providerConnection=org.ldaptive.provider.unboundid.UnboundIDConnection@196ab991], result=false, resultCode=COMPARE_FALSE, message=null, controls=null] for criteria=[org.ldaptive.auth.AuthenticationCriteria@1112853084::dn=cn=inf10771,ou=xxxxxx,ou=xxxxxx,ou=individuel,dc=xxxxxxxx,dc=com, authenticationRequest=[org.ldaptive.auth.AuthenticationRequest@518364974::user=[org.ldaptive.auth.User@1810991362::[email protected], context=null], returnAttributes=[uid, mail, givenName, sn, cn]]]> 2017-05-31 09:49:03,097 DEBUG [org.ldaptive.BindOperation] - <execute request=[org.ldaptive.BindRequest@1806262712::bindDn=cn=xxxxxxxx,dc=xxxxxxxx,dc=com, saslConfig=null, controls=null, referralHandler=null, intermediateResponseHandlers=null] with connection=[org.ldaptive.DefaultConnectionFactory$DefaultConnection@1656964227::config=[org.ldaptive.ConnectionConfig@1763680363::ldapUrl=ldap://xxxx:xxxx, connectTimeout=PT1H23M20S, responseTimeout=PT5S, sslConfig=[org.ldaptive.ssl.SslConfig@1442941949::credentialConfig=null, trustManagers=null, enabledCipherSuites=null, enabledProtocols=null, handshakeCompletedListeners=null], useSSL=false, useStartTLS=false, connectionInitializer=[org.ldaptive.BindConnectionInitializer@1878521940::bindDn=cn=xxxxxxxx,dc=xxxxxxxx,dc=com, bindSaslConfig=null, bindControls=null], connectionStrategy=org.ldaptive.DefaultConnectionStrategy@2ccf8f1f], providerConnectionFactory=[org.ldaptive.provider.unboundid.UnboundIDConnectionFactory@849749463::metadata=[ldapUrl=ldap://xxxx:xxxx, count=1], providerConfig=[org.ldaptive.provider.unboundid.UnboundIDProviderConfig@1648485355::operationExceptionResultCodes=[SERVER_DOWN], properties={}, controlProcessor=org.ldaptive.provider.ControlProcessor@61f51e70, connectionOptions=null, socketFactory=null, sslSocketFactory=null, searchIgnoreResultCodes=[TIME_LIMIT_EXCEEDED, SIZE_LIMIT_EXCEEDED, REFERRAL]]], providerConnection=org.ldaptive.provider.unboundid.UnboundIDConnection@196ab991]> 2017-05-31 09:49:03,099 DEBUG [org.ldaptive.BindOperation] - <execute response=[org.ldaptive.Response@1851287311::result=null, resultCode=SUCCESS, message=null, matchedDn=null, responseControls=null, referralURLs=[], messageId=4] for request=[org.ldaptive.BindRequest@1806262712::bindDn=cn=xxxxxxxx,dc=xxxxxxxx,dc=com, saslConfig=null, controls=null, referralHandler=null, intermediateResponseHandlers=null] with connection=[org.ldaptive.DefaultConnectionFactory$DefaultConnection@1656964227::config=[org.ldaptive.ConnectionConfig@1763680363::ldapUrl=ldap://xxxx:xxxx, connectTimeout=PT1H23M20S, responseTimeout=PT5S, sslConfig=[org.ldaptive.ssl.SslConfig@1442941949::credentialConfig=null, trustManagers=null, enabledCipherSuites=null, enabledProtocols=null, handshakeCompletedListeners=null], useSSL=false, useStartTLS=false, connectionInitializer=[org.ldaptive.BindConnectionInitializer@1878521940::bindDn=cn=xxxxxxxx,dc=xxxxxxxx,dc=com, bindSaslConfig=null, bindControls=null], connectionStrategy=org.ldaptive.DefaultConnectionStrategy@2ccf8f1f], providerConnectionFactory=[org.ldaptive.provider.unboundid.UnboundIDConnectionFactory@849749463::metadata=[ldapUrl=ldap://xxxx:xxxx, count=1], providerConfig=[org.ldaptive.provider.unboundid.UnboundIDProviderConfig@1648485355::operationExceptionResultCodes=[SERVER_DOWN], properties={}, controlProcessor=org.ldaptive.provider.ControlProcessor@61f51e70, connectionOptions=null, socketFactory=null, sslSocketFactory=null, searchIgnoreResultCodes=[TIME_LIMIT_EXCEEDED, SIZE_LIMIT_EXCEEDED, REFERRAL]]], providerConnection=org.ldaptive.provider.unboundid.UnboundIDConnection@196ab991]> 2017-05-31 09:49:03,099 INFO [org.ldaptive.auth.Authenticator] - <Authentication failed for dn: cn=inf10771,ou=xxxxxx,ou=xxxxxx,ou=individuel,dc=xxxxxxxx,dc=com> 2017-05-31 09:49:03,101 DEBUG [org.ldaptive.auth.Authenticator] - <authenticate response=[org.ldaptive.auth.AuthenticationHandlerResponse@481550235::connection=[org.ldaptive.DefaultConnectionFactory$DefaultConnection@1656964227::config=[org.ldaptive.ConnectionConfig@1763680363::ldapUrl=ldap://xxxx:xxxx, connectTimeout=PT1H23M20S, responseTimeout=PT5S, sslConfig=[org.ldaptive.ssl.SslConfig@1442941949::credentialConfig=null, trustManagers=null, enabledCipherSuites=null, enabledProtocols=null, handshakeCompletedListeners=null], useSSL=false, useStartTLS=false, connectionInitializer=[org.ldaptive.BindConnectionInitializer@1878521940::bindDn=cn=xxxxxxxx,dc=xxxxxxxx,dc=com, bindSaslConfig=null, bindControls=null], connectionStrategy=org.ldaptive.DefaultConnectionStrategy@2ccf8f1f], providerConnectionFactory=[org.ldaptive.provider.unboundid.UnboundIDConnectionFactory@849749463::metadata=[ldapUrl=ldap://xxxx:xxxx, count=1], providerConfig=[org.ldaptive.provider.unboundid.UnboundIDProviderConfig@1648485355::operationExceptionResultCodes=[SERVER_DOWN], properties={}, controlProcessor=org.ldaptive.provider.ControlProcessor@61f51e70, connectionOptions=null, socketFactory=null, sslSocketFactory=null, searchIgnoreResultCodes=[TIME_LIMIT_EXCEEDED, SIZE_LIMIT_EXCEEDED, REFERRAL]]], providerConnection=org.ldaptive.provider.unboundid.UnboundIDConnection@196ab991], result=false, resultCode=COMPARE_FALSE, message=null, controls=null] for dn=cn=inf10771,ou=xxxxxx,ou=xxxxxx,ou=individuel,dc=xxxxxxxx,dc=com with request=[org.ldaptive.auth.AuthenticationRequest@518364974::user=[org.ldaptive.auth.User@1810991362::[email protected], context=null], returnAttributes=[uid, mail, givenName, sn, cn]]> 2017-05-31 09:49:03,101 DEBUG [org.apereo.cas.authentication.LdapAuthenticationHandler] - <LDAP response: [[org.ldaptive.auth.AuthenticationResponse@185733131::authenticationResultCode=AUTHENTICATION_HANDLER_FAILURE, resolvedDn=cn=inf10771,ou=xxxxxx,ou=xxxxxx,ou=individuel,dc=xxxxxxxx,dc=com, ldapEntry=[dn=cn=inf10771,ou=xxxxxx,ou=xxxxxx,ou=individuel,dc=xxxxxxxx,dc=com[]], accountState=null, result=false, resultCode=COMPARE_FALSE, message=null, controls=null]]> 2017-05-31 09:49:03,102 DEBUG [org.apereo.cas.authentication.LdapAuthenticationHandler] - <Applying password policy to [[org.ldaptive.auth.AuthenticationResponse@185733131::authenticationResultCode=AUTHENTICATION_HANDLER_FAILURE, resolvedDn=cn=inf10771,ou=xxxxxx,ou=xxxxxx,ou=individuel,dc=xxxxxxxx,dc=com, ldapEntry=[dn=cn=inf10771,ou=xxxxxx,ou=xxxxxx,ou=individuel,dc=xxxxxxxx,dc=com[]], accountState=null, result=false, resultCode=COMPARE_FALSE, message=null, controls=null]]> 2017-05-31 09:49:03,104 DEBUG [org.apereo.cas.authentication.support.DefaultAccountStateHandler] - <Account state not defined. Returning empty list of messages.> 2017-05-31 09:49:03,105 INFO [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <[LdapAuthenticationHandler] failed authenticating [[email protected]]> 2017-05-31 09:49:03,106 DEBUG [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <[LdapAuthenticationHandler] exception details: [Invalid credentials]> 2017-05-31 09:49:03,106 WARN [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <Authentication has failed. Credentials may be incorrect or CAS cannot find authentication handler that supports [[email protected]] of type [UsernamePasswordCredential], which suggests a configuration problem.> 2017-05-31 09:49:03,110 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN ============================================================= WHO: [email protected] WHAT: Supplied credentials: [[email protected]] ACTION: AUTHENTICATION_FAILED APPLICATION: CAS WHEN: Wed May 31 09:49:03 EDT 2017 CLIENT IP ADDRESS: 127.0.0.1 SERVER IP ADDRESS: 127.0.0.1 ============================================================= -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/ab6e1a2a-6e25-4003-b94d-132b1d86afe9%40apereo.org.
