Hi everyone, *Im using* : - cas-overlay-template-master *5.1.1* - cas-services-management-overlay-master *5.1.1*
I have an error to access on CAS-MANAGEMENT *cas.properties* cas.server.name=https://server_name.domain.prive.fr:8443 cas.server.prefix=https://server_name.domain.prive.fr:8443/cas logging.config: file:/etc/cas/config/log4j2.xml cas.serviceRegistry.config.location: file:/etc/cas/services #======================================== # Authentication #======================================== cas.authn.accept.users= #======================================== ## Embedded Tomcat HTTP/AJP ## Enable HTTP/AJP connections for the embedded Tomcat container. #======================================== cas.server.http.enabled=false #======================================== # LDAP : If AUP is controlled via LDAP, decide how choices should be remembered back inside the LDAP instance. #======================================== cas.authn.ldap[0].type=AUTHENTICATED cas.authn.ldap[0].ldapUrl=ldap://domain.prive.fr cas.authn.ldap[0].useSsl=false cas.authn.ldap[0].baseDn=dc=domain,dc=prive,dc=fr cas.authn.ldap[0].userFilter=sAMAccountName={user} cas.authn.ldap[0].bindDn=CN=BIND Ldap,OU=Tech,DC=domain,DC=prive,DC=fr cas.authn.ldap[0].bindCredential=bindpwd cas.authn.ldap[0].useStartTls=false cas.authn.ldap[0].connectTimeout=5000 cas.authn.ldap[0].principalAttributeID=sAMAccountName cas.authn.ldap[0].principalAttributeList=sAMAccountName,displayName,mail, altSecurityIdentities,memberOf,description:UDC_IDENTIFIER cas.authn.ldap[0].userFilter=sAMAccountName={user} cas.authn.ldap[0].subtreeSearch=true cas.authn.ldap[0].minPoolSize=3 cas.authn.ldap[0].maxPoolSize=10 cas.authn.ldap[0].validateOnCheckout=true cas.authn.ldap[0].validatePeriodically=true cas.authn.ldap[0].validatePeriod=600 cas.authn.ldap[0].failFast=true cas.authn.ldap[0].idleTime=500 cas.authn.ldap[0].prunePeriod=600 cas.authn.ldap[0].blockWaitTime=5000 #======================================== # Admin Status Endpoints # The following properties describe access controls and settings for the /status endpoint of CAS which provides administrative functionality and oversight into the CAS software. To learn more about this topic, please review this guide. #======================================== cas.monitor.endpoints.enabled=true cas.monitor.endpoints.sensitive=false cas.monitor.endpoints.dashboard.enabled=true cas.monitor.endpoints.dashboard.sensitive=false cas.monitor.endpoints.status.enabled=true cas.monitor.endpoints.status.sensitive=false # IP address may be enough to protect all endpoints. # If you wish to protect the admin pages via CAS itself, configure the rest. cas.adminPagesSecurity.ip=10\.10\.10\.10 *pom.xml* (CAS) <dependencies> <dependency> <groupId>org.apereo.cas</groupId> <artifactId>cas-server-webapp${app.server}</artifactId> <version>${cas.version}</version> <type>war</type> <scope>runtime</scope> </dependency> <dependency> <groupId>org.apereo.cas</groupId> <artifactId>cas-server-support-ldap</artifactId> <version>${cas.version}</version> </dependency> <dependency> <groupId>org.ldaptive</groupId> <artifactId>ldaptive-unboundid</artifactId> <version>1.0</version> </dependency> <dependency> <groupId>org.apereo.cas</groupId> <artifactId>cas-server-support-json-service-registry </artifactId> <version>${cas.version}</version> </dependency> </dependencies> *HTTPSandIMAPS-10000001.json* (To access on my CAS-MANAGEMENT service) { "@class" : "org.apereo.cas.services.RegexRegisteredService", "serviceId" : "^(https|imaps)://.*", "name" : "HTTPS and IMAPS", "id" : 10000001, "description" : "This service definition authorizes all application urls that support HTTPS and IMAPS protocols.", "evaluationOrder" : 10000, "accessStrategy" : { "@class" : "org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy", "enabled" : true, "ssoEnabled" : true, "attributeReleasePolicy" : { "@class" : "org.apereo.cas.services.ReturnMappedAttributeReleasePolicy", "allowedAttributes" : { "@class" : "java.util.TreeMap", "sAMAccountName" : "principal", "groupMembership" : "group" } } } *management.properties* # CAS server that management app will authenticate with cas.server.name=https://server_name.chsjsl.prive.fr:8443 cas.server.prefix=https://server_name.domain.prive.fr:8443/cas # Management cas.mgmt.host=${cas.server.name} cas.mgmt.adminRoles=ROLE_ADMIN cas.mgmt.userPropertiesFile=file:/etc/cas/config/users.properties # Update this URL to point at server running this management app cas.mgmt.serverName=https://server_name.domain.prive.fr:8443 server.context-path=/cas-management server.port=8443 spring.thymeleaf.mode=HTML logging.config=file:/etc/cas/config/log4j2-management.xml cas.serviceRegistry.config.location: file:/etc/cas/services cas.authn.ldap[0].type=AUTHENTICATED cas.authn.ldap[0].ldapUrl=ldap://domain.prive.fr cas.authn.ldap[0].useSsl=false cas.authn.ldap[0].baseDn=dc=domain,dc=prive,dc=fr cas.authn.ldap[0].userFilter=sAMAccountName={user} cas.authn.ldap[0].principalAttributeID=sAMAccountName cas.authn.ldap[0].principalAttributeList=sAMAccountName,displayName,mail, memberOf,description:UDC_IDENTIFIER cas.authn.ldap[0].userFilter=sAMAccountName={user} cas.authn.ldap[0].allowMissingPrincipalAttributeValue=true cas.authn.attributeRepository.defaultAttributesToRelease=sAMAccountName, displayName,mail cas.mgmt.authzAttributes[0]=sAMAccountName cas.mgmt.authzAttributes[1]=displayName cas.mgmt.authzAttributes[3]=mail cas.mgmt.ldap.ldapUrl=Ldap://domain.prive.fr cas.mgmt.ldap.baseDn=dc=domain,dc=prive,dc=fr cas.mgmt.ldap.userFilter=sAMAccountName={user} cas.mgmt.ldap.bindDn=CN=BIND Ldap,OU=Tech,DC=domain,DC=prive,DC=fr cas.mgmt.ldap.bindCredential=bindpwd cas.mgmt.ldap.useSsl=false *pom.xml (CAS-MANAGEMENT)* <dependencies> <dependency> <groupId>org.apereo.cas</groupId> <artifactId>cas-management-webapp</artifactId> <version>${cas.version}</version> <type>war</type> <scope>runtime</scope> </dependency> <dependency> <groupId>org.apereo.cas</groupId> <artifactId>cas-management-webapp-support-ldap</artifactId> <version>${cas.version}</version> </dependency> </dependencies> *Access test *: https://server_name.domain.prive.fr:8443/cas/login : *OK *(connection success with LDAP account) Log: *ACTION: AUTHENTICATION_SUCCESSACTION: TICKET_GRANTING_TICKET_CREATED* https://server_name.domain.prive.fr:8443/cas-management/ : Access and login OK i'm redirect to : https://server_name.domain.prive.fr:8443/cas-management/manage.html?ticket=ST-1-dFCwhu1DizWlOLTNS55B-SERVER_NAME : *KO * *The CAS management webapp is unavailable. There was an error trying to complete your request. Please notify your support desk or try again.* Log: *2017-08-02 11:09:43,143 INFO [org.pac4j.core.profile.ProfileHelper] - Building user profile based on typedId: myloginldap* *2017-08-02 11:09:43,157 ERROR [org.apereo.cas.mgmt.services.web.AbstractManagementController] - java.lang.NullPointerExceptionorg.pac4j.core.exception.TechnicalException: java.lang.NullPointerException at org.pac4j.core.engine.DefaultSecurityLogic.perform(DefaultSecurityLogic.java:165) ~[pac4j-core-2.0.0.jar:?] at org.pac4j.springframework.web.SecurityInterceptor.preHandle(SecurityInterceptor.java:65) ~[spring-webmvc-pac4j-2.0.0.jar:?] at org.springframework.web.servlet.HandlerExecutionChain.applyPreHandle(HandlerExecutionChain.java:134) ~[spring-webmvc-4.3.8.RELEASE.jar:4.3.8.RELEASE] at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:958) [spring-webmvc-4.3.8.RELEASE.jar:4.3.8.RELEASE] at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:897) [spring-webmvc-4.3.8.RELEASE.jar:4.3.8.RELEASE] at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970) [spring-webmvc-4.3.8.RELEASE.jar:4.3.8.RELEASE] at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:861) [spring-webmvc-4.3.8.RELEASE.jar:4.3.8.RELEASE] at javax.servlet.http.HttpServlet.service(HttpServlet.java:635) [servlet-api.jar:?] at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846) [spring-webmvc-4.3.8.RELEASE.jar:4.3.8.RELEASE] at javax.servlet.http.HttpServlet.service(HttpServlet.java:742) [servlet-api.jar:?] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:230) [catalina.jar:8.5.13] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) [catalina.jar:8.5.13] at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) [tomcat-websocket.jar:8.5.13] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) [catalina.jar:8.5.13] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) [catalina.jar:8.5.13] at org.springframework.boot.web.filter.ApplicationContextHeaderFilter.doFilterInternal(ApplicationContextHeaderFilter.java:55) [spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE] at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.8.RELEASE.jar:4.3.8.RELEASE] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) [catalina.jar:8.5.13] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) [catalina.jar:8.5.13] at org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:64) [inspektr-common-1.7.GA.jar:1.7.GA] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) [catalina.jar:8.5.13] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) [catalina.jar:8.5.13] at org.springframework.boot.actuate.trace.WebRequestTraceFilter.doFilterInternal(WebRequestTraceFilter.java:110) [spring-boot-actuator-1.5.3.RELEASE.jar:1.5.3.RELEASE] at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.8.RELEASE.jar:4.3.8.RELEASE] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) [catalina.jar:8.5.13] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) [catalina.jar:8.5.13] at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99) [spring-web-4.3.8.RELEASE.jar:4.3.8.RELEASE] at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.8.RELEASE.jar:4.3.8.RELEASE] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) [catalina.jar:8.5.13] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) [catalina.jar:8.5.13] at org.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:105) [spring-web-4.3.8.RELEASE.jar:4.3.8.RELEASE] at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.8.RELEASE.jar:4.3.8.RELEASE] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) [catalina.jar:8.5.13] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) [catalina.jar:8.5.13] at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:81) [spring-web-4.3.8.RELEASE.jar:4.3.8.RELEASE] at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.8.RELEASE.jar:4.3.8.RELEASE] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) [catalina.jar:8.5.13] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) [catalina.jar:8.5.13] at org.springframework.boot.actuate.autoconfigure.MetricsFilter.doFilterInternal(MetricsFilter.java:106) [spring-boot-actuator-1.5.3.RELEASE.jar:1.5.3.RELEASE] at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.8.RELEASE.jar:4.3.8.RELEASE] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) [catalina.jar:8.5.13] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) [catalina.jar:8.5.13] at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197) [spring-web-4.3.8.RELEASE.jar:4.3.8.RELEASE] at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.8.RELEASE.jar:4.3.8.RELEASE] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) [catalina.jar:8.5.13] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) [catalina.jar:8.5.13] at org.springframework.boot.web.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:115) [spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE] at org.springframework.boot.web.support.ErrorPageFilter.access$000(ErrorPageFilter.java:59) [spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE] at org.springframework.boot.web.support.ErrorPageFilter$1.doFilterInternal(ErrorPageFilter.java:90) [spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE] at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.8.RELEASE.jar:4.3.8.RELEASE] at org.springframework.boot.web.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:108) [spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) [catalina.jar:8.5.13] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) [catalina.jar:8.5.13] at org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:71) [log4j-web-2.8.2.jar:2.8.2] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) [catalina.jar:8.5.13] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) [catalina.jar:8.5.13] at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198) [catalina.jar:8.5.13] at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) [catalina.jar:8.5.13] at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:478) [catalina.jar:8.5.13] at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140) [catalina.jar:8.5.13] at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:80) [catalina.jar:8.5.13] at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:624) [catalina.jar:8.5.13] at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87) [catalina.jar:8.5.13] at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:341) [catalina.jar:8.5.13] at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:799) [tomcat-coyote.jar:8.5.13] at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) [tomcat-coyote.jar:8.5.13] at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:861) [tomcat-coyote.jar:8.5.13] at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1455) [tomcat-coyote.jar:8.5.13] at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) [tomcat-coyote.jar:8.5.13] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [?:1.8.0_131] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [?:1.8.0_131] at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-util.jar:8.5.13] at java.lang.Thread.run(Thread.java:748) [?:1.8.0_131]Caused by: java.lang.NullPointerException at org.apereo.cas.configuration.support.Beans.lambda$newLdaptiveSearchFilter$6(Beans.java:883) ~[cas-server-core-configuration-5.1.0.jar:5.1.0] at java.util.stream.Streams$RangeIntSpliterator.forEachRemaining(Streams.java:110) ~[?:1.8.0_131] at java.util.stream.IntPipeline$Head.forEach(IntPipeline.java:557) ~[?:1.8.0_131] at org.apereo.cas.configuration.support.Beans.newLdaptiveSearchFilter(Beans.java:882) ~[cas-server-core-configuration-5.1.0.jar:5.1.0] at org.apereo.cas.authorization.BaseUseAttributesAuthorizationGenerator.generate(BaseUseAttributesAuthorizationGenerator.java:83) ~[cas-server-support-ldap-core-5.1.0.jar:5.1.0] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_131] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_131] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_131] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_131] at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:333) ~[spring-aop-4.3.8.RELEASE.jar:4.3.8.RELEASE] at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190) ~[spring-aop-4.3.8.RELEASE.jar:4.3.8.RELEASE] at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) ~[spring-aop-4.3.8.RELEASE.jar:4.3.8.RELEASE] at org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:133) ~[spring-aop-4.3.8.RELEASE.jar:4.3.8.RELEASE] at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:121) ~[spring-aop-4.3.8.RELEASE.jar:4.3.8.RELEASE] at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) ~[spring-aop-4.3.8.RELEASE.jar:4.3.8.RELEASE] at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) ~[spring-aop-4.3.8.RELEASE.jar:4.3.8.RELEASE] at com.sun.proxy.$Proxy260.generate(Unknown Source) ~[?:?] at org.pac4j.core.client.BaseClient.getUserProfile(BaseClient.java:88) ~[pac4j-core-2.0.0.jar:?] at org.pac4j.core.engine.DefaultSecurityLogic.perform(DefaultSecurityLogic.java:113) ~[pac4j-core-2.0.0.jar:?]* I think is my attribute configuration but im not sure... Anyone can help me ??? -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/23089d96-4d02-4498-9d5e-d92db87409d0%40apereo.org.