Hi All,
Be gentle, I'm a sys admin, not a Java expert ;-)
Running Tomcat 9 on Windows 2012 R2 Server.
Running CAS 5.1.2 using the War Overlay method and I have it
authenticating against Active Directory and it recognizes services that
I define in .json files.
I'm trying to get the CAS Services Management Webapp working so I can
login with my Active Directory credentials. Here is where I am....
1. I go to the /cas-management URL and if I am not already logged into
CAS I get redirected to the CAS login page (good so far)
2. I log in with my Active Directory credentials and I am greeted with
this error
/CAS Services Management Access Denied You are not authorized to
access this resource. Contact your CAS Administrator for more info./
I put this entry in the c:\etc\cas\config\users.properties file (which
is referenced below in my management.properties file)
/my_AD_loginID/=notused,ROLE_ADMIN,enabled
My c:\etc\cas\config\management.properties file looks like this....
++++++++++++ management.properties +++++++++++++++++++++
cas.server.name=https://cas5test.wheatonma.edu
cas.server.prefix=https://cas5test.wheatonma.edu/cas
cas.mgmt.host=${cas.server.name}
cas.serviceRegistry.initFromJson=true
spring.thymeleaf.mode=HTML
logging.config=file:/etc/cas/config/log4j2-management.xml
server.port=443
cas.serviceRegistry.config.location:file:/etc/cas/services
server.contextPath=/cas-management
cas.mgmt.adminRoles=ROLE_ADMIN
cas.mgmt.userPropertiesFile=file:/etc/cas/config/users.properties
cas.mgmt.serverName=https://cas5test.wheatonma.edu
cas.mgmt.defaultLocale=en
cas.mgmt.ldap.ldapAuthz.searchFilter=cn={user}
cas.mgmt.ldap.ldapAuthz.baseDn=OU=hidden,DC=hidden,DC=hidden
cas.mgmt.ldap.ldapUrl=ldaps://my_1st_ad_controller
ldaps://my_2nd_ad_controller
cas.mgmt.ldap.baseDn=OU=hidden,DC=hidden,DC=hidden
cas.mgmt.ldap.bindDn=CN=hidden,CN=hidden,DC=hidden,DC=hidden
cas.mgmt.ldap.bindCredential=hidden
cas.mgmt.ldap.useSsl=true
cas.mgmt.ldap.useStartTls=false
Thanks for any advice you can offer :-)
--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/e3a09cf4-8e29-8b4b-049e-25281064f0eb%40wheatoncollege.edu.
