You can put this in your log4j2.xml file to see what ldap connections are
happening :
<AsyncLogger name="org.ldaptive" level="debug" additivity="false">
> <AppenderRef ref="casConsole"/>
> <AppenderRef ref="casFile"/>
> </AsyncLogger>
On 16 August 2017 at 20:53, 'Daniel M.' via CAS Community <
[email protected]> wrote:
> OK, before you even try to configure CAS did you use a tool like
> ldapsearch from the server where CAS is installed to test the connection
> properties?
>
>
>
> On Wednesday, August 16, 2017, 3:21:41 PM EDT, Chris Peck <[email protected]>
> wrote:
>
>
> I cannot for the life of me figure out what I need to get my dev CAS
> instance to talk to LDAP. When it's running and I try to auth to the
> webpage I see this in the logs:
>
> cas_1 | 2017-08-16 19:14:36,150 DEBUG [org.apereo.cas.authentication.
> RegisteredServiceAuthenticationHandlerResolver] - <Authentication
> handlers used for this transaction are [HttpBasedServiceCredentialsAut
> henticationHandler]>
> cas_1 | 2017-08-16 19:14:36,152 WARN [org.apereo.cas.authentication.
> PolicyBasedAuthenticationManager] - <Authentication has failed.
> Credentials may be incorrect or CAS cannot find authentication handler that
> supports [crp] of type [UsernamePasswordCredential], which suggests a
> configuration problem.>
>
> I have this in my pom.xml:
> <dependencies>
> <dependency>
> <groupId>org.apereo.cas</groupId>
> <artifactId>cas-server-webapp${app.server}</artifactId>
> <version>${cas.version}</version>
> <type>war</type>
> <scope>runtime</scope>
> </dependency>
> <dependency>
> <groupId>org.apereo.cas</groupId>
> * <artifactId>cas-server-support-ldap</artifactId>*
> <version>${cas.version}</version>
> </dependency>
> </dependencies>
>
> And, I've this in my cas.properties file:
> /etc/cas/config # cat cas.properties
> cas.server.name: https://localhost:8443
> cas.server.prefix: https://localhost:8443/cas
>
> cas.adminPagesSecurity.ip=127\.0\.0\.1
>
> logging.level.org.apereo=DEBUG
> logging.config: file:/etc/cas/config/log4j2.xml
> cas.serviceRegistry.config.location: classpath:/services
>
> # Override cas-overlay-template auth for testing
> cas.authn.accept.users=
>
> and myh ldap.properties
>
>
> # LDAP Config
> cas.authn.policy.req.handlername=LdapAuthenticationHandler
> cas.authn.policy.req.enabled=true
>
> cas.authn.ldap[0].type=ANONYMOUS
> cas.authn.ldap[0].ldapUrl=ldaps://ldap.somewhere
> cas.authn.ldap[0].useSsl=true
> cas.authn.ldap[0].baseDn=ou=people,dc=some,dc=where
> cas.authn.ldap[0].userFilter=uid={user}
> cas.authn.ldap[0].subtreeSearch=true
>
> cas.authn.ldap[0].dnFormat=uid=%s,ou=people,dc=some,dc=where
> cas.authn.ldap[0].principalAttributeId=uid
> cas.authn.ldap[0].allowMultiplePrincipalAttributeValues=true
>
> It's gotta be some simple little thing I'm missing.
> Thanks,
> Chris
> PS - it's all running in a docker container
>
> --
> - CAS gitter chatroom: https://gitter.im/apereo/cas
> - CAS mailing list guidelines: https://apereo.github.io/cas/
> Mailing-Lists.html
> - CAS documentation website: https://apereo.github.io/cas
> - CAS project website: https://github.com/apereo/cas
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/CAFZ1tgYS_eTRq09SofVSPQHirfnz32nvO-
> V21i9c1Q34SkV%3DWQ%40mail.gmail.com
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAFZ1tgYS_eTRq09SofVSPQHirfnz32nvO-V21i9c1Q34SkV%3DWQ%40mail.gmail.com?utm_medium=email&utm_source=footer>
> .
>
> --
> - CAS gitter chatroom: https://gitter.im/apereo/cas
> - CAS mailing list guidelines: https://apereo.github.io/cas/
> Mailing-Lists.html
> - CAS documentation website: https://apereo.github.io/cas
> - CAS project website: https://github.com/apereo/cas
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/1647730453.3165292.
> 1502913221314%40mail.yahoo.com
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/1647730453.3165292.1502913221314%40mail.yahoo.com?utm_medium=email&utm_source=footer>
> .
>
--
This email is sent on behalf of Northgate Public Services (UK) Limited and
its associated companies including Rave Technologies (India) Pvt Limited
(together "Northgate Public Services") and is strictly confidential and
intended solely for the addressee(s).
If you are not the intended recipient of this email you must: (i) not
disclose, copy or distribute its contents to any other person nor use its
contents in any way or you may be acting unlawfully; (ii) contact
Northgate Public Services immediately on +44(0)1908 264500 quoting the name
of the sender and the addressee then delete it from your system.
Northgate Public Services has taken reasonable precautions to ensure that
no viruses are contained in this email, but does not accept any
responsibility once this email has been transmitted. You should scan
attachments (if any) for viruses.
Northgate Public Services (UK) Limited, registered in England and Wales
under number 00968498 with a registered address of Peoplebuilding 2,
Peoplebuilding Estate, Maylands Avenue, Hemel Hempstead, Hertfordshire, HP2
4NN. Rave Technologies (India) Pvt Limited, registered in India under
number 117068 with a registered address of 2nd Floor, Ballard House, Adi
Marzban Marg, Ballard Estate, Mumbai, Maharashtra, India, 400001.
--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAD0p8pueO-CCA0-NzF4W2vg3SsA0wvSvvojyiXX1iqa77sa55Q%40mail.gmail.com.
