I am also using ldap for my CAS 5, and I extracted my debug line for your reference: .... 2017-08-21 12:38:29,575 DEBUG [org.apereo.cas.authentication.RegisteredServiceAuthenticationHandlerResolver] - <Authentication handlers used for this transaction are [HttpBasedServiceCredentialsAuthenticationHandler,LdapAuthenticationHandler]> .... 2017-08-21 12:38:29,585 DEBUG [org.apereo.cas.authentication.LdapAuthenticationHandler] - <Attempting LDAP authentication for ....
I think you already find the problem yourself, you didn't actually implemented the LdapAuthenticationHandler, HttpBasedServiceCredentialsAuthenticationHandler is the default handler and is not useful to you The thing that I suspect you did, which happened to me the first time I use CAS, is that your cas.properties file are not wired to CAS, so CAS actually cannot see the cas.properties file. And whatever you did do not impact CAS. Maybe you can try to set your setting in application.properties, in the src/main/resources folder, I am sure that one get wired automatically. And see if you see any changes. If you want an success connected ldap setting, read this: https://groups.google.com/a/apereo.org/forum/#!topic/cas-user/QtzfZI1gnA4 Hope this help you! -Andy On Friday, 18 August 2017 14:57:08 UTC+8, Chris Peck wrote: > > Yes, I installed ldapseach, I also checked the logs on the LDAP server and > there were no connects from the ip-address CAS is running on. > This is what seems weird to me, or, is that normal now?: > *cas_1 | 2017-08-16 19:14:36,150 DEBUG > [org.apereo.cas.authentication.RegisteredServiceAuthenticationHandlerResolver] > > - <Authentication handlers used for this transaction are > [HttpBasedServiceCredentialsAuthenticationHandler]>* > > > On Thu, Aug 17, 2017 at 2:04 AM 'Daniel M.' via CAS Community < > [email protected] <javascript:>> wrote: > >> OK, before you even try to configure CAS did you use a tool like >> ldapsearch from the server where CAS is installed to test the connection >> properties? >> >> >> >> On Wednesday, August 16, 2017, 3:21:41 PM EDT, Chris Peck <[email protected] >> <javascript:>> wrote: >> >> >> I cannot for the life of me figure out what I need to get my dev CAS >> instance to talk to LDAP. When it's running and I try to auth to the >> webpage I see this in the logs: >> >> *cas_1 | 2017-08-16 19:14:36,150 DEBUG >> [org.apereo.cas.authentication.RegisteredServiceAuthenticationHandlerResolver] >> >> - <Authentication handlers used for this transaction are >> [HttpBasedServiceCredentialsAuthenticationHandler]>* >> cas_1 | 2017-08-16 19:14:36,152 WARN >> [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - >> <Authentication has failed. Credentials may be incorrect or CAS cannot find >> authentication handler that supports [crp] of type >> [UsernamePasswordCredential], which suggests a configuration problem.> >> >> I have this in my pom.xml: >> <dependencies> >> <dependency> >> <groupId>org.apereo.cas</groupId> >> <artifactId>cas-server-webapp${app.server}</artifactId> >> <version>${cas.version}</version> >> <type>war</type> >> <scope>runtime</scope> >> </dependency> >> <dependency> >> <groupId>org.apereo.cas</groupId> >> * <artifactId>cas-server-support-ldap</artifactId>* >> <version>${cas.version}</version> >> </dependency> >> </dependencies> >> >> And, I've this in my cas.properties file: >> /etc/cas/config # cat cas.properties >> cas.server.name: https://localhost:8443 >> cas.server.prefix: https://localhost:8443/cas >> >> cas.adminPagesSecurity.ip=127\.0\.0\.1 >> >> logging.level.org.apereo=DEBUG >> logging.config: file:/etc/cas/config/log4j2.xml >> cas.serviceRegistry.config.location: classpath:/services >> >> # Override cas-overlay-template auth for testing >> cas.authn.accept.users= >> >> and myh ldap.properties >> >> >> # LDAP Config >> cas.authn.policy.req.handlername=LdapAuthenticationHandler >> cas.authn.policy.req.enabled=true >> >> cas.authn.ldap[0].type=ANONYMOUS >> cas.authn.ldap[0].ldapUrl=ldaps://ldap.somewhere >> cas.authn.ldap[0].useSsl=true >> cas.authn.ldap[0].baseDn=ou=people,dc=some,dc=where >> cas.authn.ldap[0].userFilter=uid={user} >> cas.authn.ldap[0].subtreeSearch=true >> >> cas.authn.ldap[0].dnFormat=uid=%s,ou=people,dc=some,dc=where >> cas.authn.ldap[0].principalAttributeId=uid >> cas.authn.ldap[0].allowMultiplePrincipalAttributeValues=true >> >> It's gotta be some simple little thing I'm missing. >> Thanks, >> Chris >> PS - it's all running in a docker container >> >> -- >> - CAS gitter chatroom: https://gitter.im/apereo/cas >> - CAS mailing list guidelines: >> https://apereo.github.io/cas/Mailing-Lists.html >> - CAS documentation website: https://apereo.github.io/cas >> - CAS project website: https://github.com/apereo/cas >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAFZ1tgYS_eTRq09SofVSPQHirfnz32nvO-V21i9c1Q34SkV%3DWQ%40mail.gmail.com >> >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAFZ1tgYS_eTRq09SofVSPQHirfnz32nvO-V21i9c1Q34SkV%3DWQ%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> >> -- >> - CAS gitter chatroom: https://gitter.im/apereo/cas >> - CAS mailing list guidelines: >> https://apereo.github.io/cas/Mailing-Lists.html >> - CAS documentation website: https://apereo.github.io/cas >> - CAS project website: https://github.com/apereo/cas >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/1647730453.3165292.1502913221314%40mail.yahoo.com >> >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/1647730453.3165292.1502913221314%40mail.yahoo.com?utm_medium=email&utm_source=footer> >> . >> > -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/4f8f5b5e-6750-4bc3-ac29-0d3174fe5943%40apereo.org.
