Hi, I am using cas 5.0.8. I am working on Openldap authentication. I get an
invalid credentials error when I enter the username and password I created
on OpenLDAP.
add dependency for ldap
vim pom.xml0
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-ldap</artifactId>
<version>${cas.version}</version>
</dependency>
mkdir etc/cas/services
vim etc/cas/services/wildcard.json
{
/*
* Wildcard service definition that applies to any https or imaps url.
* Do not use this definition in a production environment.
*/
"@class" : "org.apereo.cas.services.
RegexRegisteredService",
"serviceId" : "^(http|https|imaps)://.*",
"name" : "HTTP/HTTPS/IMAPS wildcard",
"id" : 20170828090137,
"evaluationOrder" : 99999
}
vim etc/cas/config/cas.properties
cas.server.name: https://localhost:8443
cas.server.prefix: https://localhost:8443/cas
cas.adminPagesSecurity.ip=127\.0\.0\.1
cas.authn.accept.users=
logging.config: file:/etc/cas/config/log4j2.xml
# cas.serviceRegistry.config.location: classpath:/services
cas.serviceRegistry.config.location: file:/etc/cas/services
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].ldapUrl=ldap://x.x.x.x:389/dc=example,dc=org
cas.authn.ldap[0].useSsl=false
cas.authn.ldap[0].useStartTls=false
cas.authn.ldap[0].connectTimeout=5000
cas.authn.ldap[0].baseDn=dc=example,dc=org
cas.authn.ldap[0].userFilter=uid={user}
cas.authn.ldap[0].subtreeSearch=true
cas.authn.ldap[0].usePasswordPolicy=false
cas.authn.ldap[0].bind=cn=admin,dc=example,dc=org
cas.authn.ldap[0].bindCredential=xxxx
cas.authn.ldap[0].enhanceWithEntryResolver=false
cas.authn.ldap[0].dnFormat=uid=%s,dc=example,dc=org
cas.authn.ldap[0].principalAttributeId=uid
cas.authn.ldap[0].principalAttributePassword=
cas.authn.ldap[0].principalAttributeList=sn,cn:commonName,givenName
cas.authn.ldap[0].allowMultiplePrincipalAttributeValues=true
cas.authn.ldap[0].minPoolSize=3
cas.authn.ldap[0].maxPoolSize=10
cas.authn.ldap[0].idleTime=20000
cas.authn.ldap[0].validateOnCheckout=true
cas.authn.ldap[0].validatePeriodically=true
cas.authn.ldap[0].validatePeriod=600
cas.authn.ldap[0].failFast=true
cas.authn.ldap[0].prunePeriod=5000
cas.authn.ldap[0].blockWaitTime=5000
cas.authn.ldap[0].allowMultipleDns=false
cas.authn.ldap[0].passwordEncoder.type=NONE
cas.authn.ldap[0].principalTransformation.suffix=
cas.authn.ldap[0].principalTransformation.caseConversion=NONE
cas.authn.ldap[0].principalTransformation.prefix=
cas.log
ERROR [org.ldaptive.pool.BlockingConnectionPool] -
<[org.ldaptive.pool.BlockingConnectionPool@665869765::name=null,
poolConfig=[org.ldaptive.pool.PoolConfig@351521213::minPoolSize=3,
maxPoolSize=10, validateOnCheckIn=false, validateOnCheckOut=true,
validatePeriodically=true, validatePeriod=PT10M], activator=null,
passivator=null, validator=[org.ldaptive.pool.SearchValidator@1746669779
::searchRequest=[org.ldaptive.SearchRequest@887831165::baseDn=,
searchFilter=[org.ldaptive.SearchFilter@1642584434::filter=(objectClass=*),
parameters={}], returnAttributes=[1.1], searchScope=OBJECT, timeLimit=PT0S,
sizeLimit=1, derefAliases=null, typesOnly=false, binaryAttributes=null,
sortBehavior=UNORDERED, searchEntryHandlers=null,
searchReferenceHandlers=null, controls=null, referralHandler=null,
intermediateResponseHandlers=null]]
pruneStrategy=[org.ldaptive.pool.IdlePruneStrategy@1419684819::prunePeriod=PT1H23M20S,
idleTime=PT5H33M20S], connectOnCreate=true,
connectionFactory=[org.ldaptive.DefaultConnectionFactory@1700201645
::provider=org.ldaptive.provider.jndi.JndiProvider@7ae302f8,
config=[org.ldaptive.ConnectionConfig@2111733340::ldapUrl=ldap://
161.9.194.153:389/dc=mys dc=pardus dc=org, connectTimeout=PT1H23M20S,
responseTimeout=null,
sslConfig=[org.ldaptive.ssl.SslConfig@1547665927::credentialConfig=null,
trustManagers=null, enabledCipherSuites=null, enabledProtocols=null,
handshakeCompletedListeners=null], useSSL=false, useStartTLS=false,
connectionInitializer=null,
connectionStrategy=org.ldaptive.DefaultConnectionStrategy@1109741]],
initialized=false, availableCount=0, activeCount=0] unable to connect to
the ldap>
org.ldaptive.provider.ConnectionException: javax.naming.NamingException:
Cannot parse url: dc=org [Root exception is java.net.MalformedURLException:
Invalid URI: dc=org]
at
org.ldaptive.provider.jndi.JndiConnectionFactory.createInternal(JndiConnectionFactory.java:90)
~[ldaptive-1.2.0.jar:?]
at
org.ldaptive.provider.jndi.JndiConnectionFactory.createInternal(JndiConnectionFactory.java:21)
~[ldaptive-1.2.0.jar:?]
at
org.ldaptive.provider.AbstractProviderConnectionFactory.create(AbstractProviderConnectionFactory.java:84)
~[ldaptive-1.2.0.jar:?]
at
org.ldaptive.DefaultConnectionFactory$DefaultConnection.open(DefaultConnectionFactory.java:267)
~[ldaptive-1.2.0.jar:?]
at
org.ldaptive.pool.AbstractConnectionPool.createConnection(AbstractConnectionPool.java:437)
~[ldaptive-1.2.0.jar:?]
at
org.ldaptive.pool.AbstractConnectionPool.createAvailableConnection(AbstractConnectionPool.java:476)
~[ldaptive-1.2.0.jar:?]
at
org.ldaptive.pool.AbstractConnectionPool.grow(AbstractConnectionPool.java:326)
~[ldaptive-1.2.0.jar:?]
at
org.ldaptive.pool.AbstractConnectionPool.initialize(AbstractConnectionPool.java:235)
~[ldaptive-1.2.0.jar:?]
at
org.apereo.cas.configuration.support.Beans.newBlockingConnectionPool(Beans.java:420)
~[cas-server-core-configuration-5.0.8.jar:5.0.8]
at
org.apereo.cas.configuration.support.Beans.newPooledConnectionFactory(Beans.java:431)
~[cas-server-core-configuration-5.0.8.jar:5.0.8]
at
org.apereo.cas.config.LdapAuthenticationConfiguration.getAuthenticatedOrAnonSearchAuthenticator(LdapAuthenticationConfiguration.java:239)
~[cas-server-support-ldap-5.0.8.jar:5.0.8]
at
org.apereo.cas.config.LdapAuthenticationConfiguration.getAuthenticator(LdapAuthenticationConfiguration.java:217)
~[cas-server-support-ldap-5.0.8.jar:5.0.8]
at
org.apereo.cas.config.LdapAuthenticationConfiguration.lambda$initLdapAuthenticationHandlers$3(LdapAuthenticationConfiguration.java:143)
~[cas-server-support-ldap-5.0.8.jar:5.0.8]
--
Merve CEYLAN
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CADu1p_hEr2Z3G1ChFcrnOL%3Da4%3DAH-3C_eHSSEXDseEniQ4_ZzA%40mail.gmail.com.
