Hi
Thank you, that still didnt help. I still don't get CAS to behave like
other spring boot applications
When using -Dspring.profiles.active=dev it seems like it doesn't load the
same default config as it used to.
Here is my full yml file (I have tried it as cas.yml and application.yml -
not sure what filename to use).
This is the only file besides log4j in my /etc/cas/config. I've tried
setting all the default settings as well, but it doesn't take affect.
When use the file below, without using any profile, I expect only the first
part of the file to be loaded.
Instead the whole file is read including all profiles. I suspect maybe it
is because standalone is the default profile, which
causes CasCoreBootstrapStandaloneConfiguration to load the properties, and
it loads everything it finds without paying attention to profiles. If that
is how it is suppose to work and you are suppose to use a different profile
after tinkering with ldap, I can live with that...
When running with -Dspring.profiles.active=dev I expect the first section,
plus the section specifically for the dev profile to be loaded.
Instead - im not sure what is loaded, it fails before it gets to my profile
specific items when looking at the logs, but it looks like the top section
of the file isn't even read, because it doesn't look for services in
/etc/cas/services as mentioned in the config, instead it's looking at
/tmp/cas/services which I have no idea where it gets that config from. This
is what really confuses me. My config is similar to other spring boot
application we have...
Same with -Dspring.profiles.active=production...
What I'm aiming for is one config file that I can use for dev and prod,
which loads the appropriate profile for the different configs, and also
specifying the secret things using command line properties or environment
variables. But for now just getting profiles to work is my first step..
*I copied many of these properties from the application.properties file
from the base CAS source in an attempt to make sure all the defaults are
provided....*
info:
description: CAS Configuration
cas:
serviceRegistry:
config:
location: file:/etc/cas/services
initFromJson: true
repeatInterval: 120000
startDelay: 15000
watcherEnabled: true
authn:
ldap:
- allowMultipleDns: false
baseDn: ou=people,dc=opencollab,dc=co,dc=za
connectTimeout: 5000
dnFormat: uid=%s,ou=people,dc=opencollab,dc=co,dc=za
# Without a profile the application should fail, because this does
not exist
# Instead it uses production profile's config
ldapUrl: ldaps://ldap.myorg.co.za:636
name: My Ldap Instance
order: 0
principalAttributeId: uid
principalAttributeList: sn,cn:commonName,givenName
principalAttributePassword: userPassword
providerClass: org.ldaptive.provider.unboundid.UnboundIDProvider
subtreeSearch: true
type: DIRECT
useSsl: true
useStartTls: false
userFilter: uid={user}
# I could probably remove a lot of these I don't intend to use
pac4j:
bitbucket:
clientName: Bitbucket
dropbox:
clientName: Dropbox
facebook:
clientName: Facebook
foursquare:
clientName: Foursquare
github:
clientName: Github
google:
clientName: Google
linkedIn:
clientName: LinkedIn
paypal:
clientName: PayPal
twitter:
clientName: Twitter
windowsLive:
clientName: Windows Live
wordpress:
clientName: WordPress
yahoo:
clientName: Yahoo
endpoints:
enabled: false
restart:
enabled: false
sensitive: true
shutdown:
enabled: false
management:
add-application-context-header: false
context-path: /status
security:
enabled: true
roles: ACTUATOR,ADMIN
sessions: if_required
security:
basic:
authorize-mode: role
enabled: false
path: /cas/status/**
server:
connection-timeout: 20000
context-parameters:
isLog4jAutoInitializationDisabled: true
context-path: /
error:
include-stacktrace: NEVER
max-http-header-size: 2097152
port: 8443
session:
cookie:
http-only: true
timeout: 300
tracking-modes: COOKIE
ssl:
# Apache will take care of SSL
enabled: false
ajp:
allowTrace: false
asyncTimeout: 5000
enableLookups: false
enabled: true
maxPostSize: 20971520
port: 8009
protocol: AJP/1.3
proxyPort: -1
redirectPort: -1
scheme: http
secure: true
tomcat:
accesslog:
enabled: true
pattern: '%t %a "%r" %s (%D ms)'
suffix: .log
basedir: build/tomcat
max-http-post-size: 2097152
max-threads: 10
port-header: X-Forwarded-Port
protocol-header: X-Forwarded-Proto
protocol-header-https-value: https
remote-ip-header: X-FORWARDED-FOR
uri-encoding: UTF-8
use-forward-headers: true
spring:
aop:
auto: true
proxy-target-class: true
cloud:
bus:
enabled: false
http:
encoding:
charset: UTF-8
enabled: true
force: true
thymeleaf:
cache: true
encoding: UTF-8
mode: HTML
---
spring:
profiles: dev
cas:
authn:
ldap:
- baseDn: ou=people,dc=opencollab,dc=co,dc=za
dnFormat: uid=%s,ou=people,dc=opencollab,dc=co,dc=za
ldapUrl: ldaps://cas-dev.opencollab.co.za:636
name: Development Identity
tgc:
encryptionKey: secret_stuff
signingKey: secret_stuff
---
spring:
profiles: production
cas:
authn:
ldap:
- baseDn: ou=people,dc=opencollab,dc=co,dc=za
dnFormat: uid=%s,ou=people,dc=opencollab,dc=co,dc=za
ldapUrl: ldaps://cas-prod.opencollab.co.za:636
name: OPENCOLLAB Identity
tgc:
encryptionKey: secret_stuff
signingKey: secret_stuff
Regards / Groete
*Charl Thiem*
Senior Developer
IT Infrastructure Manager
On Wed, Oct 4, 2017 at 1:00 PM, <[email protected]> wrote:
> spring.profiles.active=ldap
>
> D.
>
>
>
>
> On Wed, Oct 4, 2017 at 5:04 AM -0400, "Charl Thiem" <
> [email protected]> wrote:
>
> Hi
>>
>> I'm having a hard time getting CAS (5.1.4 using overlay) to read the
>> config files as expected.
>>
>> I currently have the following (snippet) in my application.yml file which
>> is in /etc/cas/config/
>>
>> spring:
>> profiles: ldap
>> cas:
>> authn:
>> ldap:
>> - ldapUrl: ldaps://devldap.myorg.co.za:636
>>
>> But starting CAS without even specifying any spring profile it still
>> reads the profile as if it was activated.
>> Even worse is, when I try and add another profile (separating by a ---
>> yml section) it reads the next profile too. It's like spring is set to read
>> ALL PROFILES instead of only selecting the ones activated.
>>
>> E.g.
>>
>> spring:
>> profiles: ldap
>> cas:
>> authn:
>> ldap:
>> - ldapUrl: ldaps://devldap.myorg.co.za:636
>> ---
>> spring:
>> profiles: ldap-production
>> cas:
>> authn:
>> ldap:
>> - ldapUrl: ldaps://ldap.myorg.co.za:636
>>
>>
>>
>> I tried running cas with *java **-Dspring.profiles.include=ldap **-jar
>> cas.war *but then it fails with
>>
>> ***************************
>> APPLICATION FAILED TO START
>> ***************************
>>
>> Description:
>>
>> Field configurationPropertiesEnvironmentManager in
>> org.apereo.cas.config.CasConfigurationSupportUtilitiesConfig
>> uration$CasCoreConfigurationWatchConfiguration required a bean of type
>> 'org.apereo.cas.configuration.CasConfigurationPropertiesEnvironmentManager'
>> that could not be found.
>>
>>
>> Action:
>>
>> Consider defining a bean of type 'org.apereo.cas.configuration.
>> CasConfigurationPropertiesEnvironmentManager' in your configuration.
>>
>> The application did start with
>> <The following profiles are active: ldap,standalone>
>> before it failed with the above
>>
>> My CAS is running fine. ldap integration, logins etc works great when not
>> trying to use profiles and just having all in one section. But now that I
>> got CAS running, I'd like to use profiles for different configuration
>> setups.
>>
>> Any ideas / things to try, would be appreciated.
>>
>> Regards / Groete
>> *Charl Thiem*
>> Senior Developer
>> IT Infrastructure Manager
>>
>>
>>
>>
>>
>> ------------------------------
>> See OpenCollab email disclaimer at http://www.opencollab.co.za
>> /email-disclaimer
>>
>> --
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected].
>> To view this discussion on the web visit https://groups.google.com/a/ap
>> ereo.org/d/msgid/cas-user/CAK5fTW6mZ_nf78i3eTnWuuC4aaB4oANps
>> rdSPpVvVLeY0oayfQ%40mail.gmail.com
>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAK5fTW6mZ_nf78i3eTnWuuC4aaB4oANpsrdSPpVvVLeY0oayfQ%40mail.gmail.com?utm_medium=email&utm_source=footer>
>> .
>>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To view this discussion on the web visit https://groups.google.com/a/ap
> ereo.org/d/msgid/cas-user/D5BBD223FBD5BCE6.5DBD6586-8795-
> 4662-94AE-FC8702FD9014%40mail.outlook.com
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/D5BBD223FBD5BCE6.5DBD6586-8795-4662-94AE-FC8702FD9014%40mail.outlook.com?utm_medium=email&utm_source=footer>
> .
>
--
------------------------------
See OpenCollab email disclaimer at
http://www.opencollab.co.za/email-disclaimer
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAK5fTW4VueRjtbPyPLWwfVyjV2er%3DK7Eb8%3DKvqusq%3Dv89TdokQ%40mail.gmail.com.
