I confirm that it does not work in CAS. I'm trying also to solve this issue that user-details are not just correctly processed by CAS-Management. I'm overwriting management source to solve this.
On Wednesday, August 9, 2017 at 5:45:15 PM UTC+3, gibson_brian wrote: > > Hi All, > > Be gentle, I'm a sys admin, not a Java expert ;-) > > Running Tomcat 9 on Windows 2012 R2 Server. > > Running CAS 5.1.2 using the War Overlay method and I have it > authenticating against Active Directory and it recognizes services that I > define in .json files. > > I'm trying to get the CAS Services Management Webapp working so I can > login with my Active Directory credentials. Here is where I am.... > > 1. I go to the /cas-management URL and if I am not already logged into CAS > I get redirected to the CAS login page (good so far) > > 2. I log in with my Active Directory credentials and I am greeted with > this error > > *CAS Services Management Access Denied You are not authorized to > access this resource. Contact your CAS Administrator for more info.* > > I put this entry in the c:\etc\cas\config\users.properties file (which is > referenced below in my management.properties file) > > *my_AD_loginID*=notused,ROLE_ADMIN,enabled > > My c:\etc\cas\config\management.properties file looks like this.... > > ++++++++++++ management.properties +++++++++++++++++++++ > cas.server.name=https://cas5test.wheatonma.edu > cas.server.prefix=https://cas5test.wheatonma.edu/cas > cas.mgmt.host=${cas.server.name} > cas.serviceRegistry.initFromJson=true > spring.thymeleaf.mode=HTML > logging.config=file:/etc/cas/config/log4j2-management.xml > server.port=443 > cas.serviceRegistry.config.location:file:/etc/cas/services > server.contextPath=/cas-management > cas.mgmt.adminRoles=ROLE_ADMIN > cas.mgmt.userPropertiesFile=file:/etc/cas/config/users.properties > cas.mgmt.serverName=https://cas5test.wheatonma.edu > cas.mgmt.defaultLocale=en > cas.mgmt.ldap.ldapAuthz.searchFilter=cn={user} > cas.mgmt.ldap.ldapAuthz.baseDn=OU=hidden,DC=hidden,DC=hidden > cas.mgmt.ldap.ldapUrl=ldaps://my_1st_ad_controller > ldaps://my_2nd_ad_controller > cas.mgmt.ldap.baseDn=OU=hidden,DC=hidden,DC=hidden > cas.mgmt.ldap.bindDn=CN=hidden,CN=hidden,DC=hidden,DC=hidden > cas.mgmt.ldap.bindCredential=hidden > cas.mgmt.ldap.useSsl=true > cas.mgmt.ldap.useStartTls=false > > Thanks for any advice you can offer :-) > > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/00757f3d-db4b-406d-9b6e-05955d6d43cc%40apereo.org.
