Man, 

Here is the debug info and the error. 

[root@devcas5 logs]# tail catalina.out 
2018-02-08 10:08:50,014 DEBUG 
[org.apereo.cas.authentication.PseudoPlatformTransactionManager] - <Creating 
new transaction with name 
[org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner.clean]: 
PROPAGATION_REQUIRED,ISOLATION_DEFAULT; 'ticketTransactionManager'> 
2018-02-08 10:08:50,014 DEBUG 
[org.apereo.cas.authentication.PseudoPlatformTransactionManager] - <Creating 
new transaction with name 
[org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner.clean]: 
PROPAGATION_REQUIRED,ISOLATION_DEFAULT; 'ticketTransactionManager'> 
2018-02-08 10:08:50,014 DEBUG 
[org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <Attempting to 
acquire ticket cleanup lock.> 
2018-02-08 10:08:50,014 DEBUG 
[org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <Acquired lock. 
Proceeding with cleanup.> 
2018-02-08 10:08:50,014 INFO 
[org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <[0] expired 
tickets removed.> 
2018-02-08 10:08:50,014 DEBUG 
[org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <Releasing 
ticket cleanup lock.> 
2018-02-08 10:08:50,014 DEBUG 
[org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <Finished 
ticket cleanup.> 
2018-02-08 10:08:50,014 DEBUG 
[org.apereo.cas.authentication.PseudoPlatformTransactionManager] - <Initiating 
transaction commit> 
2018-02-08 10:08:50,014 DEBUG 
[org.apereo.cas.authentication.PseudoPlatformTransactionManager] - <Resuming 
suspended transaction after completion of inner transaction> 
2018-02-08 10:08:50,014 DEBUG 
[org.apereo.cas.authentication.PseudoPlatformTransactionManager] - <Initiating 
transaction commit> 
[root@devcas5 logs]# cat catalina.out | grep ccheltenham 
2018-02-08 10:08:40,992 DEBUG 
[org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler]
 - <Examining credential [ccheltenham-ext] eligibility for authentication 
handler [AcceptUsersAuthenticationHandler]> 
2018-02-08 10:08:40,992 DEBUG 
[org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler]
 - <Credential [ccheltenham-ext] eligibility is 
[AcceptUsersAuthenticationHandler] for authentication handler [true]> 
2018-02-08 10:08:40,993 DEBUG 
[org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler]
 - <Attempting to encode credential password via 
[org.springframework.security.crypto.password.NoOpPasswordEncoder] for 
ccheltenham-ext]> 
2018-02-08 10:08:40,993 DEBUG 
[org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler]
 - <Attempting authentication internally for transformed credential 
[ccheltenham-ext]> 
2018-02-08 10:08:40,993 DEBUG 
[org.apereo.cas.authentication.AcceptUsersAuthenticationHandler] - 
<[ccheltenham-ext] was not found in the map.> 
2018-02-08 10:08:40,993 DEBUG 
[org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - 
<[AcceptUsersAuthenticationHandler] exception details: [ccheltenham-ext not 
found in backing map.].> 
2018-02-08 10:08:40,994 ERROR 
[org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - 
<Authentication has failed. Credentials may be incorrect or CAS cannot find 
authentication handler that supports [ccheltenham-ext] of type 
[UsernamePasswordCredential].> 



=========================== 

Thank You; 

Chris Cheltenham 
Technology Services 
The School District of Philadelphia 

Work # 215-400-5025 
Cell # 215-301-6571 


From: "Man H" <info.ings...@gmail.com> 
To: "cas-user" <cas-user@apereo.org> 
Sent: Thursday, February 8, 2018 10:37:01 AM 
Subject: Re: [cas-user] CAS 5.2.x 

With debug you can see if cas gets connected to Ldap 

2018-02-08 12:27 GMT-03:00 Cheltenham, Chris < ccheltenham-...@philasd.org > : 



Man, 

The basedn is correct in cas.properties. 


This search returns data so you can see the base dn. 
ldapsearch -H "ldaps:// testldap.philasd.net " -x -w 'xxxxx' -LLL -b 
"dc=philasd,dc=org" -D "uid=shibauth,ou=svc_accts,dc=philasd,dc=org" 
"uid=ccheltenham-ext" 


[root@devcas5 config]# cat cas.properties | grep basedn 
[root@devcas5 config]# cat cas.properties | grep -i basedn 
cas.authn.ldap[0].baseDn=dc=philasd,dc=org 



=========================== 

Thank You; 

Chris Cheltenham 
Technology Services 
The School District of Philadelphia 

Work # 215-400-5025 
Cell # 215-301-6571 


From: "Man H" < info.ings...@gmail.com > 
To: "cas-user" < cas-user@apereo.org > 
Sent: Thursday, February 8, 2018 10:17:57 AM 

Subject: Re: [cas-user] CAS 5.2.x 

this is an Ldap error check your properties probably baseDn 

2018-02-08 12:00 GMT-03:00 Cheltenham, Chris < ccheltenham-...@philasd.org > : 

BQ_BEGIN

David, 

I have the following jars. 
Is this sufficient for ldap support? 

[root@devcas5 lib]# pwd 
/opt/tcat/webapps/cas/WEB-INF/lib 
[root@devcas5 lib]# ll | grep ldap 
-rw-r----- 1 root root 35536 Jan 26 13:26 
cas-server-support-ldap-core-5.2.2.jar 
-rw-r----- 1 root root 802456 Nov 27 11:40 ldaptive-1.2.3.jar 
-rw-r----- 1 root root 37195 Nov 27 11:40 ldaptive-apache-1.2.3.jar 
-rw-r----- 1 root root 100050 Nov 27 11:40 ldaptive-beans-1.2.3.jar 
-rw-r----- 1 root root 40832 Nov 27 11:40 ldaptive-unboundid-1.2.3.jar 
-rw-r----- 1 root root 1991909 Aug 13 01:08 unboundid-ldapsdk-3.2.1.jar 
[root@devcas5 lib]# 

My error is this - 
2018-02-07 15:28:16,450 DEBUG 
[org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler]
 - <Examining credential [ccheltenham-ext] eligibility for authentication 
handler [AcceptUsersAuthenticationHandler]> 
2018-02-07 15:28:16,450 DEBUG 
[org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler]
 - <Credential [ccheltenham-ext] eligibility is 
[AcceptUsersAuthenticationHandler] for authentication handler [true]> 
2018-02-07 15:28:16,451 DEBUG 
[org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler]
 - <Attempting to encode credential password via 
[org.springframework.security.crypto.password.NoOpPasswordEncoder] for 
ccheltenham-ext]> 
2018-02-07 15:28:16,451 DEBUG 
[org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler]
 - <Attempting authentication internally for transformed credential 
[ccheltenham-ext]> 
2018-02-07 15:28:16,451 DEBUG 
[org.apereo.cas.authentication.AcceptUsersAuthenticationHandler] - 
<[ccheltenham-ext] was not found in the map.> 
2018-02-07 15:28:16,452 DEBUG 
[org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - 
<[AcceptUsersAuthenticationHandler] exception details: [ccheltenham-ext not 
found in backing map.].> 
2018-02-07 15:28:16,452 ERROR 
[org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - 
<Authentication has failed. Credentials may be incorrect or CAS cannot find 
authentication handler that supports [ccheltenham-ext] of type 
[UsernamePasswordCredential].> 


=========================== 

Thank You; 

Chris Cheltenham 
Technology Services 
The School District of Philadelphia 

Work # 215-400-5025 
Cell # 215-301-6571 


From: "David Curry" < david.cu...@newschool.edu > 
To: "cas-user" < cas-user@apereo.org > 
Sent: Thursday, February 8, 2018 7:54:21 AM 
Subject: Re: [cas-user] CAS 5.2.x 


$ jar tvf cas.war | grep ldap 
WEB-INF/lib/cas-server-support-ldap-5.2.2.jar 
WEB-INF/lib/cas-server-support-ldap-core-5.2.2.jar 
WEB-INF/lib/ldaptive-1.2.3.jar 
WEB-INF/lib/ldaptive-beans-1.2.3.jar 
WEB-INF/lib/ldaptive-unboundid-1.2.3.jar 
WEB-INF/lib/unboundid-ldapsdk-4.0.1.jar 
WEB-INF/lib/ldaptive-apache-1.2.3.jar 
WEB-INF/lib/unboundid-ldapsdk-3.2.1.jar 
$ 

The cas-server-support-ldap-5.2.2.jar is the one you're looking for. 

--Dave 




-- 


DAVID A. CURRY, CISSP 
DIRECTOR OF INFORMATION SECURITY 
INFORMATION TECHNOLOGY 

71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003 
+1 212 229-5300 x4728 • david.cu...@newschool.edu 




On Thu, Feb 8, 2018 at 7:27 AM, Cheltenham, Chris < ccheltenham-...@philasd.org 
> wrote: 

BQ_BEGIN

Hello folks, 

I think I have been confusing everyone with too much incongruent information. 

If I may I will ask things in a more logical manner. 

I an still not able to connect with CAS 5 via LDAP. 

My first question is , how do I know the ldap dependency was built into the 
cas.war file? 







=========================== 

Thank You; 

Chris Cheltenham 
Technology Services 
The School District of Philadelphia 

Work # 215-400-5025 
Cell # 215-301-6571 


-- 
- Website: https://apereo.github.io/cas 
- Gitter Chatroom: https://gitter.im/apereo/cas 
- List Guidelines: https://goo.gl/1VRrw7 
- Contributions: https://goo.gl/mh7qDG 
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group. 
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org . 
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/341032203.44492473.1518092860963.JavaMail.zimbra%40philasd.org
 . 






-- 
- Website: https://apereo.github.io/cas 
- Gitter Chatroom: https://gitter.im/apereo/cas 
- List Guidelines: https://goo.gl/1VRrw7 
- Contributions: https://goo.gl/mh7qDG 
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group. 
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org . 
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XANEt0K3ugKG7O5%3DT9p5C8%3DsVOnqsz50xuU0wrfmkFg7mg%40mail.gmail.com
 . 



-- 
- Website: https://apereo.github.io/cas 
- Gitter Chatroom: https://gitter.im/apereo/cas 
- List Guidelines: https://goo.gl/1VRrw7 
- Contributions: https://goo.gl/mh7qDG 
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group. 
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org . 
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/642964186.44524329.1518102001703.JavaMail.zimbra%40philasd.org
 . 

BQ_END




-- 
- Website: https://apereo.github.io/cas 
- Gitter Chatroom: https://gitter.im/apereo/cas 
- List Guidelines: https://goo.gl/1VRrw7 
- Contributions: https://goo.gl/mh7qDG 
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group. 
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org . 
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAMY5midKrzox03TywKT1wBRA3GOXC8E7F2rT42-H%2BS4cXz6%3DOg%40mail.gmail.com
 . 



-- 
- Website: https://apereo.github.io/cas 
- Gitter Chatroom: https://gitter.im/apereo/cas 
- List Guidelines: https://goo.gl/1VRrw7 
- Contributions: https://goo.gl/mh7qDG 
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group. 
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org . 
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/628524007.44530576.1518103628292.JavaMail.zimbra%40philasd.org
 . 

BQ_END




-- 
- Website: https://apereo.github.io/cas 
- Gitter Chatroom: https://gitter.im/apereo/cas 
- List Guidelines: https://goo.gl/1VRrw7 
- Contributions: https://goo.gl/mh7qDG 
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group. 
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org . 
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAMY5mifzEe8GDXnXsiSpPUVFFvSQUhk9X5Jd%2Bz-PmCXBEV7yhw%40mail.gmail.com
 . 

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/220644583.44533299.1518104486515.JavaMail.zimbra%40philasd.org.

Reply via email to