Hi,

I'm trying to implement authentication with uid+pass or mail+pass against 
ldap
in cas-5.2.2.
Basically it is
authn.ldap[0].userFilter=(|(uid={user})(mail={user})),
authn.ldap[0].principalAttribute=uid
authn.ldap[0].principalAttributeList: uid,  mail.
This works fine with uid+pass. If I try mail+pass, I get:

------
2018-02-23 14:18:53,539 DEBUG 
[org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - 
<Authentication handler [LdapAuthenticationHandler] successfully 
authenticated [x...@yy.de]>

2018-02-23 14:18:53,541 DEBUG 
[org.apereo.cas.authentication.principal.resolvers.ChainingPrincipalResolver] 
- <Invoking principal resolver 
[org.apereo.cas.authentication.principal.resolvers.PersonDirectoryPrincipalResolver@389a9ff6[returnNullIfNoAttributes=false,principalAttributeName=uid,principalNameTransformer=org.apereo.cas.authentication.principal.resolvers.PersonDirectoryPrincipalResolver$$Lambda$73/906424041@6f071d0c,principalFactory=org.apereo.cas.authentication.principal.DefaultPrincipalFactory@d]]>

2018-02-23 14:18:53,587 DEBUG 
[org.apereo.cas.authentication.principal.resolvers.ChainingPrincipalResolver] 
- <Resolved principal [xx]>
2018-02-23 14:18:53,587 DEBUG 
[org.apereo.cas.authentication.principal.resolvers.ChainingPrincipalResolver] 
- <Adding attributes [{REMOVED}] for the final principal>

2018-02-23 14:18:53,586 DEBUG 
[org.apereo.cas.authentication.principal.resolvers.ChainingPrincipalResolver] 
- <Invoking principal resolver 
[org.apereo.cas.authentication.principal.resolvers.EchoingPrincipalResolver@15af06f[]]>
2018-02-23 14:18:53,587 DEBUG 
[org.apereo.cas.authentication.principal.resolvers.ChainingPrincipalResolver] 
- <Resolved principal [x...@yy.de]>
2018-02-23 14:18:53,587 DEBUG 
[org.apereo.cas.authentication.principal.resolvers.ChainingPrincipalResolver] 
- <Adding attributes [{REMOVED}] for the final principal>

2018-02-23 14:18:53,591 ERROR 
[org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - 
<[org.apereo.cas.authentication.principal.resolvers.ChainingPrincipalResolver@28532753[chain=[org.apereo.cas.authentication.principal.resolvers.PersonDirectoryPrincipalResolver@389a9ff6[returnNullIfNoAttributes=false,principalAttributeName=uid,principalNameTransformer=org.apereo.cas.authentication.principal.resolvers.PersonDirectoryPrincipalResolver$$Lambda$73/906424041@6f071d0c,principalFactory=org.apereo.cas.authentication.principal.DefaultPrincipalFactory@d],
 
org.apereo.cas.authentication.principal.resolvers.EchoingPrincipalResolver@15af06f[]]]]
 
failed to resolve principal from [x...@yy.de]>

org.apereo.cas.authentication.PrincipalException: Resolved principals by 
the chain are not unique because principal resolvers have produced CAS 
principals with different identifiers which typically is the result of a 
configuration issue.
------

How this configuration issue can be fixed?

Thanks,

   K-D

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/c75bb5f7-7e93-4e63-bd19-ac63dc6a6607%40apereo.org.

Reply via email to