Which CAS version are you using? For CAS 5.2 the following config works 
with me:

cas.authn.ldap[0].userFilter=(|(uid={user})(mail={user}))

cas.authn.ldap[0].principalAttributeId=uid

cas.authn.ldap[0].principalAttributeList=uid,mail


Please, check if the parameters name that you are using are correct, for 
example, you wrote "principalAttribute" instead of "principalAttributeId".
 
Em sexta-feira, 23 de fevereiro de 2018 11:26:04 UTC-3, Klaus-Dieter 
Krannich escreveu:
>
> Hi,
>
> I'm trying to implement authentication with uid+pass or mail+pass against 
> ldap
> in cas-5.2.2.
> Basically it is
> authn.ldap[0].userFilter=(|(uid={user})(mail={user})),
> authn.ldap[0].principalAttribute=uid
> authn.ldap[0].principalAttributeList: uid,  mail.
> This works fine with uid+pass. If I try mail+pass, I get:
>
> ------
> 2018-02-23 14:18:53,539 DEBUG 
> [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - 
> <Authentication handler [LdapAuthenticationHandler] successfully 
> authenticated [x...@yy.de <javascript:>]>
>
> 2018-02-23 14:18:53,541 DEBUG 
> [org.apereo.cas.authentication.principal.resolvers.ChainingPrincipalResolver] 
> - <Invoking principal resolver 
> [org.apereo.cas.authentication.principal.resolvers.PersonDirectoryPrincipalResolver@389a9ff6[returnNullIfNoAttributes=false,principalAttributeName=uid,principalNameTransformer=org.apereo.cas.authentication.principal.resolvers.PersonDirectoryPrincipalResolver$$Lambda$73/906424041@6f071d0c,principalFactory=org.apereo.cas.authentication.principal.DefaultPrincipalFactory@d]]>
>
> 2018-02-23 14:18:53,587 DEBUG 
> [org.apereo.cas.authentication.principal.resolvers.ChainingPrincipalResolver] 
> - <Resolved principal [xx]>
> 2018-02-23 14:18:53,587 DEBUG 
> [org.apereo.cas.authentication.principal.resolvers.ChainingPrincipalResolver] 
> - <Adding attributes [{REMOVED}] for the final principal>
>
> 2018-02-23 14:18:53,586 DEBUG 
> [org.apereo.cas.authentication.principal.resolvers.ChainingPrincipalResolver] 
> - <Invoking principal resolver 
> [org.apereo.cas.authentication.principal.resolvers.EchoingPrincipalResolver@15af06f[]]>
> 2018-02-23 14:18:53,587 DEBUG 
> [org.apereo.cas.authentication.principal.resolvers.ChainingPrincipalResolver] 
> - <Resolved principal [x...@yy.de <javascript:>]>
> 2018-02-23 14:18:53,587 DEBUG 
> [org.apereo.cas.authentication.principal.resolvers.ChainingPrincipalResolver] 
> - <Adding attributes [{REMOVED}] for the final principal>
>
> 2018-02-23 14:18:53,591 ERROR 
> [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - 
> <[org.apereo.cas.authentication.principal.resolvers.ChainingPrincipalResolver@28532753[chain=[org.apereo.cas.authentication.principal.resolvers.PersonDirectoryPrincipalResolver@389a9ff6[returnNullIfNoAttributes=false,principalAttributeName=uid,principalNameTransformer=org.apereo.cas.authentication.principal.resolvers.PersonDirectoryPrincipalResolver$$Lambda$73/906424041@6f071d0c,principalFactory=org.apereo.cas.authentication.principal.DefaultPrincipalFactory@d],
>  
> org.apereo.cas.authentication.principal.resolvers.EchoingPrincipalResolver@15af06f[]]]]
>  
> failed to resolve principal from [x...@yy.de <javascript:>]>
>
> org.apereo.cas.authentication.PrincipalException: Resolved principals by 
> the chain are not unique because principal resolvers have produced CAS 
> principals with different identifiers which typically is the result of a 
> configuration issue.
> ------
>
> How this configuration issue can be fixed?
>
> Thanks,
>
>    K-D
>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/9b38a156-26e6-43ee-8061-6b89422dd28c%40apereo.org.

Reply via email to