Well, without digging into the code to see exactly who's logging what, this looks like the important line:
2018-02-27 09:38:14,507 INFO [org.apereo.cas.services.AbstractServicesManager] - <Loaded [0] service(s) from [JsonServiceRegistryDao].> Which I interpret to mean that it looked in /etc/cas/services and didn't find anything it wanted. So... is /etc/cas/services accessible to tomcat (ownership, permissions, etc.)? Are the files? What are the files called? What do they hold? --Dave -- DAVID A. CURRY, CISSP *DIRECTOR OF INFORMATION SECURITY* INFORMATION TECHNOLOGY 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003 +1 212 229-5300 x4728 • david.cu...@newschool.edu [image: The New School] On Tue, Feb 27, 2018 at 9:41 AM, Cheltenham, Chris < ccheltenham-...@philasd.org> wrote: > David, > > > > Is this what you are looking for? > > This is with the cas.properties entry of – “cas.serviceRegistry.json. > location=file:/etc/cas/services” > > If I change json back to config, I can log into the management portal but > still do not see the services I put in there. > > > > > > [root@devcas5 logs]# cat catalina.out > > 2018-02-27 09:38:14,507 DEBUG > [org.apereo.cas.services.AbstractServicesManager] > - <Loading services from [JsonServiceRegistryDao]> > > 2018-02-27 09:38:14,507 INFO [org.apereo.cas.services.AbstractServicesManager] > - <Loaded [0] service(s) from [JsonServiceRegistryDao].> > > 2018-02-27 09:38:16,232 DEBUG [org.apereo.cas.web.flow.InitialFlowSetupAction] > - <Warning cookie path is set to [null] and path [/cas/]> > > 2018-02-27 09:38:16,233 DEBUG [org.apereo.cas.web.flow.InitialFlowSetupAction] > - <TGC cookie path is set to [null] and path [/cas/]> > > 2018-02-27 09:38:16,233 DEBUG > [org.apereo.cas.web.support.DefaultArgumentExtractor] > - <Created [org.apereo.cas.authentication.principal. > SimpleWebApplicationServiceImpl@57dbcf68[id=https://devcas5. > philasd.org/cas-management/manage.html,originalUrl=https: > //devcas5.philasd.org/cas-management/manage.html,artifactId= > <null>,principal=<null>,loggedOutAlready=false,format=XML]] based on > [org.apereo.cas.authentication.principal.WebApplicationServiceFactory@ > 46439d55[]]> > > 2018-02-27 09:38:16,233 DEBUG > [org.apereo.cas.web.support.AbstractArgumentExtractor] > - <Extractor generated service type [org.apereo.cas. > authentication.principal.SimpleWebApplicationServiceImpl] for: [ > https://devcas5.philasd.org/cas-management/manage.html]> > > 2018-02-27 09:38:16,233 DEBUG [org.apereo.cas.web.flow.InitialFlowSetupAction] > - <Placing service in context scope: [https://devcas5.philasd.org/ > cas-management/manage.html]> > > 2018-02-27 09:38:16,234 DEBUG [org.apereo.cas.web.support.WebUtils] - > <Evaluating request to determine if warning cookie should be generated> > > 2018-02-27 09:38:16,235 DEBUG [org.apereo.cas.web.flow.resolver.impl. > RankedAuthenticationProviderWebflowEventResolver] - <No service is > available to determine event for principal> > > 2018-02-27 09:38:16,235 DEBUG [org.apereo.cas.web.flow.resolver.impl. > AbstractCasWebflowEventResolver] - <Resolved single event [success] via > [org.apereo.cas.web.flow.resolver.impl.RankedAuthenticationProviderWebflowEventResolver] > for this context> > > 2018-02-27 09:38:16,236 WARN > [org.apereo.cas.web.flow.ServiceAuthorizationCheck] > - <No service definitions are found in the service manager. Service [ > https://devcas5.philasd.org/cas-management/manage.html] will not be > automatically authorized to request authentication.> > > 2018-02-27 09:38:16,236 DEBUG > [org.apereo.cas.services.web.ChainingThemeResolver] > - <Attempting to resolve theme via [CookieThemeResolver]> > > 2018-02-27 09:38:16,236 DEBUG > [org.apereo.cas.services.web.ChainingThemeResolver] > - <Attempting to resolve theme via [SessionThemeResolver]> > > 2018-02-27 09:38:16,236 DEBUG > [org.apereo.cas.services.web.ChainingThemeResolver] > - <Attempting to resolve theme via [RequestHeaderThemeResolver]> > > 2018-02-27 09:38:16,236 DEBUG > [org.apereo.cas.services.web.ChainingThemeResolver] > - <Attempting to resolve theme via [ServiceThemeResolver]> > > 2018-02-27 09:38:16,236 WARN > [org.apereo.cas.services.web.ServiceThemeResolver] > - <No registered service is found to match [org.apereo.cas. > authentication.principal.SimpleWebApplicationServiceImpl@57dbcf68[id= > https://devcas5.philasd.org/cas-management/manage.html,originalUrl=https: > //devcas5.philasd.org/cas-management/manage.html,artifactId= > <null>,principal=<null>,loggedOutAlready=false,format=XML]] or service > access is disallowed. Using default theme [cas-theme-default]> > > 2018-02-27 09:38:16,236 DEBUG > [org.apereo.cas.services.web.ChainingThemeResolver] > - <Attempting to resolve theme via [FixedThemeResolver]> > > 2018-02-27 09:38:16,236 DEBUG > [org.apereo.cas.services.web.ChainingThemeResolver] > - <No specific theme could be found. Using default theme > [cas-theme-default}> > > 2018-02-27 09:38:16,269 DEBUG > [org.apereo.cas.web.view.CasReloadableMessageBundle] > - <No properties file found for [classpath:custom_messages_en] - neither > plain properties nor XML> > > 2018-02-27 09:38:16,269 DEBUG > [org.apereo.cas.web.view.CasReloadableMessageBundle] > - <No properties file found for [classpath:custom_messages] - neither plain > properties nor XML> > > 2018-02-27 09:38:16,270 DEBUG > [org.apereo.cas.web.view.CasReloadableMessageBundle] > - <No properties file found for [classpath:messages_en] - neither plain > properties nor XML> > > 2018-02-27 09:38:16,270 DEBUG > [org.apereo.cas.web.view.CasReloadableMessageBundle] > - <Re-caching properties for filename [classpath:messages] - file hasn't > been modified> > > 2018-02-27 09:38:16,271 DEBUG > [org.apereo.cas.services.web.ChainingThemeResolver] > - <Attempting to resolve theme via [CookieThemeResolver]> > > 2018-02-27 09:38:16,271 DEBUG > [org.apereo.cas.services.web.ChainingThemeResolver] > - <Attempting to resolve theme via [SessionThemeResolver]> > > 2018-02-27 09:38:16,271 DEBUG > [org.apereo.cas.services.web.ChainingThemeResolver] > - <Attempting to resolve theme via [RequestHeaderThemeResolver]> > > 2018-02-27 09:38:16,271 DEBUG > [org.apereo.cas.services.web.ChainingThemeResolver] > - <Attempting to resolve theme via [ServiceThemeResolver]> > > 2018-02-27 09:38:16,271 WARN > [org.apereo.cas.services.web.ServiceThemeResolver] > - <No registered service is found to match [org.apereo.cas. > authentication.principal.SimpleWebApplicationServiceImpl@57dbcf68[id= > https://devcas5.philasd.org/cas-management/manage.html,originalUrl=https: > //devcas5.philasd.org/cas-management/manage.html,artifactId= > <null>,principal=<null>,loggedOutAlready=false,format=XML]] or service > access is disallowed. Using default theme [cas-theme-default]> > > 2018-02-27 09:38:16,271 DEBUG > [org.apereo.cas.services.web.ChainingThemeResolver] > - <Attempting to resolve theme via [FixedThemeResolver]> > > 2018-02-27 09:38:16,271 DEBUG > [org.apereo.cas.services.web.ChainingThemeResolver] > - <No specific theme could be found. Using default theme > [cas-theme-default}> > > > > > > > > > > It consistently only loads the two defaults and never sees anything in > /etc/cas/services > > Its as if nothing is in there. > > > > 2018-02-27 09:36:57,741 DEBUG > [org.apereo.cas.services.AbstractServiceRegistryDao] > - <Publishing event [org.apereo.cas.support.events.service. > CasRegisteredServiceLoadedEvent@2ee60375[registeredService=id=10000001,name=HTTPS > and IMAPS,description=This service definition authorized all application > urls that support HTTPS and IMAPS protocols.,serviceId=^(https| > imaps)://.*,usernameAttributeProvider=org.apereo.cas.services. > DefaultRegisteredServiceUsernameProvider@d,theme=<null>, > evaluationOrder=10000,logoutType=BACK_CHANNEL,attributeReleasePolicy=org. > apereo.cas.services.ReturnAllowedAttributeReleasePolicy@18a9ad44[ > attributeFilter=<null>,principalAttributesRepository= > org.apereo.cas.authentication.principal.DefaultPrincipalAttributesRepo > sitory@2fc33f97[],authorizedToReleaseCredentialPassword=false, > authorizedToReleaseAuthenticationAttributes=true, > authorizedToReleaseProxyGrantingTicket=false,excludeDefaultAttributes= > false,principalIdAttribute=<null>,consentPolicy=org. > apereo.cas.services.consent.DefaultRegisteredServiceConsentPolicy@70ecb45b > [excludedAttributes=<null>,includeOnlyAttributes=<null>,enabled=true], > allowedAttributes=[]],accessStrategy=org.apereo.cas.services. > DefaultRegisteredServiceAccessStrategy@6e8ffc98[enabled= > true,ssoEnabled=true,requireAllAttributes=true,requiredAttributes={}, > unauthorizedRedirectUrl=<null>,caseInsensitive=false, > rejectedAttributes={}],publicKey=<null>,proxyPolicy= > org.apereo.cas.services.RefuseRegisteredServiceProxyPolicy@60a66b66 > ,logo=images/logo_cas.png,logoutUrl=<null>,requiredHandlers=[], > properties={},multifactorPolicy=org.apereo.cas.services. > DefaultRegisteredServiceMultifactorPolicy@3b99bf80[ > multifactorAuthenticationProviders=[],failureMode=NOT_SET, > principalAttributeNameTrigger=<null>,principalAttributeValueToMatch > =<null>,bypassEnabled=false],informationUrl=<null>, > privacyUrl=<null>,contacts=[],expirationPolicy=org.apereo.cas.services. > DefaultRegisteredServiceExpirationPolicy@d9010e3[deleteWhenExpired=false, > notifyWhenDeleted=false,expirationDate=<null>],<null>]]> > > 2018-02-27 09:36:57,741 DEBUG > [org.apereo.cas.services.AbstractServicesManager] > - <Adding registered service [^https://www.apereo.org]> > > 2018-02-27 09:36:57,741 DEBUG > [org.apereo.cas.services.AbstractServicesManager] > - <Adding registered service [^(https|imaps)://.*]> > > 2018-02-27 09:36:57,742 INFO [org.apereo.cas.services.AbstractServicesManager] > - <Loaded [2] service(s) from [JsonServiceRegistryDao].> > > 2018-02-27 09:37:14,507 DEBUG > [org.apereo.cas.services.AbstractServicesManager] > - <Loading services from [JsonServiceRegistryDao]> > > 2018-02-27 09:37:14,507 INFO [org.apereo.cas.services.AbstractServicesManager] > - <Loaded [0] service(s) from [JsonServiceRegistryDao].> > > > > =========================== > > Thank You; > > Chris Cheltenham > Technology Services > The School District of Philadelphia > > Work # 215-400-5025 > Cell # 215-301-6571 > > *From:* cas-user@apereo.org [mailto:cas-user@apereo.org] *On Behalf Of *David > Curry > *Sent:* Tuesday, February 27, 2018 8:58 AM > *To:* cas-user@apereo.org > *Subject:* Re: [cas-user] /cas/status/dashboard > > > > If you use "config" then the property is being ignored because it doesn't > do anything, and you are likely getting the wildcard service registry entry > in the classpath. > > > > If you use "json" then you are most likely correctly getting your > /etc/cas/services directory, and assuming you didn't copy the wildcard > entry, you're not matching it any more. As to application not authorized, > that means you don't have a correct entry. > > > > When you have it set to "json", what does the debug log tell you it's > loading for services? > > > > > > > -- > > *DAVID A. CURRY, CISSP* > *DIRECTOR OF INFORMATION SECURITY* > INFORMATION TECHNOLOGY > > 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003 > <https://maps.google.com/?q=71+FIFTH+AVE.,+9TH+FL.,+NEW+YORK,+NY+10003&entry=gmail&source=g> > +1 212 229-5300 x4728 • david.cu...@newschool.edu > > [image: The New School] > > > > On Tue, Feb 27, 2018 at 8:51 AM, Cheltenham, Chris < > ccheltenham-...@philasd.org> wrote: > > Guys, > > > > When I changed config to json , I get Application Not Authorized to use > CAS. > > > > I am not sure if that s good thing or not. > > > > If I change json back to config, the portal will open. > > > > > > > > =========================== > > Thank You; > > Chris Cheltenham > Technology Services > The School District of Philadelphia > > Work # 215-400-5025 > Cell # 215-301-6571 > > *From:* cas-user@apereo.org [mailto:cas-user@apereo.org] *On Behalf Of > *Matthew > Uribe > *Sent:* Monday, February 26, 2018 3:35 PM > *To:* CAS Community <cas-user@apereo.org> > *Subject:* Re: [cas-user] /cas/status/dashboard > > > > Chris, > > > > I ran into the same problem. I added json files to /etc/cas/services but > CAS was only reading those in the classpath/services directory. > > I found that my problem was in my cas.properties: > > > > Incorrect: > > cas.serviceRegistry.*config*.location: file:/etc/cas/services > > Correct: > > cas.serviceRegistry.*json*.location: file:/etc/cas/services > > > On Monday, February 26, 2018 at 12:50:26 PM UTC-7, Chris Cheltenham wrote: > > David, > > > > The only thing I can tell is that CAS is not seeing the json file from > /etc/cas/services. > > I created two and they never show up loaded in the logs. > > > > Only the two default ones, I guess they are, show up. > > > > > > 2018-02-26 14:42:49,710 DEBUG > [org.apereo.cas.services.AbstractServicesManager] > - <Adding registered service [^https://www.apereo.org]> > > 2018-02-26 14:42:49,710 DEBUG > [org.apereo.cas.services.AbstractServicesManager] > - <Adding registered service [^(https|imaps)://.*]> > > 2018-02-26 14:42:49,710 INFO [org.apereo.cas.services.AbstractServicesManager] > - <Loaded [2] service(s) from [JsonServiceRegistryDao].> > > > > I have two json files. > > > > > > cas-services5.xml > > > > { > > @class: org.apereo.cas.services.RegexRegisteredService > > serviceId: https://devcas5\.philasd\.org/cas-services/.* > > name: HTTPS > > id: 10000000001 > > description: HTTPS protocol wildcard service. > > evaluationOrder: 1000 > > } > > > > > > > > And > > > > > > cas-dashboard.xml > > > > > > { > > "@class" : "org.apereo.cas.services.RegexRegisteredService", > > "serviceId" : "^https://devcass5.philasd.org/cas/status/dashboard(\\z|/ > .*)", > > "name" : "CAS Admin Dashboard", > > "id" : 1000000002 > > "description" : "CAS dashboard and administrative endpoints", > > "evaluationOrder" : 1001 > > } > > > > > > =========================== > > Thank You; > > Chris Cheltenham > Technology Services > The School District of Philadelphia > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cas-user+unsubscr...@apereo.org. > To view this discussion on the web visit https://groups.google.com/a/ > apereo.org/d/msgid/cas-user/082beb1a-0cfc-4066-8c2b- > d6e97284709f%40apereo.org > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/082beb1a-0cfc-4066-8c2b-d6e97284709f%40apereo.org?utm_medium=email&utm_source=footer> > . > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cas-user+unsubscr...@apereo.org. > > To view this discussion on the web visit https://groups.google.com/a/ > apereo.org/d/msgid/cas-user/004701d3afd2%2407b4d1c0% > 24171e7540%24%40philasd.org > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/004701d3afd2%2407b4d1c0%24171e7540%24%40philasd.org?utm_medium=email&utm_source=footer> > . > > > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cas-user+unsubscr...@apereo.org. > To view this discussion on the web visit https://groups.google.com/a/ > apereo.org/d/msgid/cas-user/CA%2Bd9XAPAPhC3LpX0vQ% > 2BDskRdEKngK1qynbAGRQmAKR8eY09yTg%40mail.gmail.com > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XAPAPhC3LpX0vQ%2BDskRdEKngK1qynbAGRQmAKR8eY09yTg%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cas-user+unsubscr...@apereo.org. > To view this discussion on the web visit https://groups.google.com/a/ > apereo.org/d/msgid/cas-user/008401d3afd9%2405391f30% > 240fab5d90%24%40philasd.org > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/008401d3afd9%2405391f30%240fab5d90%24%40philasd.org?utm_medium=email&utm_source=footer> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XAMuhG93N1JC-TL0wi1xUyCW1KQdQ0%3DCtj2DtnvrVrcmtw%40mail.gmail.com.
