I am getting the following when attempting to configure LDAP authentication
to the CAS and Spring endpoints.
2019-04-25 17:51:08,236 ERROR
[org.apereo.cas.web.security.authentication.MonitorEndpointLdapAuthenticationProvider]
- <null>
java.lang.NullPointerException: null
at
org.apereo.cas.util.LdapUtils.lambda$newLdaptiveSearchFilter$3(LdapUtils.java:530)
~[cas-server-support-ldap-core-6.0.3.jar!/:6.0.3]
at
java.util.stream.Streams$RangeIntSpliterator.forEachRemaining(Streams.java:104)
~[?:?]
at java.util.stream.IntPipeline$Head.forEach(IntPipeline.java:593)
~[?:?]
at
org.apereo.cas.util.LdapUtils.newLdaptiveSearchFilter(LdapUtils.java:529)
~[cas-server-support-ldap-core-6.0.3.jar!/:6.0.3]
at
org.apereo.cas.authorization.BaseUseAttributesAuthorizationGenerator.generate(BaseUseAttributesAuthorizationGenerator.java:69)
~[cas-server-support-ldap-core-6.0.3.jar!/:6.0.3]
at
org.apereo.cas.web.security.authentication.MonitorEndpointLdapAuthenticationProvider.authenticate(MonitorEndpointLdapAuthenticationProvider.java:72)
~[cas-server-webapp-config-6.0.3.jar!/:6.0.3]
at
org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:175)
~[spring-security-core-5.1.5.RELEASE.jar!/:5.1.5.RELEASE]
at
org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:200)
~[spring-security-core-5.1.5.RELEASE.jar!/:5.1.5.RELEASE]
at
org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter.attemptAuthentication(UsernamePasswordAuthenticationFilter.java:94)
~[spring-security-web-5.1.5.RELEASE.jar!/:5.1.5.RELEASE]
at
org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:212)
~[spring-security-web-5.1.5.RELEASE.jar!/:5.1.5.RELEASE]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
~[spring-security-web-5.1.5.RELEASE.jar!/:5.1.5.RELEASE]
at
org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
~[spring-security-web-5.1.5.RELEASE.jar!/:5.1.5.RELEASE]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
~[spring-security-web-5.1.5.RELEASE.jar!/:5.1.5.RELEASE]
at
org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
~[spring-security-web-5.1.5.RELEASE.jar!/:5.1.5.RELEASE]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
~[spring-web-5.1.6.RELEASE.jar!/:5.1.6.RELEASE]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
~[spring-security-web-5.1.5.RELEASE.jar!/:5.1.5.RELEASE]
at
org.springframework.security.web.access.channel.ChannelProcessingFilter.doFilter(ChannelProcessingFilter.java:157)
~[spring-security-web-5.1.5.RELEASE.jar!/:5.1.5.RELEASE]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
~[spring-security-web-5.1.5.RELEASE.jar!/:5.1.5.RELEASE]
at
org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)
~[spring-security-web-5.1.5.RELEASE.jar!/:5.1.5.RELEASE]
at
org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)
~[spring-security-web-5.1.5.RELEASE.jar!/:5.1.5.RELEASE]
at
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:357)
~[spring-web-5.1.6.RELEASE.jar!/:5.1.6.RELEASE]
at
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:270)
~[spring-web-5.1.6.RELEASE.jar!/:5.1.6.RELEASE]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
at
org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99)
~[spring-web-5.1.6.RELEASE.jar!/:5.1.6.RELEASE]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
~[spring-web-5.1.6.RELEASE.jar!/:5.1.6.RELEASE]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
at
org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:92)
~[spring-web-5.1.6.RELEASE.jar!/:5.1.6.RELEASE]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
~[spring-web-5.1.6.RELEASE.jar!/:5.1.6.RELEASE]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
at
org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:93)
~[spring-web-5.1.6.RELEASE.jar!/:5.1.6.RELEASE]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
~[spring-web-5.1.6.RELEASE.jar!/:5.1.6.RELEASE]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
at
org.springframework.boot.actuate.metrics.web.servlet.WebMvcMetricsFilter.filterAndRecordMetrics(WebMvcMetricsFilter.java:117)
~[spring-boot-actuator-2.1.2.RELEASE.jar!/:2.1.2.RELEASE]
at
org.springframework.boot.actuate.metrics.web.servlet.WebMvcMetricsFilter.doFilterInternal(WebMvcMetricsFilter.java:106)
~[spring-boot-actuator-2.1.2.RELEASE.jar!/:2.1.2.RELEASE]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
~[spring-web-5.1.6.RELEASE.jar!/:5.1.6.RELEASE]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
at
org.apereo.cas.logging.web.ThreadContextMDCServletFilter.doFilter(ThreadContextMDCServletFilter.java:98)
~[cas-server-core-logging-6.0.3.jar!/:6.0.3]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
at
org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:200)
~[spring-web-5.1.6.RELEASE.jar!/:5.1.6.RELEASE]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
~[spring-web-5.1.6.RELEASE.jar!/:5.1.6.RELEASE]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
at
org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:66)
~[inspektr-common-1.8.4.GA.jar!/:1.8.4.GA]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:200)
~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490)
~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
at
org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:678)
~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
at
org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:679)
~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
at
org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:408)
~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
at
org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
at
org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:834)
~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1415)
~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
at
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
~[?:?]
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
~[?:?]
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
~[tomcat-embed-core-9.0.17.jar!/:9.0.17]
at java.lang.Thread.run(Thread.java:835) [?:?]
I have added the following dependencies to my build.gradle in the
cas-overlay-template:
compile "com.unboundid:unboundid-ldapsdk:4.0.10"
compile
'org.springframework.security:spring-security-core:5.1.5.RELEASE'
compile 'org.springframework.security:spring-security-cas:5.1.5.RELEASE'
compile 'org.springframework.security:spring-security-web:5.1.5.RELEASE'
compile
'org.springframework.security:spring-security-config:5.1.5.RELEASE'
compile
'org.springframework.security:spring-security-ldap:5.1.5.RELEASE'
compile 'org.springframework.ldap:spring-ldap-core:2.3.2.RELEASE'
I have the following configuration in cas.properties:
management.endpoints.web.exposure.include=*
management.endpoints.enabled-by-default=true
cas.monitor.endpoints.endpoint.defaults.access=AUTHENTICATED
cas.monitor.endpoints.ldap.providerClass=org.ldaptive.provider.unboundid.UnboundIDProvider
cas.monitor.endpoints.ldap.type=AUTHENTICATED
cas.monitor.endpoints.ldap.ldapUrl=ldaps://xxx.yyy.zzz/
cas.monitor.endpoints.ldap.useSsl=true
cas.monitor.endpoints.ldap.useStartTls=false
cas.monitor.endpoints.ldap.connectTimeout=5000
cas.monitor.endpoints.ldap.baseDn=ou=OU,dc=YYY,dc=ZZZ
cas.monitor.endpoints.ldap.bindDn=cn=ADMIN,ou=OU,dc=YYY,dc=ZZZ
cas.monitor.endpoints.ldap.bindCredential=xxxxxxxxx
cas.monitor.endpoints.ldap.searchFilter=(sAMAccountName={user})
cas.monitor.endpoints.ldap.subtreeSearch=true
I resolved a similar issue by following the advice given in
https://groups.google.com/a/apereo.org/d/msg/cas-user/tC6qQO9zGRk/NrlucUjDHQAJ
but that does not seem to be helping for cas.monitor.endpoints.ldap like it
did for cas.authn.ldap.
This seems like a bug but I am not sure where and I am not sure how to
troubleshoot it given my limited experience in java. Appreciate any
answers others might be able to give.
Thanks!
Doug
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/319a6d69-fb26-46e7-885f-e7efd49dd079%40apereo.org.
