i try it but didn't Work :(
Le mar. 25 juin 2019 à 00:49, Ray Bon <[email protected]> a écrit :
> Mustafa,
>
> Try this for userFilter
> cas.authn.ldap[0].userFilter=cn={user}
>
> {user} will be substituted for the user logging in.
>
> Ray
>
> On Mon, 2019-06-24 at 23:42 +0100, EL AZZAOUI Mustafa wrote:
>
> Hi Ray Bon ,
>
> yes this is new integration i want to intergate my cas server with my
> LDAP server . this is my config file cas.properties. thank you
>
>
>
> =================================================cas.properties=====================
> cas.server.name: https://sso.ensias.ma:8443
> cas.server.prefix: https://sso.ensias.ma:8443/cas
>
> cas.adminPagesSecurity.ip=127\.0\.0\.1
>
> logging.config: file:/etc/cas/config/log4j2.xml
> # cas.serviceRegistry.config.location: classpath:/services
> cas.authn.accept.users:
> cas.tgc.secure: true
> cas.tgc.crypto.signing.key:
>
> QGdatePGEybuSRLau-4iExXyfNq1YmJkzUtaLCR2wkkHNvdsUlccez_cDtK7QL7lidpcWfO77WSMvvdNfmFlhg
> cas.tgc.crypto.encryption.key:
> dF-_VHSwjMnzkbtzDfWLt4pEt27P2eHNObVc_oWT-nM
>
>
>
>
>
> cas.webflow.crypto.signing.key:3T5rPpKyACyIW_y5u4NzpkdOZzncs8AqlSHH64J6hFPNW7QD4w1CMr_vU4QOCdDZ9iK4gualSof8vbTfKMXvdQ
> cas.webflow.crypto.encryption.key: uYhr0kA/aMqT08lfvangTQ==
>
> cas.authn.attributeRepository.ldap[0].type=AUTHENTICATED
> cas.authn.attributeRepository.ldap[0].attributes.uid=hbary
> cas.authn.attributeRepository.ldap[0].attributes.displayName=hamza bary
> # cas.authn.attributeRepository.ldap[0].attributes.cn=commonName
> cas.authn.attributeRepository.ldap[0].attributes.affiliation=IoT
>
> cas.authn.ldap[0].ldapUrl=ldaps://192.168.243.146:389
> # cas.authn.attributeRepository.ldap[0].connectionStrategy=
> cas.authn.attributeRepository.ldap[0].order=0
> # cas.authn.attributeRepository.ldap[0].useSsl=true
> # cas.authn.attributeRepository.ldap[0].useStartTls=false
> # cas.authn.attributeRepository.ldap[0].connectTimeout=5000
> cas.authn.attributeRepository.ldap[0].baseDn=dc=ensias,dc=ma
> cas.authn.attributeRepository.ldap[0].userFilter=cn=hbary
> # cas.authn.attributeRepository.ldap[0].subtreeSearch=true
> cas.authn.attributeRepository.ldap[0].bindDn=cn=admin,dc=ensias,dc=ma
> cas.authn.attributeRepository.ldap[0].bindCredential=123456
> # cas.authn.attributeRepository.ldap[0].trustCertificates=
> # cas.authn.attributeRepository.ldap[0].keystore=
> # cas.authn.attributeRepository.ldap[0].keystorePassword=
> # cas.authn.attributeRepository.ldap[0].keystoreType=JKS|JCEKS|PKCS12
> # cas.authn.attributeRepository.ldap[0].poolPassivator=NONE|CLOSE|BIND
> # cas.authn.attributeRepository.ldap[0].minPoolSize=3
> # cas.authn.attributeRepository.ldap[0].maxPoolSize=10
> # cas.authn.attributeRepository.ldap[0].validateOnCheckout=true
> # cas.authn.attributeRepository.ldap[0].validatePeriodically=true
> # cas.authn.attributeRepository.ldap[0].validatePeriod=600
> # cas.authn.attributeRepository.ldap[0].validateTimeout=5000
> # cas.authn.attributeRepository.ldap[0].failFast=true
> # cas.authn.attributeRepository.ldap[0].idleTime=500
> # cas.authn.attributeRepository.ldap[0].prunePeriod=600
> # cas.authn.attributeRepository.ldap[0].blockWaitTime=5000
>
> #cas.authn.attributeRepository.ldap[0].providerClass=org.ldaptive.provider.unboundid.UnboundIDProvider
>
> # cas.authn.attributeRepository.ldap[0].validator.type=NONE|SEARCH|COMPARE
> # cas.authn.attributeRepository.ldap[0].validator.baseDn=
> #
> cas.authn.attributeRepository.ldap[0].validator.searchFilter=(objectClass=*)
> #
> cas.authn.attributeRepository.ldap[0].validator.scope=OBJECT|ONELEVEL|SUBTREE
> # cas.authn.attributeRepository.ldap[0].validator.attributeName=objectClass
> # cas.authn.attributeRepository.ldap[0].validator.attributeValues=top
> # cas.authn.attributeRepository.ldap[0].validator.dn=
>
> Le lun. 24 juin 2019 à 22:33, Ray Bon <[email protected]> a écrit :
>
> Mustafa,
>
> Is this a new integration or is it the result of a change?
>
> You should post your config files.
>
> Ray
>
> On Sat, 2019-06-22 at 18:14 -0700, Mustafa wrote:
>
> HI?
>
> I'am trying to Integrate My cas server with LDAP ( CAS v 5.1.9 installed
> on Redhat 8 with ldap server installed on Ubuntu 16.04 )
>
> when i check the cas.log i find this Error.
>
> 2019-06-23 02:05:12,589 ERROR
> [org.apereo.cas.web.flow.AuthenticationExceptionHandlerAction] - <Unable to
> translate handler errors of the authentication exception
> [org.apereo.cas.authentication.AuthenticationException: 0 errors, 0
> successes]Returning [UNKNOWN]>
> 2019-06-23 02:05:21,196 WARN
> [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] -
> <Authentication has failed. Credentials may be incorrect or CAS cannot find
> authentication handler that supports [user1] of type
> [UsernamePasswordCredential], which suggests a configuration problem.>
> 2019-06-23 02:05:21,199 INFO
> [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit
> trail record BEGIN
> =============================================================
> WHO: user1
> WHAT: Supplied credentials: [user1]
> ACTION: AUTHENTICATION_FAILED
> APPLICATION: CAS
> WHEN: Sun Jun 23 02:05:21 WEST 2019
> CLIENT IP ADDRESS: 192.168.243.1
> SERVER IP ADDRESS: 192.168.243.149
>
> --
>
>
> Ray Bon
> Programmer Analyst
> Development Services, University Systems
> 2507218831 | CLE 019 | [email protected]
>
> I respectfully acknowledge that my place of work is located within the
> ancestral, traditional and unceded territory of the Songhees, Esquimalt and
> WSÁNEĆ Nations.
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/e958780f64f8d9109331ca8860c347d6133d8165.camel%40uvic.ca
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/e958780f64f8d9109331ca8860c347d6133d8165.camel%40uvic.ca?utm_medium=email&utm_source=footer>
> .
>
>
>
> --
> EL AZZAOUI Mustafa
> Lot Abi Hourairra II N° 52
>
> Temara .Rabat MAROC.
> Mobile:0676 87 31 25
> Email : [email protected]
>
>
>
> --
>
> Ray Bon
> Programmer Analyst
> Development Services, University Systems
> 2507218831 | CLE 019 | [email protected]
>
> I respectfully acknowledge that my place of work is located within the
> ancestral, traditional and unceded territory of the Songhees, Esquimalt and
> WSÁNEĆ Nations.
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/2bcd9d5c615f2994f5beeb7f36fab943552a3bf0.camel%40uvic.ca
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/2bcd9d5c615f2994f5beeb7f36fab943552a3bf0.camel%40uvic.ca?utm_medium=email&utm_source=footer>
> .
>
--
EL AZZAOUI Mustafa
Lot Abi Hourairra II N° 52
Temara .Rabat MAROC.
Mobile:0676 87 31 25
Email : [email protected]
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAKQtfxeUQk1OiXvoX0pjO8Us1qaqBan4SA%3DoL3OyTUbcKrr0Hg%40mail.gmail.com.
