You should look at your LDAP logs. You could also put your CAS logs in debug or even trace mode.
Ray On Tue, 2019-06-25 at 01:40 +0100, EL AZZAOUI Mustafa wrote: i try it but didn't Work :( Le mar. 25 juin 2019 à 00:49, Ray Bon <[email protected]<mailto:[email protected]>> a écrit : Mustafa, Try this for userFilter cas.authn.ldap[0].userFilter=cn={user} {user} will be substituted for the user logging in. Ray On Mon, 2019-06-24 at 23:42 +0100, EL AZZAOUI Mustafa wrote: Hi Ray Bon , yes this is new integration i want to intergate my cas server with my LDAP server . this is my config file cas.properties. thank you =================================================cas.properties===================== cas.server.name<http://cas.server.name>: https://sso.ensias.ma:8443 cas.server.prefix: https://sso.ensias.ma:8443/cas cas.adminPagesSecurity.ip=127\.0\.0\.1 logging.config: file:/etc/cas/config/log4j2.xml # cas.serviceRegistry.config.location: classpath:/services cas.authn.accept.users: cas.tgc.secure: true cas.tgc.crypto.signing.key: QGdatePGEybuSRLau-4iExXyfNq1YmJkzUtaLCR2wkkHNvdsUlccez_cDtK7QL7lidpcWfO77WSMvvdNfmFlhg cas.tgc.crypto.encryption.key: dF-_VHSwjMnzkbtzDfWLt4pEt27P2eHNObVc_oWT-nM cas.webflow.crypto.signing.key:3T5rPpKyACyIW_y5u4NzpkdOZzncs8AqlSHH64J6hFPNW7QD4w1CMr_vU4QOCdDZ9iK4gualSof8vbTfKMXvdQ cas.webflow.crypto.encryption.key: uYhr0kA/aMqT08lfvangTQ== cas.authn.attributeRepository.ldap[0].type=AUTHENTICATED cas.authn.attributeRepository.ldap[0].attributes.uid=hbary cas.authn.attributeRepository.ldap[0].attributes.displayName=hamza bary # cas.authn.attributeRepository.ldap[0].attributes.cn<http://attributes.cn>=commonName cas.authn.attributeRepository.ldap[0].attributes.affiliation=IoT cas.authn.ldap[0].ldapUrl=ldaps://192.168.243.146:389<http://192.168.243.146:389> # cas.authn.attributeRepository.ldap[0].connectionStrategy= cas.authn.attributeRepository.ldap[0].order=0 # cas.authn.attributeRepository.ldap[0].useSsl=true # cas.authn.attributeRepository.ldap[0].useStartTls=false # cas.authn.attributeRepository.ldap[0].connectTimeout=5000 cas.authn.attributeRepository.ldap[0].baseDn=dc=ensias,dc=ma cas.authn.attributeRepository.ldap[0].userFilter=cn=hbary # cas.authn.attributeRepository.ldap[0].subtreeSearch=true cas.authn.attributeRepository.ldap[0].bindDn=cn=admin,dc=ensias,dc=ma cas.authn.attributeRepository.ldap[0].bindCredential=123456 # cas.authn.attributeRepository.ldap[0].trustCertificates= # cas.authn.attributeRepository.ldap[0].keystore= # cas.authn.attributeRepository.ldap[0].keystorePassword= # cas.authn.attributeRepository.ldap[0].keystoreType=JKS|JCEKS|PKCS12 # cas.authn.attributeRepository.ldap[0].poolPassivator=NONE|CLOSE|BIND # cas.authn.attributeRepository.ldap[0].minPoolSize=3 # cas.authn.attributeRepository.ldap[0].maxPoolSize=10 # cas.authn.attributeRepository.ldap[0].validateOnCheckout=true # cas.authn.attributeRepository.ldap[0].validatePeriodically=true # cas.authn.attributeRepository.ldap[0].validatePeriod=600 # cas.authn.attributeRepository.ldap[0].validateTimeout=5000 # cas.authn.attributeRepository.ldap[0].failFast=true # cas.authn.attributeRepository.ldap[0].idleTime=500 # cas.authn.attributeRepository.ldap[0].prunePeriod=600 # cas.authn.attributeRepository.ldap[0].blockWaitTime=5000 #cas.authn.attributeRepository.ldap[0].providerClass=org.ldaptive.provider.unboundid.UnboundIDProvider # cas.authn.attributeRepository.ldap[0].validator.type=NONE|SEARCH|COMPARE # cas.authn.attributeRepository.ldap[0].validator.baseDn= # cas.authn.attributeRepository.ldap[0].validator.searchFilter=(objectClass=*) # cas.authn.attributeRepository.ldap[0].validator.scope=OBJECT|ONELEVEL|SUBTREE # cas.authn.attributeRepository.ldap[0].validator.attributeName=objectClass # cas.authn.attributeRepository.ldap[0].validator.attributeValues=top # cas.authn.attributeRepository.ldap[0].validator.dn= Le lun. 24 juin 2019 à 22:33, Ray Bon <[email protected]<mailto:[email protected]>> a écrit : Mustafa, Is this a new integration or is it the result of a change? You should post your config files. Ray On Sat, 2019-06-22 at 18:14 -0700, Mustafa wrote: HI? I'am trying to Integrate My cas server with LDAP ( CAS v 5.1.9 installed on Redhat 8 with ldap server installed on Ubuntu 16.04 ) when i check the cas.log i find this Error. 2019-06-23 02:05:12,589 ERROR [org.apereo.cas.web.flow.AuthenticationExceptionHandlerAction] - <Unable to translate handler errors of the authentication exception [org.apereo.cas.authentication.AuthenticationException: 0 errors, 0 successes]Returning [UNKNOWN]> 2019-06-23 02:05:21,196 WARN [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <Authentication has failed. Credentials may be incorrect or CAS cannot find authentication handler that supports [user1] of type [UsernamePasswordCredential], which suggests a configuration problem.> 2019-06-23 02:05:21,199 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN ============================================================= WHO: user1 WHAT: Supplied credentials: [user1] ACTION: AUTHENTICATION_FAILED APPLICATION: CAS WHEN: Sun Jun 23 02:05:21 WEST 2019 CLIENT IP ADDRESS: 192.168.243.1 SERVER IP ADDRESS: 192.168.243.149 -- Ray Bon Programmer Analyst Development Services, University Systems 2507218831 | CLE 019 | [email protected]<mailto:[email protected]> I respectfully acknowledge that my place of work is located within the ancestral, traditional and unceded territory of the Songhees, Esquimalt and WSÁNEĆ Nations. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]<mailto:[email protected]>. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/e958780f64f8d9109331ca8860c347d6133d8165.camel%40uvic.ca<https://groups.google.com/a/apereo.org/d/msgid/cas-user/e958780f64f8d9109331ca8860c347d6133d8165.camel%40uvic.ca?utm_medium=email&utm_source=footer>. -- EL AZZAOUI Mustafa Lot Abi Hourairra II N° 52 Temara .Rabat MAROC. Mobile:0676 87 31 25 Email : [email protected]<mailto:[email protected]> -- Ray Bon Programmer Analyst Development Services, University Systems 2507218831 | CLE 019 | [email protected]<mailto:[email protected]> I respectfully acknowledge that my place of work is located within the ancestral, traditional and unceded territory of the Songhees, Esquimalt and WSÁNEĆ Nations. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]<mailto:[email protected]>. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/2bcd9d5c615f2994f5beeb7f36fab943552a3bf0.camel%40uvic.ca<https://groups.google.com/a/apereo.org/d/msgid/cas-user/2bcd9d5c615f2994f5beeb7f36fab943552a3bf0.camel%40uvic.ca?utm_medium=email&utm_source=footer>. -- EL AZZAOUI Mustafa Lot Abi Hourairra II N° 52 Temara .Rabat MAROC. Mobile:0676 87 31 25 Email : [email protected]<mailto:[email protected]> -- Ray Bon Programmer Analyst Development Services, University Systems 2507218831 | CLE 019 | [email protected]<mailto:[email protected]> I respectfully acknowledge that my place of work is located within the ancestral, traditional and unceded territory of the Songhees, Esquimalt and WSÁNEĆ Nations. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/b6def22dc8a89497590debef21f6cfa99685f208.camel%40uvic.ca.
