Re: [cas-user] Cant connect to freeradius for authentication users

Fri, 30 Oct 2020 03:28:24 -0700 

What's the freeradius logs showing.

I seem to recall that you can only use PAP for authentication.
As well and maybe you just sanitized the configuration but just to state the obvious you have to replace the {configuration key} with the releveant context
So for example, but you must have that right or the CAS wouldn't likely even start properly. 


cas.authn.radius.client.sharedSecret=xxxx
cas.authn.radius.client.inetAddress=100.10.1.184



On 10/30/20 3:25 AM, irvan suryadi wrote:

Hello,
I have 6.1.2 cas installation.
in this development i try to use freeradius as my auhtentication provider. but 'till this time it still not working. 

Is everyone have the same problem, and solve it before, need help.

Thanks,
Irvan

My build.gradle dependencies :

dependencies {
    if (project.hasProperty("casmodules")) {
        def dependencies = project.getProperty("casmodules").split(",")
        dependencies.each {
            implementation "org.apereo.cas:cas-server-${it}:${casServerVersion}" 
        }
    }
    //radius dependencies
    compile "org.apereo.cas:cas-server-support-radius:${project.'cas.version'}" 
    //radius mfa dependencies
    implementation "org.apereo.cas:cas-server-support-radius-mfa:${project.'cas.version'}" 
    // https://mvnrepository.com/artifact/gnu.getopt/java-getopt
    //compile group: 'gnu.getopt', name: 'java-getopt', version: '1.0.13'
    compile "org.apereo.cas:cas-server-webapp${project.appServer}:${casServerVersion}" 

    // Other CAS dependencies/modules may be listed here...
    //implementation
    compile "org.apereo.cas:cas-server-support-json-service-registry:${casServerVersion}"     compile "org.apereo.cas:cas-server-support-radius-mfa:${project.'cas.version'}" 
}

my cas.properties files :

cas.server.name=https://cas.example.org:8443
cas.server.prefix=${cas.server.name}/cas

logging.config=file:/etc/cas/config/log4j2.xml

cas.authn.accept.users=
cas.authn.accept.enabled=false
server.port = 8443

#cas.adminPagesSecurity.ip=127\.0\.0\.1

logging.config: file:/etc/cas/config/log4j2.xml
# cas.serviceRegistry.config.location: classpath:/services

# SSL
server.ssl.enabled=true

server.ssl.keyStore=file:/etc/cas/keystore
server.ssl.keyStorePassword=xxxxxx
server.ssl.keyPassword=xxxxxx


${configurationKey}.server.nasPortId=-1
${configurationKey}.server.nasRealPort=-1
${configurationKey}.server.protocol=EAP_MSCHAPv2
${configurationKey}.server.retries=3
${configurationKey}.server.nasPortType=-1
${configurationKey}.server.nasPort=0
${configurationKey}.server.nasIpAddress=192.168.1.1 (my main router ip registered in freeradius) 
${configurationKey}.server.nasIpv6Address=
${configurationKey}.server.nasIdentifier=-1

${configurationKey}.client.authenticationPort=1812
${configurationKey}.client.sharedSecret=xxxxx (I've try to use my router nas secret and new secret for my cas pc IP address, but still not working) 
${configurationKey}.client.socketTimeout=0
${configurationKey}.client.inetAddress=localhost/my cas server ip address
${configurationKey}.client.accountingPort=1813

#${configurationKey}.failoverOnException=false
#${configurationKey}.failoverOnAuthenticationFailure=false

# cas.authn.mfa.radius.rank=0
# cas.authn.mfa.radius.trusted-device-enabled=false
# cas.authn.mfa.radius.allowed-authentication-attempts=-1
# cas.authn.mfa.radius.name=
# cas.authn.mfa.radius.order=

# cas.authn.mfa.duo[0].duo-secret-key=
# cas.authn.mfa.duo[0].rank=0
# cas.authn.mfa.duo[0].duo-application-key=
# cas.authn.mfa.duo[0].duo-integration-key=
# cas.authn.mfa.duo[0].duo-api-host=
# cas.authn.mfa.duo[0].trusted-device-enabled=false
# cas.authn.mfa.duo[0].id=mfa-duo
# cas.authn.mfa.duo[0].registration-url=https://registration.example.org/duo-enrollment 
# cas.authn.mfa.duo[0].name=
# cas.authn.mfa.duo[0].order=



--
- Website: https://apereo.github.io/cas <https://apereo.github.io/cas>
- Gitter Chatroom: https://gitter.im/apereo/cas <https://gitter.im/apereo/cas> 
- List Guidelines: https://goo.gl/1VRrw7 <https://goo.gl/1VRrw7>
- Contributions: https://goo.gl/mh7qDG <https://goo.gl/mh7qDG>
---
You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org <mailto:cas-user+unsubscr...@apereo.org>. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/8ca16fc4-d880-4b4c-8005-501e3159a1c4n%40apereo.org <https://groups.google.com/a/apereo.org/d/msgid/cas-user/8ca16fc4-d880-4b4c-8005-501e3159a1c4n%40apereo.org?utm_medium=email&utm_source=footer>. 

--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- You received this message because you are subscribed to the Google Groups "CAS Community" group. 
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/2a8eb353-3b42-54e3-5032-0b2f515fbda5%40caveo.ca.

Reply via email to