Pierre,
Thanks for reply. What do you mean?
"Also, I assume you compiled your CAS war including
compile "org.apereo.cas:cas-server-support-ldap:${casServerVersion}"
in the dependencies."
Isn't those dependencies automatically compiled depending of cas.properties
entries?
Where should I add
"org.apereo.cas:cas-server-support-ldap:${casServerVersion}" entry?
BN
wtorek, 2 marca 2021 o 14:34:00 UTC+1 Kink napisał(a):
> Hi Bartosz,
>
> I use simple ldap against an ApacheDS, it works well.
> CAS is a marvellous thing ,but a highly sensitive one, you may want to
> verify you have no white space at the end of lines in your config file.
> I ran into that issue once which drove me crazy.
>
> Also, I assume you compiled your CAS war including
> compile "org.apereo.cas:cas-server-support-ldap:${casServerVersion}"
> in the dependencies.
>
> If I were you I would also make the search filter even simpler by removing
> the wild card. I know it sounds dull, but with CAS you've got to start
> small (X_X).
> Basically, do not assume that a working ldap search request ran using an
> LDAP tool will always be interpreted correctly inside CAS, that is not my
> experience but this could be due to bugs on the versions of CAS I have been
> using.
>
> Doesn't the full report of the startup give you any hint?
>
> Cheers,
> Pierre
> On Tuesday, 2 March 2021 at 12:26:19 UTC+1 Bartosz Nitkiewicz wrote:
>
>> No success. I'm wondering if this config file is enough for proper LDAP
>> authentication. One thing I want is to enter user name and password and
>> then CAS msg logged in.
>>
>> wtorek, 2 marca 2021 o 11:30:16 UTC+1 leleuj napisał(a):
>>
>>> Hi,
>>>
>>> It looks like: *cas.authn.ldap[0].dn-format: '%s@domain'*
>>> Thanks.
>>> Best regards,
>>> Jérôme
>>>
>>>
>>> Le mar. 2 mars 2021 à 10:13, Bartosz Nitkiewicz <[email protected]>
>>> a écrit :
>>>
>>>> Could you please tell me how it should looks like?
>>>>
>>>> wtorek, 2 marca 2021 o 10:09:05 UTC+1 leleuj napisał(a):
>>>>
>>>>> Hi,
>>>>>
>>>>> I checked an AD configuration I have and there is also a
>>>>> *cas.authn.ldap[0].dn-format* property I don't see in your
>>>>> configuration.
>>>>> Thanks.
>>>>> Best regards,
>>>>> Jérôme
>>>>>
>>>>>
>>>>> Le mar. 2 mars 2021 à 10:01, Bartosz Nitkiewicz <[email protected]>
>>>>> a écrit :
>>>>>
>>>>>> Checked. Doesn't work either :(
>>>>>>
>>>>>> wtorek, 2 marca 2021 o 09:57:10 UTC+1 leleuj napisał(a):
>>>>>>
>>>>>>> Hi,
>>>>>>>
>>>>>>> For the AD LDAP, your type property should be AD:
>>>>>>>
>>>>>>> cas.authn.ldap[0].type=AD
>>>>>>>
>>>>>>>
>>>>>>> Thanks.
>>>>>>> Best regards,
>>>>>>> Jérôme
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Le mar. 2 mars 2021 à 09:43, Bartosz Nitkiewicz <
>>>>>>> [email protected]> a écrit :
>>>>>>>
>>>>>>>> Hello.
>>>>>>>> I need your help. I'm trying to use CAS as authentication service
>>>>>>>> for some of my applications. There are user names and passwords stored
>>>>>>>> in
>>>>>>>> AD (LDAP) server. I can't make CAS to authenticate users through LDAP.
>>>>>>>> I
>>>>>>>> have read all documentation an this ML, found some configs and I tried
>>>>>>>> almost everything. Could someone look at my simple cas.properties and
>>>>>>>> tell
>>>>>>>> me if it looks ok?
>>>>>>>>
>>>>>>>> cas.server.name: https://localhost:8443
>>>>>>>> cas.server.prefix: ${cas.server.name}/cas
>>>>>>>>
>>>>>>>> cas.authn.accept.enabled=false
>>>>>>>>
>>>>>>>> cas.authn.policy.any.try-all=false
>>>>>>>> cas.authn.policy.any.enabled=true
>>>>>>>>
>>>>>>>> cas.authn.ldap[0].type=AUTHENTICATED
>>>>>>>> cas.authn.ldap[0].ldap-url=ldaps://ldpadomainname.org
>>>>>>>> cas.authn.ldap[0].base-dn=OU=TEST,dc=test,dc=test,dc=test,dc=org
>>>>>>>> cas.authn.ldap[0].subtree-search=true
>>>>>>>>
>>>>>>>>
>>>>>>>> cas.authn.ldap[0].searchFilter=(&(objectclass=*)(sAMAccountName={user}))
>>>>>>>>
>>>>>>>>
>>>>>>>> cas.authn.ldap[0].bind-dn=cn=testaccount,cn=group,dc=test,dc=test,dc=test,dc=com
>>>>>>>> cas.authn.ldap[0].bind-credential=password
>>>>>>>>
>>>>>>>> cas.authn.ldap[0].keystore=file:/etc/cas/config/thekeystore
>>>>>>>> cas.authn.ldap[0].keystorePassword=asd123456
>>>>>>>> cas.authn.ldap[0].keystoreType=PKCS12
>>>>>>>>
>>>>>>>> ldapsearch form commandline works fine. I can filter LDAP tree to
>>>>>>>> find proper username.
>>>>>>>>
>>>>>>>> Thanks in advance.
>>>>>>>>
>>>>>>>> --
>>>>>>>> - Website: https://apereo.github.io/cas
>>>>>>>> - Gitter Chatroom: https://gitter.im/apereo/cas
>>>>>>>> - List Guidelines: https://goo.gl/1VRrw7
>>>>>>>> - Contributions: https://goo.gl/mh7qDG
>>>>>>>> ---
>>>>>>>> You received this message because you are subscribed to the Google
>>>>>>>> Groups "CAS Community" group.
>>>>>>>> To unsubscribe from this group and stop receiving emails from it,
>>>>>>>> send an email to [email protected].
>>>>>>>> To view this discussion on the web visit
>>>>>>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/88e9b773-d5df-4b8f-ae1e-4b299840d479n%40apereo.org
>>>>>>>>
>>>>>>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/88e9b773-d5df-4b8f-ae1e-4b299840d479n%40apereo.org?utm_medium=email&utm_source=footer>
>>>>>>>> .
>>>>>>>>
>>>>>>>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/89aa2ddb-6bdd-40e8-bafe-1b57a1131f8an%40apereo.org.
