Bonjour @jérémie
j'ai vu que tu as pu avancer avec LDAP je suis étudiant et je suis entrain
d'intégrer l'authentification par CAS pour Moodle mais à chaque fois j'ai
cette erreur Application non autorisée à utiliser CAS
j'ai ajouté la dependence json sur le fichier build.gradle
cas.properties aussi j'ai ajouté
cas.service-registry.json.location= file:/etc/cas/services
et j'ai créé un fichier .json
pourrais tu m'aider please
Le mardi 23 mars 2021 à 11:34:27 UTC, Jérémie Pilette a écrit :
> Hi,
> I have found the problem.
> It was an ACL problem. I had a rule which blocked the access. I have fixed
> it and now all is correct.
>
> Thank you for your helps Bartosz Nitkiewicz and Ray Bon.
>
> Jérémie
>
> Le lundi 22 mars 2021 à 18:49:12 UTC+1, Jérémie Pilette a écrit :
>
>> Bartosz Nitkiewicz
>> I am using AJP connection between Apache2 and tomcat9.
>> Apache 2 is the front with TLS connetion.
>>
>> Le lundi 22 mars 2021 à 17:09:55 UTC+1, Bartosz Nitkiewicz a écrit :
>>
>>> Shouldn't you add keystore for SSL/TLS authentication?
>>> like:
>>>
>>> cas.authn.ldap[0].keystore=file:/etc/cas/config/keystore.jks
>>> cas.authn.ldap[0].keystorePassword=password
>>> cas.authn.ldap[0].keystoreType=PKCS12
>>>
>>> You should add your signed certificate to main JAVA keystore
>>> poniedziałek, 22 marca 2021 o 16:57:38 UTC+1 Jérémie Pilette napisał(a):
>>>
>>>> Yes I am using Start-tls
>>>> cas.authn.ldap[0].use-start-tls=true
>>>>
>>>> Le lundi 22 mars 2021 à 16:53:36 UTC+1, Bartosz Nitkiewicz a écrit :
>>>>
>>>>> Maybe your LDAP server have to be authenticated through SSL/TLS
>>>>> (LDAPS)?
>>>>>
>>>>> poniedziałek, 22 marca 2021 o 16:25:41 UTC+1 Jérémie Pilette
>>>>> napisał(a):
>>>>>
>>>>>> It seems to be Invalid Credential for the user.. I don't know why..
>>>>>> Le lundi 22 mars 2021 à 16:21:48 UTC+1, Jérémie Pilette a écrit :
>>>>>>
>>>>>>> It doesn't change anything with this two lines added ... :o(
>>>>>>>
>>>>>>> Le lundi 22 mars 2021 à 16:17:58 UTC+1, Bartosz Nitkiewicz a écrit :
>>>>>>>
>>>>>>>> implementation is ok
>>>>>>>>
>>>>>>>> Try to add
>>>>>>>> cas.authn.ldap[0].name=adYourName
>>>>>>>> cas.authn.ldap[0].order=0
>>>>>>>>
>>>>>>>> poniedziałek, 22 marca 2021 o 16:13:17 UTC+1 Jérémie Pilette
>>>>>>>> napisał(a):
>>>>>>>>
>>>>>>>>>
>>>>>>>>> Yes I have :
>>>>>>>>> compile
>>>>>>>>> "org.apereo.cas:cas-server-support-ldap:${project.'cas.version'}"
>>>>>>>>>
>>>>>>>>> But i have seen that instead of "compile" we can put
>>>>>>>>> "implementation".
>>>>>>>>> I do not know which one we have to use
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Le lundi 22 mars 2021 à 16:07:48 UTC+1, Bartosz Nitkiewicz a
>>>>>>>>> écrit :
>>>>>>>>>
>>>>>>>>>> Hi,
>>>>>>>>>> Did you build ldap dependency into your CAS server?
>>>>>>>>>> You should add
>>>>>>>>>> org.apereo.cas:cas-server-support-ldap:${casServerVersion} in
>>>>>>>>>> build.graddle
>>>>>>>>>> and rebuild CAS app.
>>>>>>>>>> Regards,
>>>>>>>>>> BN
>>>>>>>>>>
>>>>>>>>>> poniedziałek, 22 marca 2021 o 15:50:04 UTC+1 Jérémie Pilette
>>>>>>>>>> napisał(a):
>>>>>>>>>>
>>>>>>>>>>> Here my cas.properties
>>>>>>>>>>>
>>>>>>>>>>> ***********
>>>>>>>>>>> cas.server.name=https://xxxxx.xxxxx.fr
>>>>>>>>>>> cas.server.prefix=${cas.server.name}/cas
>>>>>>>>>>>
>>>>>>>>>>> logging.config=file:/etc/cas/config/log4j2.xml
>>>>>>>>>>>
>>>>>>>>>>> cas.service-registry.json.location=file:/etc/cas/services
>>>>>>>>>>>
>>>>>>>>>>> cas.authn.ldap[0].principal-attribute-list=cn,givenName,sn
>>>>>>>>>>>
>>>>>>>>>>> # cas.authn.ldap[0].collect-dn-attribute=false
>>>>>>>>>>> # cas.authn.ldap[0].principal-dn-attribute-name=
>>>>>>>>>>> #
>>>>>>>>>>> cas.authn.ldap[0].allow-multiple-principal-attribute-values=true
>>>>>>>>>>> # cas.authn.ldap[0].allow-missing-principal-attribute-value=true
>>>>>>>>>>> # cas.authn.ldap[0].credential-criteria=
>>>>>>>>>>>
>>>>>>>>>>> cas.authn.ldap[0].ldap-url=ldap://xxx.yyyy.com
>>>>>>>>>>> cas.authn.ldap[0].bind-dn=userdn
>>>>>>>>>>> cas.authn.ldap[0].bind-credential=pwd
>>>>>>>>>>>
>>>>>>>>>>> cas.authn.ldap[0].base-dn=my_base_dn
>>>>>>>>>>> cas.authn.ldap[0].subtree-search=true
>>>>>>>>>>> cas.authn.ldap[0].search-filter=my_filter
>>>>>>>>>>> cas.authn.ldap[0].page-size=0
>>>>>>>>>>>
>>>>>>>>>>> cas.authn.ldap[0].principal-attribute-password=userPassword
>>>>>>>>>>>
>>>>>>>>>>> cas.authn.ldap[0].min-pool-size=3
>>>>>>>>>>> cas.authn.ldap[0].max-pool-size=10
>>>>>>>>>>> cas.authn.ldap[0].validate-on-checkout=true
>>>>>>>>>>> cas.authn.ldap[0].validate-periodically=true
>>>>>>>>>>> cas.authn.ldap[0].validate-period=PT5M
>>>>>>>>>>> cas.authn.ldap[0].validate-timeout=PT5S
>>>>>>>>>>> cas.authn.ldap[0].fail-fast=false
>>>>>>>>>>> cas.authn.ldap[0].idle-time=PT10M
>>>>>>>>>>> cas.authn.ldap[0].prune-period=PT2H
>>>>>>>>>>> cas.authn.ldap[0].block-wait-time=PT3S
>>>>>>>>>>> cas.authn.ldap[0].use-start-tls=true
>>>>>>>>>>> cas.authn.ldap[0].response-timeout=PT5S
>>>>>>>>>>> *******************
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Le lundi 22 mars 2021 à 15:37:56 UTC+1, Jérémie Pilette a écrit :
>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> Hi,
>>>>>>>>>>>> I have just install the CAS server version 6.4 and made my LDAP
>>>>>>>>>>>> configuration.
>>>>>>>>>>>> Impossible for users to authenticate.
>>>>>>>>>>>> Maybe I forget something... I do not know what...
>>>>>>>>>>>>
>>>>>>>>>>>> Do you have an idea please ?
>>>>>>>>>>>>
>>>>>>>>>>>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/a15abbab-29b9-477c-82bc-d03931177d97n%40apereo.org.
