Hi again, After trying different combinations, it seems the directives in my previous post are correct : 2022-02-18 11:34:14,522 DEBUG [org.apereo.cas.support.spnego.authentication.handler.support.JcifsConfig] - 2022-02-18 11:34:14,526 DEBUG [org.apereo.cas.support.spnego.authentication.handler.support.JcifsConfig] - 2022-02-18 11:34:14,526 DEBUG [org.apereo.cas.support.spnego.authentication.handler.support.JcifsConfig] - 2022-02-18 11:34:14,527 DEBUG [org.apereo.cas.support.spnego.authentication.handler.support.JcifsConfig] - 2022-02-18 11:34:14,527 DEBUG [org.apereo.cas.support.spnego.authentication.handler.support.JcifsConfig] - 2022-02-18 11:34:14,527 DEBUG [org.apereo.cas.support.spnego.authentication.handler.support.JcifsConfig] - 2022-02-18 11:34:14,527 DEBUG [org.apereo.cas.support.spnego.authentication.handler.support.JcifsConfig] - 2022-02-18 11:34:14,527 DEBUG [org.apereo.cas.support.spnego.authentication.handler.support.JcifsConfig] - 2022-02-18 11:34:14,528 DEBUG [org.apereo.cas.support.spnego.authentication.handler.support.JcifsConfig] - 2022-02-18 11:34:14,528 DEBUG [org.apereo.cas.support.spnego.authentication.handler.support.JcifsConfig] - 2022-02-18 11:34:14,528 DEBUG [org.apereo.cas.support.spnego.authentication.handler.support.JcifsConfig] - Do this " " suggests a problem ? I read the source of " cas/support/cas-server-support-spnego/src/main/java/org/apereo/cas/support/spnego/authentication/handler/support/JcifsConfig.java " and it seems the "null" value is due to "java.security.auth.login.config" not being set, but the configuration is loaded from the path specified by "cas.authn.spnego.system.login-conf". The value is not updated so it remains null. A I right ? Regards
Le 18-Feb-2022 09:08:12 +0100, [email protected] a crit: Hi, Thank you very much for your help ! Even if it is still not working, I see in the logfiles that the parameter is now taken recognized. So it's confusing when there is no error but the parameter is still ignored ! Here is what I have, it looks like all the config blocks I have seen coming from previous versions :: cas.authn.spnego.supportedBrowsers=MSIE,Trident,Firefox,AppleWebKit, curl cas.authn.spnego.system.login-conf=file:///etc/jaas.conf cas.authn.spnego.system.kerberos-conf=file:/etc/krb5.conf cas.authn.spnego.system.kerberos-realm=MY_REALM cas.authn.spnego.system.kerberos-kdc=krb-master.my.domain cas.authn.spnego.properties[0].jcifs-service-principal=HTTP/ssodev.my.domain@MY_REALM cas.authn.spnego.system.kerberos-debug=true cas.authn.spnego.mixed-mode-authentication=true cas.authn.spnego.send401OnAuthenticationFailure=false cas.authn.spnego.ips-to-check-pattern=.+ cas.authn.spnego.ntlm-allowed=true cas.authn.spnego.ntlm=false cas.authn.spnego.spnego-attribute-name=sAMAccountName cas.authn.spnego.ldap.base-dn: dc=my,dc=domain cas.authn.spnego.ldap.bind-credential: PASS cas.authn.spnego.ldap.bind-dn: cn=casldap,dc=my,dc=fr cas.authn.spnego.ldap.ldap-url: ldaps://ldap.my.domain:636 cas.authn.spnego.ldap.search-filter: (uid={user}) So maybe my other SPNEGO and CIFS properties need to be adjusted too ? Regards Le 18-Feb-2022 06:53:17 +0100, [email protected] a crit: Use the kabob case version (it is the new format). 'properties' is an array. cas.authn.spnego.properties[0].jcifs-service-principal Ray On Thu, 2022-02-17 at 12:43 +0100, [email protected] wrote: Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information. Hi, Is there a global reference for all available configuration properties, with some description ? While trying to configure SPNEGO, the documentation mentions "Make sure you have at least specified the JCIFS Service Principal in the CAS configuration". But how can I do that ? I have found examples with "cas.authn.spnego.properties.jcifs-service-principal" or "cas.authn.spnego.jcifsServicePrincipal" but all these syntaxes are rejected. Their references have links to Jasig website, so I guess I need something more recent :-) But I was not able to find anything so far. Regards ------------------------------------------------------------------------------------------------- FreeMail powered by mail.fr -- Ray Bon Programmer Analyst Development Services, University Systems 2507218831 | CLE 019 | [email protected] I acknowledge and respect the lək̓ʷəŋən peoples on whose traditional territory the university stands, and the Songhees, Esquimalt and WSNEĆ peoples whose historical relationships with the land continue to this day. ------------------------------------------------------------------------------------------------- FreeMail powered by mail.fr -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/20220218080612.9D883C0099%40smtp04.mail.de. ------------------------------------------------------------------------------------------------- FreeMail powered by mail.fr -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/20220218110215.A8EEAC0099%40smtp04.mail.de.
