I keep a copy of the cas project locally. I use it to search for properties, log messages and classes.
$ grep -rln cifsServicePrincipal # leave out the first letter since it may be lower or upper case in files api/cas-server-core-api-configuration-model/src/main/java/org/apereo/cas/configuration/model/support/spnego/SpnegoAuthenticationProperties.java support/cas-server-support-spnego/src/test/java/org/apereo/cas/support/spnego/authentication/handler/support/JcifsConfigTests.java support/cas-server-support-spnego/src/main/java/org/apereo/cas/config/SpnegoConfiguration.java support/cas-server-support-spnego/src/main/java/org/apereo/cas/support/spnego/authentication/handler/support/JcifsConfig.java The first hit has the property you were asking about. You can then open that file locally or on github to see what other properties are at that level. The next search you can perform going up the property hierarchy, $ grep -rln SpnegoAuthenticationProperties api/cas-server-core-api-configuration-model/src/main/java/org/apereo/cas/configuration/model/support/spnego/SpnegoProperties.java api/cas-server-core-api-configuration-model/src/main/java/org/apereo/cas/configuration/model/support/spnego/SpnegoAuthenticationProperties.java The first one has the properties field and it is a list. The properties are in cascading classes, the top one being CasConfigurationProperties, https://github.com/apereo/cas/blob/6.4.x/api/cas-server-core-api-configuration-model/src/main/java/org/apereo/cas/configuration/CasConfigurationProperties.java You may need to turn on debug logging to see which properties are identified as incorrect. There might be a way to tell spring to fail if a property is incorrect. Ray On Fri, 2022-02-18 at 09:06 +0100, spfma.t...@e.mail.fr wrote: Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information. Hi, Thank you very much for your help ! Even if it is still not working, I see in the logfiles that the parameter is now taken recognized. So it's confusing when there is no error but the parameter is still ignored ! Here is what I have, it looks like all the config blocks I have seen coming from previous versions :: cas.authn.spnego.supportedBrowsers=MSIE,Trident,Firefox,AppleWebKit, curl cas.authn.spnego.system.login-conf=file:///etc/jaas.conf cas.authn.spnego.system.kerberos-conf=file:/etc/krb5.conf cas.authn.spnego.system.kerberos-realm=MY_REALM cas.authn.spnego.system.kerberos-kdc=krb-master.my.domain cas.authn.spnego.properties[0].jcifs-service-principal=HTTP/ssodev.my.domain@MY_REALM cas.authn.spnego.system.kerberos-debug=true cas.authn.spnego.mixed-mode-authentication=true cas.authn.spnego.send401OnAuthenticationFailure=false cas.authn.spnego.ips-to-check-pattern=.+ cas.authn.spnego.ntlm-allowed=true cas.authn.spnego.ntlm=false cas.authn.spnego.spnego-attribute-name=sAMAccountName cas.authn.spnego.ldap.base-dn: dc=my,dc=domain cas.authn.spnego.ldap.bind-credential: PASS cas.authn.spnego.ldap.bind-dn: cn=casldap,dc=my,dc=fr cas.authn.spnego.ldap.ldap-url: ldaps://ldap.my.domain:636 cas.authn.spnego.ldap.search-filter: (uid={user}) So maybe my other SPNEGO and CIFS properties need to be adjusted too ? Regards Le 18-Feb-2022 06:53:17 +0100, r...@uvic.ca a écrit: Use the kabob case version (it is the new format). 'properties' is an array. cas.authn.spnego.properties[0].jcifs-service-principal Ray On Thu, 2022-02-17 at 12:43 +0100, spfma.t...@e.mail.fr wrote: Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information. Hi, Is there a global reference for all available configuration properties, with some description ? While trying to configure SPNEGO, the documentation mentions "Make sure you have at least specified the JCIFS Service Principal in the CAS configuration". But how can I do that ? I have found examples with "cas.authn.spnego.properties.jcifs-service-principal" or "cas.authn.spnego.jcifsServicePrincipal" but all these syntaxes are rejected. Their references have links to Jasig website, so I guess I need something more recent :-) But I was not able to find anything so far. Regards ________________________________ FreeMail powered by mail.fr<https://mail.fr> -- Ray Bon Programmer Analyst Development Services, University Systems 2507218831 | CLE 019 | r...@uvic.ca<mailto:r...@uvic.ca> I acknowledge and respect the lək̓ʷəŋən peoples on whose traditional territory the university stands, and the Songhees, Esquimalt and WSÁNEĆ peoples whose historical relationships with the land continue to this day. ________________________________ FreeMail powered by mail.fr<https://mail.fr> -- Ray Bon Programmer Analyst Development Services, University Systems 2507218831 | CLE 019 | r...@uvic.ca<mailto:r...@uvic.ca> I acknowledge and respect the lək̓ʷəŋən peoples on whose traditional territory the university stands, and the Songhees, Esquimalt and WSÁNEĆ peoples whose historical relationships with the land continue to this day. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/7d998105857a2691b4dd72a1be3045e8d91df5e9.camel%40uvic.ca.