Re: [cas-user] Cas and ldap connexion

Fri, 26 May 2023 09:44:53 -0700 

Coeurcy,

The ldap loggers from my previous email should help with debugging the problem.
Do you have access to the ldap server logs?

Is your ldap case sensitive (you have 'dc' and 'DC')?

Is there a class identifier missing in bind-dn?

Ray

On Fri, 2023-05-26 at 02:22 -0700, Coeurcy Mokoko wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.


Yes, I manage to connect from the command line with the same parameters, but 
when I try to authenticate to cas with the same login and password, it doesn't 
work!
Le mardi 23 mai 2023 à 18:08:03 UTC+1, Ray Bon a écrit :
azer,

Can you connect to your ldap server from the computer running cas using command 
line or gui and the same connection parameters?

Turn up logging for ldap.

Ray

P.S. here are some ldap related logs I have used


<AsyncLogger name="org.ldaptive" level="${sys:ldap.log.level}" 
includeLocation="true" />
<!-- TODO: investigate: DEBUG 'Operation exception encountered, reopening 
connection' -->
<AsyncLogger name="org.ldaptive.AbstractOperation" level="error" 
additivity="false" />
<AsyncLogger 
name="org.ldaptive.AbstractOperation$ReopenOperationExceptionHandler" 
level="error"
additivity="false" />
<AsyncLogger name="org.ldaptive.BindOperation" level="warn" additivity="false" 
/>
<AsyncLogger name="org.ldaptive.SearchOperation" level="warn" 
additivity="false" />
<AsyncLogger name="org.ldaptive.PooledConnectionFactory" level="warn" 
additivity="false" />
<!-- INFO Authentication failed for dn: ...
DEBUG prints failed log in error reason (among other ldap connection details) 
-->
<!-- <AsyncLogger name="org.ldaptive.auth" level="debug" additivity="false" /> 
-->
<AsyncLogger name="org.ldaptive.pool.BlockingConnectionPool" level="warn" 
additivity="false" />
<AsyncLogger name="org.ldaptive.ssl.AggregateTrustManager" level="warn" 
additivity="false" />
<AsyncLogger name="org.ldaptive.ssl.DefaultHostnameVerifier" level="warn" 
additivity="false" />
<AsyncLogger name="org.ldaptive.ssl.HostnameVerifyingTrustManager" level="warn" 
additivity="false" />
<AsyncLogger name="org.ldaptive.transport.DefaultSearchOperationHandle" 
level="warn" additivity="false" />
<AsyncLogger name="org.ldaptive.transport.netty.MessageFrameDecoder" 
level="warn" additivity="false" />
<AsyncLogger name="org.ldaptive.transport.netty.NettyConnection" level="warn" 
additivity="false" />
<AsyncLogger 
name="org.ldaptive.transport.netty.NettyConnection$BindOperationHandle" 
level="warn" additivity="false" />
<AsyncLogger name="org.ldaptive.transport.netty.NettyConnection$RequestEncoder" 
level="warn" additivity="false" />

On Sat, 2023-05-20 at 07:54 -0700, azer tyuiop wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

Hello, how to connect CAS to LDAP

I implemented openLdap to install CAS then I created the file cas.properties in 
cas-overlay-template/etc/cas/config/

Because in this folder after the installation of CAS I did not find the file 
"cas.properties" which should normally be in the folder 
cas-overlay-template/etc/cas/config

I recompiled and then deployed in cas but I still have this error attached.

Here are the contents of the "cas.properties" file I created in 
cas-overlay-template/etc/cas/config:

  cas.server.name<http://cas.server.name>=http://acsi.cg:8443
cas.server.prefix=${cas.server.name<http://cas.server.name>}/cas
logging.config: file:/etc/cas/config/log4j2.xml


cas.authn.accept.users=
### LDAP connection
#cas.authn.ldap\[0\].providerClass=org.ldaptive.provider.unboundid.UnboundIDPro>
cas.authn.ldap[0].type=AUTHENTICATED
#cas.authn.ldap\[0\].useSsl=false
cas.authn.ldap[0].ldap-url=ldap://acsi.cg:389<http://acsi.cg:389>
cas.authn.ldap[0].base-dn= subtreeA,dc=acsi,dc=cg|subtreeC,dc=acsi,dc=cg
cas.authn.ldap[0].password-encoder.type=NONE
cas.authn.ldap[0].search-filter={user}
#cas.authn.ldap\[0].subtreeSearch=true
#cas.authn.ldap\[0].principalAttributeList=cn,givenName,mail


### Credential to connect to LDAP
cas.authn.ldap[0].bind-dn=admincas,CN=admincas,DC= acsi,DC=cg
cas.authn.ldap[0].bind-credential=@Debian453


As a reminder, I use:
openLdap, ldap account manager, jdk-17, tomcat 10 and cas-overlay-template 6.6.7


I'm looking forward to your help, thanks in advance!


[cas ....png]


-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/34a6fe25b1c3317877d57838bb4c7d33ddd24e0a.camel%40uvic.ca.

Reply via email to