Ray, In relation to what you said I've made some modifications to "cas.properties" above but still "username/password" incorrect, as far as ldap is concerned I can't find or access the logs for it, and it's case sensitive.
My new cas.properties: as.server.name=http://acsi.cg:8443 cas.server.prefix=${cas.server.name}/cas logging.config=file:/etc/cas/config/log4j2.xml cas.authn.accept.users= ### Connexion LDAP cas.authn.ldap[0].providerClass=org.ldaptive.provider.unboundid.UnboundIDProvid> cas.authn.ldap[0].type=AUTHENTICATED cas.authn.ldap[0].useSsl=false cas.authn.ldap[0].ldapUrl=ldap://acsi.cg:389 cas.authn.ldap[0].baseDn=dc=acsi,dc=cg cas.authn.ldap[0].subtreeSearch=true cas.authn.ldap[0].searchFilter=sAMAccountName={user} # cas.authn.ldap[0].principalAttributeList=cn,givenName,mail # Credential to connect to LDAP cas.authn.ldap[0].bindDn=cn=admin,dc=acsi,dc=cg cas.authn.ldap[0].bindCredential=@Debian453 Le vendredi 26 mai 2023 à 17:44:52 UTC+1, Ray Bon a écrit : > Coeurcy, > > The ldap loggers from my previous email should help with debugging the > problem. > Do you have access to the ldap server logs? > > Is your ldap case sensitive (you have 'dc' and 'DC')? > > Is there a class identifier missing in bind-dn? > > Ray > > On Fri, 2023-05-26 at 02:22 -0700, Coeurcy Mokoko wrote: > > Notice: This message was sent from outside the University of Victoria > email system. Please be cautious with links and sensitive information. > > > Yes, I manage to connect from the command line with the same parameters, > but when I try to authenticate to cas with the same login and password, it > doesn't work! > Le mardi 23 mai 2023 à 18:08:03 UTC+1, Ray Bon a écrit : > > azer, > > Can you connect to your ldap server from the computer running cas using > command line or gui and the same connection parameters? > > Turn up logging for ldap. > > Ray > > P.S. here are some ldap related logs I have used > > > <AsyncLogger name="org.ldaptive" level="${sys:ldap.log.level}" > includeLocation="true" /> > <!-- TODO: investigate: DEBUG 'Operation exception encountered, reopening > connection' --> > <AsyncLogger name="org.ldaptive.AbstractOperation" level="error" > additivity="false" /> > <AsyncLogger > name="org.ldaptive.AbstractOperation$ReopenOperationExceptionHandler" > level="error" > additivity="false" /> > <AsyncLogger name="org.ldaptive.BindOperation" level="warn" > additivity="false" /> > <AsyncLogger name="org.ldaptive.SearchOperation" level="warn" > additivity="false" /> > <AsyncLogger name="org.ldaptive.PooledConnectionFactory" level="warn" > additivity="false" /> > <!-- INFO Authentication failed for dn: ... > DEBUG prints failed log in error reason (among other ldap connection > details) --> > <!-- <AsyncLogger name="org.ldaptive.auth" level="debug" > additivity="false" /> --> > <AsyncLogger name="org.ldaptive.pool.BlockingConnectionPool" level="warn" > additivity="false" /> > <AsyncLogger name="org.ldaptive.ssl.AggregateTrustManager" level="warn" > additivity="false" /> > <AsyncLogger name="org.ldaptive.ssl.DefaultHostnameVerifier" level="warn" > additivity="false" /> > <AsyncLogger name="org.ldaptive.ssl.HostnameVerifyingTrustManager" > level="warn" additivity="false" /> > <AsyncLogger name="org.ldaptive.transport.DefaultSearchOperationHandle" > level="warn" additivity="false" /> > <AsyncLogger name="org.ldaptive.transport.netty.MessageFrameDecoder" > level="warn" additivity="false" /> > <AsyncLogger name="org.ldaptive.transport.netty.NettyConnection" > level="warn" additivity="false" /> > <AsyncLogger > name="org.ldaptive.transport.netty.NettyConnection$BindOperationHandle" > level="warn" additivity="false" /> > <AsyncLogger > name="org.ldaptive.transport.netty.NettyConnection$RequestEncoder" > level="warn" additivity="false" /> > > On Sat, 2023-05-20 at 07:54 -0700, azer tyuiop wrote: > > Notice: This message was sent from outside the University of Victoria > email system. Please be cautious with links and sensitive information. > > > Hello, how to connect CAS to LDAP > > I implemented openLdap to install CAS then I created the file > cas.properties in cas-overlay-template/etc/cas/config/ > > Because in this folder after the installation of CAS I did not find the > file "cas.properties" which should normally be in the folder > cas-overlay-template/etc/cas/config > > I recompiled and then deployed in cas but I still have this error attached. > > Here are the contents of the "cas.properties" file I created in > cas-overlay-template/etc/cas/config: > > cas.server.name=http://acsi.cg:8443 > cas.server.prefix=${cas.server.name}/cas > logging.config: file:/etc/cas/config/log4j2.xml > > > cas.authn.accept.users= > ### LDAP connection > > #cas.authn.ldap\[0\].providerClass=org.ldaptive.provider.unboundid.UnboundIDPro> > cas.authn.ldap[0].type=AUTHENTICATED > #cas.authn.ldap\[0\].useSsl=false > cas.authn.ldap[0].ldap-url=ldap://acsi.cg:389 > cas.authn.ldap[0].base-dn= subtreeA,dc=acsi,dc=cg|subtreeC,dc=acsi,dc=cg > cas.authn.ldap[0].password-encoder.type=NONE > cas.authn.ldap[0].search-filter={user} > #cas.authn.ldap\[0].subtreeSearch=true > #cas.authn.ldap\[0].principalAttributeList=cn,givenName,mail > > > ### Credential to connect to LDAP > cas.authn.ldap[0].bind-dn=admincas,CN=admincas,DC= acsi,DC=cg > cas.authn.ldap[0].bind-credential=@Debian453 > > > As a reminder, I use: > openLdap, ldap account manager, jdk-17, tomcat 10 and cas-overlay-template > 6.6.7 > > > I'm looking forward to your help, thanks in advance! > > > [image: cas ....png] > > > > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/b6aa2395-8e60-47d4-920e-4f4ef998edbfn%40apereo.org.
