Hi,
I am currently having problem getting attributes from my LDAP.
This is my first CAS installation so probably I am doing something wrong.
I've succesfully configured LDAP authentication with use
of ssl and also configured Service Management with MySQL backend.
Using Service Management console I've added service and allow
it to read specified attributes. Of course I tried to do all that
is written here http://www.ja-sig.org/wiki/display/CASUM/Attributes.
I post my deployerConfigContext.xml and cas.log with exception so maybe
someone can review my configuration and tell me what is wrong.
Cheers
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:tx="http://www.springframework.org/schema/tx";
xmlns:p="http://www.springframework.org/schema/p";
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.0.xsd";>
<bean id="authenticationManager" class="org.jasig.cas.authentication.AuthenticationManagerImpl">
<property name="credentialsToPrincipalResolvers">
<list>
<bean class="org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver">
<property name="credentialsToPrincipalResolver">
<bean class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" />
</property>
<property name="filter" value="(uid=%u)" />
<property name="principalAttributeName" value="uid" />
<property name="searchBase" value="ou=people,dc=pwsz,dc=elblag,dc=pl" />
<property name="contextSource" ref="contextSource" />
<property name="attributeRepository">
<ref bean="attributeRepository" />
</property>
</bean>
<bean class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver"/>
<!--
<bean class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver">
<property name="attributeRepository">
<ref bean="attributeRepository" />
</property>
</bean>
-->
<bean class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver" />
</list>
</property>
<property name="authenticationHandlers">
<list>
<bean class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler">
<property name="httpClient" ref="httpClient" />
</bean>
<bean class="org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler" >
<property name="filter" value="uid=%u,ou=people,dc=pwsz,dc=elblag,dc=pl" />
<property name="contextSource" ref="contextSource" />
</bean>
</list>
</property>
</bean>
<bean id="contextSource" class="org.springframework.ldap.core.support.LdapContextSource">
<property name="pooled" value="true"/>
<property name="urls">
<list>
<value>ldaps://ldap.pwsz.elblag.pl/</value>
</list>
</property>
<property name="userDn" value="cn=system,dc=pwsz,dc=elblag,dc=pl"/>
<property name="password" value="accesspassword"/>
<property name="baseEnvironmentProperties">
<map>
<entry>
<key>
<value>java.naming.security.authentication</value>
</key>
<value>simple</value>
</entry>
</map>
</property>
</bean>
<bean id="userDetailsService" class="org.springframework.security.userdetails.memory.InMemoryDaoImpl">
<property name="userMap">
<value>
a.zaleski=notused,ROLE_ADMIN
</value>
</property>
</bean>
<bean id="attributeRepository" class="org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao">
<property name="contextSource" ref="contextSource" />
<property name="queryAttributeMapping">
<map>
<entry key="username" value="uid" />
</map>
</property>
<property name="resultAttributeMapping">
<map>
<entry key="givenName" value="imie"/>
</map>
</property>
</bean>
<bean id="serviceRegistryDao" class="org.jasig.cas.services.JpaServiceRegistryDaoImpl" p:entityManagerFactory-ref="entityManagerFactory" />
<bean id="entityManagerFactory" class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
<property name="dataSource" ref="dataSource"/>
<property name="jpaVendorAdapter">
<bean class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter">
<property name="generateDdl" value="true"/>
<property name="showSql" value="true" />
</bean>
</property>
<property name="jpaProperties">
<props>
<prop key="hibernate.dialect">org.hibernate.dialect.MySQLDialect</prop>
<prop key="hibernate.hbm2ddl.auto">update</prop>
</props>
</property>
</bean>
<bean id="transactionManager" class="org.springframework.orm.jpa.JpaTransactionManager">
<property name="entityManagerFactory" ref="entityManagerFactory"/>
</bean>
<tx:annotation-driven transaction-manager="transactionManager"/>
<bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource"
p:driverClassName="com.mysql.jdbc.Driver"
p:url="jdbc:mysql://localhost:3306/testdb?autoReconnect=true"
p:password="password"
p:username="user" />
</beans>
2010-01-08 20:35:19,797 INFO
[org.jasig.cas.services.DefaultServicesManagerImpl] - Loaded 2 services.
2010-01-08 20:35:19,894 INFO
[org.jasig.cas.util.AutowiringSchedulerFactoryBean] - Starting Quartz Scheduler
now
2010-01-08 20:35:21,320 INFO
[org.jasig.cas.web.flow.AuthenticationViaFormAction] - FormObjectClass not set.
Using default class of
org.jasig.cas.authentication.principal.UsernamePasswordCredentials with
formObjectName credentials and validator
org.jasig.cas.validation.UsernamePasswordCredentialsValidator.
2010-01-08 20:35:39,214 INFO
[org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - Starting
cleaning of expired tickets from ticket registry at [Fri Jan 08 20:35:39 CET
2010]
2010-01-08 20:35:39,288 INFO
[org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - 0 found
to be removed. Removing now.
2010-01-08 20:35:39,288 INFO
[org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - Finished
cleaning of expired tickets from ticket registry at [Fri Jan 08 20:35:39 CET
2010]
2010-01-08 20:37:19,836 INFO
[org.jasig.cas.services.DefaultServicesManagerImpl] - Reloading registered
services.
2010-01-08 20:37:19,846 INFO
[org.jasig.cas.services.DefaultServicesManagerImpl] - Loaded 2 services.
2010-01-08 20:39:19,835 INFO
[org.jasig.cas.services.DefaultServicesManagerImpl] - Reloading registered
services.
2010-01-08 20:39:19,843 INFO
[org.jasig.cas.services.DefaultServicesManagerImpl] - Loaded 2 services.
2010-01-08 20:41:19,834 INFO
[org.jasig.cas.services.DefaultServicesManagerImpl] - Reloading registered
services.
2010-01-08 20:41:19,847 INFO
[org.jasig.cas.services.DefaultServicesManagerImpl] - Loaded 2 services.
2010-01-08 20:43:19,833 INFO
[org.jasig.cas.services.DefaultServicesManagerImpl] - Reloading registered
services.
2010-01-08 20:43:19,842 INFO
[org.jasig.cas.services.DefaultServicesManagerImpl] - Loaded 2 services.
2010-01-08 20:45:19,834 INFO
[org.jasig.cas.services.DefaultServicesManagerImpl] - Reloading registered
services.
2010-01-08 20:45:19,842 INFO
[org.jasig.cas.services.DefaultServicesManagerImpl] - Loaded 2 services.
2010-01-08 20:47:19,843 INFO
[org.jasig.cas.services.DefaultServicesManagerImpl] - Reloading registered
services.
2010-01-08 20:47:19,851 INFO
[org.jasig.cas.services.DefaultServicesManagerImpl] - Loaded 2 services.
2010-01-08 20:48:48,519 INFO [org.jasig.cas.web.flow.InitialFlowSetupAction] -
Setting path for cookies to: /cas
2010-01-08 20:49:01,941 INFO
[org.jasig.cas.authentication.AuthenticationManagerImpl] -
AuthenticationHandler:
org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler successfully
authenticated the user which provided the following credentials: [username:
a.zaleski]
2010-01-08 20:49:02,270 ERROR
[org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/cas].[cas]] -
Servlet.service() for servlet cas threw exception
javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object];
remaining name ''
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3030)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2951)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2758)
at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1812)
at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1735)
at
com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:368)
at
com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:338)
at
com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:321)
at
javax.naming.directory.InitialDirContext.search(InitialDirContext.java:248)
at
org.springframework.ldap.core.LdapTemplate$4.executeSearch(LdapTemplate.java:253)
at
org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:293)
at
org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:259)
at
org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:571)
at
org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:556)
at
org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao.getPeopleForQuery(LdapPersonAttributeDao.java:187)
at
org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao.getPeopleForQuery(LdapPersonAttributeDao.java:98)
at
org.jasig.services.persondir.support.AbstractQueryPersonAttributeDao.getPeopleWithMultivaluedAttributes(AbstractQueryPersonAttributeDao.java:192)
at
org.jasig.services.persondir.support.AbstractDefaultAttributePersonAttributeDao.getPerson(AbstractDefaultAttributePersonAttributeDao.java:63)
at
org.jasig.services.persondir.support.BasePersonAttributeDao.getMultivaluedUserAttributes(BasePersonAttributeDao.java:54)
at
org.jasig.cas.authentication.principal.AbstractPersonDirectoryCredentialsToPrincipalResolver.resolvePrincipal(AbstractPersonDirectoryCredentialsToPrincipalResolver.java:53)
at
org.jasig.cas.authentication.AuthenticationManagerImpl.authenticateAndObtainPrincipal(AuthenticationManagerImpl.java:109)
at
org.jasig.cas.authentication.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:39)
at
org.jasig.cas.CentralAuthenticationServiceImpl.createTicketGrantingTicket(CentralAuthenticationServiceImpl.java:417)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at
org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at
org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:106)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at
org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:106)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at
org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at $Proxy27.createTicketGrantingTicket(Unknown Source)
at
org.jasig.cas.web.flow.AuthenticationViaFormAction.submit(AuthenticationViaFormAction.java:107)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at
org.springframework.webflow.util.DispatchMethodInvoker.invoke(DispatchMethodInvoker.java:99)
at
org.springframework.webflow.action.MultiAction.doExecute(MultiAction.java:133)
at
org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:192)
at
org.springframework.webflow.engine.AnnotatedAction.execute(AnnotatedAction.java:146)
at
org.springframework.webflow.engine.ActionExecutor.execute(ActionExecutor.java:59)
at
org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:156)
at org.springframework.webflow.engine.State.enter(State.java:191)
at
org.springframework.webflow.engine.Transition.execute(Transition.java:212)
at
org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:107)
at org.springframework.webflow.engine.Flow.onEvent(Flow.java:534)
at
org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent(RequestControlContextImpl.java:205)
at
org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:161)
at org.springframework.webflow.engine.State.enter(State.java:191)
at
org.springframework.webflow.engine.Transition.execute(Transition.java:212)
at
org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:107)
at org.springframework.webflow.engine.Flow.onEvent(Flow.java:534)
at
org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent(RequestControlContextImpl.java:205)
at
org.springframework.webflow.engine.impl.FlowExecutionImpl.signalEvent(FlowExecutionImpl.java:202)
at
org.springframework.webflow.executor.FlowExecutorImpl.resume(FlowExecutorImpl.java:222)
at
org.springframework.webflow.executor.support.FlowRequestHandler.handleFlowRequest(FlowRequestHandler.java:111)
at
org.springframework.webflow.executor.mvc.FlowController.handleRequestInternal(FlowController.java:165)
at
org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153)
at
org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48)
at
org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:875)
at
org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:807)
at
org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:571)
at
org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:511)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:647)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
at
org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
at
org.inspektr.common.web.ClientInfoThreadLocalFilter.doFilterInternal(ClientInfoThreadLocalFilter.java:48)
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:172)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:174)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:200)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:283)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:773)
at
org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:703)
at
org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:895)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:689)
at java.lang.Thread.run(Thread.java:619)
