Re:[cas-user] 3.4.9 upgrade possibly not compatible with 3.4.8 BindLdapAuthenticationHandler config

Mon, 08 Aug 2011 18:18:39 -0700 

Looks like a new searchContext property needs to be set on
BindLdapAuthenticationHandler if your using that and want to upgrade
to 3.4.9.  I realize I'm a little ahead of the release announcement,
so perhaps a note about this was going to be included there.  In any
case this config seems to be working:

                <bean
class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler" >
                    <property name="contextSource" ref="contextSource" />
                    <property name="searchContextSource" ref="contextSource" />
                    <property name="searchBase" value="${ldap.searchBase}" />
                    <property name="filter" value="sAMAccountName=%u" />
                    <property name="ignorePartialResultException" value="yes" />
                </bean>

Best,
Bill


On Mon, Aug 8, 2011 at 8:36 PM, William G. Thompson, Jr.
<[email protected]> wrote:
> Folks,
>
> I've been working on CAS 3.4.8 Maven Overlay build for a few weeks
> with a BindLdapAuthenticationHandler configured in
> deployerConfigContext.xml and working well against AD.  I'd like to
> move to 3.4.9 as I'm running into the the Inspectr issue that was
> resolved and also looking at taking advantage of the new potentially
> pool searchContext.
>
> Anyhow...I rev'd the pom to 3.4.9, mvn package, and made no other
> changes.  Now I'm getting the following error:
>
> The Spring ContextLoaderListener we wrap threw on contextInitialized.
> But for our having caught this error, the web application context
> would not have initialized.>
> org.springframework.beans.factory.BeanCreationException: Error
> creating bean with name 'centralAuthenticationService' defined in
> ServletContext resource
> [/WEB-INF/spring-configuration/applicationContext.xml]: Cannot resolve
> reference to bean 'authenticationManager' while setting bean property
> 'authenticationManager'; nested exception is
> org.springframework.beans.factory.BeanCreationException: Error
> creating bean with name 'authenticationManager' defined in
> ServletContext resource [/WEB-INF/deployerConfigContext.xml]: Cannot
> create inner bean
> 'org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler#df1cbf6' of
> type [org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler] while
> setting bean property 'authenticationHandlers' with key [1]; nested
> exception is org.springframework.beans.factory.BeanCreationException:
> Error creating bean with name
> 'org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler#df1cbf6'
> defined in ServletContext resource
> [/WEB-INF/deployerConfigContext.xml]: Initialization of bean failed;
> nested exception is
> org.springframework.beans.factory.BeanInitializationException: Bean
> state is invalid: ldapTemplate - may not be null
>        at 
> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:328)
>        at 
> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:106)
>        at 
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1325)
>        at 
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1086)
>        at 
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:517)
>        at 
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
>        at 
> org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:291)
>        at 
> org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
>        at 
> org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:288)
>        at 
> org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:190)
>        at 
> org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:580)
>        at 
> org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:895)
>        at 
> org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:425)
>        at 
> org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:276)
>
> It looks like the ldapTemplate ought to be created by
> AbstractLdapUsernamePasswordAuthenticationHandler in
> afterPropertiesSet(), so I'm not sure why I'm getting this
> BeanInitializationException: Bean state is invalid: ldapTemplate - may
> not be null.
>
> deployConfigContext.xml looks like this:
> in AuthN Handlers:
> <bean class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler" >
>    <property name="contextSource" ref="contextSource" />
>    <property name="searchBase" value="${ldap.searchBase}" />
>    <property name="filter" value="sAMAccountName=%u" />
>    <property name="ignorePartialResultException" value="yes" />
>  </bean>
>
>
>   <!-- LdapContextSource used by BindLdapAuthenticationHandler for
> primary authentication -->
>    <bean id="contextSource"
> class="org.springframework.ldap.core.support.LdapContextSource">
>
>        <!-- pooled should always be set to false for contexts used
> for authentication. -->
>        <property name="pooled" value="false"/>
>        <property name="urls">
>            <!-- Authenticate requests should be over SSL to protect
> the users credentials. -->
>            <list>
>                <value>${ldap.url.1}</value>
>                <value>${ldap.url.2}</value>
>            </list>
>        </property>
>        <property name="userDn" value="${ldap.cas.dn}"/>
>        <property name="password" value="${ldap.cas.password}"/>
>        <property name="baseEnvironmentProperties">
>            <map>
>                <entry key="java.naming.security.authentication"
> value="simple" />
>                <!--
>                   Consider ldap timeout settings for speeding up ldap
> client failover if you have
>                   multiple LDAP directories.
>                   Set the LDAP connect and read timeout(in ms) for
> the java ldap class
>                   See
> http://java.sun.com/products/jndi/tutorial/ldap/connect/create.html
>                <entry key="com.sun.jndi.ldap.connect.timeout" value="2000" />
>                <entry key="com.sun.jndi.ldap.read.timeout" value="2000" />
>                -->
>            </map>
>        </property>
>    </bean>
>
> Did the LDAP config change in anyway for 3.4.9?   Any clues?
>
> Thanks,
> Bill
>

-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Reply via email to