We are testing out CAS; so far I have successfully installed 3.5.2 and
configured it to authenticate against our LDAP directory.
By updating the sec:user-service configuration to include my username, I
am able to access the service management application. However, I would
like to configure it to do authorization based on LDAP group membership,
not statically listed usernames.
Following the guide at:
https://wiki.jasig.org/display/CASUM/Configuring
I replaced sec:user-service with sec:ldap-server and
<sec:ldap-user-service, however that failed:
org.springframework.beans.factory.BeanCreationException: Error creating
bean with name 'scheduler' define
d in ServletContext resource
[/WEB-INF/spring-configuration/applicationContext.xml]: Invocation of init m
ethod failed; nested exception is
org.springframework.beans.factory.CannotLoadBeanClassException: Cannot
find class
[org.springframework.security.ldap.DefaultSpringSecurityContextSource]
for bean with name 'ldapServer' defined in null; nested exception is
java.lang.ClassNotFoundException: org.springframework.secur
ity.ldap.DefaultSpringSecurityContextSource
I determined I needed to add a dependency on spring-security-ldap, so I
updated my pom.xml:
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-ldap</artifactId>
<version>3.1.4.RELEASE</version>
</dependency>
and rebuilt, resulting in:
java.lang.NoSuchMethodError:
org.springframework.web.context.support.XmlWebApplicationContext.getEnvironm
ent()Lorg/springframework/core/env/ConfigurableEnvironment;
After beating my head against the wall for a while, I figured out that
somehow adding this dependency resulted in multiple versions of some
jars ending up in the war maven created:
WEB-INF/lib/spring-aop-3.0.7.RELEASE.jar
WEB-INF/lib/spring-aop-3.1.1.RELEASE.jar
WEB-INF/lib/spring-asm-3.0.7.RELEASE.jar
WEB-INF/lib/spring-asm-3.1.1.RELEASE.jar
WEB-INF/lib/spring-beans-3.0.7.RELEASE.jar
WEB-INF/lib/spring-beans-3.1.1.RELEASE.jar
WEB-INF/lib/spring-context-3.0.7.RELEASE.jar
WEB-INF/lib/spring-context-3.1.1.RELEASE.jar
WEB-INF/lib/spring-core-3.0.7.RELEASE.jar
WEB-INF/lib/spring-core-3.1.1.RELEASE.jar
WEB-INF/lib/spring-security-core-3.1.0.RELEASE.jar
WEB-INF/lib/spring-security-core-3.1.4.RELEASE.jar
WEB-INF/lib/spring-tx-3.0.7.RELEASE.jar
WEB-INF/lib/spring-tx-3.1.1.RELEASE.jar
I tried changing the version from 3.1.4.RELEASE to 3.1.0.RELEASE to
match the version of spring-security-core that I guess cas depends on,
which got rid of the duplicated spring-security-core jar but still left
duplicates:
WEB-INF/lib/spring-aop-3.0.6.RELEASE.jar
WEB-INF/lib/spring-aop-3.1.1.RELEASE.jar
WEB-INF/lib/spring-asm-3.0.6.RELEASE.jar
WEB-INF/lib/spring-asm-3.1.1.RELEASE.jar
WEB-INF/lib/spring-beans-3.0.6.RELEASE.jar
WEB-INF/lib/spring-beans-3.1.1.RELEASE.jar
WEB-INF/lib/spring-context-3.0.6.RELEASE.jar
WEB-INF/lib/spring-context-3.1.1.RELEASE.jar
WEB-INF/lib/spring-core-3.0.6.RELEASE.jar
WEB-INF/lib/spring-core-3.1.1.RELEASE.jar
If I remove the dependency on spring-security-ldap, there are no
duplicated spring jars.
What am I doing wrong here? java gives me a headache <sigh>.
Thanks much…
--
Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/
Operating Systems and Network Analyst | [email protected]
California State Polytechnic University | Pomona CA 91768
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
