Rachel, What value do you have in the "principalAttributeName" property of the CredentialsToLDAPAttributePrincipalResolver? Does your LDAP server always send a value for that attribute?
Best regards, -- Carlos. -----Original Message----- From: Bird, Rachel [mailto:[email protected]] Sent: Monday, 21 July, 2014 11:22 To: [email protected] Subject: RE: [cas-user] CAS War Overlay "'principal' cannot be null." Does anyone have any ideas for this? Thanks, Rachel Bird Enterprise Systems Analyst Taylor University 236 West Reade Avenue Upland, Indiana 46989-0001 Office: 765-998-5504 -----Original Message----- From: Rachel [mailto:[email protected]] Sent: Thursday, July 17, 2014 3:42 PM To: [email protected] Subject: [cas-user] CAS War Overlay "'principal' cannot be null." Hello, I'm trying to upgrade from 3.4.10 to 3.5.1 and move to the war overlay method at the same time. I've got it most of the way set up, but when I try add ldap authentication I run into trouble. I've included errors and config information below. Any help would be appreciated. Rachel Bird Enterprise Systems Analyst Taylor University 236 West Reade Avenue Upland, Indiana 46989-0001 Office: 765-998-5504 I'm able to load CAS, but when I try to log in, I get a page with the following error: {"failure":"true","exception.message":"org.springframework.webflow.execution.ActionExecutionException: Exception thrown executing [AnnotatedAction@fd99557 targetAction = [EvaluateAction@15db8ae2 expression = authenticationViaFormAction.submit(flowRequestContext, flowScope.credentials, messageContext), resultExpression = [null]], attributes = map[[empty]]] in state 'realSubmit' of flow 'login' -- action execution attributes were 'map[[empty]]'","exception.stacktrace":"org.springframework.webflow.execution.ActionExecutionException: Exception thrown executing [AnnotatedAction@fd99557 targetAction = [EvaluateAction@15db8ae2 expression = authenticationViaFormAction.submit(flowRequestContext, flowScope.credentials, messageContext), resultExpression = [null]], attributes = map[[empty]]] in state 'realSubmit' of flow 'login' -- action execution attributes were 'map[[empty]]'\r\n\tat org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:60)\r\n\tat org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:101)\r\n\tat [shorted for brevity] At the same time, I get the following in cas-stout: ============================================================= WHO: [username: rachel_bird] WHAT: 'principal' cannot be null. Check the correctness of @Audit annotation at the following audit point: execution(public abstract org.jasig.cas.authentication.Authentication org.jasig.cas.authentication.AuthenticationManager.authenticate(org.jasig.cas.authentication.principal.Credentials)) ACTION: TICKET_GRANTING_TICKET_NOT_CREATED APPLICATION: CAS WHEN: Thu Jul 17 10:33:55 EDT 2014 CLIENT IP ADDRESS: [client IP] SERVER IP ADDRESS: [server IP] ============================================================ Here is what I believe is the relevant portion of my deployerConfigContext: <bean id="authenticationManager" class="org.jasig.cas.authentication.AuthenticationManagerImpl"> <property name="credentialsToPrincipalResolvers"> <list> <bean class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" > <property name="attributeRepository" ref="attributeRepository" /> </bean> <bean class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver" /> </list> </property> <property name="authenticationHandlers"> <list> <bean class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler" p:httpClient-ref="httpClient" /> <bean class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler" p:filter="sAMAccountName=%u" p:searchBase="[OU with distinguished path]" p:contextSource-ref="contextSource" /> </list> </property> </bean> <bean id="contextSource" class="org.springframework.ldap.core.support.LdapContextSource"> <property name="anonymousReadOnly" value="false" /> <property name="password" value="**********" /> <property name="pooled" value="false" /> <property name="urls" value="ldaps://[domain]:636" /> <property name="userDn" value="[CN with distinguished path]" /> <property name="baseEnvironmentProperties"> <map> <entry key="java.naming.security.protocol" value="jndi" /> <entry key="java.naming.security.authentication" value="simple" /> </map> </property> </bean> <bean id="attributeRepository" class="org.jasig.services.persondir.support.StubPersonAttributeDao"> <property name="backingMap"> <map> <entry key="uid" value="uid" /> <entry key="eduPersonAffiliation" value="eduPersonAffiliation" /> <entry key="groupMembership" value="groupMembership" /> </map> </property> </bean> -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user The information in this communication is intended solely for the individual or entity to whom it is addressed. It may contain confidential or legally privileged information. If you are not the intended recipient, any disclosure, copying, distribution or reliance on the contents of this information is strictly prohibited, and may be unlawful. If you have received this communication in error, please notify us immediately by responding to the sender of this email, and then delete it from your system. Taylor University is not liable for the inaccurate or improper transmission of the information contained in this communication or for any delay in its receipt. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
