Re: [cas-user] cas-3.5.3-jasig and ldap auth broken

Thu, 25 Jun 2015 06:40:20 -0700 

Le 25/06/2015 11:31, Alberto Cabello Sánchez a écrit :

On Thu, 25 Jun 2015 10:54:34 +0200
Alberto Cabello Sánchez <[email protected]> wrote:


On Wed, 24 Jun 2015 16:08:58 +0200
Jehan Procaccia <[email protected]> wrote:


How can I check / debug ldap request form my cas server ?

You can harvest tons of LDAP related information setting

     <logger name="org.ldaptive">
         <level value="WARN" />
         <appender-ref ref="ldaptive" />
     </logger>

I forgot to add: log levels are DEBUG, INFO, WARN, ERROR and FATAL.
If you get an error, some WARN should be displayed.

Setting level to DEBUG will show LDAP-related detail, including clear-text
usernames and passwords used to bind to LDAP.


thanks for the log4J sample
now I do have logs a startup about the ldap config :
config=[org.ldaptive.ConnectionConfig@871207309::ldapUrl=ldap://ldap5.int.fr, connectTimeout=3000, responseTimeout=-1, sslConfig=[org.ldaptive.ssl.SslConfig@837737117::credentialConfig=[org.ldaptive.ssl.X509CredentialConfig@409226176::trustCertificates=/etc/pki/tls/certs/chain-24387-cas35.int.fr-3-AddTrust_External_CA_Root.pem, authenticationCertificate=null, authenticationKey=null], trustManagers=null, enabledCipherSuites=null, enabledProtocols=null, handshakeCompletedListeners=null], useSSL=false, useStartTLS=false, connectionInitializer=null]], initialized=true, availableCount=3, activeCount=0] 

but when a user logs in, no more ldap related logs :-(
I am afraid that my cas authenticationHandlers ;
<bean id="ldapHandler" class="org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler" lazy-init="true"> 
isn't working properly
is there a full sample doc on how to plug an ldap auth handler for CAS 3.5 !? 
is https://wiki.jasig.org/display/CASUM/LDAP the correct doc for that  ?
I am confused, because I used to use cas-toolbox-3.4.7-1 with it's specific config, then tested cas4 with a /etc/cas/cas.properties, now back on cas 3.5 it is not clear to me how to configure ldap auth . 

Thanks .

--
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Reply via email to