You'll need to look into your container/CAS logs to figure out why authentication is failing.
> -----Original Message----- > From: Karlos [mailto:[email protected]] > Sent: Thursday, August 13, 2015 5:34 AM > To: [email protected] > Subject: [cas-user] Cas 3.5.2.1 and ldap WHAT: 'principal' cannot be null. > > Hello, > our department are evaluating CAS to implement in a government institution > that has openldap to authenticate. > > When I try to authenticate get the error: > > *WHO: [username: ext-clorrey] > WHAT: 'principal' cannot be null. > Check the correctness of @Audit annotation at the following audit point: > execution(public abstract org.jasig.cas.authentication.Authentication > org.jasig.cas.authentication.AuthenticationManager.authenticate(org.jasig. > cas.authentication.principal.Credentials)) > ACTION: TICKET_GRANTING_TICKET_NOT_CREATED > APPLICATION: CAS > WHEN: Thu Jul 23 13:40:32 WEST 2015 > CLIENT IP ADDRESS: 10.139.108.83 > SERVER IP ADDRESS: 10.139.108.167 > =============================================================* > > *The deployerConfigContext.xml is.* > > <bean id="authenticationManager" > > class="org.jasig.cas.authentication.AuthenticationManagerImpl"> > > <property name="credentialsToPrincipalResolvers"> > <list> > <bean > class="org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePr > incipalResolver"> > <property > name="credentialsToPrincipalResolver"> > <bean > class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsT > oPrincipalResolver" > /> > </property> > <property name="filter" > value="(uid=%u)" > /> > <property > name="principalAttributeName" > value="uid" /> > <property name="searchBase" > value="o=metadirectorio" /> > <property name="contextSource" > ref="contextSource" /> > <property name="attributeRepository" > ref="attributeRepository" /> > </bean> > > <bean > > class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsT > oPrincipalResolver" > /> > </list> > </property> > > > <property name="authenticationHandlers"> > <list> > > <bean > class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCreden > tialsAuthenticationHandler" > p:httpClient-ref="httpClient" /> > > <bean > class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler"> > <property name="filter" value="uid=%u" > /> > <property name="searchBase" > value="o=metadirectorio" /> > <property name="contextSource" > ref="contextSource" /> > <property name="searchContextSource" > ref="pooledContextSource" /> > </bean> > </list> > </property> > </bean> > > <bean id="contextSource" > class="org.springframework.ldap.core.support.LdapContextSource"> > <property name="anonymousReadOnly" value="false" /> > <property name="pooled" value="false"/> > <property name="url" > value="ldap://directorio.gobierno.net/"/> > <property name="userDn" > value="uid=usuarioXX,o=Applications,o=gobierno,c=es"/> > <property name="password" value="XXXXX"/> > <property name="baseEnvironmentProperties"> > <map> > <entry key="com.sun.jndi.ldap.connect.timeout" > value="3000" /> > <entry key="com.sun.jndi.ldap.read.timeout" > value="3000" > /> > <entry key="java.naming.security.authentication" > value="simple"/> > </map> > </property> > </bean> > > <bean id="attributeRepository" > > class="org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao"> > <property name="contextSource" ref="contextSource" /> > <property name="baseDN" value="o=metadirectorio" /> > <property name="requireAllQueryAttributes" value="true" /> > <property name="queryAttributeMapping"> > <map> > <entry key="username" value="uid" /> > </map> > </property> > <property name="resultAttributeMapping"> > <map> > > <entry value="Name" key="cn" /> > <entry value="Dni" key="employeeNumber" /> > </map> > </property> > </bean> > > > <bean id="serviceRegistryDao" > class="org.jasig.cas.services.JpaServiceRegistryDaoImpl" > p:entityManagerFactory-ref="entityManagerFactory" /> > > <bean id="entityManagerFactory" > class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean" > > > <property name="dataSource" ref="dataSource"/> > <property name="jpaVendorAdapter"> > <bean > class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter"> > <property name="generateDdl" value="true"/> > <property name="showSql" value="true" /> > </bean> > </property> > <property name="jpaProperties"> > <props> > <prop > key="hibernate.dialect">org.hibernate.dialect.PostgreSQLDialect</prop> > <prop key="hibernate.hbm2ddl.auto">update</prop> > </props> > </property> > </bean> > <bean id="transactionManager" > class="org.springframework.orm.jpa.JpaTransactionManager"> > <property name="entityManagerFactory" > ref="entityManagerFactory"/> > </bean> > > <tx:annotation-driven transaction-manager="transactionManager"/> > > > <bean id="dataSource" class="com.mchange.v2.c3p0.ComboPooledDataSource" > p:driverClass="${database.driverClass}" > p:jdbcUrl="${database.url}" > p:user="${database.user}" > p:password="${database.password}" > p:initialPoolSize="${database.pool.minSize}" > p:minPoolSize="${database.pool.minSize}" > p:maxPoolSize="${database.pool.maxSize}" > p:maxIdleTimeExcessConnections="${database.pool.maxIdleTime}" > p:checkoutTimeout="${database.pool.maxWait}" > p:acquireIncrement="${database.pool.acquireIncrement}" > p:acquireRetryAttempts="${database.pool.acquireRetryAttempts}" > p:acquireRetryDelay="${database.pool.acquireRetryDelay}" > > p:idleConnectionTestPeriod="${database.pool.idleConnectionTestPeriod}" > p:preferredTestQuery="${database.pool.connectionHealthQuery}" /> > > <bean id="pooledContextSource" > class="org.springframework.ldap.pool.factory.PoolingContextSource" > p:minIdle="${ldap.pool.minIdle}" > p:maxIdle="${ldap.pool.maxIdle}" > p:maxActive="${ldap.pool.maxSize}" > p:maxWait="${ldap.pool.maxWait}" > p:timeBetweenEvictionRunsMillis="${ldap.pool.evictionPeriod}" > p:minEvictableIdleTimeMillis="${ldap.pool.idleTime}" > p:testOnBorrow="${ldap.pool.testOnBorrow}" > p:testWhileIdle="${ldap.pool.testWhileIdle}" > p:dirContextValidator-ref="dirContextValidator" > p:contextSource-ref="contextSource" /> > > <bean id="dirContextValidator" > class="org.springframework.ldap.pool.validation.DefaultDirContextValidator > " > p:base="" > p:filter="objectclass=*"> > <property name="searchControls"> > <bean class="javax.naming.directory.SearchControls" > p:timeLimit="1000" > p:countLimit="1" > p:searchScope="0" > p:returningAttributes="" /> > </property> > </bean> > > <bean id="auditTrailManager" > class="com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager" /> > > <bean id="healthCheckMonitor" > class="org.jasig.cas.monitor.HealthCheckMonitor"> > <property name="monitors"> > <list> > <bean class="org.jasig.cas.monitor.MemoryMonitor" > p:freeMemoryWarnThreshold="10" /> > > <bean class="org.jasig.cas.monitor.SessionMonitor" > p:ticketRegistry-ref="ticketRegistry" > p:serviceTicketCountWarnThreshold="5000" > p:sessionCountWarnThreshold="100000" /> > </list> > </property> > </bean> > </beans> > > Anyone has any idea where the error is?? > > Thank's. > > > > > > > -- > View this message in context: http://jasig.275507.n4.nabble.com/Cas-3-5-2- > 1-and-ldap-WHAT-principal-cannot-be-null-tp4665732.html > Sent from the CAS Users mailing list archive at Nabble.com. > > -- > You are currently subscribed to [email protected] as: > [email protected] To unsubscribe, change settings or access archives, > see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
