RESOLVED I have got a Cas Server ¡¡¡¡¡ I changed this line
<property name="filter" value="uid=%u,ou=A01,ou=xx,ou=yy,o=zz" /> for this <property name="filter" value="cn=%u,ou=A01,ou=xx,ou=yy,o=zz" /> And I can authenticate with my server ldap now. Thanks to everybody especially to Andrew, Vilpen and Scott for their suggestions. >From: "kike velez" <[EMAIL PROTECTED]> >Reply-To: Yale CAS mailing list <[email protected]> >To: [email protected] >Subject: Re: LDAP problems >Date: Wed, 27 Sep 2006 13:10:27 +0200 >MIME-Version: 1.0 >X-Originating-IP: [194.179.55.34] >X-Originating-Email: [EMAIL PROTECTED] >X-Sender: [EMAIL PROTECTED] >Received: from pantheon-po10.its.yale.edu ([130.132.50.53]) by >bay0-mc1-f8.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2444); Wed, 27 >Sep 2006 04:12:36 -0700 >Received: from tp.its.yale.edu (tp.its.yale.edu [130.132.59.225])by >pantheon-po10.its.yale.edu (8.12.11.20060308/8.12.11) with ESMTP id >k8RBAtgY026699;Wed, 27 Sep 2006 07:10:59 -0400 >Received: from mr1.its.yale.edu (mr1.its.yale.edu [130.132.50.7])by >tp.its.yale.edu (8.13.1/8.13.1) with ESMTP id k8RBArIk011335for ><[email protected]>; Wed, 27 Sep 2006 07:10:54 -0400 >Received: from bay0-omc2-s29.bay0.hotmail.com >(bay0-omc2-s29.bay0.hotmail.com[65.54.246.165])by mr1.its.yale.edu >(8.12.11.20060308/8.12.11) with ESMTP idk8RBAqRX009464for ><[email protected]>; Wed, 27 Sep 2006 07:10:53 -0400 >Received: from hotmail.com ([65.55.131.99]) by >bay0-omc2-s29.bay0.hotmail.comwith Microsoft SMTPSVC(6.0.3790.1830); Wed, >27 Sep 2006 04:10:31 -0700 >Received: from mail pickup service by hotmail.com with Microsoft >SMTPSVC;Wed, 27 Sep 2006 04:10:31 -0700 >Received: from 65.55.131.123 by by126fd.bay126.hotmail.msn.com with >HTTP;Wed, 27 Sep 2006 11:10:27 GMT >X-Message-Info: LsUYwwHHNt0FSj6d3o4nX6ghXzSf+HpazQH/DUqWSd0= >X-OriginalArrivalTime: 27 Sep 2006 11:10:31.0141 >(UTC)FILETIME=[8BA8F150:01C6E225] >X-YaleITSMailFilter: Version 1.2c (attachment(s) not renamed) >X-Yale-Not-Spam: For more info see: >http://www.yale.edu/email/spam/content.html >X-Yale-Spam-Score: (-0.001) >X-Scanned-By: MIMEDefang 2.52 on 130.132.50.7 >X-BeenThere: [email protected] >X-Mailman-Version: 2.1.6 >Precedence: list >List-Id: Yale CAS mailing list <cas.tp.its.yale.edu> >List-Unsubscribe: ><http://tp.its.yale.edu/mailman/listinfo/cas>,<mailto:[EMAIL PROTECTED]> >List-Archive: <http://tp.its.yale.edu/pipermail/cas> >List-Post: <mailto:[email protected]> >List-Help: <mailto:[EMAIL PROTECTED]> >List-Subscribe: ><http://tp.its.yale.edu/mailman/listinfo/cas>,<mailto:[EMAIL PROTECTED]> >Errors-To: [EMAIL PROTECTED] >Return-Path: [EMAIL PROTECTED] > >I think i do a mistake my apologies : > >The certifcate is on the jvm keytore becouse i do : > >keytool -list -alias tomcat -keystore "%java_home%/.../cacerts" > >I see the certificate. > >And the cn of the certificate is localhost . > >Thanks in advance > > > >From: "kike velez" <[EMAIL PROTECTED]> > >Reply-To: Yale CAS mailing list <[email protected]> > >To: [email protected] > >Subject: Re: LDAP problems > >Date: Tue, 26 Sep 2006 21:28:58 +0200 > >MIME-Version: 1.0 > >X-Originating-IP: [80.102.195.116] > >X-Originating-Email: [EMAIL PROTECTED] > >X-Sender: [EMAIL PROTECTED] > >Received: from pantheon-po11.its.yale.edu ([130.132.50.69]) by > >bay0-mc1-f6.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2444); Tue, >26 > >Sep 2006 12:31:58 -0700 > >Received: from tp.its.yale.edu (tp.its.yale.edu [130.132.59.225])by > >pantheon-po11.its.yale.edu (8.12.11.20060308/8.12.11) with ESMTP id > >k8QJTVfu027945;Tue, 26 Sep 2006 15:29:44 -0400 > >Received: from mr4.its.yale.edu (mr4.its.yale.edu [130.132.50.10])by > >tp.its.yale.edu (8.13.1/8.13.1) with ESMTP id k8QJTSVq008338for > ><[email protected]>; Tue, 26 Sep 2006 15:29:28 -0400 > >Received: from bay0-omc1-s30.bay0.hotmail.com > >(bay0-omc1-s30.bay0.hotmail.com[65.54.246.102])by mr4.its.yale.edu > >(8.12.11.20060308/8.12.11) with ESMTP idk8QJTR4t028543for > ><[email protected]>; Tue, 26 Sep 2006 15:29:27 -0400 > >Received: from hotmail.com ([65.55.131.111]) by > >bay0-omc1-s30.bay0.hotmail.comwith Microsoft SMTPSVC(6.0.3790.1830); Tue, > >26 Sep 2006 12:29:06 -0700 > >Received: from mail pickup service by hotmail.com with Microsoft > >SMTPSVC;Tue, 26 Sep 2006 12:29:03 -0700 > >Received: from 65.55.131.123 by by126fd.bay126.hotmail.msn.com with > >HTTP;Tue, 26 Sep 2006 19:28:58 GMT > >X-Message-Info: LsUYwwHHNt0cZohkYvu8r9UXPiSAwxcEC2bfdx78UpI= > >X-OriginalArrivalTime: 26 Sep 2006 19:29:03.0147 > >(UTC)FILETIME=[063117B0:01C6E1A2] > >X-YaleITSMailFilter: Version 1.2c (attachment(s) not renamed) > >X-Yale-Not-Spam: For more info see: > >http://www.yale.edu/email/spam/content.html > >X-Yale-Spam-Score: (-0.001) > >X-Scanned-By: MIMEDefang 2.52 on 130.132.50.10 > >X-BeenThere: [email protected] > >X-Mailman-Version: 2.1.6 > >Precedence: list > >List-Id: Yale CAS mailing list <cas.tp.its.yale.edu> > >List-Unsubscribe: > ><http://tp.its.yale.edu/mailman/listinfo/cas>,<mailto:[EMAIL PROTECTED]> > >List-Archive: <http://tp.its.yale.edu/pipermail/cas> > >List-Post: <mailto:[email protected]> > >List-Help: <mailto:[EMAIL PROTECTED]> > >List-Subscribe: > ><http://tp.its.yale.edu/mailman/listinfo/cas>,<mailto:[EMAIL PROTECTED]> > >Errors-To: [EMAIL PROTECTED] > >Return-Path: [EMAIL PROTECTED] > > > >hello Scott, > > > >maybe i am wrong but > > > >- when you say if the certificate is in the jvm keystore you want to say > >that i install the certificate in the browser? the answer is yes > > > >- the certificate cn is localhost and i do this: > > > > http:\\localhost:8084\cas > > > > > >Sorry for my easy doubts > > > >Thank in advance > > > > >From: "Scott Battaglia" <[EMAIL PROTECTED]> > > >Reply-To: Yale CAS mailing list <[email protected]> > > >To: "Yale CAS mailing list" <[email protected]> > > >Subject: Re: LDAP problems > > >Date: Tue, 26 Sep 2006 13:43:08 -0400 > > >MIME-Version: 1.0 > > >Received: from pantheon-po12.its.yale.edu ([130.132.50.70]) by > > >bay0-mc8-f14.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2444); >Tue, > > >26 Sep 2006 10:47:21 -0700 > > >Received: from tp.its.yale.edu (tp.its.yale.edu [130.132.59.225])by > > >pantheon-po12.its.yale.edu (8.12.11.20060308/8.12.11) with ESMTP id > > >k8QHiB48004247;Tue, 26 Sep 2006 13:44:16 -0400 > > >Received: from mr4.its.yale.edu (mr4.its.yale.edu [130.132.50.10])by > > >tp.its.yale.edu (8.13.1/8.13.1) with ESMTP id k8QHi91v007941for > > ><[email protected]>; Tue, 26 Sep 2006 13:44:09 -0400 > > >Received: from py-out-1112.google.com (py-out-1112.google.com > > >[64.233.166.180])by mr4.its.yale.edu (8.12.11.20060308/8.12.11) with > >ESMTP > > >idk8QHi9PG021187for <[email protected]>; Tue, 26 Sep 2006 13:44:09 > >-0400 > > >Received: by py-out-1112.google.com with SMTP id w49so2748249pygfor > > ><[email protected]>; Tue, 26 Sep 2006 10:43:09 -0700 (PDT) > > >Received: by 10.35.51.19 with SMTP id d19mr1283397pyk;Tue, 26 Sep 2006 > > >10:43:08 -0700 (PDT) > > >Received: by 10.35.69.14 with HTTP; Tue, 26 Sep 2006 10:43:08 -0700 >(PDT) > > >X-Message-Info: LsUYwwHHNt25vOw9vFsrJ2kwDJMn6CHbd3uOCClBlts= > > >DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; > > > >d=gmail.com;h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references;b=PQNaxmWAp98/inwLFJgCkdgRbNXDI6wyz2CMAPzFDO9IJ5JgMxzgZcgusm4pchQnWgHYmDDSJ7MFhornQIiptxisTrUXtUH2DFzR/ap9V33psBKn5IsrB3k36x96d/5dCswNDgCeH0kUD1fKTE7Cx+kyXX7aykdH0LPwibPbH2U= > > >References: > > > ><[EMAIL PROTECTED]><[EMAIL PROTECTED]> > > >X-YaleITSMailFilter: Version 1.2c (attachment(s) not renamed) > > >X-Yale-Not-Spam: For more info see: > > >http://www.yale.edu/email/spam/content.html > > >X-Yale-Spam-Score: (0) > > >X-Scanned-By: MIMEDefang 2.52 on 130.132.50.10 > > >X-BeenThere: [email protected] > > >X-Mailman-Version: 2.1.6 > > >Precedence: list > > >List-Id: Yale CAS mailing list <cas.tp.its.yale.edu> > > >List-Unsubscribe: > > > ><http://tp.its.yale.edu/mailman/listinfo/cas>,<mailto:[EMAIL PROTECTED]> > > >List-Archive: <http://tp.its.yale.edu/pipermail/cas> > > >List-Post: <mailto:[email protected]> > > >List-Help: <mailto:[EMAIL PROTECTED]> > > >List-Subscribe: > > > ><http://tp.its.yale.edu/mailman/listinfo/cas>,<mailto:[EMAIL PROTECTED]> > > >Errors-To: [EMAIL PROTECTED] > > >Return-Path: [EMAIL PROTECTED] > > >X-OriginalArrivalTime: 26 Sep 2006 17:47:21.0839 (UTC) > > >FILETIME=[D1875FF0:01C6E193] > > > > > >Is the certificate in the JVM keystore? Does the host name in the url > > >match > > >the cn? > > > > > >-Scott > > > > > >On 9/26/06, kike velez <[EMAIL PROTECTED]> wrote: > > >> > > >>hello, > > >> > > >>I have a certificate with cn = localhost in the jvm. But the problem >is > > >>the > > >>same. > > >> > > >>Is a configuration problem? or I am missing something. > > >> > > >>Thanks in advance. > > >> > > >> > > >> >From: "kike velez" <[EMAIL PROTECTED]> > > >> >Reply-To: Yale CAS mailing list <[email protected]> > > >> >To: [email protected] > > >> >Subject: LDAP problems > > >> >Date: Fri, 22 Sep 2006 14:16:49 +0200 > > >> >MIME-Version: 1.0 > > >> >X-Originating-IP: [194.179.55.34] > > >> >X-Originating-Email: [EMAIL PROTECTED] > > >> >X-Sender: [EMAIL PROTECTED] > > >> >Received: from pantheon-po11.its.yale.edu ([130.132.50.69]) by > > >> >bay0-mc4-f16.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2444); > > >>Fri, > > >> >22 Sep 2006 05:26:39 -0700 > > >> >Received: from tp.its.yale.edu (tp.its.yale.edu [130.132.59.225])by > > >> >pantheon-po11.its.yale.edu (8.12.11.20060308/8.12.11) with ESMTP id > > >> >k8MCHGUr029455;Fri, 22 Sep 2006 08:17:51 -0400 > > >> >Received: from mr2.its.yale.edu (mr2.its.yale.edu [130.132.50.8])by > > >> >tp.its.yale.edu (8.13.1/8.13.1) with ESMTP id k8MCHF3c009088for > > >> ><[email protected]>; Fri, 22 Sep 2006 08:17:15 -0400 > > >> >Received: from bay0-omc3-s5.bay0.hotmail.com > > >> >(bay0-omc3-s5.bay0.hotmail.com[65.54.246.205])by mr2.its.yale.edu > > >> >(8.12.11.20060308/8.12.11) with ESMTP idk8MCHEDa026067for > > >> ><[email protected]>; Fri, 22 Sep 2006 08:17:14 -0400 > > >> >Received: from hotmail.com ([65.55.131.87]) by > > >> >bay0-omc3-s5.bay0.hotmail.comwith Microsoft SMTPSVC(6.0.3790.1830); > >Fri, > > >>22 > > >> >Sep 2006 05:16:52 -0700 > > >> >Received: from mail pickup service by hotmail.com with Microsoft > > >> >SMTPSVC;Fri, 22 Sep 2006 05:16:52 -0700 > > >> >Received: from 65.55.131.123 by by126fd.bay126.hotmail.msn.com with > > >> >HTTP;Fri, 22 Sep 2006 12:16:49 GMT > > >> >X-Message-Info: LsUYwwHHNt2vbVFS268RvVMP7Xihi/GL0crjTIse8ek= > > >> >X-OriginalArrivalTime: 22 Sep 2006 12:16:52.0640 > > >> >(UTC)FILETIME=[FCC0BA00:01C6DE40] > > >> >X-YaleITSMailFilter: Version 1.2c (attachment(s) not renamed) > > >> >X-Yale-Not-Spam: For more info see: > > >> >http://www.yale.edu/email/spam/content.html > > >> >X-Yale-Spam-Score: (-0.001) > > >> >X-Scanned-By: MIMEDefang 2.52 on 130.132.50.8 > > >> >X-BeenThere: [email protected] > > >> >X-Mailman-Version: 2.1.6 > > >> >Precedence: list > > >> >List-Id: Yale CAS mailing list <cas.tp.its.yale.edu> > > >> >List-Unsubscribe: > > >> ><http://tp.its.yale.edu/mailman/listinfo/cas>,<mailto: > > >>[EMAIL PROTECTED]> > > >> >List-Archive: <http://tp.its.yale.edu/pipermail/cas> > > >> >List-Post: <mailto:[email protected]> > > >> >List-Help: <mailto:[EMAIL PROTECTED]> > > >> >List-Subscribe: > > >> ><http://tp.its.yale.edu/mailman/listinfo/cas>,<mailto: > > >>[EMAIL PROTECTED]> > > >> >Errors-To: [EMAIL PROTECTED] > > >> >Return-Path: [EMAIL PROTECTED] > > >> > > > >> >Hello, > > >> > > > >> >I have problems with ldap conection. > > >> > > > >> >I did this: > > >> > > > >> >- copy ldaptemplate.1.0.2.jar + cas_server_ldap_3.0.5.jar to > > >> >localplugins/lib > > >> >- i modify the file webapp/web-inf/deployerConfigContext.xml > > >> >- ant jar > > >> >- ant war > > >> >- deploy to tomcat > > >> > > > >> >My company ldap is somethig like this: > > >> > > > >> >a01.xx.yy.zz > > >> >a02.xx.yy.zz > > >> >a03.xx.yy.zz > > >> >............ > > >> >a20.xx.yy.zz > > >> > > > >> >I start with FastBindLdapAuthenticationHandler to test my ldap > >conection > > >> >with a user in A01.xx.yy.zz > > >> >This is my deployerConfigContext: > > >> ><?xml version="1.0" encoding="UTF-8"?> > > >> ><!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" > > >> >"http://www.springframework.org/dtd/spring-beans.dtd";> > > >> ><beans> > > >> > > > >> > <bean id="authenticationManager" > > >> > class=" > > >>org.jasig.cas.authentication.AuthenticationManagerImpl"> > > >> > > > >> > <property name="credentialsToPrincipalResolvers"> > > >> > <list> > > >> > > > >> > <bean > > >> > class=" > > > >>org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver > > >>" > > >> >/> > > >> > > > >> > <bean > > >> > class=" > > > >>org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver > > >>" > > >> >/> > > >> > </list> > > >> > </property> > > >> > > > >> > > > >> > <property name="authenticationHandlers"> > > >> > <list> > > >> > > > >> > <bean > > >> > class=" > > >>org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler" > > > >> > <property name="filter" > > >> >value="uid=%u,ou=A01,ou=xx,ou=yy,o=zz" /> > > >> > <property name="contextSource" > > >> >ref="contextSource" /> > > >> > </bean> > > >> > </list> > > >> ></property> > > >> > > > >> > > > >> > > > >> > </bean> > > >> > > > >> > <bean id="contextSource" > > >> > > > >class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource"> > > >> > <property name="urls"> > > >> > <list> > > >> > > > >> ><value>ldap://dirIPofMyServerLdap:389/</value> > > >> > > > >> > </list> > > >> > </property> > > >> > </bean> > > >> > > > >> > > > >> ></beans> > > >> > > > >> >After deploy to test i use this url: http://localhost:8084/cas to > >login > > >> > > > >> >But always i received error.authentication.credentials.bad > > >> >and i don´t know why. > > >> >I use the same information with acegi-ldap and i have no problems. > > >> > > > >> >What i am doing wrong? > > >> > > > >> >Thanks in advance > > >> > > > >> > > > >> >_______________________________________________ > > >> >Yale CAS mailing list > > >> >[email protected] > > >> >http://tp.its.yale.edu/mailman/listinfo/cas > > >> > > >> > > >>_______________________________________________ > > >>Yale CAS mailing list > > >>[email protected] > > >>http://tp.its.yale.edu/mailman/listinfo/cas > > >> > > > > > > >_______________________________________________ > > >Yale CAS mailing list > > >[email protected] > > >http://tp.its.yale.edu/mailman/listinfo/cas > > > > > >_______________________________________________ > >Yale CAS mailing list > >[email protected] > >http://tp.its.yale.edu/mailman/listinfo/cas > > >_______________________________________________ >Yale CAS mailing list >[email protected] >http://tp.its.yale.edu/mailman/listinfo/cas _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
