hi:
i config the deployerConfigContext.xml file according to guide.
http://www.ja-sig.org/products/cas/server/ldapauthhandler/index.html
but i get the screen below, when i login on server.
-------------------------------------
CAS is Unavailable
A general exception occurred while trying to access CAS. Please notify your
system administrator.
----------------------------------------
i use windows ldap client to connect AD, and it works.
i use cas-server 3.0.6 and tomcat 5.5.17 in jahia. and my jdk 1.5.0.6
below is the configure of the deployerConfigContext.xml file
--------------------------------
<beans>
<bean id="authenticationManager"
class="org.jasig.cas.authentication.AuthenticationManagerImpl">
<property name="credentialsToPrincipalResolvers">
<list>
<bean
class="
org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver"
/>
<bean
class="
org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver"
/>
</list>
</property>
<property name="authenticationHandlers">
<list>
<bean
class="
org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
/>
<bean class="
org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler" >
<property name="filter" value="uid=%u" />
<property name="searchBase"
value="cn=users,dc=OPDEVNET" />
<property name="contextSource" ref="contextSource"
/>
</bean>
</list>
</property>
</bean>
<bean id="contextSource" class="
org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource">
<property name="userName" value="administrator" /> <!--this is
the user logining to the AD server -->
<property name="password" value="mypassword" />
<!--password-->
<property name="urls">
<list>
<value>ldap://onepoint-winser:389/</value> <!--
AD server -->
</list>
</property>
<property name="baseEnvironmentProperties">
<map>
<entry>
<key><value>
java.naming.security.authentication</value></key>
<value>simple</value>
</entry>
</map>
</property>
</bean>
</beans>
----------------------------
these are the errors :
#######################################
2007-02-06 19:27:08,328 DEBUG [
org.springframework.web.context.support.XmlWebApplicationContext] -
Publishing event in context [WebApplicationContext for namespace
'cas-servlet']: ServletRequestHandledEvent: url=[/cas/login]; client=[
127.0.0.1]; method=[POST]; servlet=[cas];
session=[D7EDB30B1CD13924918BA779F9B2EC94]; user=[null]; time=[203ms];
status=[failed: org.springframework.webflow.engine.ActionExecutionException:
Exception thrown executing [EMAIL PROTECTED] targetAction =
[EMAIL PROTECTED], attributes =
map['method' -> 'submit']] in state 'submit' of flow 'login-webflow' --
action execution attributes were 'map['method' -> 'submit']'; nested
exception is org.springframework.ldap.UncategorizedLdapException: Operation
failed; nested exception is javax.naming.AuthenticationException: [LDAP:
error code 49 - 80090308: LdapErr: DSID-0C090334, comment:
AcceptSecurityContext error, data 525, vece ]]
2007-02-06 19:27:08,328 DEBUG [
org.springframework.web.context.support.XmlWebApplicationContext] -
Publishing event in context [Root WebApplicationContext]:
ServletRequestHandledEvent: url=[/cas/login]; client=[127.0.0.1];
method=[POST]; servlet=[cas]; session=[D7EDB30B1CD13924918BA779F9B2EC94];
user=[null]; time=[203ms]; status=[failed:
org.springframework.webflow.engine.ActionExecutionException: Exception
thrown executing [EMAIL PROTECTED] targetAction =
[EMAIL PROTECTED], attributes =
map['method' -> 'submit']] in state 'submit' of flow 'login-webflow' --
action execution attributes were 'map['method' -> 'submit']'; nested
exception is org.springframework.ldap.UncategorizedLdapException: Operation
failed; nested exception is javax.naming.AuthenticationException: [LDAP:
error code 49 - 80090308: LdapErr: DSID-0C090334, comment:
AcceptSecurityContext error, data 525, vece ]]
2007-02-06 19:27:08,328 ERROR
[org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/cas].[cas]]
- Servlet.service() for servlet cas threw exception
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308:
LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece
]
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2985)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2931)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2732)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2646)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:283)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java
:193)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(
LdapCtxFactory.java:136)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(
LdapCtxFactory.java:66)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java
:667)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java
:247)
at javax.naming.InitialContext.init(InitialContext.java:223)
at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java
:134)
at
org.springframework.ldap.support.LdapContextSource.getDirContextInstance(
LdapContextSource.java:59)
at org.springframework.ldap.support.AbstractContextSource.createContext(
AbstractContextSource.java:193)
at
org.springframework.ldap.support.AbstractContextSource.getReadOnlyContext(
AbstractContextSource.java:104)
at org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:263)
at org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:314)
at
org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler.authenticateUsernamePasswordInternal
(BindLdapAuthenticationHandler.java:70)
at
org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler.authenticate
(AbstractUsernamePasswordAuthenticationHandler.java:58)
at org.jasig.cas.authentication.AuthenticationManagerImpl.authenticate(
AuthenticationManagerImpl.java:79)
at
org.jasig.cas.CentralAuthenticationServiceImpl.createTicketGrantingTicket(
CentralAuthenticationServiceImpl.java:282)
at org.jasig.cas.web.flow.AuthenticationViaFormAction.submit(
AuthenticationViaFormAction.java:116)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(
NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(
DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.springframework.webflow.util.DispatchMethodInvoker.invoke(
DispatchMethodInvoker.java:105)
at org.springframework.webflow.action.MultiAction.doExecute(
MultiAction.java:136)
at org.springframework.webflow.action.AbstractAction.execute(
AbstractAction.java:203)
at org.springframework.webflow.engine.AnnotatedAction.execute(
AnnotatedAction.java:142)
at org.springframework.webflow.engine.ActionExecutor.execute(
ActionExecutor.java:61)
at org.springframework.webflow.engine.ActionState.doEnter(
ActionState.java:180)
at org.springframework.webflow.engine.State.enter(State.java:200)
at org.springframework.webflow.engine.Transition.execute(Transition.java
:218)
at org.springframework.webflow.engine.TransitionableState.onEvent(
TransitionableState.java:112)
at org.springframework.webflow.engine.Flow.onEvent(Flow.java:572)
at
org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent
(RequestControlContextImpl.java:207)
at org.springframework.webflow.engine.ActionState.doEnter(
ActionState.java:185)
at org.springframework.webflow.engine.State.enter(State.java:200)
at org.springframework.webflow.engine.Transition.execute(Transition.java
:218)
at org.springframework.webflow.engine.TransitionableState.onEvent(
TransitionableState.java:112)
at org.springframework.webflow.engine.Flow.onEvent(Flow.java:572)
at
org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent
(RequestControlContextImpl.java:207)
at org.springframework.webflow.engine.impl.FlowExecutionImpl.signalEvent
(FlowExecutionImpl.java:211)
at org.springframework.webflow.executor.FlowExecutorImpl.resume(
FlowExecutorImpl.java:227)
at
org.springframework.webflow.executor.support.FlowRequestHandler.handleFlowRequest
(FlowRequestHandler.java:115)
at
org.springframework.webflow.executor.mvc.FlowController.handleRequestInternal
(FlowController.java:170)
at org.springframework.web.servlet.mvc.AbstractController.handleRequest(
AbstractController.java:153)
at
org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(
SimpleControllerHandlerAdapter.java:45)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(
DispatcherServlet.java:820)
at org.springframework.web.servlet.DispatcherServlet.doService(
DispatcherServlet.java:755)
at org.springframework.web.servlet.FrameworkServlet.processRequest(
FrameworkServlet.java:396)
at org.springframework.web.servlet.FrameworkServlet.doPost(
FrameworkServlet.java:360)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at org.jasig.cas.web.init.SafeDispatcherServlet.service(
SafeDispatcherServlet.java:115)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(
ApplicationFilterChain.java:252)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(
ApplicationFilterChain.java:173)
at org.apache.catalina.core.StandardWrapperValve.invoke(
StandardWrapperValve.java:213)
at org.apache.catalina.core.StandardContextValve.invoke(
StandardContextValve.java:178)
at org.apache.catalina.core.StandardHostValve.invoke(
StandardHostValve.java:126)
at org.apache.catalina.valves.ErrorReportValve.invoke(
ErrorReportValve.java:105)
at org.apache.catalina.core.StandardEngineValve.invoke(
StandardEngineValve.java:107)
at org.apache.catalina.connector.CoyoteAdapter.service(
CoyoteAdapter.java:148)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java
:869)
at
org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection
(Http11BaseProtocol.java:664)
at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(
PoolTcpEndpoint.java:527)
at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(
LeaderFollowerWorkerThread.java:80)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(
ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)
2007-02-06 19:27:08,562 DEBUG [
org.springframework.web.servlet.DispatcherServlet] - Testing handler map [
[EMAIL PROTECTED] in
DispatcherServlet with name 'cas'
2007-02-06 19:27:08,578 DEBUG [
org.springframework.web.servlet.handler.SimpleUrlHandlerMapping] - Looking
up handler for [/login]
2007-02-06 19:27:08,578 DEBUG [
org.springframework.web.servlet.DispatcherServlet] - Testing handler adapter
[EMAIL PROTECTED]
2007-02-06 19:27:08,578 DEBUG [
org.springframework.web.servlet.DispatcherServlet] - Testing handler adapter
[EMAIL PROTECTED]
2007-02-06 19:27:08,578 DEBUG [
org.springframework.web.servlet.DispatcherServlet] - Last-Modified value for
[/cas/login] is [-1]
2007-02-06 19:27:08,578 DEBUG [
org.springframework.web.servlet.DispatcherServlet] - DispatcherServlet with
name 'cas' received request for [/cas/login]
2007-02-06 19:27:08,578 DEBUG [org.springframework.core.CollectionFactory] -
Creating [java.util.LinkedHashMap]
2007-02-06 19:27:08,578 DEBUG [
org.springframework.web.servlet.DispatcherServlet] - Bound request context
to thread: [EMAIL PROTECTED]
2007-02-06 19:27:08,578 DEBUG [
org.springframework.web.servlet.DispatcherServlet] - Testing handler adapter
[EMAIL PROTECTED]
2007-02-06 19:27:08,578 DEBUG [
org.springframework.web.servlet.DispatcherServlet] - Testing handler adapter
[EMAIL PROTECTED]
##############################
i have searched former mail-list of cas, there are some same problems with
me. but a few user to paste the correct answer, and some situation is not
adapt to me.
and this is my ldap client information.
####################
Expanding base 'CN=Users,DC=OPDEVNET'...
Result <0>: (null)
Matched DNs:
Getting 1 entries:
Dn: CN=Users,DC=OPDEVNET
2> objectClass: top; container;
1> cn: Users;
1> description: Default container for upgraded user accounts;
1> distinguishedName: CN=Users,DC=OPDEVNET;
1> instanceType: 0x4 = ( IT_WRITE );
1> whenCreated: 11/7/2006 18:14:50 China Standard Time China Standard
Time;
1> whenChanged: 11/7/2006 18:14:50 China Standard Time China Standard
Time;
1> uSNCreated: 4304;
1> uSNChanged: 4304;
1> showInAdvancedViewOnly: FALSE;
1> name: Users;
1> objectGUID: 9105dc75-62e4-472e-a41f-acee515a0933;
1> systemFlags: 0x8C000000 = ( FLAG_DISALLOW_DELETE |
FLAG_DOMAIN_DISALLOW_RENAME | FLAG_DOMAIN_DISALLOW_MOVE );
1> objectCategory: CN=Container,CN=Schema,CN=Configuration,DC=OPDEVNET;
1> isCriticalSystemObject: TRUE;
###################
1、do i need a LDAP server's certificate to the JVM?
2、what's the problem with my configure file?
3、i have viewed the thread:
http://forum.java.sun.com/thread.jspa?messageID=4227692 but i don't know
what 's wrong with the configure in cas.
thank you in advance.
oldman
2/6/2007
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
