I configured Cas Server 3.0.5 for Ldap authentication and deployed
cas.war on Tomcat.
I always see following message when I try to login to
The credentials you provided cannot be determined to be authentic.
I am able to login using ldap using another piece of code with same
credentials.
Please help!!
Here is my deployerConfigContext.xml
<property name="authenticationHandlers">
<list>
<!--
| This is
the authentication handler that authenticates services by means of
callback via SSL, thereby validating
| a server
side SSL certificate.
+-->
<bean
class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCred
entialsAuthenticationHandler" />
<!--
| This is
the authentication handler declaration that every CAS deployer will need
to change before deploying CAS
| into
production.
| With this
configuration you will be using LDAP FastBind authentication.
+-->
<bean
class="org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler" >
<property name="filter" value="sAMAccountId=%u, dc=delegata, dc=com" />
<property name="contextSource" ref="contextSource" />
</bean>
</list>
</property>
</bean>
<bean id="contextSource"
class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource">
<property name="urls">
<list>
<value>ldap://ldap.delegata.com:389</value>
<value>ldap://ldap2.delegata.com:389</value>
</list>
</property>
</bean>
This is what I see in the console:
2007-03-01 11:55:59,859 INFO
[org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] -
<Starting cleaning of expired tickets from ticket registry at [Thu Mar
01 11:55:59 PST 2007]>
2007-03-01 11:55:59,859 INFO
[org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] -
<0 found to be removed. Removing now.>
2007-03-01 11:55:59,859 INFO
[org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] -
<Finished cleaning of expired tickets from ticket registry at [Thu Mar
01 11:55:59 PST 2007]>
2007-03-01 12:07:37,030 DEBUG
[org.jasig.cas.web.flow.AutomaticCookiePathSetterAction] - <Action
'AutomaticCookiePathSetterAction' beginning execution>
2007-03-01 12:07:37,030 INFO
[org.jasig.cas.web.flow.AutomaticCookiePathSetterAction] - <Setting
ContextPath for cookies to: /cas>
2007-03-01 12:07:37,030 DEBUG
[org.jasig.cas.web.flow.AutomaticCookiePathSetterAction] - <Action
'AutomaticCookiePathSetterAction' completed execution; result is
'success'>
2007-03-01 12:07:37,030 DEBUG
[org.jasig.cas.web.flow.TicketGrantingTicketExistsAction] - <Action
'TicketGrantingTicketExistsAction' beginning execution>
2007-03-01 12:07:37,046 DEBUG
[org.jasig.cas.web.flow.TicketGrantingTicketExistsAction] - <Action
'TicketGrantingTicketExistsAction' completed execution; result is
'noTicketGrantingTicketExists'>
2007-03-01 12:07:37,046 DEBUG
[org.jasig.cas.web.flow.GatewayRequestCheckAction] - <Action
'GatewayRequestCheckAction' beginning execution>
2007-03-01 12:07:37,046 DEBUG
[org.jasig.cas.web.flow.GatewayRequestCheckAction] - <Action
'GatewayRequestCheckAction' completed execution; result is
'authenticationRequired'>
2007-03-01 12:07:38,170 DEBUG
[org.jasig.cas.web.flow.AutomaticCookiePathSetterAction] - <Action
'AutomaticCookiePathSetterAction' beginning execution>
2007-03-01 12:07:38,170 DEBUG
[org.jasig.cas.web.flow.AutomaticCookiePathSetterAction] - <Action
'AutomaticCookiePathSetterAction' completed execution; result is
'success'>
2007-03-01 12:07:38,170 DEBUG
[org.jasig.cas.web.flow.TicketGrantingTicketExistsAction] - <Action
'TicketGrantingTicketExistsAction' beginning execution>
2007-03-01 12:07:38,170 DEBUG
[org.jasig.cas.web.flow.TicketGrantingTicketExistsAction] - <Action
'TicketGrantingTicketExistsAction' completed execution; result is
'noTicketGrantingTicketExists'>
2007-03-01 12:07:38,186 DEBUG
[org.jasig.cas.web.flow.GatewayRequestCheckAction] - <Action
'GatewayRequestCheckAction' beginning execution>
2007-03-01 12:07:38,201 DEBUG
[org.jasig.cas.web.flow.GatewayRequestCheckAction] - <Action
'GatewayRequestCheckAction' completed execution; result is
'authenticationRequired'>
2007-03-01 12:09:03,722 DEBUG
[org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Action
'AuthenticationViaFormAction' beginning execution>
2007-03-01 12:09:03,722 DEBUG
[org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Executing bind>
2007-03-01 12:09:03,738 DEBUG
[org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Loading new form
object>
2007-03-01 12:09:03,738 DEBUG
[org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Creating new
instance of form object class [class
org.jasig.cas.authentication.principal.UsernamePasswordCredentials]>
2007-03-01 12:09:03,738 DEBUG
[org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Setting form
object of type [class
org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in
scope [class org.springframework.webflow.ScopeType.Flow (1)] with name
'credentials'>
2007-03-01 12:09:03,769 DEBUG
[org.jasig.cas.web.flow.AuthenticationViaFormAction] - <No property
editor registrar set, no custom editors to register>
2007-03-01 12:09:03,785 DEBUG
[org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Binding allowed
request parameters in map['lt' ->
'_c098887B4-2F64-6805-90CF-23A7E53A0776_kBE08773B-B693-84EE-4764989E6882
', '_eventId' -> 'submit', 'password' -> 'sam', 'username' -> 'sam'] to
form object with name 'credentials', pre-bind formObject toString =
null>
2007-03-01 12:09:03,785 DEBUG
[org.jasig.cas.web.flow.AuthenticationViaFormAction] - <(Any field is
allowed)>
2007-03-01 12:09:03,800 DEBUG
[org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Binding
completed for form object with name 'credentials', post-bind formObject
toString = sam>
2007-03-01 12:09:03,800 DEBUG
[org.jasig.cas.web.flow.AuthenticationViaFormAction] - <There are [0]
errors, details: []>
2007-03-01 12:09:03,800 DEBUG
[org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Setting form
errors instance in scope [class
org.springframework.webflow.ScopeType.Request (0)]>
2007-03-01 12:09:03,800 DEBUG
[org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Executing
validate>
2007-03-01 12:09:03,800 DEBUG
[org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Invoking
validator
[EMAIL PROTECTED]>
2007-03-01 12:09:03,816 DEBUG
[org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Validation
completed for form object with name 'credentials'>
2007-03-01 12:09:03,816 DEBUG
[org.jasig.cas.web.flow.AuthenticationViaFormAction] - <There are [0]
errors, details: []>
2007-03-01 12:09:03,816 DEBUG
[org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Action
'AuthenticationViaFormAction' completed execution; result is 'success'>
2007-03-01 12:09:03,816 DEBUG
[org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Action
'AuthenticationViaFormAction' beginning execution>
2007-03-01 12:09:03,816 DEBUG
[org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Found existing
form object with name 'credentials' of type [class
org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in
scope [class org.springframework.webflow.ScopeType.Flow (1)]>
2007-03-01 12:09:03,816 DEBUG
[org.jasig.cas.CentralAuthenticationServiceImpl] - <Attempting to create
TicketGrantingTicket for sam>
2007-03-01 12:09:03,941 INFO
[org.jasig.cas.authentication.AuthenticationManagerImpl] -
<AuthenticationHandler:
org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler failed to
authenticate the user which provided the following credentials: sam>
2007-03-01 12:09:03,941 DEBUG
[org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Found existing
form object with name 'credentials' of type [class
org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in
scope [class org.springframework.webflow.ScopeType.Flow (1)]>
2007-03-01 12:09:03,941 DEBUG
[org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Action
'AuthenticationViaFormAction' completed execution; result is 'error'>
2007-03-01 12:09:04,034 DEBUG
[org.jasig.cas.web.flow.AutomaticCookiePathSetterAction] - <Action
'AutomaticCookiePathSetterAction' beginning execution>
2007-03-01 12:09:04,034 DEBUG
[org.jasig.cas.web.flow.AutomaticCookiePathSetterAction] - <Action
'AutomaticCookiePathSetterAction' completed execution; result is
'success'>
2007-03-01 12:09:04,034 DEBUG
[org.jasig.cas.web.flow.TicketGrantingTicketExistsAction] - <Action
'TicketGrantingTicketExistsAction' beginning execution>
2007-03-01 12:09:04,034 DEBUG
[org.jasig.cas.web.flow.TicketGrantingTicketExistsAction] - <Action
'TicketGrantingTicketExistsAction' completed execution; result is
'noTicketGrantingTicketExists'>
2007-03-01 12:09:04,034 DEBUG
[org.jasig.cas.web.flow.GatewayRequestCheckAction] - <Action
'GatewayRequestCheckAction' beginning execution>
2007-03-01 12:09:04,034 DEBUG
[org.jasig.cas.web.flow.GatewayRequestCheckAction] - <Action
'GatewayRequestCheckAction' completed execution; result is
'authenticationRequired'>
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
