I'm using CAS + OpenLDAP without any problem. Did you restart your tomcat after made this modification?
I'm also using jxplorer as well. Please set Level to Anonymous to see whether you can search the uid you want to login? If you want uid=t.arrad,ou=staff,dc=inspire-media,dc=ma, you should be able to search the uid anonymously. Perhaps you have to change your ldap's config. Regards, Shi Yusen/Beijing Langhua Ltd. 在 2007-10-23二的 14:02 [EMAIL PROTECTED] > I've tryed that issue but cas still reject the authentication. > Ldap is turned on localy, im using jexplore to update the ldap db. > Is there any config to do on the ldap side? > Envoyé par mon Blackberry de Méditel > > -----Original Message----- > From: Shi Yusen <[EMAIL PROTECTED]> > > Date: Tue, 23 Oct 2007 21:47:50 > To:Yale CAS mailing list <[email protected]> > Subject: Re: CAS and LDAP problem > > > Tarik, > > The following should work for you. > > <bean id="contextSource" > class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource"> > <property name="anonymousReadOnly" value="false" /> > <property name="pooled" value="true" /> > <property name="urls"> > <list> > <value>ldap://localhost:389/</value> > </list> > </property> > <property name="baseEnvironmentProperties"> > <map> > <entry> > > <key><value>java.naming.security.authentication</value></key> > <value>simple</value> > </entry> > </map> > </property> > </bean> > </beans> > > BTW, are you sure ldap server runs on your localhost? > > Regards, > > Shi Yusen/Beijing Langhua Ltd. > > > 在 2007-10-23二的 13:11 +0000,Tarik Arrad写道: > > i still have the same problem, is there other thing to verify? > > As information i'm using openldap > > > > 2007/10/23, Andrew R Feller <[EMAIL PROTECTED]>: > > Remove the "password" property off of your > > AuthenticatedLdapContextSource; you cannot connect as > > anonymousReadOnly > > and specify a password. =P > > > > Andrew R Feller, Analyst > > Subversion Administrator > > University Information Systems > > Louisiana State University > > [EMAIL PROTECTED] > > (office) 225.578.3737 > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] > > On Behalf Of Tarik Arrad > > Sent: Tuesday, October 23, 2007 7:50 AM > > To: [email protected] > > Subject: Re: CAS and LDAP problem > > > > > > Hi Scott > > I'm doing authenticated reading. > > My authentication handler look like this : > > <bean > > > > class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler"> > > <property > > name="filter" > > value="uid=%u" /> > > <property > > name="searchBase" > > value="dc=inspire-media,dc=ma" /> > > <property > > name="contextSource" > > ref="contextSource" /> > > </bean> > > </list> > > </property> > > </bean> > > <bean id="contextSource" > > > > class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource"> > > <property name="userName" > > value="cn=Manager,dc=inspire-media,dc=ma" /> > > <property name="anonymousReadOnly" > > value="True" /> > > <property name="password" value="password" /> > > <property name="pooled" value="true" /> > > <property name="urls"> > > <list> > > <value>ldap://localhost:389/</value> > > </list> > > </property> > > <property name="baseEnvironmentProperties"> > > <map> > > <!--<entry> > > > > <key><value>java.naming.security.protocol</value></key> > > <value>ssl</value> > > </entry>--> > > <entry> > > > > <key><value>java.naming.security.authentication</value></key> > > <value>simple</value> > > </entry> > > </map> > > </property> > > </bean> > > > > > > > > > > scott_battaglia wrote: > > > > > > Tarik, > > > > > > First, if you have a question please send the message once > > to the CAS > > > users > > > list. It generates less noise that way. You do not > > increase your > > chances > > > of getting a response by sending it multiple times in such a > > short > > period > > > of > > > time (I should also never be emailed personally if you have > > a > > question). > > > > > > As for your question, if you are having trouble logging in > > via LDAP, > > > ensure > > > the following: > > > you are doing authenticated reading (providing a username > > and password > > in > > > the Context with the appropriate LDAP properties set for > > your > > > configuration) > > > and ensure that your filter and base are set correctly. > > > > > > This page gives some example configurations of the Context > > and > > properties. > > > Note that your configuration may be different: > > > http://www.ja-sig.org/wiki/display/CASUM/LDAP > > > > > > Thanks > > > -Scott > > > > > > On 10/23/07, Tarik Arrad <[EMAIL PROTECTED]> wrote: > > >> > > >> > > >> I'm trying to deploy CAS with LDAP (OpenLDAP), after > > authentication i > > >> have > > >> this log messages : > > >> > > >> 2007-10-23 10:19:25,770 INFO [ > > >> org.jasig.cas.web.flow.InitialFlowSetupAction] > > >> - <Setting ContextPath for cookies to: /cas> > > >> 2007-10-23 10:19:30,920 INFO > > >> [org.jasig.cas.authentication.AuthenticationManagerImpl] - > > >> <AuthenticationHandler: > > >> org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler > > failed to > > >> authenticate the user which provided the following > > credentials: > > Driss> > > >> Exception in thread "Store ticketCache Expiry Thread" > > >> java.lang.NullPointerException > > >> at > > org.apache.log4j.LogManager.getLogger(LogManager.java:188) > > >> at org.apache.log4j.Logger.getLogger(Logger.java:104) > > >> at > > >> > > org.apache.commons.logging.impl.Log4JLogger.getLogger > > (Log4JLogger.java > > >> :283) > > >> at > > >> org.apache.commons.logging.impl.Log4JLogger.isDebugEnabled( > > >> Log4JLogger.java:293) > > >> at > > >> net.sf.ehcache.store.DiskStore.expiryThreadMain > > (DiskStore.java:834) > > >> at net.sf.ehcache.store.DiskStore.access > > $700(DiskStore.java:59) > > >> at net.sf.ehcache.store.DiskStore > > $ExpiryThread.run(DiskStore.java > > >> :1008) > > >> 2007-10-23 10:20:44,687 INFO > > >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - > > <FormObjectClass > > >> not > > >> set. Using default class of > > >> > > org.jasig.cas.authentication.principal.UsernamePasswordCredentials > > with > > >> formObjectName credentials and validator > > >> > > org.jasig.cas.validation.UsernamePasswordCredentialsValidator.> > > >> 2007-10-23 10:20:47,878 INFO [ > > >> org.jasig.cas.web.flow.InitialFlowSetupAction ] > > >> - <Setting ContextPath for cookies to: /cas> > > >> 2007-10-23 10:20:53,176 INFO > > >> [org.jasig.cas.authentication.AuthenticationManagerImpl] - > > >> <AuthenticationHandler: > > >> org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler > > failed to > > >> authenticate the user which provided the following > > credentials: > > Tarik> > > >> 2007-10-23 10:20:59,737 INFO > > >> [org.jasig.cas.authentication.AuthenticationManagerImpl ] - > > >> <AuthenticationHandler: > > >> org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler > > failed to > > >> authenticate the user which provided the following > > credentials: > > Manager> > > >> 2007-10-23 10:21:03,940 INFO > > >> > > [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] > > - > > >> <Starting cleaning of expired tickets from ticket registry > > at [Tue > > Oct 23 > > >> 10:21:03 WET 2007]> > > >> 2007-10-23 10:21:03,940 INFO > > >> > > [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] > > - <0 > > >> found to be removed. Removing now.> > > >> 2007-10-23 10:21:03,940 INFO > > >> > > [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner > > ] > > - > > >> <Finished cleaning of expired tickets from ticket registry > > at [Tue > > Oct 23 > > >> 10:21:03 WET 2007]> > > >> 2007-10-23 10:23:45,405 INFO > > >> [org.jasig.cas.authentication.AuthenticationManagerImpl ] - > > >> <AuthenticationHandler: > > >> org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler > > failed to > > >> authenticate the user which provided the following > > credentials: > > Tarik> > > >> Exception in thread "Store ticketCache Expiry Thread" > > >> java.lang.NullPointerException > > >> at > > org.apache.log4j.LogManager.getLogger(LogManager.java:188) > > >> at org.apache.log4j.Logger.getLogger(Logger.java:104) > > >> at > > >> > > > > org.apache.commons.logging.impl.Log4JLogger.getLogger(Log4JLogger.java > > >> :283) > > >> at > > >> org.apache.commons.logging.impl.Log4JLogger.isDebugEnabled( > > >> Log4JLogger.java:293) > > >> at > > >> > > net.sf.ehcache.store.DiskStore.expiryThreadMain(DiskStore.java:834) > > >> at net.sf.ehcache.store.DiskStore.access > > $700(DiskStore.java:59) > > >> at net.sf.ehcache.store.DiskStore$ExpiryThread.run > > (DiskStore.java > > >> :1008) > > >> 2007-10-23 10:23:59,140 INFO > > >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - > > <FormObjectClass > > >> not > > >> set. Using default class of > > >> > > org.jasig.cas.authentication.principal.UsernamePasswordCredentials > > with > > >> formObjectName credentials and validator > > >> > > org.jasig.cas.validation.UsernamePasswordCredentialsValidator.> > > >> 2007-10-23 10:24:02,829 INFO [ > > >> org.jasig.cas.web.flow.InitialFlowSetupAction] > > >> - <Setting ContextPath for cookies to: /cas> > > >> 2007-10-23 10:24:12,016 INFO > > >> [org.jasig.cas.authentication.AuthenticationManagerImpl ] - > > >> <AuthenticationHandler: > > >> org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler > > failed to > > >> authenticate the user which provided the following > > credentials: > > Manager> > > >> 2007-10-23 10:24:17,246 INFO > > >> [org.jasig.cas.authentication.AuthenticationManagerImpl] - > > >> <AuthenticationHandler: > > >> org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler > > failed to > > >> authenticate the user which provided the following > > credentials: > > Tarik> > > >> 2007-10-23 10:24:18,374 INFO > > >> > > [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] > > - > > >> <Starting cleaning of expired tickets from ticket registry > > at [Tue > > Oct 23 > > >> 10:24:18 WET 2007]> > > >> 2007-10-23 10:24:18,374 INFO > > >> > > [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] > > - <0 > > >> found to be removed. Removing now.> > > >> 2007-10-23 10:24:18,374 INFO > > >> > > [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] > > - > > >> <Finished cleaning of expired tickets from ticket registry > > at [Tue > > Oct 23 > > >> 10:24:18 WET 2007]> > > >> > > >> Help Plz > > >> Tarik Arrad > > >> > > >> -- > > >> View this message in context: > > >> > > http://www.nabble.com/CAS-and-LDAP-problem-tf4676586.html#a13361444 > > >> Sent from the CAS Users mailing list archive at Nabble.com. > > >> > > >> _______________________________________________ > > >> Yale CAS mailing list > > >> [email protected] > > >> http://tp.its.yale.edu/mailman/listinfo/cas > > >> > > > > > > > > > > > > -- > > > -Scott Battaglia > > > > > > LinkedIn: http://www.linkedin.com/in/scottbattaglia > > > > > > _______________________________________________ > > > Yale CAS mailing list > > > [email protected] > > > http://tp.its.yale.edu/mailman/listinfo/cas > > > > > > > > > > -- > > View this message in context: > > http://www.nabble.com/CAS-and-LDAP-problem-tf4676586.html#a13363452 > > Sent from the CAS Users mailing list archive at Nabble.com. > > > > _______________________________________________ > > Yale CAS mailing list > > [email protected] > > http://tp.its.yale.edu/mailman/listinfo/cas > > _______________________________________________ > > Yale CAS mailing list > > [email protected] > > http://tp.its.yale.edu/mailman/listinfo/cas > > > > _______________________________________________ > > Yale CAS mailing list > > [email protected] > > http://tp.its.yale.edu/mailman/listinfo/cas > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
