You may need to add another environmental property: java.naming.security.protocol=ssl (similar to the way you have java.naming.security.authentication set up) since you using LDAPS.
-Scott -Scott Battaglia PGP Public Key Id: 0x383733AA LinkedIn: http://www.linkedin.com/in/scottbattaglia On Thu, Jul 24, 2008 at 11:41 AM, Matthew Jones < [EMAIL PROTECTED]> wrote: > Welcome to CAS! I'm not an LDAP expert either (we also don't use >> Fastbind), >> but I'll try to provide some basic guidance and then our OpenLDAP experts >> can chime in (we have a few). >> > > Great, I need help. > > No need to put anything there! The ContextSource is generic so it can be >> used for both the FastBind and the other option. >> > > I tried it without userName and password properties as in the enclosed > config file (modified LDAP URL) > > That is no userName or password properties so that sounds correct? > > The UsernamePasswordCredentialsToPrincipalResolver should actually be >> configured already in your deployerConfigContext.xml. Unless you've >> removed >> it, there's no need to do anything with it! >> > > No I haven't removed it and I assumed that part didn't need changing as it > wasn't mentioned > > Have you tried starting up your CAS server after configuring it with LDAP? >> If you've got any Spring configuration issues you'll see them. If you >> have >> authentication issues you may not see them until you turn your logging >> level >> up (in the WEB-INF/classes/log4j.properties you can set it to DEBUG >> instead >> of INFO or WARN). >> > > When I tried with the attached deployer config it refused to start. Let me > say here that my Tomcat configuration is challenging as I have to run on > Centos and it already had an old JDK installed on it. I had to wrestle with > an eel just to get the 1.5 Sun JDK on there and used by Tomcat. I had to > manually tweak a link to get it to run at all and I couldn't get the > update-alternatives thing to work. Anyway, I get some "errors" even when > starting tomcat without CAS with LDAP :- > > Starting tomcat5: /usr/bin/rebuild-jar-repository: error: JVM_LIBDIR > /usr/lib/jvm-exports/java does not exist or is not a directory > /usr/bin/rebuild-jar-repository: error: JVM_LIBDIR > (repeated 3 times) > > catalina.out contains:- > log4j:ERROR setFile(null,true) call failed. > java.io.FileNotFoundException: cas.log (Permission denied) > > But I can log into CAS using the simple authenticator so it's not > completely fatal > > Anyway, I then switch to the attached deployerConfigControl.xml and I lose > the CAS login page altogether and just receive a message thus: > > HTTP Status 404 - /cas-server-webapp-3.2.1/index.jsp > > type Status report > > message /cas-server-webapp-3.2.1/index.jsp > > description The requested resource (/cas-server-webapp-3.2.1/index.jsp) is > not available. > Apache Tomcat/5.5.23 > > Sun also has some LDAP specific logging stuff. >> > > Cheers > > > -- > Matthew Jones > Interactive Data Managed Solutions Ltd > ----------------------------------------------------------------------- > Registered in England Company Number 3691868 > Registered Office: Suite 1101 Eagle Tower | Montpellier Drive | Cheltenham > | Gloucestershire | GL50 1TA > Tel: +44 (0)1242 694133 | Fax: +44 (0)1242 694109 > [EMAIL PROTECTED] > http://www.interactivedata-ms.com/694133 > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > >
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
