RE: Re: cas login exception

Wed, 27 Aug 2008 03:34:43 -0700 

Thanks Andrew for your quick answer.
 
I got the certificate from the LDAP server, and I have imported it to my 
keystore. Now, when I try to login to CAS, it tells that my credentials are 
invalid.
 
Could be that instead of the LDAP server name I have wroten the server IP 
address on deployerConfigContext.xml?? 
 
Thanks again! 
 
Here it is my deployerConfigContext.xml:
 
<bean class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler">        
                        <property name="filter" value="uid=%u" />               
     <property name="searchBase" value="dc=aaa, dc=aaa, dc=aa"/> (those aaa are 
the dc of the ldap)                    <property name="contextSource" 
ref="contextSource" />                </bean>            </list>        
</property>    </bean>                <bean id="contextSource" 
class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource">    
<property name="anonymousReadOnly" value="false"/>    <property name="pooled" 
value="true"/>    <property name="urls">        <list>                       
<value>ldaps://XXX.XXX.XX.XX:636/</value> (those XXX are the IP of the LDAP 
server)        </list>    </property>       <property 
name="baseEnvironmentProperties">        <map>            <entry>               
 <key>                    <value>java.naming.security.protocol</value>          
      </key>                <value>ssl</value>            </entry>            
<entry>                <key>                    
<value>java.naming.security.authentication</value>                </key>        
        <value>simple</value>            </entry>        </map>    
</property></bean>
 
> Laura,> > It appears that Tomcat is having issues with the SSL certificate 
> used by> your OpenLDAP server; i.e. it does not trust it. I am having 
> trouble> accessing the URL you specified within your email> 
> (http://www.ja-sig.org/wiki/pages/viewpage.action?pageId=10649670). If you> 
> are handling SSL certificates with keystores, then you will need to add the> 
> LDAP server?s SSL certificate to your keystore.> > A-> > > My 
> deployerConfigContext is:> > > > > > ldaps://XXX.XXX.XX.XX:636/> > > > > > > 
> > Can I use an IP address there instead of LDAP server name?> > 
_________________________________________________________________
¿Quieres los emoticonos y guiños más divertidos? Descárgate Internet Explorer 
7, y consigue contenidos exclusivos cada semana. ¡Gratis!
http://www.vivelive.com/IEAK7
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas

Reply via email to