date:20160908

[cas-user] ldapAuthenticationHandler

2016-09-08 Thread Jeffrey Ramsay

Ok. I tried to follow the link to setup LDAP authentication and it's not
working.

https://apereo.github.io/cas/development/installation/Configuration-Properties.html#ldap-authentication

I configured the following in cas.properties but I'm not sure if I'm on the
right path:

##
# CAS Authentication Policy
#
cas.authn.policy.any.tryall=false
cas.authn.policy.req.tryall=true
cas.authn.policy.req.handlername=ldapAuthenticationHandler
#cas.authn.policy.req.handlername=org.apereo.cas.authentication.LdapAuthenticationHandler
cas.authn.policy.req.enabled=true

##
# Ldap Authentication
#
cas.authn.accept.users=
cas.authn.ldap[0].ldapUrl=ldap://localhost:389
cas.authn.ldap[0].useSsl=false
cas.authn.ldap[0].useStartTls=false
cas.authn.ldap[0].connectTimeout=5000

I don't know how to configure the deployerConfigContext.xml if that's even
needed at all. I found an overlay someone uploaded and it had something
along these lines but it's not correct.

Any help would be most appreciated.

-Jeff

--
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/19c7df38-79f9-4330-be63-6134ba7f21f8%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

Re: [cas-user] How to combine LDAP and static users from a file

2016-09-08 Thread Josep Manel Andrés


sorry,
I've missed "file:"


p:fileName="/etc/cas/local-users.properties" />


p:fileName="file:/etc/cas/local-users.properties" />


Thanks a lot, now it works.

On 08/09/16 16:47, William G. Thompson, Jr. wrote:

2016-09-08 16:25:21,599 ERROR
[org.jasig.cas.authentication.PolicyBasedAuthenticationManager] -



Read permissions on /etc/cas/local-users.properties?


On Thu, Sep 8, 2016 at 10:32 AM, Josep Manel Andrés  wrote:

Hi Willian,
Great! It kind of worked :)
I have put this in the authenticationManager Bean:

 
 
 
 
 
 
 
 


And this before ldapAuthenticationHandler:

  




But now I am getting this error:

2016-09-08 16:25:21,599 INFO
[org.jasig.cas.authentication.PolicyBasedAuthenticationManager] -

2016-09-08 16:25:21,599 ERROR
[org.jasig.cas.authentication.PolicyBasedAuthenticationManager] -



Any hint?

Cheers.



On 08/09/16 13:58, William G. Thompson, Jr. wrote:


Yes, with CAS all things are possible. :)

AuthN handlers can be changed so you can have both.  Something like
this would work. You'll need to make sure your usernames don't
overlap.

  

  

Also see
https://apereo.github.io/cas/4.1.x/installation/Whitelist-Authentication.html

Best,
Bill



On Thu, Sep 8, 2016 at 4:45 AM, Josep Manel Andrés 
wrote:


Hi all,
We've got a CAS server for our systems with an LDAP backend, which works
great, but we have an special case in which an app needs to be able to
login
with root account, but this is not on the LDAP.

So my question is how it's possible to combine both systems, LDAP login
and
a username and password for root account only. I would like to keep it
simple.

Best regards.

--
Josep Manel Andrés (josep.and...@bsc.es)
Operations - Barcelona Supercomputing Center
C/ Jordi Girona, 31  http://www.bsc.es
08034 Barcelona, Spain Tel: +34-93-405 42 14
e-mail: syst...@bsc.es Fax: +34-93-413 77 21
---

WARNING / LEGAL TEXT: This message is intended only for the use of the
individual or entity to which it is addressed and may contain
information which is privileged, confidential, proprietary, or exempt
from disclosure under applicable law. If you are not the intended
recipient or the person responsible for delivering the message to the
intended recipient, you are strictly prohibited from disclosing,
distributing, copying, or in any way using this message. If you have
received this communication in error, please notify the sender and
destroy and delete any copies you may have received.

http://www.bsc.es/disclaimer

--
You received this message because you are subscribed to the Google Groups
"CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at
https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit

https://groups.google.com/a/apereo.org/d/msgid/cas-user/57D1250D.1040903%40bsc.es.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.



--
Josep Manel Andrés (josep.and...@bsc.es)
Operations - Barcelona Supercomputing Center
C/ Jordi Girona, 31  http://www.bsc.es
08034 Barcelona, Spain Tel: +34-93-405 42 14
e-mail: syst...@bsc.es Fax: +34-93-413 77 21
---

WARNING / LEGAL TEXT: This message is intended only for the use of the
individual or entity to which it is addressed and may contain
information which is privileged, confidential, proprietary, or exempt
from disclosure under applicable law. If you are not the intended
recipient or the person responsible for delivering the message to the
intended recipient, you are strictly prohibited from disclosing,
distributing, copying, or in any way using this message. If you have
received this communication in error, please notify the sender and
destroy and delete any copies you may have received.

http://www.bsc.es/disclaimer


--
Josep Manel Andrés (josep.and...@bsc.es)
Operations - Barcelona Supercomputing Center
C/ Jordi Girona, 31  http://www.bsc.es
08034 Barcelona, Spain Tel: +34-93-405 42 14
e-mail: syst...@bsc.es Fax: +34-93-413 77 21
---

WARNING / LEGAL TEXT: This message is intended only for the use of the
individual or entity to which it is addressed and may contain
information which is privileged, confidential, proprietary, or exempt
from disclosure under applicable law. If you are not the intended
recipient or the person responsible for delivering the message to the
intended recipient, you are strictly prohibited from disclosing,
distributing, copying, or in any way using this message. If you have
received this communication in error, please notify the sender and
destroy and delete any copies you may have received.

Re: [cas-user] How to combine LDAP and static users from a file

2016-09-08 Thread William G. Thompson, Jr.

> 2016-09-08 16:25:21,599 ERROR
> [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] -
>  not open ServletContext resource [/etc/cas/local-users.properties])>

Read permissions on /etc/cas/local-users.properties?


On Thu, Sep 8, 2016 at 10:32 AM, Josep Manel Andrés  wrote:
> Hi Willian,
> Great! It kind of worked :)
> I have put this in the authenticationManager Bean:
>
>  class="org.jasig.cas.authentication.PolicyBasedAuthenticationManager">
> 
> 
>  value-ref="proxyPrincipalResolver" />
>  />
> 
> 
> 
>
>
> And this before ldapAuthenticationHandler:
>
>  
> class="org.jasig.cas.adaptors.generic.FileAuthenticationHandler"
> p:fileName="/etc/cas/local-users.properties" />
>
>
>
>
> But now I am getting this error:
>
> 2016-09-08 16:25:21,599 INFO
> [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] -
> 
> 2016-09-08 16:25:21,599 ERROR
> [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] -
>  not open ServletContext resource [/etc/cas/local-users.properties])>
>
>
> Any hint?
>
> Cheers.
>
>
>
> On 08/09/16 13:58, William G. Thompson, Jr. wrote:
>>
>> Yes, with CAS all things are possible. :)
>>
>> AuthN handlers can be changed so you can have both.  Something like
>> this would work. You'll need to make sure your usernames don't
>> overlap.
>>
>>  >
>> class="org.jasig.cas.adaptors.generic.FileAuthenticationHandler"
>>  p:fileName="/path/to/local-users.properties" />
>>
>>  >
>> class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler"
>>  p:contextSource-ref="ldapAuthContext"
>>  />
>>
>> Also see
>> https://apereo.github.io/cas/4.1.x/installation/Whitelist-Authentication.html
>>
>> Best,
>> Bill
>>
>>
>>
>> On Thu, Sep 8, 2016 at 4:45 AM, Josep Manel Andrés 
>> wrote:
>>>
>>> Hi all,
>>> We've got a CAS server for our systems with an LDAP backend, which works
>>> great, but we have an special case in which an app needs to be able to
>>> login
>>> with root account, but this is not on the LDAP.
>>>
>>> So my question is how it's possible to combine both systems, LDAP login
>>> and
>>> a username and password for root account only. I would like to keep it
>>> simple.
>>>
>>> Best regards.
>>>
>>> --
>>> Josep Manel Andrés (josep.and...@bsc.es)
>>> Operations - Barcelona Supercomputing Center
>>> C/ Jordi Girona, 31  http://www.bsc.es
>>> 08034 Barcelona, Spain Tel: +34-93-405 42 14
>>> e-mail: syst...@bsc.es Fax: +34-93-413 77 21
>>> ---
>>>
>>> WARNING / LEGAL TEXT: This message is intended only for the use of the
>>> individual or entity to which it is addressed and may contain
>>> information which is privileged, confidential, proprietary, or exempt
>>> from disclosure under applicable law. If you are not the intended
>>> recipient or the person responsible for delivering the message to the
>>> intended recipient, you are strictly prohibited from disclosing,
>>> distributing, copying, or in any way using this message. If you have
>>> received this communication in error, please notify the sender and
>>> destroy and delete any copies you may have received.
>>>
>>> http://www.bsc.es/disclaimer
>>>
>>> --
>>> You received this message because you are subscribed to the Google Groups
>>> "CAS Community" group.
>>> To unsubscribe from this group and stop receiving emails from it, send an
>>> email to cas-user+unsubscr...@apereo.org.
>>> To post to this group, send email to cas-user@apereo.org.
>>> Visit this group at
>>> https://groups.google.com/a/apereo.org/group/cas-user/.
>>> To view this discussion on the web visit
>>>
>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/57D1250D.1040903%40bsc.es.
>>> For more options, visit https://groups.google.com/a/apereo.org/d/optout.
>
>
> --
> Josep Manel Andrés (josep.and...@bsc.es)
> Operations - Barcelona Supercomputing Center
> C/ Jordi Girona, 31  http://www.bsc.es
> 08034 Barcelona, Spain Tel: +34-93-405 42 14
> e-mail: syst...@bsc.es Fax: +34-93-413 77 21
> ---
>
> WARNING / LEGAL TEXT: This message is intended only for the use of the
> individual or entity to which it is addressed and may contain
> information which is privileged, confidential, proprietary, or exempt
> from disclosure under applicable law. If you are not the intended
> recipient or the person responsible for delivering the message to the
> intended recipient, you are strictly prohibited from disclosing,
> distributing, copying, or in any way using this message. If you have
> received this communication in error, please notify the sender and
> destroy and delete any copies you may have received.
>
> http://www.bsc.es/disclaimer

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To

Re: [cas-user] How to combine LDAP and static users from a file

2016-09-08 Thread Josep Manel Andrés


Hi Willian,
Great! It kind of worked :)
I have put this in the authenticationManager Bean:

class="org.jasig.cas.authentication.PolicyBasedAuthenticationManager">



value-ref="proxyPrincipalResolver" />
value="#{null}" />






And this before ldapAuthenticationHandler:

 




But now I am getting this error:

2016-09-08 16:25:21,599 INFO 
[org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - 

2016-09-08 16:25:21,599 ERROR 
[org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - 
Could not open ServletContext resource [/etc/cas/local-users.properties])>



Any hint?

Cheers.


On 08/09/16 13:58, William G. Thompson, Jr. wrote:

Yes, with CAS all things are possible. :)

AuthN handlers can be changed so you can have both.  Something like
this would work. You'll need to make sure your usernames don't
overlap.

 

 

Also see 
https://apereo.github.io/cas/4.1.x/installation/Whitelist-Authentication.html

Best,
Bill



On Thu, Sep 8, 2016 at 4:45 AM, Josep Manel Andrés  wrote:

Hi all,
We've got a CAS server for our systems with an LDAP backend, which works
great, but we have an special case in which an app needs to be able to login
with root account, but this is not on the LDAP.

So my question is how it's possible to combine both systems, LDAP login and
a username and password for root account only. I would like to keep it
simple.

Best regards.

--
Josep Manel Andrés (josep.and...@bsc.es)
Operations - Barcelona Supercomputing Center
C/ Jordi Girona, 31  http://www.bsc.es
08034 Barcelona, Spain Tel: +34-93-405 42 14
e-mail: syst...@bsc.es Fax: +34-93-413 77 21
---

WARNING / LEGAL TEXT: This message is intended only for the use of the
individual or entity to which it is addressed and may contain
information which is privileged, confidential, proprietary, or exempt
from disclosure under applicable law. If you are not the intended
recipient or the person responsible for delivering the message to the
intended recipient, you are strictly prohibited from disclosing,
distributing, copying, or in any way using this message. If you have
received this communication in error, please notify the sender and
destroy and delete any copies you may have received.

http://www.bsc.es/disclaimer

--
You received this message because you are subscribed to the Google Groups
"CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/57D1250D.1040903%40bsc.es.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.


--
Josep Manel Andrés (josep.and...@bsc.es)
Operations - Barcelona Supercomputing Center
C/ Jordi Girona, 31  http://www.bsc.es
08034 Barcelona, Spain Tel: +34-93-405 42 14
e-mail: syst...@bsc.es Fax: +34-93-413 77 21
---

WARNING / LEGAL TEXT: This message is intended only for the use of the
individual or entity to which it is addressed and may contain
information which is privileged, confidential, proprietary, or exempt
from disclosure under applicable law. If you are not the intended
recipient or the person responsible for delivering the message to the
intended recipient, you are strictly prohibited from disclosing,
distributing, copying, or in any way using this message. If you have
received this communication in error, please notify the sender and
destroy and delete any copies you may have received.

http://www.bsc.es/disclaimer

--
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/57D17675.3040701%40bsc.es.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

Re: [cas-user] How to combine LDAP and static users from a file

2016-09-08 Thread William G. Thompson, Jr.

Yes, with CAS all things are possible. :)

AuthN handlers can be changed so you can have both.  Something like
this would work. You'll need to make sure your usernames don't
overlap.





Also see 
https://apereo.github.io/cas/4.1.x/installation/Whitelist-Authentication.html

Best,
Bill



On Thu, Sep 8, 2016 at 4:45 AM, Josep Manel Andrés  wrote:
> Hi all,
> We've got a CAS server for our systems with an LDAP backend, which works
> great, but we have an special case in which an app needs to be able to login
> with root account, but this is not on the LDAP.
>
> So my question is how it's possible to combine both systems, LDAP login and
> a username and password for root account only. I would like to keep it
> simple.
>
> Best regards.
>
> --
> Josep Manel Andrés (josep.and...@bsc.es)
> Operations - Barcelona Supercomputing Center
> C/ Jordi Girona, 31  http://www.bsc.es
> 08034 Barcelona, Spain Tel: +34-93-405 42 14
> e-mail: syst...@bsc.es Fax: +34-93-413 77 21
> ---
>
> WARNING / LEGAL TEXT: This message is intended only for the use of the
> individual or entity to which it is addressed and may contain
> information which is privileged, confidential, proprietary, or exempt
> from disclosure under applicable law. If you are not the intended
> recipient or the person responsible for delivering the message to the
> intended recipient, you are strictly prohibited from disclosing,
> distributing, copying, or in any way using this message. If you have
> received this communication in error, please notify the sender and
> destroy and delete any copies you may have received.
>
> http://www.bsc.es/disclaimer
>
> --
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To post to this group, send email to cas-user@apereo.org.
> Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/57D1250D.1040903%40bsc.es.
> For more options, visit https://groups.google.com/a/apereo.org/d/optout.

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAPpkTuGBEs3ZsatFWgw5%2BrfbqV3F0AvQsT9xwDkW1DPZkTjrXg%40mail.gmail.com.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

Re: [cas-user] Custom Authentication Handler in version 5.0.0

2016-09-08 Thread Misagh Moayyed

Example:
https://github.com/apereo/cas/blob/master/cas-server-support-digest-authentication/src/main/java/org/apereo/cas/digest/config/DigestAuthenticationConfiguration.java#L128

--
Misagh

From: Gokhan Mansuroglu
Reply: Gokhan Mansuroglu
Date: September 8, 2016 at 1:17:32 PM
To: CAS Community
Subject: [cas-user] Custom Authentication Handler in version 5.0.0

Hi,

Let's say I have a custom AbcAuthencticationHandler and AbcCredentials. How can
i configure this custom auhtentication handler ? In previous versions this can
be handled in deployerConfigContext.xml, but how it is done in version 5.0.0 ?

Thanks.
--
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/0a0ba25b-2dff-4cae-aa1b-a639cd629bc9%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

--
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/etPan.57d12c80.60656735.13888%40unicon.net.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

[cas-user] How to combine LDAP and static users from a file

2016-09-08 Thread Josep Manel Andrés


Hi all,
We've got a CAS server for our systems with an LDAP backend, which works 
great, but we have an special case in which an app needs to be able to 
login with root account, but this is not on the LDAP.


So my question is how it's possible to combine both systems, LDAP login 
and a username and password for root account only. I would like to keep 
it simple.


Best regards.

--
Josep Manel Andrés (josep.and...@bsc.es)
Operations - Barcelona Supercomputing Center
C/ Jordi Girona, 31  http://www.bsc.es
08034 Barcelona, Spain Tel: +34-93-405 42 14
e-mail: syst...@bsc.es Fax: +34-93-413 77 21
---

WARNING / LEGAL TEXT: This message is intended only for the use of the
individual or entity to which it is addressed and may contain
information which is privileged, confidential, proprietary, or exempt
from disclosure under applicable law. If you are not the intended
recipient or the person responsible for delivering the message to the
intended recipient, you are strictly prohibited from disclosing,
distributing, copying, or in any way using this message. If you have
received this communication in error, please notify the sender and
destroy and delete any copies you may have received.

http://www.bsc.es/disclaimer

--
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/57D1250D.1040903%40bsc.es.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

[cas-user] ldapAuthenticationHandler

Re: [cas-user] How to combine LDAP and static users from a file

Re: [cas-user] How to combine LDAP and static users from a file

Re: [cas-user] How to combine LDAP and static users from a file

Re: [cas-user] How to combine LDAP and static users from a file

Re: [cas-user] Custom Authentication Handler in version 5.0.0

[cas-user] How to combine LDAP and static users from a file

7 matches

Site Navigation

Mail list logo

Footer information