Re: [cas-user] Re: cas-overlay-template with 5.1.0 problems

[Ashley Mort]

Thank you for helping me understand.

In 5.1.0, I found that I had to add "cas.serviceRegistry.initFromJson=true"
to my src\main\resources\application.xml for it to even read
HTTPSandIMAPS-1001.json
and allow any apps.

Now that I fixed that issue, when I log out, I can still get back to my app
without logging in again through CAS.

None of these issues are present in 5.0.6 so I think I will just revert to
using that version for now.

On Tue, Jun 6, 2017 at 8:29 PM, Soumya Tripathy 
wrote:

> HTTPSandIMAPS-1001.json file is the default service registry
> configuration file provided by cas. You can override this file by creating
> a same file under src/main/resources/services.
>
> I presume  your client application is hosted as a http url.
> As you can see the default service Id is serviceId" :
> "^(https|imaps)://.*",
>
> Which will allow only applications started with https URL or imaps.
> Replace this serviceId with "^(http|https|imaps)://.*",
> Which will allow all the application.
>
> Hope this help.
>
> Cheers
> Soumya
>
> --
> - CAS gitter chatroom: https://gitter.im/apereo/cas
> - CAS mailing list guidelines: https://apereo.github.io/cas/
> Mailing-Lists.html
> - CAS documentation website: https://apereo.github.io/cas
> - CAS project website: https://github.com/apereo/cas
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/afd40f60-5d21-4391-befd-
> 23d2f26bb3e2%40apereo.org.
>

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CACAWN8U0j7dcHV0_YeEKH54xUWLDp7Q3nubFOAhV9QzxTDnC9Q%40mail.gmail.com.

[cas-user] CAS Management application admins via attribute return

[Richard Frovarp]

I'm trying to get the CAS Management application in 5.1.0 to work with 
attribute return from the CAS authentication.


My user-details.properties is empty, if it doesn't exist I get an error.

cas.mgmt.adminRoles[0]="CN=Some,CN=AD-Group,DC=ad,DC=example,DC=com"
cas.mgmt.authzAttributes[0]=memberOf

I have tried with and without the array notation. I have tried with and 
without quotes surrounding the AD group name. I can see in another 
application that the memberOf trait is coming out of CAS correctly, and 
the group listed as the role is in there and is correct.


I'm not sure what I'm missing.

Thanks,

Richard

--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS Community" group.

To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/41c2b5b9-c659-32be-13c7-23441c2a713a%40ndsu.edu.

RE: [cas-user] Attribute Repository using other than username

[Misagh Moayyed]

I *think* I know what you did. Share the code somewhere and I should be able 
to point out options. You will need to write code for this, I suspect, but 
need to see working code before I can dig in further.

You are going to have to write code, that cascades queries. This is nothing 
new to 5; it's an attribute repository thing. 5 does not expose this as an 
option, thus the need for code.

--Misagh


-Original Message-
From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of Jeffrey 
Simpson
Sent: Wednesday, June 7, 2017 4:22 PM
To: cas-user@apereo.org
Subject: [cas-user] Attribute Repository using other than username


I am trying to upgrade my CAS installation  from 3.5 to 5.1.

I need to query a database for security roles.   The problem I am having is 
that they are not keyed on the user's username.  They are keyed on a id that 
we keep in LDAP.  I can get the LDAP authentication to return the ID fine 
but all of the AttributeRepositories  seem to only take username as the 
input.

In 3.5 I extended AbstractDefaultAttributePersonAttributeDao made it the 
attribute repository and on the constructor passed in a 
LdapPersonAttributeDao which I called to populate the attributes from LDAP. 
Then got the ID out of them and did my query.


Is there a way to access the attributes from the Attribute Repositories? 
Any Ideas?

Jeffrey Simpson  | Senior Software Engineer Youth For Understanding USA
(p) 202.774.5266 (f) 202.588.7571

--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: 
https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups 
"CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an 
email to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/BN6PR1001MB2049C8C3645C904C343F3E2FB1CB0%40BN6PR1001MB2049.namprd10.prod.outlook.com.

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/020c01d2dfcd%241800a1b0%244801e510%24%40unicon.net.

[cas-user] Attribute Repository using other than username

[Jeffrey Simpson]

I am trying to upgrade my CAS installation  from 3.5 to 5.1. 

I need to query a database for security roles.   The problem I am having is 
that they are not keyed on the user's username.  They are keyed on a id that we 
keep in LDAP.  I can get the LDAP authentication to return the ID fine but all 
of the AttributeRepositories  seem to only take username as the input.  

In 3.5 I extended AbstractDefaultAttributePersonAttributeDao made it the 
attribute repository and on the constructor passed in a LdapPersonAttributeDao 
which I called to populate the attributes from LDAP.  Then got the ID out of 
them and did my query.


Is there a way to access the attributes from the Attribute Repositories?  Any 
Ideas?

Jeffrey Simpson  | Senior Software Engineer
Youth For Understanding USA
(p) 202.774.5266 (f) 202.588.7571 

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/BN6PR1001MB2049C8C3645C904C343F3E2FB1CB0%40BN6PR1001MB2049.namprd10.prod.outlook.com.

Re: [cas-user] CAS 5.0.5 Login in CAS Manager

[Marco Osorio]

Hi Sesharaju,

Could you explain where the authorizations to the manager page are 
indicated?
I was unable to access the manager.
I have LDAP + SAML2 configured, I've got the admin users in the 
users-details.properties but still the access error denied.
It was with other issues, and had the configuration parked.

Thanks for your help or anyone who can participate.



El lunes, 29 de mayo de 2017, 7:37:14 (UTC+2), sesharaju sv escribió:
>
> Hello Marco Osorio, 
>
> you have to configure the services in CAS 5.0.5 to authorize the URL 
> of management application and also you need to configure the user 
> authorization to allow access the admin pages of the CAS Management 
> application. 
>
> Please check if you have done those 2 task and still you see the same 
> message do let me know i will help you. 
>
> Thanks 
> Seshu 
>
> On 26 May 2017 at 16:07, Marco Osorio  
> wrote: 
> > 
> > Hello everyone, 
> > 
> > I have been able to configure CAS 5.0.5 standalone mode with LDAP AD and 
> > authenticates correctly. There are some CSS and JS errors that do not 
> find 
> > the correct path, but it is somewhat minor to do the tests. 
> > Now I'm deploying CAS-MANAGEMENT and booting without any errors, the 
> problem 
> > is that when I access cas-management, it tells me that the application 
> is 
> > not authorized to use CAS. 
> > I wonder, How do I have to authorize the manager to access it. With 
> version 
> > 4.2.7, I think there is a property, but in the overlay there are none. 
> > 
> > Thanks in advance 
> > 
> > -- 
> > - CAS gitter chatroom: https://gitter.im/apereo/cas 
> > - CAS mailing list guidelines: 
> > https://apereo.github.io/cas/Mailing-Lists.html 
> > - CAS documentation website: https://apereo.github.io/cas 
> > - CAS project website: https://github.com/apereo/cas 
> > --- 
> > You received this message because you are subscribed to the Google 
> Groups 
> > "CAS Community" group. 
> > To unsubscribe from this group and stop receiving emails from it, send 
> an 
> > email to cas-user+u...@apereo.org . 
> > To view this discussion on the web visit 
> > 
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/ee73489d-c657-4d00-8e35-9b1275216442%40apereo.org.
>  
>
>
>
>
> -- 
> Venkata S Sadhu (Seshu) 
> India (Mobile) : +91 7032638062 (WhatsApp) 
> INDIA 
>

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/2928f49f-223b-4cc1-9c61-01dece21b282%40apereo.org.

[cas-user] Re: [CAS 5.0.x] json and inmemory all together in

[Didier Capdevielle]

Hi all,
It was a problem with an old installation of cas-management. 
Sorry.
Regards,

Le mardi 6 juin 2017 16:25:11 UTC+2, Didier Capdevielle a écrit :
>
> Sorry, bad manip'
>
> I follow.
>
> Le mardi 6 juin 2017 16:20:22 UTC+2, Didier Capdevielle a écrit :
>>
>> Hi all,
>> Maybe is there something i don't understand but ...
>>
>> I add cas-server-support-json-service-registry dependency.
>> I add parameters in cas.properties :
>> ...
>> ## Service Registry
>> # cas.serviceRegistry.watcherEnabled=true  OR uncommented
>> # cas.serviceRegistry.repeatInterval=12 OR uncommented
>> # cas.serviceRegistry.startDelay=15000   OR uncommented
>> cas.serviceRegistry.initFromJson=true
>>
>> ##
>> # JSON Service Registry
>> #
>> # Directory location where JSON service files may be found.
>> # v42x: service.registry.config.location=/etc/cas/json
>> # cas.serviceRegistry.config.location: classpath:/services
>> cas.serviceRegistry.config.location=file:///etc/cas/json/
>> ...
>>
>> I build and deploy and here is catalina.out :
>>
> 2017-06-06 15:53:15,323 INFO 
> [org.apereo.cas.services.DefaultServicesManagerImpl] -  from JsonServiceRegistryDao.>
> 2017-06-06 15:53:47,544 INFO 
> [org.apereo.cas.services.DefaultServicesManagerImpl] -  from InMemoryServiceRegistryDaoImpl.>
> 2017-06-06 15:54:15,323 INFO 
> [org.apereo.cas.services.DefaultServicesManagerImpl] -  from JsonServiceRegistryDao.>
> 2017-06-06 15:54:47,544 INFO 
> [org.apereo.cas.services.DefaultServicesManagerImpl] -  from InMemoryServiceRegistryDaoImpl.>
> 2017-06-06 15:55:15,324 INFO 
> [org.apereo.cas.services.DefaultServicesManagerImpl] -  from JsonServiceRegistryDao.>
> 2017-06-06 15:55:47,545 INFO 
> [org.apereo.cas.services.DefaultServicesManagerImpl] -  from InMemoryServiceRegistryDaoImpl.>
> 2017-06-06 15:56:15,326 INFO 
> [org.apereo.cas.services.DefaultServicesManagerImpl] -  from JsonServiceRegistryDao.>
> 2017-06-06 15:56:47,545 INFO 
> [org.apereo.cas.services.DefaultServicesManagerImpl] -  from InMemoryServiceRegistryDaoImpl.>
> 2017-06-06 15:57:15,327 INFO 
> [org.apereo.cas.services.DefaultServicesManagerImpl] -  from JsonServiceRegistryDao.>
> 2017-06-06 15:57:47,546 INFO 
> [org.apereo.cas.services.DefaultServicesManagerImpl] -  from InMemoryServiceRegistryDaoImpl.>
> 2017-06-06 15:58:15,327 INFO 
> [org.apereo.cas.services.DefaultServicesManagerImpl] -  from JsonServiceRegistryDao.>
> 2017-06-06 15:58:47,546 INFO 
> [org.apereo.cas.services.DefaultServicesManagerImpl] -  from InMemoryServiceRegistryDaoImpl.>
> 2017-06-06 15:59:15,328 INFO 
> [org.apereo.cas.services.DefaultServicesManagerImpl] -  from JsonServiceRegistryDao.>
> 2017-06-06 15:59:47,547 INFO 
> [org.apereo.cas.services.DefaultServicesManagerImpl] -  from InMemoryServiceRegistryDaoImpl.>
> 2017-06-06 16:00:15,329 INFO 
> [org.apereo.cas.services.DefaultServicesManagerImpl] -  from JsonServiceRegistryDao.>
>
> And so on
>
> In 4.2.1, i choosed JSON on deployerConfigContext.xml but now ?
>
> What's wrong ? 
> How to stop inMemoryService ? Where ?
>
> Thanks in advance,
> Best regards.
>  
>

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/1cb84650-20e2-4e27-a449-40b27e0ad666%40apereo.org.

[cas-user] CAS 5.1 Password expired issues

[Pavlos Drandakis]

Hello all,

I am trying to setup CAS 5.1 (using the maven overlay method) to
authenticate users against an OpenLDAP server. If user's password is not
expired, everything works as expected. But, when user's password expires,
all I get is the "Invalid credentials" error in login page instead of the
password expired view.

This is what I have in cas.properties:
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].ldapUrl=ldap://ldap.example.com
cas.authn.ldap[0].useSsl=false
cas.authn.ldap[0].useStartTls=false
cas.authn.ldap[0].baseDn=dc=example,dc=com
cas.authn.ldap[0].userFilter=uid={user}
cas.authn.ldap[0].bindDn=cn=admin,dc=example,dc=com
cas.authn.ldap[0].bindCredential=secretpass

cas.authn.ldap[0].passwordPolicy.type=GENERIC
cas.authn.ldap[0].passwordPolicy.enabled=true

Am I missing something?
Thanks, in advance
Pavlos

P.S.: Relevant log entries:
2017-06-07 15:20:22,463 DEBUG
[org.apereo.cas.authentication.LdapAuthenticationHandler] - 
2017-06-07 15:20:22,464 DEBUG
[org.apereo.cas.authentication.support.DefaultAccountStateHandler] -

2017-06-07 15:20:22,465 INFO
[org.apereo.cas.authentication.PolicyBasedAuthenticationManager] -
<[LdapAuthenticationHandler] failed authenticating [auser]>
2017-06-07 15:20:22,465 DEBUG
[org.apereo.cas.authentication.PolicyBasedAuthenticationManager] -
<[LdapAuthenticationHandler] exception details: [null]>
2017-06-07 15:20:22,468 WARN
[org.apereo.cas.authentication.PolicyBasedAuthenticationManager] -


-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/d41c5617c375b7ada108bf29380118d6.squirrel%40webmail01.edunet.gr.

Re: [cas-user] Re: How to disable certificate check or trust a self-signed certificate?

[Ben Howell-Thomas]

If it's this :
https://apereo.github.io/cas/development/installation/Configuration-Properties.html#http-client

Then we needed to override HttpClientProperties to make it support a
suitable Truststore for our self-signed certificate.


On 31 May 2017 at 08:06, Emilian Mitocariu 
wrote:

> I tried to load the certificate with this command "keytool -import -alias
> "nccert" -file /opt/nc-cert/nccert.crt -keystore /usr/lib/jvm/java-1.8.0-
> openjdk-amd64/jre/lib/security/cacerts", but it either didn't work or the
> self-signed certificate is not the problem of the error. Thanks for the
> idea anyway.
>
> --
> - CAS gitter chatroom: https://gitter.im/apereo/cas
> - CAS mailing list guidelines: https://apereo.github.io/cas/
> Mailing-Lists.html
> - CAS documentation website: https://apereo.github.io/cas
> - CAS project website: https://github.com/apereo/cas
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/5713d20f-b63e-4813-99ee-
> 186b0b8a8255%40apereo.org
> 
> .
>

-- 
This email is sent on behalf of Northgate Public Services (UK) Limited and 
its associated companies including Rave Technologies (India) Pvt Limited 
(together "Northgate Public Services") and is strictly confidential and 
intended solely for the addressee(s). 
If you are not the intended recipient of this email you must: (i) not 
disclose, copy or distribute its contents to any other person nor use its 
contents in any way or you may be acting unlawfully;  (ii) contact 
Northgate Public Services immediately on +44(0)1908 264500 quoting the name 
of the sender and the addressee then delete it from your system.
Northgate Public Services has taken reasonable precautions to ensure that 
no viruses are contained in this email, but does not accept any 
responsibility once this email has been transmitted.  You should scan 
attachments (if any) for viruses.

Northgate Public Services (UK) Limited, registered in England and Wales 
under number 00968498 with a registered address of Peoplebuilding 2, 
Peoplebuilding Estate, Maylands Avenue, Hemel Hempstead, Hertfordshire, HP2 
4NN.  Rave Technologies (India) Pvt Limited, registered in India under 
number 117068 with a registered address of 2nd Floor, Ballard House, Adi 
Marzban Marg, Ballard Estate, Mumbai, Maharashtra, India, 41.

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAD0p8pvGcO2e%2BLgZBXXMM%3D6o7h6BWBiuuOEw%3DJS_dr2GEdqJEg%40mail.gmail.com.

[cas-user] Re: CAS 5.1 Overlay template doesn't work

[Marco Osorio]

Hi,
I answer me. I removed the tag  and ${app.server} from the 
pom.xml.
Pero qué dependencia hay que excluir para no usar spring-boot?

Thanks

El miércoles, 7 de junio de 2017, 12:34:22 (UTC+2), Marco Osorio escribió:
>
> Hi,
> Firts of all, excuse my English.
> I try to compile cas-server-5.1 to deploy it to an external server, but 
> the empty ** tag does not work, it generates 
> compilation error. 
> Exactly what is the value to allocate? Or should you remove the tag 
> altogether?
>
> Thank you and apologize for my ignorance!
>
> Spring Boot App Server Selection
>
> There is an app.server property in the pom.xml that can be used to select 
> a spring boot application server. It defaults to "-tomcat" but "-jetty" 
> and "-undertow" are supported.* It can also be set to an empty value 
> (nothing) if you want to deploy CAS to an external application server of 
> your choice and you don't want the spring boot libraries included.*
>
> -tomcat
>
>
>
>

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/e6e6ff59-f82f-4cb9-8732-5886855c5b12%40apereo.org.

[cas-user] CAS 5.1 Overlay template doesn't work

[Marco Osorio]

Hi,
Firts of all, excuse my English.
I try to compile cas-server-5.1 to deploy it to an external server, but the 
empty ** tag does not work, it generates 
compilation error. 
Exactly what is the value to allocate? Or should you remove the tag 
altogether?

Thank you and apologize for my ignorance!

Spring Boot App Server Selection

There is an app.server property in the pom.xml that can be used to select a 
spring boot application server. It defaults to "-tomcat" but "-jetty" and 
"-undertow" are supported.* It can also be set to an empty value (nothing) 
if you want to deploy CAS to an external application server of your choice 
and you don't want the spring boot libraries included.*

-tomcat



-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/ab48e753-1757-4491-aef5-0f9d51a426f8%40apereo.org.

[cas-user] Re: CAS Management App 5.0.0.RC2-SNAPSHOT

[Marco Osorio]

Hi,
Which solution did you find?
I have the users in user-details.properties but apparently do not load them 
correctly from the */opt/applications/cas-management/conf/* path, it is not 
the standard */etc/cas/config*.

Thanks in advance

El martes, 20 de septiembre de 2016, 17:58:16 (UTC+2), Jeffrey Ramsay 
escribió:
>
> Is the following entry correct for the user-details.properties file when 
> authenticating against LDAP? This matches my cas userid.
>
> jramsay=notused,ROLE_ADMIN
>
> Here's a snippet of my log:
>
> 2016-09-20 11:31:07,014 TRACE 
> [org.ldaptive.provider.jndi.JndiConnectionFactory] - <[[ldapUrl=ldap://
> adpods.binghamton.edu:389, count=0]] Attempting connection to ldap://
> adpods.binghamton.edu:389 for strategy 
> org.ldaptive.DefaultConnectionStrategy@50a0091f>
> 2016-09-20 11:31:07,016 DEBUG [org.ldaptive.BindOperation] -  request=[org.ldaptive.BindRequest@1433613577::bindDn=cn=ampodchg,cn=users,dc=pods,dc=bu,dc=int,
>  
> saslConfig=null, controls=null, referralHandler=null, 
> intermediateResponseHandlers=null] with 
> connection=[org.ldaptive.DefaultConnectionFactory$DefaultConnection@1890505163::config=[org.ldaptive.ConnectionConfig@1651677049::ldapUrl=ldap://
> adpods.binghamton.edu:389, connectTimeout=PT1H23M20S, 
> responseTimeout=null, 
> sslConfig=[org.ldaptive.ssl.SslConfig@1293761849::credentialConfig=null, 
> trustManagers=null, enabledCipherSuites=null, enabledProtocols=null, 
> handshakeCompletedListeners=null], useSSL=false, useStartTLS=false, 
> connectionInitializer=[org.ldaptive.BindConnectionInitializer@592758222::bindDn=cn=ampodchg,cn=users,dc=pods,dc=bu,dc=int,
>  
> bindSaslConfig=null, bindControls=null], 
> connectionStrategy=org.ldaptive.DefaultConnectionStrategy@50a0091f], 
> providerConnectionFactory=[org.ldaptive.provider.jndi.JndiConnectionFactory@1705614669::metadata=[ldapUrl=ldap://
> adpods.binghamton.edu:389, count=1], 
> environment={com.sun.jndi.ldap.connect.timeout=500, 
> java.naming.ldap.version=3, 
> java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory}, 
> classLoader=null, 
> providerConfig=[org.ldaptive.provider.jndi.JndiProviderConfig@436912864::operationExceptionResultCodes=[PROTOCOL_ERROR,
>  
> SERVER_DOWN], properties={}, 
> controlProcessor=org.ldaptive.provider.ControlProcessor@200818f5, 
> environment=null, tracePackets=null, removeDnUrls=true, 
> searchIgnoreResultCodes=[TIME_LIMIT_EXCEEDED, SIZE_LIMIT_EXCEEDED, 
> PARTIAL_RESULTS], classLoader=null, sslSocketFactory=null, 
> hostnameVerifier=null]], 
> providerConnection=org.ldaptive.provider.jndi.JndiConnection@b219e63]>
> 2016-09-20 11:31:07,021 DEBUG [org.ldaptive.BindOperation] -  response=[org.ldaptive.Response@1194735987::result=null, 
> resultCode=SUCCESS, message=null, matchedDn=null, responseControls=null, 
> referralURLs=null, messageId=-1] for 
> request=[org.ldaptive.BindRequest@1433613577::bindDn=cn=ampodchg,cn=users,dc=pods,dc=bu,dc=int,
>  
> saslConfig=null, controls=null, referralHandler=null, 
> intermediateResponseHandlers=null] with 
> connection=[org.ldaptive.DefaultConnectionFactory$DefaultConnection@1890505163::config=[org.ldaptive.ConnectionConfig@1651677049::ldapUrl=ldap://
> adpods.binghamton.edu:389, connectTimeout=PT1H23M20S, 
> responseTimeout=null, 
> sslConfig=[org.ldaptive.ssl.SslConfig@1293761849::credentialConfig=null, 
> trustManagers=null, enabledCipherSuites=null, enabledProtocols=null, 
> handshakeCompletedListeners=null], useSSL=false, useStartTLS=false, 
> connectionInitializer=[org.ldaptive.BindConnectionInitializer@592758222::bindDn=cn=ampodchg,cn=users,dc=pods,dc=bu,dc=int,
>  
> bindSaslConfig=null, bindControls=null], 
> connectionStrategy=org.ldaptive.DefaultConnectionStrategy@50a0091f], 
> providerConnectionFactory=[org.ldaptive.provider.jndi.JndiConnectionFactory@1705614669::metadata=[ldapUrl=ldap://
> adpods.binghamton.edu:389, count=1], 
> environment={com.sun.jndi.ldap.connect.timeout=500, 
> java.naming.ldap.version=3, 
> java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory}, 
> classLoader=null, 
> providerConfig=[org.ldaptive.provider.jndi.JndiProviderConfig@436912864::operationExceptionResultCodes=[PROTOCOL_ERROR,
>  
> SERVER_DOWN], properties={}, 
> controlProcessor=org.ldaptive.provider.ControlProcessor@200818f5, 
> environment=null, tracePackets=null, removeDnUrls=true, 
> searchIgnoreResultCodes=[TIME_LIMIT_EXCEEDED, SIZE_LIMIT_EXCEEDED, 
> PARTIAL_RESULTS], classLoader=null, sslSocketFactory=null, 
> hostnameVerifier=null]], 
> providerConnection=org.ldaptive.provider.jndi.JndiConnection@b219e63]>
> 2016-09-20 11:31:07,021 INFO [org.ldaptive.pool.BlockingConnectionPool] - 
>  org.ldaptive.pool.AbstractConnectionPool$DefaultPooledConnectionProxy@70afafd2>
> 2016-09-20 11:31:07,021 DEBUG [org.ldaptive.pool.BlockingConnectionPool] - 
>  [org.ldaptive.pool.Queue@101255::queueType=LIFO, 
> queue=[org.ldaptive.pool.AbstractConnectionPool$DefaultPooledConnectionProxy@70afafd2,
>  
> 

[cas-user] NullPointer when validating Service Ticket

[Bergner, Arnold]

Hi,

I've been running CAS 5.1.0 RC4 from the overlay project with Ignite Ticket 
Registry on multiple nodes with CAS and SAML2 protocols, all working well.

Since the upgrade to 5.1.0 I get exceptions when service tickets are validated. 
My client application receives a http 500 error. I attached the sanitized part 
from the cas logs and my overlay pom.

I switched to 5.1.0 RC4 and it worked again. Switch to in memory registry also 
works.

I don't see any changes in the ignite registry code between the two releases. 
The logs don't seem to speak to me.

Any help appreciated.

Regards,
Arnold


-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/7350387f84014454a4271f0d6e177401%40hrz.tu-darmstadt.de.


pom.xml
Description: pom.xml


cas.log
Description: cas.log