[cas-user] Re: Inspektr audit says AUTHENTICATION_SUCCESS on authentication failures

2018-03-07 Thread Satnam Sarai 
I noticing same thing in 5.2.3.   



On Monday, March 5, 2018 at 7:33:52 AM UTC-8, Olivier wrote:
>
> Has this already been fixed in the CAS release 5.2.3 ?
>
> On Tuesday, January 23, 2018 at 5:38:15 AM UTC-5, Oscar del Pozo wrote:
>>
>> There is a bug in the module inspektr-audit-1.7.1.GA when an Exception 
>> is thrown on an authentication process that ends logging the authentication 
>> as successfully:
>>
>> Logs:
>>
>> 2018-01-23 11:18:18,583 ERROR 
>>> [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - 
>>> >> has failed. Credentials may be incorrect or CAS cannot find 
>>> authentication handler that supports 
>>> [org.apereo.cas.authentication.principal.ClientCredential@77d80cf8[id=]]
>>>  
>>> of type [ClientCredential].>
>>> 2018-01-23 11:18:57,038 INFO 
>>> [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - >> trail record BEGIN
>>> =
>>> WHO: null
>>> WHAT: Supplied credentials: 
>>> [org.apereo.cas.authentication.principal.ClientCredential@77d80cf8[id=]]
>>> ACTION: AUTHENTICATION_SUCCESS
>>> APPLICATION: CAS
>>> WHEN: Tue Jan 23 11:18:57 CET 2018
>>> CLIENT IP ADDRESS: 192.168.56.1
>>> SERVER IP ADDRESS: 192.168.56.1
>>> =
>>
>>
>> The bug is located at 
>> *org.apereo.inspektr.audit.AuditTrailManagementAspect@handleAuditTrail(final 
>> ProceedingJoinPoint joinPoint, final Audit audit) throws Throwable*:
>>
>> @Around(value = "@annotation(audit)", argNames = "audit")
>> public Object handleAuditTrail(final ProceedingJoinPoint joinPoint, 
>> final Audit audit) throws Throwable {
>> final AuditActionResolver auditActionResolver = 
>> this.auditActionResolvers.get(audit.actionResolverName());
>> final AuditResourceResolver auditResourceResolver = 
>> this.auditResourceResolvers.get(audit.resourceResolverName());
>>
>> String currentPrincipal = null;
>> String[] auditResource = new String[]{null};
>> String action = null;
>> Object retVal = null;
>> try {
>> retVal = joinPoint.proceed();
>>
>> currentPrincipal = 
>> this.auditPrincipalResolver.resolveFrom(joinPoint, retVal);
>> auditResource = auditResourceResolver.resolveFrom(joinPoint, 
>> retVal);
>> action = auditActionResolver.resolveFrom(joinPoint, retVal, 
>> audit);
>>
>> return retVal;
>> } catch (final Throwable e) {
>> currentPrincipal = 
>> this.auditPrincipalResolver.resolveFrom(joinPoint, e);
>> auditResource = auditResourceResolver.resolveFrom(joinPoint, 
>> e);
>> action = auditActionResolver.resolveFrom(joinPoint, e, 
>> audit);
>> throw e;
>> } finally {
>> executeAuditCode(currentPrincipal, auditResource, joinPoint, 
>> retVal, action, audit);
>> }
>> }
>>
>> The problem here is that the auditActionResolver has two methods:
>>
>> String resolveFrom(JoinPoint auditableTarget, Object retval, Audit audit);
>>
>> String resolveFrom(JoinPoint auditableTarget, Exception exception, Audit 
>> audit);
>>
>> When we try to invoke the second one, we have to cast the exception e to 
>> do not enter in the first method, where the success suffix will be applied 
>> to the audit log.
>>
>> To fix this, the catch block  should be
>>
>> } catch (final Throwable e) {
>> currentPrincipal = 
>> this.auditPrincipalResolver.resolveFrom(joinPoint, e);
>> auditResource = auditResourceResolver.resolveFrom(joinPoint, 
>> e);
>> action = auditActionResolver.resolveFrom(joinPoint, 
>> (Exception) e, audit);
>> throw e;
>> }
>>
>> I would make a pull-request, but I haven't found the source code at 
>> github.
>>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/46baa156-9f6a-453c-a667-41ea78365654%40apereo.org.

[cas-user] CAS 5.2.3 limits the AuditActionContext instances to exactly one million. Is that configurable?

2018-03-07 Thread Ed R 
Yesterday I posted about concerns of escalating memory, but after running a 
stress test against CAS for 16 hours, it turns out memory remained stable 
and the server limits the hash map instances to exactly one million. Can 
this value be configured?

Here's the screenshot from VisualVM:



-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/9f787c54-a199-4e05-9bf4-d1497f35a739%40apereo.org.

[cas-user] Configure CAS to use Azure for authentication

2018-03-07 Thread Matt 
The CAS documentation describes how to configure CAS to use Azure for 
multi-factor authentication, but not as it's primary authentication 
source.  Is it possible to configure CAS to use Azure for authentication?

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/c25784ee-31e3-45c3-a5f3-9c3eeef9fbfc%40apereo.org.

Re: [cas-user] Re: Authorize request verification fails with OAuth and CAS 5.0.x

2018-03-07 Thread Todd Pratt 
Yes, but I don't remember what the issue was being more than a year ago.
I am using oauth2.0 endpoints so I'm using /oauth2.0/profile to get the
profile back.  If you are using OIDC it looks like you should be using
cas/oidc/accessToken/
to get a token back first and then a call to /oidc/profile to get the
profile using the token you got back in the first request.

On Tue, Mar 6, 2018 at 6:36 PM, Ryan Rolland  wrote:

> Did you figure this out? I am having a very similar failure trying to get
> the profile on a call to cas/oidc/accessToken/ from either request or
> session. I believe it is due to the request being generated from the web
> applications back end and not the browser, i.e. no cookie information.
>
> ProfileManager.retrieveAll(boolean) line: 58
> ProfileManager.get(boolean) line: 35
> OidcAccessTokenEndpointController(OAuth20AccessTokenEndpointController).
> verifyAccessTokenRequest(HttpServletRequest, HttpServletResponse) line:
> 207
> OidcAccessTokenEndpointController(OAuth20AccessTokenEndpointCont
> roller).handleRequest(HttpServletRequest, HttpServletResponse) line: 103
>
>
> On Thursday, December 15, 2016 at 5:16:20 AM UTC-10, Todd Pratt wrote:
>>
>> Hi,
>>
>> I appreciate all the help.  That check succeeds, see the log statements
>> below.  It fails on isRequestAuthenticated in OAuth20AuthorizeController
>> https://github.com/apereo/cas/blob/master/support/cas-server
>> -support-oauth/src/main/java/org/apereo/cas/support/oauth/
>> web/OAuth20AuthorizeController.java#L85
>> https://github.com/apereo/cas/blob/master/support/cas-server
>> -support-oauth/src/main/java/org/apereo/cas/support/oauth/
>> web/OAuth20AuthorizeController.java#L108
>>
>> There isn't a profile in the session or request attributes.  I printed
>> both of those out and couldn't find one for Pac4jConstants.USER_PROFILES
>> ("pac4jUserProfile")
>>
>>
>> 2016-12-15 09:53:52,309 DEBUG 
>> [org.apereo.cas.support.oauth.validator.OAuthValidator]
>> - > gisteredService@126030a4[attributeFilter=,princip
>> alAttributesRepository=org.apereo.cas.authentication.prin
>> cipal.DefaultPrincipalAttributesRepository@7f17e342[],author
>> izedToReleaseCredentialPassword=false,authorizedToReleasePro
>> xyGrantingTicket=false,allowedAttributes=[]],accessStrategy=
>> org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy@27dc818c
>> [enabled=true,ssoEnabled=true,requireAllAttr
>> ibutes=true,requiredAttributes={},unauthorizedRedirectUrl=<
>> null>,caseInsensitive=false,rejectedAttributes={}],publicKey
>> =,proxyPolicy=org.apereo.cas.services.RefuseRegi
>> steredServiceProxyPolicy@5761f513,logo=,logoutUrl
>> =,requiredHandlers=[],properties={},multifactorPolicy=
>> org.apereo.cas.services.DefaultRegisteredServiceMultifactorP
>> olicy@342a60c3[multifactorAuthenticationProviders=[],
>> failureMode=CLOSED,principalAttributeNameTrigger=,prin
>> cipalAttributeValueToMatch=,clientId=fb3s86QV9QKl,ap
>> provalPrompt=false,generateRefreshToken=false,jsonFormat=
>> true,jwks=,signIdToken=false]>
>>
>> 2016-12-15 09:53:52,310 DEBUG 
>> [org.apereo.cas.support.oauth.validator.OAuthValidator]
>> - > attributeFilter=,principalAttributesRepository=org.
>> apereo.cas.authentication.principal.DefaultPrincipalAttribut
>> esRepository@7f17e342[],authorizedToReleaseCredentialPasswor
>> d=false,authorizedToReleaseProxyGrantingTicket=false,allowed
>> Attributes=[]],accessStrategy=org.apereo.cas.services.Defaul
>> tRegisteredServiceAccessStrategy@27dc818c[enabled=true,
>> ssoEnabled=true,requireAllAttributes=true,requiredAttributes
>> ={},unauthorizedRedirectUrl=,caseInsensitive=false,re
>> jectedAttributes={}],publicKey=,proxyPolicy=org.
>> apereo.cas.services.RefuseRegisteredServiceProxyPolicy@
>> 5761f513,logo=,logoutUrl=,requiredHandlers=[],pr
>> operties={},multifactorPolicy=org.apereo.cas.services.Defaul
>> tRegisteredServiceMultifactorPolicy@342a60c3[multifactorAuth
>> enticationProviders=[],failureMode=CLOSED,principalAt
>> tributeNameTrigger=,principalAttributeValueToMatch=<
>> null>,clientId=fb3s86QV9QKl,approvalPrompt=false,generateRef
>> reshToken=false,jsonFormat=true,jwks=,signIdToken=false] vs
>> redirectUri: http://localhost:8080/oauth_client>
>>
>> 2016-12-15 09:53:52,313 ERROR [org.apereo.cas.support.oauth.
>> web.OAuth20AuthorizeController] - 
>>
>>
>> On Thursday, December 15, 2016 at 3:27:05 AM UTC-5, leleuj wrote:
>>>
>>> Hi,
>>>
>>> Here is the check: https://github.com/apereo/cas/blob/master/support/
>>> cas-server-support-oauth/src/main/java/org/apereo/cas/
>>> support/oauth/validator/OAuth20Validator.java#L78
>>>
>>> Can you debug it to see what's going on?
>>>
>>> Thanks.
>>> Best regards,
>>> Jérôme
>>>
>>>
>>> 2016-12-14 17:13 GMT+01:00 Todd Pratt :
>>>
 Hi Jérôme,

 I've tried several values for serviceId and can't find one that will
 work I get the same error each time.  I need it to redirect back to
 http://localhost:8080/oauth_client.  Could you please tell me what

Re: [cas-user] 5.3.3 version issue getting request.queryString

2018-03-07 Thread Man H 
see

https://docs.spring.io/spring-webflow/docs/current/reference/html/

2018-03-07 11:23 GMT-03:00 Satnam Sarai :

> do you know any guide? I am not sure how to access request from webflow..
>
> thanks
>
>
> On Tuesday, March 6, 2018 at 10:59:19 AM UTC-8, Manfredo Hopp wrote:
>>
>> I would try a workaround, maybe accessing request from webflow.
>>
>> 2018-03-05 14:21 GMT-03:00 Satnam Sarai :
>>
>> Hello,
>>
>> In version 5.2.2, we were able to update casloginview.html to get 
>> *request.queryString.
>> *
>>
>>
>> However, in new version 5.2.3, we are getting template parsing error.
>> below is cas.log and casLoginView.html
>>
>> Is this there a bug in 5.2.3, getting request.queryString. ?
>>
>>
>>
>> >>  casLoginView.html
>>
>> 
>> http://www.ultraq.net.nz/thymeleaf/layout;
>> layout:decorate="~{layout}">
>>
>> 
>> 
>>
>> 
>>
>> 
>> 
>> Sign In |
>> Create Account
>> 
>>
>>  
>> 
>> 
>> 
>> 
>> 
>>
>>
>> === CAS.LOG ==
>>
>> 2018-03-05 09:17:07,848 ERROR [org.thymeleaf.TemplateEngine] -
>> <[THYMELEAF][https-openssl-nio-8443-exec-7] Exception processing
>> template "casLoginView": An error happened during template parsing
>> (template: "class path resource [templates/casLoginView.html]")>
>> org.thymeleaf.exceptions.TemplateInputException: An error happened
>> during template parsing (template: "class path resource
>> [templates/casLoginView.html]")
>> at org.thymeleaf.templateparser.markup.AbstractMarkupTemplatePa
>> rser.parse(AbstractMarkupTemplateParser.java:241)
>> ~[thymeleaf-3.0.9.RELEASE.jar:3.0.9.RELEASE]
>> at org.thymeleaf.templateparser.markup.AbstractMarkupTemplatePa
>> rser.parseStandalone(AbstractMarkupTemplateParser.java:100)
>> ~[thymeleaf-3.0.9.RELEASE.jar:3.0.9.RELEASE]
>> at 
>> org.thymeleaf.engine.TemplateManager.parseAndProcess(TemplateManager.java:666)
>> ~[thymeleaf-3.0.9.RELEASE.jar:3.0.9.RELEASE]
>> at org.thymeleaf.TemplateEngine.process(TemplateEngine.java:1098)
>> ~[thymeleaf-3.0.9.RELEASE.jar:3.0.9.RELEASE]
>> at org.thymeleaf.TemplateEngine.process(TemplateEngine.java:1072)
>> ~[thymeleaf-3.0.9.RELEASE.jar:3.0.9.RELEASE]
>> at 
>> org.thymeleaf.spring4.view.ThymeleafView.renderFragment(ThymeleafView.java:352)
>> ~[thymeleaf-spring4-3.0.9.RELEASE.jar:3.0.9.RELEASE]
>> at 
>> org.thymeleaf.spring4.view.ThymeleafView.render(ThymeleafView.java:190)
>> ~[thymeleaf-spring4-3.0.9.RELEASE.jar:3.0.9.RELEASE]
>> at 
>> org.springframework.webflow.mvc.servlet.ServletMvcView.doRender(ServletMvcView.java:55)
>> ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
>> at 
>> org.springframework.webflow.mvc.view.AbstractMvcView.render(AbstractMvcView.java:204)
>> ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
>> at 
>> org.springframework.webflow.engine.ViewState.render(ViewState.java:293)
>> ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
>> at 
>> org.springframework.webflow.engine.ViewState.doEnter(ViewState.java:185)
>> ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
>> at org.springframework.webflow.engine.State.enter(State.java:194)
>> ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
>> at 
>> org.springframework.webflow.engine.Transition.execute(Transition.java:228)
>> ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
>> at org.springframework.webflow.engine.impl.FlowExecutionImpl.ex
>> ecute(FlowExecutionImpl.java:395) ~[spring-webflow-2.4.6.RELEASE
>> .jar:2.4.6.RELEASE]
>> at org.springframework.webflow.engine.impl.RequestControlContex
>> tImpl.execute(RequestControlContextImpl.java:214)
>> ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
>> at org.springframework.webflow.engine.TransitionableState.handl
>> eEvent(TransitionableState.java:116) ~[spring-webflow-2.4.6.RELEASE
>> .jar:2.4.6.RELEASE]
>> at org.springframework.webflow.engine.Flow.handleEvent(Flow.java:547)
>> ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
>> at org.springframework.webflow.engine.impl.FlowExecutionImpl.ha
>> ndleEvent(FlowExecutionImpl.java:390) ~[spring-webflow-2.4.6.RELEASE
>> .jar:2.4.6.RELEASE]
>> at org.springframework.webflow.engine.impl.RequestControlContex
>> tImpl.handleEvent(RequestControlContextImpl.java:210)
>> ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
>> at 
>> org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:105)
>> ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
>> at org.springframework.webflow.engine.State.enter(State.java:194)
>> ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
>> at 
>> org.springframework.webflow.engine.Transition.execute(Transition.java:228)
>> ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
>> at org.springframework.webflow.engine.impl.FlowExecutionImpl.ex
>> ecute(FlowExecutionImpl.java:395) ~[spring-webflow-2.4.6.RELEASE
>> .jar:2.4.6.RELEASE]
>> at org.springframework.webflow.engine.impl.RequestControlContex
>>

Re: [cas-user] 5.3.3 version issue getting request.queryString

2018-03-07 Thread Satnam Sarai 
do you know any guide? I am not sure how to access request from webflow.. 

thanks


On Tuesday, March 6, 2018 at 10:59:19 AM UTC-8, Manfredo Hopp wrote:
>
> I would try a workaround, maybe accessing request from webflow.
>
> 2018-03-05 14:21 GMT-03:00 Satnam Sarai 
> :
>
> Hello,
>
> In version 5.2.2, we were able to update casloginview.html to get 
> *request.queryString. 
> *  
>
>
> However, in new version 5.2.3, we are getting template parsing error.  
> below is cas.log and casLoginView.html
>
> Is this there a bug in 5.2.3, getting request.queryString. ?
>
>
>
> >>  casLoginView.html
>
> 
> http://www.ultraq.net.nz/thymeleaf/layout; 
> layout:decorate="~{layout}">
>
> 
> 
>  
> 
>
> 
> 
> Sign In | 
>  th:href="${@environment.getProperty('post.createUrl')+'?'+#strings.defaultString(#
> *request.queryString*,'')}">Create Account 
>  
>  
> 
>  
> 
> 
> 
>
>
> === CAS.LOG ==
>
> 2018-03-05 09:17:07,848 ERROR [org.thymeleaf.TemplateEngine] - 
> <[THYMELEAF][https-openssl-nio-8443-exec-7] Exception processing template 
> "casLoginView": An error happened during template parsing (template: "class 
> path resource [templates/casLoginView.html]")>
> org.thymeleaf.exceptions.TemplateInputException: An error happened during 
> template parsing (template: "class path resource 
> [templates/casLoginView.html]")
> at 
> org.thymeleaf.templateparser.markup.AbstractMarkupTemplateParser.parse(AbstractMarkupTemplateParser.java:241)
>  
> ~[thymeleaf-3.0.9.RELEASE.jar:3.0.9.RELEASE]
> at 
> org.thymeleaf.templateparser.markup.AbstractMarkupTemplateParser.parseStandalone(AbstractMarkupTemplateParser.java:100)
>  
> ~[thymeleaf-3.0.9.RELEASE.jar:3.0.9.RELEASE]
> at 
> org.thymeleaf.engine.TemplateManager.parseAndProcess(TemplateManager.java:666)
>  
> ~[thymeleaf-3.0.9.RELEASE.jar:3.0.9.RELEASE]
> at org.thymeleaf.TemplateEngine.process(TemplateEngine.java:1098) 
> ~[thymeleaf-3.0.9.RELEASE.jar:3.0.9.RELEASE]
> at org.thymeleaf.TemplateEngine.process(TemplateEngine.java:1072) 
> ~[thymeleaf-3.0.9.RELEASE.jar:3.0.9.RELEASE]
> at 
> org.thymeleaf.spring4.view.ThymeleafView.renderFragment(ThymeleafView.java:352)
>  
> ~[thymeleaf-spring4-3.0.9.RELEASE.jar:3.0.9.RELEASE]
> at 
> org.thymeleaf.spring4.view.ThymeleafView.render(ThymeleafView.java:190) 
> ~[thymeleaf-spring4-3.0.9.RELEASE.jar:3.0.9.RELEASE]
> at 
> org.springframework.webflow.mvc.servlet.ServletMvcView.doRender(ServletMvcView.java:55)
>  
> ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
> at 
> org.springframework.webflow.mvc.view.AbstractMvcView.render(AbstractMvcView.java:204)
>  
> ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
> at 
> org.springframework.webflow.engine.ViewState.render(ViewState.java:293) 
> ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
> at 
> org.springframework.webflow.engine.ViewState.doEnter(ViewState.java:185) 
> ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
> at org.springframework.webflow.engine.State.enter(State.java:194) 
> ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
> at 
> org.springframework.webflow.engine.Transition.execute(Transition.java:228) 
> ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
> at 
> org.springframework.webflow.engine.impl.FlowExecutionImpl.execute(FlowExecutionImpl.java:395)
>  
> ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
> at 
> org.springframework.webflow.engine.impl.RequestControlContextImpl.execute(RequestControlContextImpl.java:214)
>  
> ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
> at 
> org.springframework.webflow.engine.TransitionableState.handleEvent(TransitionableState.java:116)
>  
> ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
> at org.springframework.webflow.engine.Flow.handleEvent(Flow.java:547) 
> ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
> at 
> org.springframework.webflow.engine.impl.FlowExecutionImpl.handleEvent(FlowExecutionImpl.java:390)
>  
> ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
> at 
> org.springframework.webflow.engine.impl.RequestControlContextImpl.handleEvent(RequestControlContextImpl.java:210)
>  
> ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
> at 
> org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:105) 
> ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
> at org.springframework.webflow.engine.State.enter(State.java:194) 
> ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
> at 
> org.springframework.webflow.engine.Transition.execute(Transition.java:228) 
> ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
> at 
> org.springframework.webflow.engine.impl.FlowExecutionImpl.execute(FlowExecutionImpl.java:395)
>  
> ~[spring-webflow-2.4.6.RELEASE.jar:2.4.6.RELEASE]
> at 
> org.springframework.webflow.engine.impl.RequestControlContextImpl.execute(RequestControlContextImpl.java:214)
>  
>

Re: [cas-user] Cas5 Ldap Authentication

2018-03-07 Thread David Curry 
You don't say what version you're using, but the userFilter property was
renamed to searchFilter between 5.2 and 5.3 as part of the property
documentation cleanup.

(Documented here:
https://apereo.github.io/2017/12/29/530rc1-release/#documentation-cleanup)

--Dave




--

DAVID A. CURRY, CISSP
*DIRECTOR OF INFORMATION SECURITY*
INFORMATION TECHNOLOGY

71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 212 229-5300 x4728 • david.cu...@newschool.edu

[image: The New School]

On Wed, Mar 7, 2018 at 7:16 AM, yashwanth chowdary <
ryashwanthkumarchowd...@gmail.com> wrote:

> I was trying to connect ldap using below properties.Getting an errror that
> failed to bind  authn.ldap[0].userFilter .you can observe the error in the
> attched file.
>
>
> cas.authn.ldap[0].order=0
> cas.authn.ldap[0].name=AD
> cas.authn.ldap[0].type=AUTHENTICATED
> cas.authn.ldap[0].ldapUrl=ldaps://***.net
> cas.authn.ldap[0].useSsl=true
> cas.authn.ldap[0].connectTimeout=5000
> cas.authn.ldap[0].baseDn=DC=,DC=**
> cas.authn.ldap[0].userFilter=(sAMAccountName={user})
> cas.authn.ldap[0].subtreeSearch=true
> cas.authn.ldap[0].principalAttributeList=sn,givenName,memberOf,cn
> cas.authn.ldap[0].bindDn=CN=wls,CN=users,DC=***,DC=**
> cas.authn.ldap[0].bindCredential=*
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/5f038471-77d5-4465-af36-
> a30fbad54426%40apereo.org
> 
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XAOW5VrPfWPqFcXZDa%3DOsTjbxixc8v_yd3RTUvGe1k6-Wg%40mail.gmail.com.

[cas-user] Cas5 Ldap Authentication

2018-03-07 Thread yashwanth chowdary 
I was trying to connect ldap using below properties.Getting an errror that 
failed to bind  authn.ldap[0].userFilter .you can observe the error in the 
attched file.


cas.authn.ldap[0].order=0
cas.authn.ldap[0].name=AD
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].ldapUrl=ldaps://***.net
cas.authn.ldap[0].useSsl=true
cas.authn.ldap[0].connectTimeout=5000
cas.authn.ldap[0].baseDn=DC=,DC=**
cas.authn.ldap[0].userFilter=(sAMAccountName={user})
cas.authn.ldap[0].subtreeSearch=true
cas.authn.ldap[0].principalAttributeList=sn,givenName,memberOf,cn
cas.authn.ldap[0].bindDn=CN=wls,CN=users,DC=***,DC=**
cas.authn.ldap[0].bindCredential=*

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/5f038471-77d5-4465-af36-a30fbad54426%40apereo.org.