I think cas.authn.ldap[0].type should not be set as AD, try AUTHENTICATED
instead, also set cas.authn.ldap[0].userFilter as uid={user}, then input
the uid and password. This might be totally right, but works on me.
在 2017年2月11日星期六 UTC+8上午2:27:22,Thiago Fernandes do Nascimento写道:
>
> Hi,
>
> Thank you! I will try again and before i speak wifh you.
>
> 2017-02-06 10:55 GMT-02:00 Menno en Erla Avegaart <[email protected]
> <javascript:>>:
>
>> The log doesn't contain enough information. Could you set it to debug for
>> org.apereo.cas?
>>
>> <AsyncLogger name="org.apereo.cas" level="debug" additivity="false">
>> <AppenderRef ref="casConsole"/>
>> <AppenderRef ref="casFile"/>
>> </AsyncLogger>
>>
>>
>> Op woensdag 25 januari 2017 20:18:01 UTC+1 schreef Thiago Fernandes do
>> Nascimento:
>>
>>> Hi,
>>>
>>> Can someone help wifh cas ldap configuration? I want to config ldap
>>> server and i receved this error:
>>>
>>> WHO: thiago.nascimento
>>> WHAT: Supplied credentials: [thiago.nascimento]
>>> ACTION: AUTHENTICATION_FAILED
>>> APPLICATION: CAS
>>> WHEN: Wed Jan 25 17:03:11 BRST 2017
>>> CLIENT IP ADDRESS: 127.0.0.1
>>> SERVER IP ADDRESS: 127.0.0.1
>>> =============================================================
>>>
>>> >
>>> 2017-01-25 17:03:11,857 ERROR
>>> [org.apereo.cas.web.flow.AuthenticationExceptionHandler] - <Unable to
>>> translate handler errors of
>>> the authentication exception
>>> org.apereo.cas.authentication.AuthenticationException: 0 errors, 0
>>> successes. Returning UNKNOWN by
>>> default...>
>>>
>>> my cas.properties
>>>
>>> cas.authn.ldap[0].type=AD
>>> cas.authn.ldap[0].ldapUrl=ldap://myserver:389
>>> cas.authn.ldap[0].useSsl=false
>>> #cas.authn.ldap[0].useStartTls=false
>>> cas.authn.ldap[0].connectTimeout=5000
>>> cas.authn.ldap[0].baseDn=cn=Users,dc=cobra,dc=com,dc=br
>>> cas.authn.ldap[0].userFilter=sAMAccountName={user}
>>> cas.authn.ldap[0].subtreeSearch=true
>>> cas.authn.ldap[0].usePasswordPolicy=false
>>> cas.authn.ldap[0][email protected]
>>> cas.authn.ldap[0].bindCredential=xxxxxxxxxxxxxxxxxxxxx
>>>
>>>
>>>
>>> # cas.authn.ldap[0].saslMechanism=GSSAPI|DIGEST_MD5|CRAM_MD5|EXTERNAL
>>> # cas.authn.ldap[0].saslRealm=EXAMPLE.COM <http://example.com/>
>>> # cas.authn.ldap[0].saslAuthorizationId=
>>> # cas.authn.ldap[0].saslMutualAuth=
>>> # cas.authn.ldap[0].saslQualityOfProtection=
>>> # cas.authn.ldap[0].saslSecurityStrength=
>>>
>>> # cas.authn.ldap[0].trustCertificates=
>>> # cas.authn.ldap[0].keystore=
>>> # cas.authn.ldap[0].keystorePassword=
>>> # cas.authn.ldap[0].keystoreType=JKS|JCEKS|PKCS12
>>>
>>> cas.authn.ldap[0].minPoolSize=3
>>> cas.authn.ldap[0].maxPoolSize=10
>>> cas.authn.ldap[0].validateOnCheckout=true
>>> cas.authn.ldap[0].validatePeriodically=true
>>> cas.authn.ldap[0].validatePeriod=600
>>>
>>> #cas.authn.ldap[0].failFast=true
>>> #cas.authn.ldap[0].idleTime=5000
>>> #cas.authn.ldap[0].prunePeriod=5000
>>> #cas.authn.ldap[0].blockWaitTime=5000
>>>
>>>
>>> #cas.authn.ldap[0].providerClass=org.ldaptive.provider.unboundid.UnboundIDProvider
>>> #cas.authn.ldap[0].allowMultipleDns=false
>>>
>>> # cas.authn.ldap[0].passwordEncoder.type=NONE|DEFAULT|STANDARD|BCRYPT
>>> # cas.authn.ldap[0].passwordEncoder.characterEncoding=
>>> # cas.authn.ldap[0].passwordEncoder.encodingAlgorithm=
>>> # cas.authn.ldap[0].passwordEncoder.secret=
>>> # cas.authn.ldap[0].passwordEncoder.strength=16
>>>
>>> # cas.authn.ldap[0].principalTransformation.suffix=
>>> #
>>> cas.authn.ldap[0].principalTransformation.caseConversion=NONE|UPPERCASE|LOWERCASE
>>> # cas.authn.ldap[0].principalTransformation.prefix=
>>>
>>> # cas.authn.ldap[0].passwordPolicy.enabled=true
>>> #
>>> cas.authn.ldap[0].passwordPolicy.policyAttributes.accountLocked=javax.security.auth.login.AccountLockedException
>>> # cas.authn.ldap[0].passwordPolicy.loginFailures=5
>>> # cas.authn.ldap[0].passwordPolicy.warningAttributeValue=
>>> # cas.authn.ldap[0].passwordPolicy.warningAttributeName=
>>> # cas.authn.ldap[0].passwordPolicy.displayWarningOnMatch=true
>>> # cas.authn.ldap[0].passwordPolicy.warnAll=true
>>> # cas.authn.ldap[0].passwordPolicy.warningDays=30
>>> # cas.authn.ldap[0].passwordPolicy.url=
>>> https://password.example.edu/change
>>>
>>> thanks!
>>>
>> --
>> - CAS gitter chatroom: https://gitter.im/apereo/cas
>> - CAS mailing list guidelines:
>> https://apereo.github.io/cas/Mailing-Lists.html
>> - CAS documentation website: https://apereo.github.io/cas
>> - CAS project website: https://github.com/apereo/cas
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected] <javascript:>.
>> To view this discussion on the web visit
>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/882f18e1-1c19-4503-a8ab-a8121f0e4aad%40apereo.org
>>
>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/882f18e1-1c19-4503-a8ab-a8121f0e4aad%40apereo.org?utm_medium=email&utm_source=footer>
>> .
>>
>
>
>
> --
> Thiago Fernandes do Nascimento
>
> "Oferece o perdão e recebe a paz"
> João Paulo II
>
--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/300d9c4d-c3cf-464c-a0ea-82e51c5384ed%40apereo.org.
