Hello,
It seems that some files are needed to support LDAP
In pom.xml add this script
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-ldap</artifactId>
<version>${cas.version}</version>
</dependency>
after project's build add this code to etc/cas/config/cas.properties
cas.authn.accept.users=
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].ldapUrl=ldap://localhost:389
cas.authn.ldap[0].useSsl=false
cas.authn.ldap[0].useStartTls=false
cas.authn.ldap[0].connectTimeout=5000
cas.authn.ldap[0].baseDc=dc=example,dc=com
cas.authn.ldap[0].baseDn=ou=users,dc=example,dc=com
cas.authn.ldap[0].userFilter=uid={user}
cas.authn.ldap[0].subtreeSearch=true
cas.authn.ldap[0].usePasswordPolicy=false
cas.authn.ldap[0].bindDn=cn=admin,dc=example,dc=com
cas.authn.ldap[0].bindCredential=**********
cas.authn.ldap[0].enhanceWithEntryResolver=false
cas.authn.ldap[0].dnFormat=uid=%s,ou=users,dc=example,dc=com
cas.authn.ldap[0].principalAttributeId=uid
cas.authn.ldap[0].principalAttributePassword=
cas.authn.ldap[0].principalAttributeList=sn,cn:commonName,givenName
cas.authn.ldap[0].allowMultiplePrincipalAttributeValues=true
cas.authn.ldap[0].minPoolSize=3
cas.authn.ldap[0].maxPoolSize=10
cas.authn.ldap[0].validateOnCheckout=true
cas.authn.ldap[0].validatePeriodically=true
cas.authn.ldap[0].validatePeriod=600
cas.authn.ldap[0].failFast=true
cas.authn.ldap[0].idleTime=5000
cas.authn.ldap[0].prunePeriod=5000
cas.authn.ldap[0].blockWaitTime=5000
cas.authn.ldap[0].allowMultipleDns=false
cas.authn.ldap[0].passwordEncoder.type=NONE
cas.authn.ldap[0].principalTransformation.suffix=
cas.authn.ldap[0].principalTransformation.caseConversion=NONE
cas.authn.ldap[0].principalTransformation.prefix=
On Monday, April 10, 2017 at 10:57:11 PM UTC+2, bobbintb wrote:
>
> I'm new to CAS and I have been trying to figure out how to get it to
> authenticate against LDAP. I'm on RHEL 7 with Tomcat 7 and CAS 5.0,4. I
> used the Maven overlay. My pom.xml has:
>
> <groupId>org.apereo.cas</groupId>
> <artifactId>cas-server-support-ldap</artifactId>
> <version>5.0.4</version>
> </dependency>
> <dependency>
> <groupId>org.apereo.cas</groupId>
> <artifactId>cas-server-support-ldap-core</artifactId>
> <version>5.0.4</version>
> </dependency>
>
> No errors building. I didn't have the second one initially. I added it
> later and it made no difference
>
>
> Here is my ldap section from cas.properties:
>
>
>
> #LDAP connection info
> cas.authn.accept.users=
> cas.authn.ldap[0].type=AUTHENTICATED
> cas.authn.ldap[0].ldapUrl=ldaps://ldap.my.org:636
> cas.authn.ldap[0].useSsl=true
> cas.authn.ldap[0].useStartTls=false
> cas.authn.ldap[0].connectTimeout=5000
> cas.authn.ldap[0].baseDn=ou=cp,o=org
> cas.authn.ldap[0].principalAttributeId=uid
> cas.authn.ldap[0].userFilter=cn=uid
> cas.authn.ldap[0].subtreeSearch=true
> cas.authn.ldap[0].usePasswordPolicy=true
> cas.authn.ldap[0].bindDn=cn=cn=Directory Manager,o=org
>
> I just keep getting the same error:
>
> ERROR [org.apereo.cas.web.flow.AuthenticationExceptionHandler] - <Unable
> to translate handler errors of the authentication exception
> org.apereo.cas.authentication.AuthenticationException: 0 errors, 0
> successes. Returning UNKNOWN by default...>
>
> Nothing I have found has helped. I tried changing the type to DIRECT. We
> don't use AD so I didn't try that. Not sure if it will help. Any ideas? I'm
> stumped.
>
> --
> - CAS gitter chatroom: https://gitter.im/apereo/cas
> - CAS mailing list guidelines:
> https://apereo.github.io/cas/Mailing-Lists.html
> - CAS documentation website: https://apereo.github.io/cas
> - CAS project website: https://github.com/apereo/cas
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected] <javascript:>.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/ffacf27c-9a82-41b3-bb0c-61212e94a11d%40apereo.org
>
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/ffacf27c-9a82-41b3-bb0c-61212e94a11d%40apereo.org?utm_medium=email&utm_source=footer>
> .
>
--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/3429c566-10d2-490f-a1b4-7fce60b6b19b%40googlegroups.com.
