Hi all, i'm trying to configure cas ( 5.1.9) + LDAP authentication ( using apache directoy ) i have modify the pom/.xml file also i modify cas.propreties file , after deploy cas.war to tomacte server , i have this messages in the cas.log file
*cas.log :* * WARN [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <Authentication has failed. Credentials may be incorrect or CAS cannot find authentication handler that supports [[email protected]] of type [UsernamePasswordCredential], which suggests a configuration problem.>* *2018-08-31 16:34:04,220 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN* *pom.xml :* * <dependencies> <dependency> <groupId>org.apereo.cas</groupId> <artifactId>cas-server-webapp${app.server}</artifactId> <version>${cas.version}</version> <type>war</type> <scope>runtime</scope> </dependency> <dependency> <groupId>org.apereo.cas</groupId> <artifactId>cas-server-support-ldap</artifactId> <version>${cas.version}</version> </dependency>* *cas.properties:* *server.name=https://localhost:8443 server.prefix=${server.name}/cas cas.securityContext.serviceProperties.service=${server.prefix}/services/j_acegi_cas_security_check # Names of roles allowed to access the CAS service manager cas.securityContext.serviceProperties.adminRoles=ROLE_ADMIN cas.securityContext.casProcessingFilterEntryPoint.loginUrl=${server.prefix}/login cas.securityContext.ticketValidator.casServerUrlPrefix=${server.prefix} # IP address or CIDR subnet allowed to access the /status URI of CAS that exposes health check information # IPv6 version cas.securityContext.status.allowedSubnet=0:0:0:0:0:0:0:1 # IPv4 version #cas.securityContext.status.allowedSubnet=127.0.0.1 cas.themeResolver.defaultThemeName=cas-theme-default cas.viewResolver.basename=default_views host.name=cas.example.org ## Log4J log4j.config.location=log4j2.xml log4j.refresh.interval=60000 #database.hibernate.dialect=org.hibernate.dialect.HSQLDialect ## # Single Sign-On Session Timeouts # Defaults sourced from WEB-INF/spring-configuration/ticketExpirationPolices.xml # # Maximum session timeout - TGT will expire in maxTimeToLiveInSeconds regardless of usage tgt.maxTimeToLiveInSeconds=28800 # # Idle session timeout - TGT will expire sooner than maxTimeToLiveInSeconds if no further requests # for STs occur within timeToKillInSeconds tgt.timeToKillInSeconds=7200 ## # Service Ticket Timeout # Default sourced from WEB-INF/spring-configuration/ticketExpirationPolices.xml # # Service Ticket timeout - typically kept short as a control against replay attacks, default is 10s. You'll want to # increase this timeout if you are manually testing service ticket creation/validation via tamperdata or similar tools # Set to 3 min here for easy testing/demonstrating new features. st.timeToKillInSeconds=10 #============================================================================================================== # Define attributes to be retrieved from LDAP as part of the same authentication transaction # The left-hand size notes the source while the right-hand size indicate an optional renaming/remapping # of the attribute definition. The same attribute name is allowed to be mapped multiple times to # different attribute names. #============================================================================================================== cas.authn.ldap[0].principalAttributeList=sn,cn:admin cas.authn.ldap[0].collectDnAttribute=false cas.authn.ldap[0].principalDnAttributeName=dc=XXXX,dc=com cas.authn.ldap[0].allowMultiplePrincipalAttributeValues=true cas.authn.ldap[0].allowMissingPrincipalAttributeValue=true cas.authn.ldap[0].credentialCriteria= cas.authn.attributeRepository.ldap[0].providerClass=org.ldaptive.provider.unboundid.UnboundIDProvider #======================================== # Authentication #======================================== cas.authn.accept.users= cas.authn.ldap[0].type=AD cas.authn.ldap[0].ldapUrl=ldap://localhost:10389/dc=XXXX,dc=com cas.authn.ldap[0].useSsl=false cas.authn.ldap[0].baseDn=cn=admin,ou=Users,dc=XXXX,dc=com cas.authn.ldap[0].userFilter=uid={user} cas.authn.ldap[0].bindCredential=userPassword* *and this ldap : * -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/c2ed74dc-c55e-48ba-84cd-916435324ae8%40apereo.org.
