Hello, Here mi AD:
My ldapsearch works correctly and bind OK, but my CAS dosn't connect with AD and give me the following error: 2018-11-28 13:22:47,186 DEBUG [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <Authentication handler [HttpBasedServiceCredentialsAuthenticationHandler] does not support the credential type [UsernamePasswordCredential(username=asdf)]. Trying next...> My application.properties: cas.authn.ldap[0].type= AD cas.authn.ldap[0].ldapUrl= ldap://IP:389 cas.authn.ldap[0].useSsl= false cas.authn.ldap[0].useStartTls= false cas.authn.ldap[0].connectTimeout= 3000 cas.authn.ldap[0].baseDn= OU=VDI,DC=domain,DC=local cas.authn.ldap[0].searchFilter= sAMAaccountName={user} cas.authn.ldap[0].subtreeSearch= true cas.authn.ldap[0].dnFormat= %s@domain cas.authn.ldap[0].principalAttributeId= asdf cas.authn.ldap[0].principalAttributePassword=nPASS cas.authn.ldap[0].bindCredential=PASS logging.level.org.apereo= DEBUG cas.authn.ldap[0].allowMultipleDns= false # Thank you so much Any option? El miércoles, 28 de noviembre de 2018, 11:49:10 (UTC+1), casuser escribió: > > Do you have a user called "test" in the Active Directory? > *[HttpBasedServiceCredentialsAuthenticationHandler] does not support the > credential type [UsernamePasswordCredential (username = Test)]. * > And try this cas.authn.ldap[0].searchFilter=sAMAccountName={user} > > > On Wed, Nov 28, 2018 at 6:14 PM Carlos Morales <[email protected] > <javascript:>> wrote: > >> I have tried more options like: >> cas.authn.ldap[0].searchFilter= cn={user} >> cas.authn.ldap[0].userFilter=uid={user} >> sAMAccountName >> >> But all of them same error: >> >> <Authentication handler >> [HttpBasedServiceCredentialsAuthenticationHandler] does not support the >> credential type [UsernamePasswordCredential (username = Test)]. Trying >> next ...> >> >> Any option? >> >> Thank you so much. >> >> El martes, 27 de noviembre de 2018, 18:15:20 (UTC+1), casuser escribió: >>> >>> Check your active directory field to verify the username, we had the >>> same problem then we switched it back to sAMAccountName from cn >>> >>> On Wed, 28 Nov 2018, 12:34 am Carlos Morales <[email protected] wrote: >>> >>>> Sorry, the syntax is correct as you said it is n and not m, but it >>>> still does not work showing the same error: >>>> >>>> <Authentication handler >>>> [HttpBasedServiceCredentialsAuthenticationHandler] does not support the >>>> credential type [UsernamePasswordCredential (username = Test)]. Trying >>>> next ...> >>>> >>>> Any other option? >>>> >>>> El martes, 27 de noviembre de 2018, 17:07:25 (UTC+1), casuser escribió: >>>>> >>>>> Aren't that supposed to be cn instead of cm in the searchfilter value >>>>> field >>>>> >>>>> On Tue, 27 Nov 2018, 11:18 pm Carlos Morales <[email protected] >>>>> wrote: >>>>> >>>>>> >>>>>> Good afternoon, I have installed CAS in the new version 5.3.0, once >>>>>> modified the application.properties and indicated that the default >>>>>> credentials stop working I have tried to add the follow >>>>>> cas.authn.ldap[0].type= AD >>>>>> cas.authn.ldap[0].ldapUrl= ldap://IP:389 >>>>>> cas.authn.ldap[0].useSsl= false >>>>>> cas.authn.ldap[0].useStartTls= false >>>>>> cas.authn.ldap[0].connectTimeout= 3000 >>>>>> cas.authn.ldap[0].baseDn= OU=VDI,DC=domain,DC=local >>>>>> cas.authn.ldap[0].searchFilter= cm={user} >>>>>> cas.authn.ldap[0].subtreeSearch= true >>>>>> cas.authn.ldap[0].dnFormat= %s@domain >>>>>> >>>>>> cas.authn.ldap[0].principalAttributeId= Admin >>>>>> cas.authn.ldap[0].principalAttributePassword=Password >>>>>> cas.authn.ldap[0].bindCredential=Password >>>>>> logging.level.org.apereo= DEBUG >>>>>> >>>>>> When I try to log in with the credentials, the LOG shows the following >>>>>> error: >>>>>> >>>>>> 2018-11-27 12:57:24,594 DEBUG >>>>>> [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - >>>>>> <Authentication handler >>>>>> [HttpBasedServiceCredentialsAuthenticationHandler] >>>>>> does not support the credential type >>>>>> [UsernamePasswordCredential(username=Test)]. Trying next...> >>>>>> >>>>>> 2018-11-27 12:57:24,629 INFO >>>>>> [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - >>>>>> <Audit >>>>>> trail record BEGIN >>>>>> >>>>>> ============================================================= >>>>>> >>>>>> WHO: Test >>>>>> >>>>>> WHAT: Supplied credentials: >>>>>> [UsernamePasswordCredential(username=Test)] >>>>>> >>>>>> ACTION: AUTHENTICATION_FAILED >>>>>> >>>>>> APPLICATION: CAS >>>>>> >>>>>> WHEN: Tue Nov 27 12:57:24 CET 2018 >>>>>> >>>>>> >>>>>> From the server of cas with ldapsearch I can show all the information. >>>>>> >>>>>> Can you help me in this matter? It is an environment that needs to be >>>>>> authenticated with AD and I do not get it. >>>>>> >>>>>> Thank you so much. >>>>>> >>>>>> -- >>>>>> - Website: https://apereo.github.io/cas >>>>>> - Gitter Chatroom: https://gitter.im/apereo/cas >>>>>> - List Guidelines: https://goo.gl/1VRrw7 >>>>>> - Contributions: https://goo.gl/mh7qDG >>>>>> --- >>>>>> You received this message because you are subscribed to the Google >>>>>> Groups "CAS Community" group. >>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>> send an email to [email protected]. >>>>>> To view this discussion on the web visit >>>>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/57d36eab-e109-42c8-9514-9476e9dcef8e%40apereo.org >>>>>> >>>>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/57d36eab-e109-42c8-9514-9476e9dcef8e%40apereo.org?utm_medium=email&utm_source=footer> >>>>>> . >>>>>> >>>>> -- >>>> - Website: https://apereo.github.io/cas >>>> - Gitter Chatroom: https://gitter.im/apereo/cas >>>> - List Guidelines: https://goo.gl/1VRrw7 >>>> - Contributions: https://goo.gl/mh7qDG >>>> --- >>>> You received this message because you are subscribed to the Google >>>> Groups "CAS Community" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> To view this discussion on the web visit >>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/de868633-b559-43a0-8489-73a0a0efe219%40apereo.org >>>> >>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/de868633-b559-43a0-8489-73a0a0efe219%40apereo.org?utm_medium=email&utm_source=footer> >>>> . >>>> >>> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/8378915f-d57a-411c-a8fd-08ce55eb255c%40apereo.org >> >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/8378915f-d57a-411c-a8fd-08ce55eb255c%40apereo.org?utm_medium=email&utm_source=footer> >> . >> > > > -- > -Fazla. > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/adbf480d-ad7e-42a0-9226-880dc4310843%40apereo.org.
