I follow this guide, but this seems impossible.... SSO with LDAP dosn't work but my ldapsearch it's working anb binding all users.
Any suggestion? Thank in advantage. El miércoles, 28 de noviembre de 2018, 16:06:23 (UTC+1), João Henriques escribió: > > Check this thread: > > https://groups.google.com/a/apereo.org/d/topic/cas-user/LBfDaRPQ5Ds/discussion > > Maybe it helps. > > > quarta-feira, 28 de Novembro de 2018 às 14:07:25 UTC, Dirk Tepe escreveu: >> >> Have you included LDAP support in your POM dependencies when you built >> the WAR file? >> >> https://apereo.github.io/cas/5.3.x/installation/LDAP-Authentication.html >> >> That error seems to indicate your CAS instance is not even capable of >> using LDAP. >> >> -dirk >> >> On Wed, Nov 28, 2018 at 7:26 AM Carlos Morales <[email protected]> >> wrote: >> >>> Hello, >>> >>> Here mi AD: >>> >>> My ldapsearch works correctly and bind OK, but my CAS dosn't connect >>> with AD and give me the following error: >>> >>> 2018-11-28 13:22:47,186 DEBUG >>> [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - >>> <Authentication handler [HttpBasedServiceCredentialsAuthenticationHandler] >>> does not support the credential type >>> [UsernamePasswordCredential(username=asdf)]. Trying next...> >>> >>> My application.properties: >>> >>> cas.authn.ldap[0].type= AD >>> cas.authn.ldap[0].ldapUrl= ldap://IP:389 >>> cas.authn.ldap[0].useSsl= false >>> cas.authn.ldap[0].useStartTls= false >>> cas.authn.ldap[0].connectTimeout= 3000 >>> cas.authn.ldap[0].baseDn= OU=VDI,DC=domain,DC=local >>> cas.authn.ldap[0].searchFilter= sAMAaccountName={user} >>> cas.authn.ldap[0].subtreeSearch= true >>> cas.authn.ldap[0].dnFormat= %s@domain >>> cas.authn.ldap[0].principalAttributeId= asdf >>> cas.authn.ldap[0].principalAttributePassword=nPASS >>> cas.authn.ldap[0].bindCredential=PASS >>> logging.level.org.apereo= DEBUG >>> cas.authn.ldap[0].allowMultipleDns= false >>> # >>> >>> Thank you so much >>> >>> Any option? >>> >>> El miércoles, 28 de noviembre de 2018, 11:49:10 (UTC+1), casuser >>> escribió: >>>> >>>> Do you have a user called "test" in the Active Directory? >>>> *[HttpBasedServiceCredentialsAuthenticationHandler] does not support >>>> the credential type [UsernamePasswordCredential (username = Test)]. * >>>> And try this cas.authn.ldap[0].searchFilter=sAMAccountName={user} >>>> >>>> >>>> On Wed, Nov 28, 2018 at 6:14 PM Carlos Morales <[email protected]> >>>> wrote: >>>> >>>>> I have tried more options like: >>>>> cas.authn.ldap[0].searchFilter= cn={user} >>>>> cas.authn.ldap[0].userFilter=uid={user} >>>>> sAMAccountName >>>>> >>>>> But all of them same error: >>>>> >>>>> <Authentication handler >>>>> [HttpBasedServiceCredentialsAuthenticationHandler] does not support the >>>>> credential type [UsernamePasswordCredential (username = Test)]. Trying >>>>> next ...> >>>>> >>>>> Any option? >>>>> >>>>> Thank you so much. >>>>> >>>>> El martes, 27 de noviembre de 2018, 18:15:20 (UTC+1), casuser escribió: >>>>>> >>>>>> Check your active directory field to verify the username, we had the >>>>>> same problem then we switched it back to sAMAccountName from cn >>>>>> >>>>>> On Wed, 28 Nov 2018, 12:34 am Carlos Morales <[email protected] >>>>>> wrote: >>>>>> >>>>>>> Sorry, the syntax is correct as you said it is n and not m, but it >>>>>>> still does not work showing the same error: >>>>>>> >>>>>>> <Authentication handler >>>>>>> [HttpBasedServiceCredentialsAuthenticationHandler] does not support the >>>>>>> credential type [UsernamePasswordCredential (username = Test)]. Trying >>>>>>> next ...> >>>>>>> >>>>>>> Any other option? >>>>>>> >>>>>>> El martes, 27 de noviembre de 2018, 17:07:25 (UTC+1), casuser >>>>>>> escribió: >>>>>>>> >>>>>>>> Aren't that supposed to be cn instead of cm in the searchfilter >>>>>>>> value field >>>>>>>> >>>>>>>> On Tue, 27 Nov 2018, 11:18 pm Carlos Morales <[email protected] >>>>>>>> wrote: >>>>>>>> >>>>>>>>> >>>>>>>>> Good afternoon, I have installed CAS in the new version 5.3.0, once >>>>>>>>> modified the application.properties and indicated that the default >>>>>>>>> credentials stop working I have tried to add the follow >>>>>>>>> cas.authn.ldap[0].type= AD >>>>>>>>> cas.authn.ldap[0].ldapUrl= ldap://IP:389 >>>>>>>>> cas.authn.ldap[0].useSsl= false >>>>>>>>> cas.authn.ldap[0].useStartTls= false >>>>>>>>> cas.authn.ldap[0].connectTimeout= 3000 >>>>>>>>> cas.authn.ldap[0].baseDn= OU=VDI,DC=domain,DC=local >>>>>>>>> cas.authn.ldap[0].searchFilter= cm={user} >>>>>>>>> cas.authn.ldap[0].subtreeSearch= true >>>>>>>>> cas.authn.ldap[0].dnFormat= %s@domain >>>>>>>>> >>>>>>>>> cas.authn.ldap[0].principalAttributeId= Admin >>>>>>>>> cas.authn.ldap[0].principalAttributePassword=Password >>>>>>>>> cas.authn.ldap[0].bindCredential=Password >>>>>>>>> logging.level.org.apereo= DEBUG >>>>>>>>> >>>>>>>>> When I try to log in with the credentials, the LOG shows the >>>>>>>>> following error: >>>>>>>>> >>>>>>>>> 2018-11-27 12:57:24,594 DEBUG >>>>>>>>> [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - >>>>>>>>> <Authentication handler >>>>>>>>> [HttpBasedServiceCredentialsAuthenticationHandler] >>>>>>>>> does not support the credential type >>>>>>>>> [UsernamePasswordCredential(username=Test)]. Trying next...> >>>>>>>>> >>>>>>>>> 2018-11-27 12:57:24,629 INFO >>>>>>>>> [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - >>>>>>>>> <Audit >>>>>>>>> trail record BEGIN >>>>>>>>> >>>>>>>>> ============================================================= >>>>>>>>> >>>>>>>>> WHO: Test >>>>>>>>> >>>>>>>>> WHAT: Supplied credentials: >>>>>>>>> [UsernamePasswordCredential(username=Test)] >>>>>>>>> >>>>>>>>> ACTION: AUTHENTICATION_FAILED >>>>>>>>> >>>>>>>>> APPLICATION: CAS >>>>>>>>> >>>>>>>>> WHEN: Tue Nov 27 12:57:24 CET 2018 >>>>>>>>> >>>>>>>>> >>>>>>>>> From the server of cas with ldapsearch I can show all the information. >>>>>>>>> >>>>>>>>> Can you help me in this matter? It is an environment that needs to be >>>>>>>>> authenticated with AD and I do not get it. >>>>>>>>> >>>>>>>>> Thank you so much. >>>>>>>>> >>>>>>>>> -- >>>>>>>>> - Website: https://apereo.github.io/cas >>>>>>>>> - Gitter Chatroom: https://gitter.im/apereo/cas >>>>>>>>> - List Guidelines: https://goo.gl/1VRrw7 >>>>>>>>> - Contributions: https://goo.gl/mh7qDG >>>>>>>>> --- >>>>>>>>> You received this message because you are subscribed to the Google >>>>>>>>> Groups "CAS Community" group. >>>>>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>>>>> send an email to [email protected]. >>>>>>>>> To view this discussion on the web visit >>>>>>>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/57d36eab-e109-42c8-9514-9476e9dcef8e%40apereo.org >>>>>>>>> >>>>>>>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/57d36eab-e109-42c8-9514-9476e9dcef8e%40apereo.org?utm_medium=email&utm_source=footer> >>>>>>>>> . >>>>>>>>> >>>>>>>> -- >>>>>>> - Website: https://apereo.github.io/cas >>>>>>> - Gitter Chatroom: https://gitter.im/apereo/cas >>>>>>> - List Guidelines: https://goo.gl/1VRrw7 >>>>>>> - Contributions: https://goo.gl/mh7qDG >>>>>>> --- >>>>>>> You received this message because you are subscribed to the Google >>>>>>> Groups "CAS Community" group. >>>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>>> send an email to [email protected]. >>>>>>> To view this discussion on the web visit >>>>>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/de868633-b559-43a0-8489-73a0a0efe219%40apereo.org >>>>>>> >>>>>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/de868633-b559-43a0-8489-73a0a0efe219%40apereo.org?utm_medium=email&utm_source=footer> >>>>>>> . >>>>>>> >>>>>> -- >>>>> - Website: https://apereo.github.io/cas >>>>> - Gitter Chatroom: https://gitter.im/apereo/cas >>>>> - List Guidelines: https://goo.gl/1VRrw7 >>>>> - Contributions: https://goo.gl/mh7qDG >>>>> --- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "CAS Community" group. >>>>> To unsubscribe from this group and stop receiving emails from it, send >>>>> an email to [email protected]. >>>>> To view this discussion on the web visit >>>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/8378915f-d57a-411c-a8fd-08ce55eb255c%40apereo.org >>>>> >>>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/8378915f-d57a-411c-a8fd-08ce55eb255c%40apereo.org?utm_medium=email&utm_source=footer> >>>>> . >>>>> >>>> >>>> >>>> -- >>>> -Fazla. >>>> >>> -- >>> - Website: https://apereo.github.io/cas >>> - Gitter Chatroom: https://gitter.im/apereo/cas >>> - List Guidelines: https://goo.gl/1VRrw7 >>> - Contributions: https://goo.gl/mh7qDG >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "CAS Community" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/adbf480d-ad7e-42a0-9226-880dc4310843%40apereo.org >>> >>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/adbf480d-ad7e-42a0-9226-880dc4310843%40apereo.org?utm_medium=email&utm_source=footer> >>> . >>> >> -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/cfb7956b-a037-4d38-bc93-da516cdb4abe%40apereo.org.
