Alain,
After the commented out casuser line, add this to override a possible default:
cas.authn.accept.users=
Are you typing your config into the email or copy and paste? I ask because
there are unexpected spaces in the keys:
cas.authn.ldap [0] .baseDn = DC = test, DC = univ-bfc, DC = fr
when it should be:
cas.authn.ldap[0].baseDn
and there is a missing '}' on the searchFilter line.
You might want to remove the spaces in the values as well (not sure how LDAP/AD
will treat them).
Increase the logging level:
<Property name="cas.log.level">debug</Property>
<Property name="ldap.log.level">debug</Property>
If you are not able to see more details in the logs and casuser can still log
in, it means that your config is not being read.
CAS will try to copy cas.properties and log4j2.xml to /etc/cas. Make sure the
user deploying cas has write access to this directory.
Test your LDAP/AD settings with an external tool like ldapsearch or apache
directory studio.
Ray
On Thu, 2019-05-09 at 10:27 +0200, alain ubfc wrote:
Hello Ray
Thank you for your answer.
I followed the documentation you gave me.
When i am in case.property.
I put a # to disable the casuser / Mellon demo account.
But it does not matter.
Then I put the config for ldap.
Can you tell me if that's good.
cas.authn.ldap [0] .type = AUTHENTICATED cas.authn.ldap [0] .ldapUrl =
ldap: //192.168.0.54
cas.authn.ldap [0] .baseDn = DC = test, DC = univ-bfc, DC = fr
cas.authn.ldap [0] .searchFilter = cn = {user cas.authn.ldap [0] .bindDn =
cn = Users, DC = test, DC = fr
cas.authn.ldap [0] .bindCredential = PASSWORD
thank you so much
Le mer. 8 mai 2019 à 20:33, Ray Bon <
<mailto:[email protected]>
[email protected]
> a écrit :
Alain,
The '#' marks the line as a comment. Use it to turn off config items when
trying different things.
Ray
On Wed, 2019-05-08 at 19:38 +0200, Alain UBFC wrote:
Ray,
So I added the LDAP configuration in the case.properties file
# cas.authn.ldap [0] .type = AUTHENTICATED
# cas.authn.ldap [0] .ldapUrl = ldap: //192.168.0.246
# cas.authn.ldap [0] .baseDn = DC = seat, DC = test, DC = en
# cas.authn.ldap [0] .searchFilter = cn = {user}
# cas.authn.ldap [0] .bindDn = cn = Users, DC = seat, DC = test, DC = en
# cas.authn.ldap [0] .bindCredential = PASSWORD_ADMINISTRAOR
Should I put a # or not?
Is that good?
thank you in advance
------------------------------
*De: *"Ray Bon" <
<mailto:[email protected]>
[email protected]
>
*À:
<mailto:*[email protected]>
*[email protected]
*Envoyé: *Mercredi 8 Mai 2019 19:29:00
*Objet : *Re: [cas-user] Problem install cas 6.0
Alain,
Only add the configuration items that you need to change. Everything else
will get set with defaults.
Get you AD connection config from your AD administrator(s). It should make
sense what CAS config items need to be set.
Ray
On Wed, 2019-05-08 at 17:26 +0200, Alain UBFC wrote:
Hello,
Thank you very much for the information.
When I go into the case.properties properties in the opt /
cas-overlay-template / etc / case / config / folder
That's what I put
# Define the attributes to retrieve from LDAP as part of the same
authentication transaction
# The left size indicates the source while the right size indicates
optional renaming / remapping.
# of the attribute definition. The same attribute name can be mapped
multiple times on
# different attribute names.
#
# cas.authn.ldap [0] .principalAttributeList = sn, cn: common name, given
name, eduPersonTargettedId: SOME_IDENTIFIER
# cas.authn.ldap [0] .collectDnAttribute = false
# cas.authn.ldap [0] .principalDnAttributeName = principalLdapDn
# cas.authn.ldap [0] .allowMultiplePrincipalAttributeValues = true
# cas.authn.ldap [0] .allowMissingPrincipalAttributeValue = true
# cas.authn.ldap [0] .credentialCriteria =
$ {#} ConfigurationKey .ldapUrl = ldap: //siege.test.fr
$ {#} ConfigurationKey .bindDn = cn = admin, dc = seat, dc = test, dc = com
$ {#} ConfigurationKey .bindCredential = Password
$ {#} ConfigurationKey .poolPassivator = NONE | CLOSE | BIND
$ {#} ConfigurationKey .connectionStrategy =
$ {#} ConfigurationKey .providerClass =
org.ldaptive.provider.unboundid.UnboundIDProvider
$ {#} ConfigurationKey .connectTimeout = PT5S
$ {#} ConfigurationKey .trustCertificates =
$ {#} ConfigurationKey .keystore =
$ {#} ConfigurationKey .keystorePassword =
$ {#} ConfigurationKey .keystoreType = JKS | JCEKS | PKCS12
$ {#} ConfigurationKey .minPoolSize = 3
$ {} ConfigurationKey .validateOnCheckout = true
$ {#} ConfigurationKey .validatePeriodically = true
$ {#} ConfigurationKey .validatePeriod = PT5M
$ {#} ConfigurationKey .validateTimeout = PT5S
$ {#} ConfigurationKey .failFast = true
$ {#} ConfigurationKey .idleTime = PT10M
$ {#} ConfigurationKey .prunePeriod = PT2H
$ {#} ConfigurationKey .blockWaitTime = PT3S
$ {#} ConfigurationKey .useSsl = true
$ {#} ConfigurationKey .useStartTls = false
$ {#} ConfigurationKey .responseTimeout = PT5S
$ {#} ConfigurationKey .allowMultipleDns = false
$ {#} ConfigurationKey .allowMultipleEntries = false
$ {#} ConfigurationKey .followReferrals = false
$ {#} ConfigurationKey .binaryAttributes = objectGUID, someOtherAttribute
$ {#} .Name = configurationKey
I do not know what to put to join my Windows server Active Directory 2016.
thank you in advance
------------------------------
*De: *"Ray Bon" <
<mailto:[email protected]>
[email protected]
>
*À:
<mailto:*[email protected]>
*[email protected]
*Envoyé: *Mardi 7 Mai 2019 17:18:38
*Objet : *Re: [cas-user] Problem install cas 6.0
Alain,
Take a look at,
<https://dacurry-tns.github.io/deploying-apereo-cas/introduction_overview.html>
https://dacurry-tns.github.io/deploying-apereo-cas/introduction_overview.html
(which is for CAS 5), to get an idea of the things you will need to do.
CAS 6 docs are
<https://apereo.github.io/cas/6.0.x/index.html>
https://apereo.github.io/cas/6.0.x/index.html
. There is
AD,
<https://apereo.github.io/cas/6.0.x/installation/LDAP-Authentication.html>
https://apereo.github.io/cas/6.0.x/installation/LDAP-Authentication.html
and ADFS,
<https://apereo.github.io/cas/6.0.x/integration/ADFS-Integration.html>
https://apereo.github.io/cas/6.0.x/integration/ADFS-Integration.html
.
Ray
On Tue, 2019-05-07 at 16:28 +0200, alain ubfc wrote:
Hello everyone
I just installed apereo case.
Then I do not know how I can link my ad to Apereo Cas.
What should I do next?
Thank you
# CAS installation
Add backports to the repository:
deb
<http://deb.debian.org/debian/>
http://deb.debian.org/debian/
stretch-backports main contrib non-free
Update the system
apt update
apt upgrade
Installation of the necessary packages
apt install openjdk-11-jr openjdk-11-jdk maven build-essential git
Configure the JAVA environment variable
echo "JAVA_HOME = / usr / lib / jvm / java-11-openjdk-amd64 /" >> / etc /
environment
source / etc / environment
Check the environment variable
echo $ JAVA_HOME
* Installation of gradlew ??? *
Retrieve the project
git clone
<https://github.com/apereo/cas-overlay-template>
https://github.com/apereo/cas-overlay-template
/ Cd / Case-overlay-template
./gradlew clean
Compile the project
./gradlew clean copyCasConfiguration build
./gradlew createKeystore
./gradlew run
--
Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE 019 |
<mailto:[email protected]>
[email protected]
--
- Website:
<https://apereo.github.io/cas>
https://apereo.github.io/cas
- Gitter Chatroom:
<https://gitter.im/apereo/cas>
https://gitter.im/apereo/cas
- List Guidelines:
<https://goo.gl/1VRrw7>
https://goo.gl/1VRrw7
- Contributions:
<https://goo.gl/mh7qDG>
https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups
"CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to
<mailto:[email protected]>
[email protected]
.
To view this discussion on the web visit
<https://groups.google.com/a/apereo.org/d/msgid/cas-user/91c45bf818fcd966ff737d64b101c5c6f09e1477.camel%40uvic.ca>
https://groups.google.com/a/apereo.org/d/msgid/cas-user/91c45bf818fcd966ff737d64b101c5c6f09e1477.camel%40uvic.ca
<
<https://groups.google.com/a/apereo.org/d/msgid/cas-user/91c45bf818fcd966ff737d64b101c5c6f09e1477.camel%40uvic.ca?utm_medium=email&utm_source=footer>
https://groups.google.com/a/apereo.org/d/msgid/cas-user/91c45bf818fcd966ff737d64b101c5c6f09e1477.camel%40uvic.ca?utm_medium=email&utm_source=footer
>
.
--
Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE 019 |
<mailto:[email protected]>
[email protected]
--
- Website:
<https://apereo.github.io/cas>
https://apereo.github.io/cas
- Gitter Chatroom:
<https://gitter.im/apereo/cas>
https://gitter.im/apereo/cas
- List Guidelines:
<https://goo.gl/1VRrw7>
https://goo.gl/1VRrw7
- Contributions:
<https://goo.gl/mh7qDG>
https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups
"CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to
<mailto:[email protected]>
[email protected]
.
To view this discussion on the web visit
<https://groups.google.com/a/apereo.org/d/msgid/cas-user/39154dc3bd47400383ffe202149da23b8228f0e6.camel%40uvic.ca>
https://groups.google.com/a/apereo.org/d/msgid/cas-user/39154dc3bd47400383ffe202149da23b8228f0e6.camel%40uvic.ca
<
<https://groups.google.com/a/apereo.org/d/msgid/cas-user/39154dc3bd47400383ffe202149da23b8228f0e6.camel%40uvic.ca?utm_medium=email&utm_source=footer>
https://groups.google.com/a/apereo.org/d/msgid/cas-user/39154dc3bd47400383ffe202149da23b8228f0e6.camel%40uvic.ca?utm_medium=email&utm_source=footer
>
.
--
Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE 019 |
<mailto:[email protected]>
[email protected]
--
- Website:
<https://apereo.github.io/cas>
https://apereo.github.io/cas
- Gitter Chatroom:
<https://gitter.im/apereo/cas>
https://gitter.im/apereo/cas
- List Guidelines:
<https://goo.gl/1VRrw7>
https://goo.gl/1VRrw7
- Contributions:
<https://goo.gl/mh7qDG>
https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups
"CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to
<mailto:[email protected]>
[email protected]
.
To view this discussion on the web visit
<https://groups.google.com/a/apereo.org/d/msgid/cas-user/65890f8b5bb789f5280af4ff9c6608660cc899d9.camel%40uvic.ca>
https://groups.google.com/a/apereo.org/d/msgid/cas-user/65890f8b5bb789f5280af4ff9c6608660cc899d9.camel%40uvic.ca
<
<https://groups.google.com/a/apereo.org/d/msgid/cas-user/65890f8b5bb789f5280af4ff9c6608660cc899d9.camel%40uvic.ca?utm_medium=email&utm_source=footer>
https://groups.google.com/a/apereo.org/d/msgid/cas-user/65890f8b5bb789f5280af4ff9c6608660cc899d9.camel%40uvic.ca?utm_medium=email&utm_source=footer
>
.
--
______________________________________________________________
Alain Dos Reis - Pasquault
Adresse mail :
<mailto:[email protected]>
[email protected]
--
Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE 019 | [email protected]
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/c69d8a52b06017f0568b5a904b06dfed8c707d7f.camel%40uvic.ca.
