Hi, Maybe something is missing in my setup in fact. Without working example I
tried to guess after the content of the "all-properties.ref" file. Here is
what I am using right now : cas.authn.ldap[0].base-dn: dc=MY,dc=DOMAIN
cas.authn.ldap[0].bind-dn: cn=casldap,dc=MY,dc=DOMAIN
cas.authn.ldap[0].bind-credential: BIND_CRED
cas.authn.ldap[0].dn-format: uid=%s,ou=people,dc=MY,dc=DOMAIN
cas.authn.ldap[0].enhance-with-entry-resolver: true
cas.authn.ldap[0].ldap-url: ldaps://ldap.my.domain:636
#cas.authn.ldap[0].page-size: 0
cas.authn.ldap[0].password-encoder.type: NONE
cas.authn.ldap[0].search-filter: (uid={user})
cas.authn.ldap[0].subtree-search: true
cas.authn.ldap[0].type: AUTHENTICATED
cas.authn.ldap[0].use-start-tls: false
#cas.authn.ldap[0].principal-attribute-list:
givenName,displayName,mail,eduPersonPrimaryAffiliation,eduPersonAffiliation,uid,supanncivilite,departmentNumber,insaGrhumVlan
cas.authn.ldap[0].principal-attribute-list: givenName,displayName,mail
#cas.authn.ldap[0].disable-pooling: true
cas.authn.ldap[0].principal-attribute-id: uid
#cas.authn.ldap[0].pool-passivator: bind
#cas.monitor.ldap[0].pool-passivator: BIND
#cas.monitor.ldap[0].bind-dn: cn=casldap,dc=MY,dc=DOMAIN
#cas.monitor.ldap[0].bind-credential: BIND_CRED
#cas.authn.ldap[0].minPoolSize=3
#cas.authn.ldap[0].maxPoolSize=10
#cas.authn.ldap[0].validateOnCheckout=true
#cas.authn.ldap[0].validatePeriodically=true
#cas.authn.ldap[0].validate-period=PT5M
#cas.authn.ldap[0].validate-timeout=PT5S
#cas.authn.ldap[0].fail-fast=false
#cas.authn.ldap[0].idle-time=PT10M
#cas.authn.ldap[0].prune-period=PT2H
#cas.authn.ldap[0].block-wait-time=PT3S
#cas.authn.ldap[0].response-timeout=PT5S
#cas.authn.ldap[0].dn-format: uid=%s,dc=MY,dc=DOMAIN
cas.authn.ldap[0].validator.base-dn: dc=MY,dc=DOMAIN
cas.monitor.endpoints.ldap.bind-dn: cn=casldap,dc=MY,dc=DOMAIN Regards
Le 07-Jan-2022 06:34:49 +0100, [email protected] a crit:
On Thu, Jan 6, 2022 at 9:16 AM wrote:
2022-01-06 12:02:24,879 INFO o.l.PooledConnectionFactory [main] pool
initialized [org.ldaptive.PooledConnectionFactory@1337741679::name=null,
minPoolSize=3, maxPoolSize=10, validateOnCheckIn=false,
validateOnCheckOut=true, validatePeriodically=true,
activator=org.ldaptive.pool.AbstractConnectionPool$$Lambda$1787/0x00000008409e8440@1acc768,
passivator=[org.ldaptive.pool.BindConnectionPassivator@628513353::bindRequest=org.ldaptive.SimpleBindRequest@952806663::controls=null,
dn=cn=casldap,dc=MY,dc=DOMAIN],
validator=[org.ldaptive.SearchConnectionValidator@365999192::validatePeriod=PT5M,
validateTimeout=PT5S,
searchRequest=org.ldaptive.SearchRequest@-670020831::controls=null, dn=,
scope=OBJECT, aliases=NEVER, sizeLimit=1, timeLimit=PT0S, typesOnly=false,
filter=org.ldaptive.filter.PresenceFilter@b262ac96, returnAttributes=[1.1],
binaryAttributes=null],
pruneStrategy=[org.ldaptive.pool.IdlePruneStrategy@140260642::prunePeriod=PT2H,
idleTime=PT10M], connectOnCreate=true,
connectionFactory=[org.ldaptive.DefaultConnectionFactory@415117829::transport=[org.ldaptive.transport.netty.ConnectionFactoryTransport@1876525009::channelType=class
io.netty.channel.socket.nio.NioSocketChannel,
ioWorkerGroup=io.netty.channel.nio.NioEventLoopGroup@12c78f36,
messageWorkerGroup=null, shutdownOnClose=true],
config=[org.ldaptive.ConnectionConfig@2077969769::ldapUrl=ldaps://ldap.my.domain:636,
connectTimeout=PT5S, responseTimeout=PT5S, reconnectTimeout=PT2M,
autoReconnect=true,
autoReconnectCondition=org.ldaptive.ConnectionConfig$$Lambda$1783/0x00000008409c1440@129c760d,
autoReplay=true,
sslConfig=[org.ldaptive.ssl.SslConfig@908043384::credentialConfig=null,
trustManagers=null,
hostnameVerifier=org.ldaptive.ssl.DefaultHostnameVerifier@180f33b2,
enabledCipherSuites=null, enabledProtocols=null,
handshakeCompletedListeners=null, handshakeTimeout=PT1M], useStartTLS=false,
connectionInitializers=[org.ldaptive.BindConnectionInitializer@937346147::bindDn=cn=casldap,dc=MY,dc=DOMAIN,
bindSaslConfig=null, bindControls=null],
connectionStrategy=org.ldaptive.ActivePassiveConnectionStrategy@391e85df,
connectionValidator=null, transportOptions={}]], failFastInitialize=true,
initialized=true, availableCount=3, activeCount=0, blockWaitTime=PT3S]
2022-01-06 12:12:29,880 WARN o.l.PooledConnectionFactory
[PooledConnectionFactory@1337741679]
org.ldaptive.pool.AbstractConnectionPool$DefaultPooledConnectionProxy@861dc91
failed validation I can't say exactly because there are logs missing between
12:02 and 12:12, but my best guess is that your validation search is timing
out. It must return within 5 seconds or the validation would fail in this
manner. Check your LDAP server logs for a rootDSE search for (objectClass=*).
You may need to change your validation config to search on a different branch.
--Daniel Fisher
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAFC6YwQ0U9ByE8XJFGnh_b4FUJagk%2BUeWs4aEo4O70XcYNOsvg%40mail.gmail.com.
-------------------------------------------------------------------------------------------------
FreeMail powered by mail.fr
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/20220107080356.C45F6C009D%40smtp04.mail.de.
