I got this working. Thank you Misagh.
From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of Misagh Moayyed Sent: Wednesday, April 13, 2016 7:56 PM To: cas-user@apereo.org Subject: RE: [cas-user] question ldap auth ssl config upgrade 4.0.4 to 4.2 You add those as: trustCertificates="" trustStore="" trustStorePassword="changeit" trustStoreType="JKS" along with other attributes. From: cas-user@apereo.org<mailto:cas-user@apereo.org> [mailto:cas-user@apereo.org] On Behalf Of Nancy Snoke Sent: Wednesday, April 13, 2016 12:29 PM To: cas-user@apereo.org<mailto:cas-user@apereo.org> Subject: [cas-user] question ldap auth ssl config upgrade 4.0.4 to 4.2 We had breaking changes on the upgrade and I was going through each feature one at a time for the upgrade. Looking at the new ldap documentation I do not see how to add in ssl configuration (keystore, keystoreType, keystorePassword). Do I need to continue to use the dozen beans I had previously to set up ssl configuration? Current documentation shows using: <ldaptive:bind-search-authenticator id="authenticator" ldapUrl="${ldap.url}" baseDn="${ldap.baseDn}" userFilter="${ldap.authn.searchFilter}" bindDn="${ldap.managerDn}" bindCredential="${ldap.managerPassword}" connectTimeout="${ldap.connectTimeout}" useStartTLS="${ldap.useStartTLS}" blockWaitTime="${ldap.pool.blockWaitTime}" maxPoolSize="${ldap.pool.maxSize}" allowMultipleDns="${ldap.allowMultipleDns:false}" usePasswordPolicy="${ldap.usePpolicy:false}" minPoolSize="${ldap.pool.minSize}" validateOnCheckOut="${ldap.pool.validateOnCheckout}" validatePeriodically="${ldap.pool.validatePeriodically}" validatePeriod="${ldap.pool.validatePeriod}" idleTime="${ldap.pool.idleTime}" prunePeriod="${ldap.pool.prunePeriod}" failFastInitialize="true" subtreeSearch="${ldap.subtree.search:true}" useSSL="${ldap.use.ssl:true}" /> Previously I had <bean id="sslConfig" class="org.ldaptive.ssl.SslConfig"> <property name="credentialConfig"> <bean class="org.ldaptive.ssl.KeyStoreCredentialConfig" p:keyStore="${sslConfig.keyStore}" p:keyStoreType="${sslConfig.keyStoreType}" p:keyStorePassword="${sslConfig.keyStorePassword}" /> </property> </bean> Which does not fit in anywhere? Any suggestions? Thanks, Nancy -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org<mailto:cas-user+unsubscr...@apereo.org>. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/9144c61058d840a08ade1c2bd0e201d7%40TGI-EX13BE03.pgac.com<https://groups.google.com/a/apereo.org/d/msgid/cas-user/9144c61058d840a08ade1c2bd0e201d7%40TGI-EX13BE03.pgac.com?utm_medium=email&utm_source=footer>. For more options, visit https://groups.google.com/a/apereo.org/d/optout. -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org<mailto:cas-user+unsubscr...@apereo.org>. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/003f01d195e8%2477eac180%2467c04480%24%40unicon.net<https://groups.google.com/a/apereo.org/d/msgid/cas-user/003f01d195e8%2477eac180%2467c04480%24%40unicon.net?utm_medium=email&utm_source=footer>. For more options, visit https://groups.google.com/a/apereo.org/d/optout. -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/f6f15ae1006f40e69c5fa2bc49249feb%40TGI-EX13BE03.pgac.com. For more options, visit https://groups.google.com/a/apereo.org/d/optout.