Hi, I am using cas 5.0.8. I am working on Openldap authentication. I get an
invalid credentials error when I enter the username and password I created
on OpenLDAP.
add dependency for ldap
vim pom.xml0
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-ldap</artifactId>
<version>${cas.version}</version>
</dependency>
mkdir etc/cas/services
vim etc/cas/services/wildcard.json
{
/*
* Wildcard service definition that applies to any https or imaps url.
* Do not use this definition in a production environment.
*/
"@class" : "org.apereo.cas.services.
RegexRegisteredService",
"serviceId" : "^(http|https|imaps)://.*",
"name" : "HTTP/HTTPS/IMAPS wildcard",
"id" : 20170828090137,
"evaluationOrder" : 99999
}
vim etc/cas/config/cas.properties
cas.server.name: https://localhost:8443
cas.server.prefix: https://localhost:8443/cas
cas.adminPagesSecurity.ip=127\.0\.0\.1
cas.authn.accept.users=
logging.config: file:/etc/cas/config/log4j2.xml
# cas.serviceRegistry.config.location: classpath:/services
cas.serviceRegistry.config.location: file:/etc/cas/services
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].ldapUrl=ldap://x.x.x.x:389/dc=example,dc=org
cas.authn.ldap[0].useSsl=false
cas.authn.ldap[0].useStartTls=false
cas.authn.ldap[0].connectTimeout=5000
cas.authn.ldap[0].baseDn=dc=example,dc=org
cas.authn.ldap[0].userFilter=uid={user}
cas.authn.ldap[0].subtreeSearch=true
cas.authn.ldap[0].usePasswordPolicy=false
cas.authn.ldap[0].bind=cn=admin,dc=example,dc=org
cas.authn.ldap[0].bindCredential=xxxx
cas.authn.ldap[0].enhanceWithEntryResolver=false
cas.authn.ldap[0].dnFormat=uid=%s,dc=example,dc=org
cas.authn.ldap[0].principalAttributeId=uid
cas.authn.ldap[0].principalAttributePassword=
cas.authn.ldap[0].principalAttributeList=sn,cn:commonName,givenName
cas.authn.ldap[0].allowMultiplePrincipalAttributeValues=true
cas.authn.ldap[0].minPoolSize=3
cas.authn.ldap[0].maxPoolSize=10
cas.authn.ldap[0].idleTime=20000
cas.authn.ldap[0].validateOnCheckout=true
cas.authn.ldap[0].validatePeriodically=true
cas.authn.ldap[0].validatePeriod=600
cas.authn.ldap[0].failFast=true
cas.authn.ldap[0].prunePeriod=5000
cas.authn.ldap[0].blockWaitTime=5000
cas.authn.ldap[0].allowMultipleDns=false
cas.authn.ldap[0].passwordEncoder.type=NONE
cas.authn.ldap[0].principalTransformation.suffix=
cas.authn.ldap[0].principalTransformation.caseConversion=NONE
cas.authn.ldap[0].principalTransformation.prefix=
cas.log
ERROR [org.ldaptive.pool.BlockingConnectionPool] -
<[org.ldaptive.pool.BlockingConnectionPool@665869765::name=null,
poolConfig=[org.ldaptive.pool.PoolConfig@351521213::minPoolSize=3,
maxPoolSize=10, validateOnCheckIn=false, validateOnCheckOut=true,
validatePeriodically=true, validatePeriod=PT10M], activator=null,
passivator=null, validator=[org.ldaptive.pool.SearchValidator@1746669779
::searchRequest=[org.ldaptive.SearchRequest@887831165::baseDn=,
searchFilter=[org.ldaptive.SearchFilter@1642584434::filter=(objectClass=*),
parameters={}], returnAttributes=[1.1], searchScope=OBJECT, timeLimit=PT0S,
sizeLimit=1, derefAliases=null, typesOnly=false, binaryAttributes=null,
sortBehavior=UNORDERED, searchEntryHandlers=null,
searchReferenceHandlers=null, controls=null, referralHandler=null,
intermediateResponseHandlers=null]]
pruneStrategy=[org.ldaptive.pool.IdlePruneStrategy@1419684819::prunePeriod=PT1H23M20S,
idleTime=PT5H33M20S], connectOnCreate=true,
connectionFactory=[org.ldaptive.DefaultConnectionFactory@1700201645
::provider=org.ldaptive.provider.jndi.JndiProvider@7ae302f8,
config=[org.ldaptive.ConnectionConfig@2111733340::ldapUrl=ldap://
161.9.194.153:389/dc=mys dc=pardus dc=org, connectTimeout=PT1H23M20S,
responseTimeout=null,
sslConfig=[org.ldaptive.ssl.SslConfig@1547665927::credentialConfig=null,
trustManagers=null, enabledCipherSuites=null, enabledProtocols=null,
handshakeCompletedListeners=null], useSSL=false, useStartTLS=false,
connectionInitializer=null,
connectionStrategy=org.ldaptive.DefaultConnectionStrategy@1109741]],
initialized=false, availableCount=0, activeCount=0] unable to connect to
the ldap>
org.ldaptive.provider.ConnectionException: javax.naming.NamingException:
Cannot parse url: dc=org [Root exception is java.net.MalformedURLException:
Invalid URI: dc=org]
at
org.ldaptive.provider.jndi.JndiConnectionFactory.createInternal(JndiConnectionFactory.java:90)
~[ldaptive-1.2.0.jar:?]
at
org.ldaptive.provider.jndi.JndiConnectionFactory.createInternal(JndiConnectionFactory.java:21)
~[ldaptive-1.2.0.jar:?]
at
org.ldaptive.provider.AbstractProviderConnectionFactory.create(AbstractProviderConnectionFactory.java:84)
~[ldaptive-1.2.0.jar:?]
at
org.ldaptive.DefaultConnectionFactory$DefaultConnection.open(DefaultConnectionFactory.java:267)
~[ldaptive-1.2.0.jar:?]
at
org.ldaptive.pool.AbstractConnectionPool.createConnection(AbstractConnectionPool.java:437)
~[ldaptive-1.2.0.jar:?]
at
org.ldaptive.pool.AbstractConnectionPool.createAvailableConnection(AbstractConnectionPool.java:476)
~[ldaptive-1.2.0.jar:?]
at
org.ldaptive.pool.AbstractConnectionPool.grow(AbstractConnectionPool.java:326)
~[ldaptive-1.2.0.jar:?]
at
org.ldaptive.pool.AbstractConnectionPool.initialize(AbstractConnectionPool.java:235)
~[ldaptive-1.2.0.jar:?]
at
org.apereo.cas.configuration.support.Beans.newBlockingConnectionPool(Beans.java:420)
~[cas-server-core-configuration-5.0.8.jar:5.0.8]
at
org.apereo.cas.configuration.support.Beans.newPooledConnectionFactory(Beans.java:431)
~[cas-server-core-configuration-5.0.8.jar:5.0.8]
at
org.apereo.cas.config.LdapAuthenticationConfiguration.getAuthenticatedOrAnonSearchAuthenticator(LdapAuthenticationConfiguration.java:239)
~[cas-server-support-ldap-5.0.8.jar:5.0.8]
at
org.apereo.cas.config.LdapAuthenticationConfiguration.getAuthenticator(LdapAuthenticationConfiguration.java:217)
~[cas-server-support-ldap-5.0.8.jar:5.0.8]
at
org.apereo.cas.config.LdapAuthenticationConfiguration.lambda$initLdapAuthenticationHandlers$3(LdapAuthenticationConfiguration.java:143)
~[cas-server-support-ldap-5.0.8.jar:5.0.8]
--
Merve CEYLAN
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CADu1p_hEr2Z3G1ChFcrnOL%3Da4%3DAH-3C_eHSSEXDseEniQ4_ZzA%40mail.gmail.com.
