Hello,
I had that exact error. When you build your cas.war file make sure the ldap dependency embedded inside pom.xml. If you don’t After that, the cas.properties file must be formatted correctly. This is what stumped me the most. Thanks to David Curry for helping me out on this. Mine LDAP inside of cas.properties looks like this. Pay attention to the numbers in scheme zero and one and so forth if you have multiple authentication handlers. # Employee LDAP cas.authn.ldap[0].useSsl: true cas.authn.ldap[0].order: 0 cas.authn.ldap[0].name: Employee-LDAP cas.authn.ldap[0].type: AUTHENTICATED cas.authn.ldap[0].ldapUrl: ldaps://devm.philasd.net cas.authn.ldap[0].validatePeriod: 270 cas.authn.ldap[0].userFilter: uid={user} cas.authn.ldap[0].baseDn: dc=philasd,dc=org cas.authn.ldap[0].bindDn: uid=cauth,ou=svc_accts,dc=philasd,dc=org cas.authn.ldap[0].bindCredential: xxxxx # #LDAP for SG (Student Guardian) cas.authn.ldap[1].useSsl: true cas.authn.ldap[1].order: 1 cas.authn.ldap[1].name: SG-LDAP cas.authn.ldap[1].type: AUTHENTICATED cas.authn.ldap[1].ldapUrl: ldaps://devsgm.philasd.net cas.authn.ldap[1].validatePeriod: 270 cas.authn.ldap[1].userFilter: uid={user} cas.authn.ldap[1].baseDn: dc=philasd,dc=org cas.authn.ldap[1].bindDn: uid=casauth,ou=svc_accts,dc=philasd,dc=org cas.authn.ldap[1].bindCredential: xxxxx =========================== Thank You; Chris Cheltenham Technology Services The School District of Philadelphia Work # 215-400-5025 Cell # 215-301-6571 From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of Satnam Sarai Sent: Tuesday, February 13, 2018 10:04 AM To: CAS Community <cas-user@apereo.org> Subject: [cas-user] org.apereo.cas.authentication.PolicyBasedAuthenticationManager thow an error in log when user input Invalid credentials. Hello, we are upgrade cas to 5.2.x, we noticed that cas throw an error in log/email when user input Invalid credentials. In this case we don't want to receive notification when user inputs Invalid credentials as long cas blocks the (log will grow exponentially and email notifications will not be useful). Is anybody else see these errors in the log as well? Did we set up something incorrectly? Here is part of CAS log __ ____ _ ____ __ / / / ___| / \ / ___| \ \ | | | | / _ \ \___ \ | | | | | |___ / ___ \ ___) | | | | | \____| /_/ \_\ |____/ | | \_\ /_/ CAS Version: 5.2.2 CAS Commit Id: eefb26e6ea0f3f0505ea7dcfc7e11c4ebcb44b7d CAS Build Date/Time: 1970-01-01T00:00Z Spring Boot Version: 1.5.8.RELEASE ------------------------------------------------------------ Java Home: C:\Program Files\Java\jre8U152 Java Vendor: Oracle Corporation Java Version: 1.8.0_152 JVM Free Memory: 1 GB JVM Maximum Memory: 7 GB JVM Total Memory: 2 GB JCE Installed: No ------------------------------------------------------------ OS Architecture: amd64 OS Name: Windows 7 OS Version: 6.1 OS Date/Time: 2018-02-13T06:47:54.498 OS Temp Directory: C:\Projects\PASS5.2\trunk\test\apache-tomcat\cat_base\temp ------------------------------------------------------------ ←[0m 2018-02-13 06:48:10,827 WARN [org.apereo.cas.web.report.util.ControllerUtils] - <Logging configuration cannot be found in the environment settings> 2018-02-13 06:48:21,362 WARN [org.apereo.cas.web.report.util.ControllerUtils] - <Logging configuration cannot be found in the environment settings> 2018-02-13 06:48:25,942 WARN [org.apereo.cas.config.CasCoreServicesConfiguration] - <Runtime memory is used as the persistence storage for retrieving and persisting service definitions. Changes that a re made to service definitions during runtime WILL be LOST upon container restarts. Ideally for production, you need to choose a storage option (JDBC, etc) to store and track service definitions.> 13-Feb-2018 06:48:27.111 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployWAR Deployment of web application archive [C:\Projects\PASS5.2\trunk\test\apache-tomcat\cat_base\weba pps\ROOT##0014.war] has finished in [46,788] ms 13-Feb-2018 06:48:27.114 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler ["http-nio-8080"] 13-Feb-2018 06:48:27.127 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler ["https-openssl-nio-8443"] 13-Feb-2018 06:48:27.132 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler ["ajp-nio-8009"] 13-Feb-2018 06:48:27.137 INFO [main] org.apache.catalina.startup.Catalina.start Server startup in 47459 ms 2018-02-13 06:50:35,302 WARN [org.apereo.cas.authentication.LdapAuthenticationHandler] - <DN resolution failed. [DN cannot be null]> 2018-02-13 06:50:35,303 ERROR [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <Authentication has failed. Credentials may be incorrect or CAS cannot find authentication handler that supports [t...@test.com] of type [UsernamePasswordCredential].> -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org <mailto:cas-user+unsubscr...@apereo.org> . To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1adc9541-9f73-49bf-9904-3abb2e3e7c55%40apereo.org <https://groups.google.com/a/apereo.org/d/msgid/cas-user/1adc9541-9f73-49bf-9904-3abb2e3e7c55%40apereo.org?utm_medium=email&utm_source=footer> . -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/002601d3a4de%24e956ef40%24bc04cdc0%24%40philasd.org.