Re: [cas-user] Problem install cas 6.0

[alain ubfc]

 Hello Ray,

Yes indeed I made a copy / paste.

I modified in the build.gradle file:

dependencies {
    compile
"org.apereo.cas:cas-server-webapp${project.appServer}:${casServerVersion}"
    // Other CAS dependencies/modules may be listed here...
    compile
"org.apereo.cas:cas-server-support-ldap:${project.'cas.version'}"
    compile "com.unboundid:unboundid-ldapsdk:4.0.9"
    compile
"org.apereo.cas:cas-server-support-aup-webflow:${project.'cas.version'}"
    compile
"org.apereo.cas:cas-server-support-aup-ldap:${project.'cas.version'}"

*Then in the file / etc / case / config*

cas.server.name=https://cas.test.univ-bfc.fr:8443
cas.server.prefix=${cas.server.name}/cas

logging.config: file:/etc/cas/config/log4j2.xml

# cas.authn.accept.users=

cas.acceptableUsagePolicy.enabled=true
cas.acceptableUsagePolicy.aupAttributeName=aupAccepted
cas.acceptableUsagePolicy.scope=AUTHENTICATION

### CNX LDAP
cas.authn.ldap[0].providerClass=org.ldaptive.provider.unboundid.UnboundIDProvider
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].useSsl=true
cas.authn.ldap[0].ldapUrl=ldap://192.168.0.54:389
cas.authn.ldap[0].baseDn=dc=test,dc=univ-bfc,dc=fr
cas.authn.ldap[0].subtreeSearch=true
cas.authn.ldap[0].searchFilter=uid={user}
cas.authn.ldap[0].principalAttributeList=cn,givenName,mail

# Regles Usages

cas.acceptableUsagePolicy.ldap.ldapUrl=Ldap:// 192.168.0.54:389
cas.acceptableUsagePolicy.ldap.baseDn=dc=test,dc=univ-bfc,dc=fr
cas.acceptableUsagePolicy.ldap.searchFilter=uid={user}
cas.acceptableUsagePolicy.ldap.providerClass=org.ldaptive.provider.unboundid.UnboundIDProvider
cas.acceptableUsagePolicy.ldap.connectTimeout=5000
cas.acceptableUsagePolicy.ldap.minPoolSize=3
cas.acceptableUsagePolicy.ldap.maxPoolSize=10
cas.acceptableUsagePolicy.ldap.validateOnCheckout=true
cas.acceptableUsagePolicy.ldap.validatePeriodically=true
cas.acceptableUsagePolicy.ldap.validatePeriod=600
cas.acceptableUsagePolicy.ldap.idleTime=500
cas.acceptableUsagePolicy.ldap.prunePeriod=600
cas.acceptableUsagePolicy.ldap.blockWaitTime=5000
cas.acceptableUsagePolicy.ldap.useStartTls=false

I have come the case logs: case-219-05-10-08-1.log in /var/log/
He tells me that:

2019-05-10 08:58:39,076 ERROR
[org.apache.catalina.core.AprLifecycleListener] - <An incompatible version
[1.2.12] of the APR based Apache Tomcat Native library is installed, while
Tomcat requires version [1.2.14]>

2019-05-10 08:58:39,402 ERROR
[org.apache.catalina.core.AprLifecycleListener] - <An incompatible version
[1.2.12] of the APR based Apache Tomcat Native library is installed, while
Tomcat requires version [1.2.14]>
Caused by: com.unboundid.ldap.sdk.LDAPException: An error occurred while
attempting to connect to server 192.168.0.54:389:
IOException(LDAPException(resultCode=91 (connect error),
errorMessage='Trust verification failed for 192.168.0.54' $,
ldapSDKVersion=4.0.10, revision=b2272901fd62ad978017ff1aeb049cafc1999b12))

019-05-10 08:58:46,603 DEBUG
[org.ldaptive.provider.unboundid.UnboundIDConnectionFactory] - <Error
connecting to LDAP URL: ldap:// 192.168.0.54:389>
org.ldaptive.provider.ConnectionException: LDAPException(resultCode=91
(connect error), errorMessage='An error occurred while attempting to
connect to server  192.168.0.54:389:
IOException(LDAPException(resultCode=91 (connect error), err$
        at
org.ldaptive.provider.unboundid.UnboundIDConnectionFactory.createInternal(UnboundIDConnectionFactory.java:65)
~[ldaptive-unboundid-1.2.4.jar!/:?]
Caused by: com.unboundid.ldap.sdk.LDAPException: An error occurred while
attempting to connect to server  192.168.0.54:389:
IOException(LDAPException(resultCode=91 (connect error),
errorMessage='Trust verification failed for 192.168.0.54:389 '$
        at
com.unboundid.ldap.sdk.LDAPConnection.connect(LDAPConnection.java:871)
~[unboundid-ldapsdk-4.0.10.jar!/:4.0.10]

I do not understand because with apache studio I connect well.

Alain

Le jeu. 9 mai 2019 à 19:04, Ray Bon <r...@uvic.ca> a écrit :

> Alain,
>
> After the commented out casuser line, add this to override a possible
> default:
> cas.authn.accept.users=
>
> Are you typing your config into the email or copy and paste? I ask because
> there are unexpected spaces in the keys:
>
> cas.authn.ldap [0] .baseDn = DC = test, DC = univ-bfc, DC = fr
>
> when it should be:
> cas.authn.ldap[0].baseDn
>
> and there is a missing '}'  on the searchFilter line.
> You might want to remove the spaces in the values as well (not sure how
> LDAP/AD will treat them).
>
> Increase the logging level:
>
> <Property name="cas.log.level">debug</Property>
> <Property name="ldap.log.level">debug</Property>
>
> If you are not able to see more details in the logs and casuser can still
> log in, it means that your config is not being read.
> CAS will try to copy cas.properties and log4j2.xml to /etc/cas. Make sure
> the user deploying cas has write access to this directory.
>
> Test your LDAP/AD settings with an external tool like ldapsearch or apache
> directory studio.
>
> Ray
>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CANGqrfNC2nmB%2Bf-ei%3DC7btqq2ZO%2B2VMbyRGvsZ9ykeOxuaRhaQ%40mail.gmail.com.