Irvan,
All I have is the following:
cas.authn.radius.name=Radius
cas.authn.radius.server.protocol=PAP
cas.authn.radius.server.retries=1
cas.authn.radius.client.authenticationPort=1645
cas.authn.radius.client.sharedSecret=<shared secret>
cas.authn.radius.client.inetAddress=<IP of Radius Server>
cas.authn.radius.client.accountingPort=1646
If your missing any core CAS Bits or directives it should complain
loudly when you start up CAS.
As well running your freeradius (if you can) with the -xX switches will
show your more than enough debugging information.
You need to get down to good old 101 level troubleshooting.
* Confirm networking 101, i.e. can you ping the Rad. Server
* Can you see packets arriving on the Radius Server?
* Your sure the shared secret/clients configuration is right/correct?
(even if not again running in -xX will who the connection being dropped.
Anyhow as mentioned between running CAS with debug log levels and
running FreeRadius in such levels should give you clear indications of
where there are issues.
Colin
On 11/29/20 1:40 PM, irvan suryadi wrote:
Hello all,
Related to the development of the CAS system using the Freeradius
authenticator. I've added some configurations based on directions from
the documentation on the Apereo CAS website.
However after I did some of this configuration. My freeradius server
is still not responding to an authentication request from my CAS server.
Are there any other configurations required for these two servers to
communicate with each other? Or is there something wrong I did in this
configuration?
Regards,
Irvan
------------------------------------------------------------------------------------------------------------------
The following is my server configuration :
# Versions
- CAS `6.3.x`
- JDK `11`
*#The CAS Server :*
#cas.properties file :
cas.serviceRegistry.json.location: file:/etc/cas/services
cas.authn.accept.enabled=false
server.port = 8443
cas.authn.policy.required-handler-authentication-policy-enabled=true
cas.authn.policy.req.try-all=false
cas.authn.policy.req.handler-name=Radius
cas.authn.policy.req.enabled=true
cas.authn.radius.name=Radius
cas.authn.radius.server.protocol=EAP_MSCHAPv2
cas.authn.radius.server.retries=1
cas.authn.radius.client.authenticationPort=1812
cas.authn.radius.client.sharedSecret=casserver
cas.authn.radius.client.inetAddress=192.168.1.2 (my freeradius IP Address)
cas.authn.radius.client.accountingPort=1813
#My Service Registry File (file name : application-10000001.json) :
---Location /etc/cas/services---
{
"@class" : "org.apereo.cas.services.RegexRegisteredService",
"serviceId" : "^(https|imaps)://.*",
"name" : "HTTPS and IMAPS",
"id" : 10000001,
"evaluationOrder": 99999,
"authenticationPolicy" : {
"@class" :
"org.apereo.cas.services.DefaultRegisteredServiceAuthenticationPolicy",
"requiredAuthenticationHandlers" : ["java.util.TreeSet", [ "Radius" ]]
}
}
#My Build.gradle files (Dependencies Registered) :
dependencies {
if (project.hasProperty("casmodules")) {
def dependencies = project.getProperty("casmodules").split(",")
dependencies.each {
implementation "org.apereo.cas:cas-server-${it}:${casServerVersion}"
implementation
"org.apereo.cas:cas-server-support-radius:${project.'cas.version'}"
implementation
"org.apereo.cas:cas-server-support-simple-mfa:${project.'cas.version'}"
}
}
// https://mvnrepository.com/artifact/gnu.getopt/java-getopt
compile group: 'gnu.getopt', name: 'java-getopt', version: '1.0.13'
compile
"org.apereo.cas:cas-server-webapp${project.appServer}:${casServerVersion}"
// Other CAS dependencies/modules may be listed here...
compile
"org.apereo.cas:cas-server-support-json-service-registry:${casServerVersion}"
}
--------------------------------------------------------------------
*#My Freeradius Config for the cas server*
Nas IP = 192.168.1.3 (my CAS Server IP Address)
Secret = casserver
(pictures attached)
--
- Website: https://apereo.github.io/cas <https://apereo.github.io/cas>
- Gitter Chatroom: https://gitter.im/apereo/cas
<https://gitter.im/apereo/cas>
- List Guidelines: https://goo.gl/1VRrw7 <https://goo.gl/1VRrw7>
- Contributions: https://goo.gl/mh7qDG <https://goo.gl/mh7qDG>
---
You received this message because you are subscribed to the Google
Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to cas-user+unsubscr...@apereo.org
<mailto:cas-user+unsubscr...@apereo.org>.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/01610a61-ddda-4e6c-947e-b6a45c06c247n%40apereo.org
<https://groups.google.com/a/apereo.org/d/msgid/cas-user/01610a61-ddda-4e6c-947e-b6a45c06c247n%40apereo.org?utm_medium=email&utm_source=footer>.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/7634ca8d-4b5a-ee65-22c7-4a3c73311046%40caveo.ca.
