Ok, so the problem would not come from the ldap but somewhere else I did what you said, but I didn't had a line org.jasig.adaptors.ldap in my log4j file, I added it.
Now the end of the file is like that : # WARNING: Setting the org.springframework logger to DEBUG displays debug information about # the request parameter values being bound to the command objects. This could expose your # password in the log file. If you are sharing your log files, it is recommend you selectively # apply DEBUG level logging on a an org.springframework.* package level (i.e. org.springframework.dao) log4j.logger.org.springframework=WARN #log4j.logger.org.springframework.web.servlet.i18n=DEBUG #log4j.logger.org.springframework.web.servlet.view=DEBUG #log4j.logger.org.quartz=DEBUG log4j.logger.org.jasig=DEBUG # WARNING: Setting the flow package to DEBUG will display # the parameters posted to the login servlet including # cleartext authentication credentials log4j.logger.org.jasig.cas.web.flow=INFO log4j.logger.org.jasig.cas.authentication=DEBUG log4j.logger.org.jasig.cas.web.flow.TicketGrantingTicketCheckAction=DEBUG log4j.logger.org.jasig.cas.services.DefaultServiceRegistry=DEBUG log4j.logger.org.jasig.cas.services=DEBUG log4j.logger.org.jasig.cas.adaptors.ldap=DEBUG There is not really a lot of changes in my cas.log : 2010-01-19 10:03:48,309 DEBUG [org.jasig.cas.services.web.ManageRegisteredServicesMultiActionController] - Found action method [public org.springframework.web.servlet.ModelAndView org.jasig.cas.services.web.ManageRegisteredServicesMultiActionController.deleteRegisteredService(javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse)] 2010-01-19 10:03:48,317 DEBUG [org.jasig.cas.services.web.ManageRegisteredServicesMultiActionController] - Found action method [public org.springframework.web.servlet.ModelAndView org.jasig.cas.services.web.ManageRegisteredServicesMultiActionController.manage(javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse)] 2010-01-19 10:03:48,685 INFO [org.jasig.cas.web.flow.AuthenticationViaFormAction] - FormObjectClass not set. Using default class of org.jasig.cas.authentication.principal.UsernamePasswordCredentials with formObjectName credentials and validator org.jasig.cas.validation.UsernamePasswordCredentialsValidator. 2010-01-19 10:03:55,729 INFO [org.jasig.cas.web.flow.InitialFlowSetupAction] - Setting path for cookies to: /cas 2010-01-19 10:03:55,740 DEBUG [org.jasig.cas.web.support.CasArgumentExtractor] - Extractor generated service for: http://192.168.1.121:8080/confluence31/ 2010-01-19 10:04:05,061 INFO [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - Starting cleaning of expired tickets from ticket registry at [Tue Jan 19 10:04:05 CET 2010] 2010-01-19 10:04:05,066 INFO [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - 0 found to be removed. Removing now. 2010-01-19 10:04:05,066 INFO [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - Finished cleaning of expired tickets from ticket registry at [Tue Jan 19 10:04:05 CET 2010] 2010-01-19 10:04:21,959 DEBUG [org.jasig.cas.CentralAuthenticationServiceImpl] - Attempting to create TicketGrantingTicket for homer 2010-01-19 10:04:22,058 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - AuthenticationHandler: org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler failed to authenticate the user which provided the following credentials: homer 2010/1/19 Marvin Addison <[email protected]>: >> and in my ldap log I can see : >> >> Jan 18 14:53:27 debian slapd[4380]: conn=0 fd=14 ACCEPT from >> IP=127.0.0.1:37509 (IP=0.0.0.0:389) >> Jan 18 14:53:27 debian slapd[4380]: conn=0 op=0 BIND >> dn="cn=admin,dc=exemple,dc=com" method=128 >> Jan 18 14:53:27 debian slapd[4380]: conn=0 op=0 BIND >> dn="cn=admin,dc=exemple,dc=com" mech=SIMPLE ssf=0 >> Jan 18 14:53:27 debian slapd[4380]: conn=0 op=0 RESULT tag=97 err=0 text= >> Jan 18 14:53:27 debian slapd[4380]: conn=0 op=1 SRCH >> base="dc=exemple,dc=com" scope=2 deref=3 >> filter="(cn=homer,dc=exemple,dc=com)" >> Jan 18 14:53:27 debian slapd[4380]: conn=0 op=1 SRCH attr=1.1 >> Jan 18 14:53:27 debian slapd[4380]: <= bdb_equality_candidates: (cn) not >> indexed >> Jan 18 14:53:27 debian slapd[4380]: conn=0 op=1 SEARCH RESULT tag=101 >> err=0 nentries=0 text= > > That looks like a successful admin bind and search. I don't see the > subsequent user bind that would be needed for a successful > authentication in CAS. > > Can you please turn up the verbosity of the CAS log by editing the > $CATALINA_HOME/webapps/cas/WEB-INF/classes/log4j.properties file? Put > the org.jasig.cas.adaptors.ldap package in DEBUG and see if that > provides more information. If that doesn't produce anything helpful, > you can try putting the org.jasig.cas package in DEBUG. Note that > this will produce cleartext passwords in the cas.log file. > > M > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
