You should login to CAS with the username "admin" and whatever your password is for "admin" in your authentication backend, NOT the password "test". The password provided in:
<sec:user name="admin" password="test" authorities="ROLE_ADMIN" /> is not used by CAS - it always uses your authentication backend. Andy On Tue, 15 Nov 2011, Ben Branch wrote: > Scott, > > I have reverted my configuration back to the way you have specified: > > <sec:user-service id="userDetailsService"> > <sec:user name="admin" password="test" authorities="ROLE_ADMIN" /> > </sec:user-service> > > When I use this, I get an error message on the services page that says: > "The credentials you provided cannot be determined to be authentic." > > Ben Branch > Sun Administrator > University of Central Oklahoma > ITIL Foundation v3, Network+ > > 100 N. University Drive, Box 122 > Edmond, OK 73034 > D: 405.974.2649 | M: 405.550.6804 | bbranch@uco.<mailto:bbranch@uco.>edu | > www.uco.edu<http://www.uco.edu/> > > "If you wish to know your past, look at your present conditions. If you wish > to know your future, look at your present actions." - Siddhartha Gautama > > From: Scott Battaglia [mailto:scott.battag...@gmail.com] > Sent: Tuesday, November 15, 2011 10:21 AM > To: cas-user@lists.jasig.org > Subject: Re: [cas-user] Service Manager Configuration issue on CAS 3.4.10 > > Yes, only the username changed. You're using CAS to control access to the > Services Management Tool, so nothing sees your password OTHER than CAS. > Therefore, the value in the Spring Security configured item is not used. > This would be the same as if you used Spring Security in any of your CASified > applications. Apologies if that was not clear. > > Cheers, > Scott > > On Tue, Nov 15, 2011 at 11:18 AM, Ben Branch > <bbra...@uco.edu<mailto:bbra...@uco.edu>> wrote: > Scott, > > To be sure I'm clear on what you are referring too. > > You're saying that the current config that I have (below) is incorrect?: > <bean id ="userDetailsService" > class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl"> > <property name="userMap"> > <value> > username=user_name_here,ROLE_ADMIN > </value> > </property> > </bean> > > If the above portion is incorrect, I'm fine with that. What I'm still not > understanding is what are the differences in the following examples you > provided: > > You should replace just this line: > 1.<sec:user name="user_name_here" password="XXXXXXX" authorities="ROLE_ADMIN" > /> > > with something like > 2.<sec:user name="MYNAME" password="XXXXXXX" authorities="ROLE_ADMIN" /> > > I don't understand the differences here, because it appears nothing has > changed other than the username being provided. With you saying that the > password doesn't matter leads me to believe that this should be setup with > the SimpleTestUsernamePasswordAuthenticationHandler class, which appears to > present a very large security concern. Please correct me if I am > misunderstanding this. > > > > > Ben Branch > Sun Administrator > University of Central Oklahoma > ITIL Foundation v3, Network+ > > 100 N. University Drive, Box 122 > Edmond, OK 73034 > D: 405.974.2649<tel:405.974.2649> | M: 405.550.6804<tel:405.550.6804> | > bbranch@uco.<mailto:bbranch@uco.>edu | www.uco.edu<http://www.uco.edu/> > > "If you wish to know your past, look at your present conditions. If you wish > to know your future, look at your present actions." - Siddhartha Gautama > > From: Scott Battaglia > [mailto:scott.battag...@gmail.com<mailto:scott.battag...@gmail.com>] > Sent: Tuesday, November 15, 2011 10:01 AM > > To: cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> > Subject: Re: [cas-user] Service Manager Configuration issue on CAS 3.4.10 > > You replaced the existing bean that stores usernames. That's wrong. > > I highlighted the ONE line that needed to be changed. > > Cheers, > Soctt > > On Mon, Nov 14, 2011 at 12:57 PM, Scott Battaglia > <scott.battag...@gmail.com<mailto:scott.battag...@gmail.com>> wrote: > Sorry, we've apparently got out of date config. > > You should replace just this line: > <sec:user name="user_name_here" password="XXXXXXX" authorities="ROLE_ADMIN" /> > > with something like > <sec:user name="MYNAME" password="XXXXXXX" authorities="ROLE_ADMIN" /> > > The password doesn't matter. > > We'll look into getting the documentation updated. > > Thanks > Scott > > On Mon, Nov 14, 2011 at 12:53 PM, Ben Branch > <bbra...@uco.edu<mailto:bbra...@uco.edu>> wrote: > Marvin/Paul, > > I have been able to get the services manager portion up, but now I am unable > to login to it. The documentation isn't clear on how to add users. I have > reviewed the "Configuring" Service Manager page again > (https://wiki.jasig.org/display/CASUM/Configuring). > > I replaced the normal section (from my deployerconfigcontext.xml): > > <sec:user-service id="userDetailsService"> > <sec:user name="user_name_here" password="XXXXXXX" > authorities="ROLE_ADMIN" /> > </sec:user-service> > > With: > > <bean id ="userDetailsService" > class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl"> > <property name="userMap"> > <value> > username=user_name_here,ROLE_ADMIN > </value> > </property> > </bean> > > > After making this change, I began getting JavaClassNotFound exceptions for " > org.acegisecurity.userdetails.memory.InMemoryDaoImpl". I did a search for > this and found that I possibly needed the acegi-security-1.0.6.jar to resolve > this. I downloaded this and copied it into my $TOMCAT_HOME/lib as well as my > $TOMCAT_HOME/webapps/cas/WEB-INF/lib directory. After doing so, I began to > get a different error, and I'm not sure why, or if I'm even going in the > right direction with this. > > org.springframework.beans.factory.BeanCreationException: Error creating bean > with name 'org.springframework.security.authentication.ProviderManager#0': > Cannot create inner bean '(inner bean)' of type > [org.springframework.security.config.authentication.AuthenticationManagerFactoryBean] > while setting bean property 'parent'; nested exception is > org.springframework.beans.factory.BeanCreationException: Error creating bean > with name '(inner bean)': FactoryBean threw exception on object creation; > nested exception is org.springframework.beans.factory.BeanCreationException: > Error creating bean with name > 'org.springframework.security.authenticationManager': Cannot resolve > reference to bean 'casAuthenticationProvider' while setting bean property > 'providers' with key [0]; nested exception is > org.springframework.beans.factory.BeanCreationException: Error creating bean > with name 'casAuthenticationProvider' defined in ServletContext resource > [/WEB-INF/spring-configuration/securityContext. xml]: Initialization of bean failed; nested exception is org.springframework.beans.ConversionNotSupportedException: Failed to convert property value of type 'org.acegisecurity.userdetails.memory.InMemoryDaoImpl' to required type 'org.springframework.security.core.userdetails.UserDetailsService' for property 'userDetailsService'; nested exception is java.lang.IllegalStateException: Cannot convert value of type [org.acegisecurity.userdetails.memory.InMemoryDaoImpl] to required type [org.springframework.security.core.userdetails.UserDetailsService] for property 'userDetailsService': no matching editors or conversion strategy found > > Many thanks for the assistance, > > Ben Branch > Sun Administrator > University of Central Oklahoma > ITIL Foundation v3, Network+ > > 100 N. University Drive, Box 122 > Edmond, OK 73034 > D: 405.974.2649<tel:405.974.2649> | M: 405.550.6804<tel:405.550.6804> | > bbra...@uco.edu<mailto:bbra...@uco.edu> | www.uco.edu<http://www.uco.edu> > > "If you wish to know your past, look at your present conditions. If you wish > to know your future, look at your present actions." - Siddhartha Gautama > > -----Original Message----- > From: Marvin Addison > [mailto:marvin.addi...@gmail.com<mailto:marvin.addi...@gmail.com>] > Sent: Friday, November 11, 2011 9:37 AM > To: cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> > Subject: Re: [cas-user] Service Manager Configuration issue on CAS 3.4.10 >> I'm getting some JavaClassNotFound Exceptions, which I believe are due >> to missing jar libraries > > Looks like your JDBC driver is missing. It should be on the container's > classpath as discussed in the "JDBC Driver" section of > https://wiki.jasig.org/display/CASUM/JpaTicketRegistry. > > M > > -- > You are currently subscribed to > cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as: > bbra...@uco.edu<mailto:bbra...@uco.edu> To unsubscribe, change settings or > access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user > > > **Bronze+Blue=Green** The University of Central Oklahoma is Bronze, Blue, and > Green! Please print this e-mail only if absolutely necessary! > > **CONFIDENTIALITY** This e-mail (including any attachments) may contain > confidential, proprietary and privileged information. Any unauthorized > disclosure or use of this information is prohibited. > > -- > You are currently subscribed to > cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as: > scott.battag...@gmail.com<mailto:scott.battag...@gmail.com> > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > > > -- > You are currently subscribed to > cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as: > bbra...@uco.edu<mailto:bbra...@uco.edu> > > > > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > **Bronze+Blue=Green** The University of Central Oklahoma is Bronze, Blue, and > Green! Please print this e-mail only if absolutely necessary! > **CONFIDENTIALITY** -This e-mail (including any attachments) may contain > confidential, proprietary and privileged information. Any unauthorized > disclosure or use of this information is prohibited. > > -- > You are currently subscribed to > cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as: > scott.battag...@gmail.com<mailto:scott.battag...@gmail.com> > > > > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > > -- > You are currently subscribed to > cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as: > bbra...@uco.edu<mailto:bbra...@uco.edu> > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > > **Bronze+Blue=Green** The University of Central Oklahoma is Bronze, Blue, and > Green! Please print this e-mail only if absolutely necessary! > > **CONFIDENTIALITY** This e-mail (including any attachments) may contain > confidential, proprietary and privileged information. Any unauthorized > disclosure or use of this information is prohibited. > > > -- > You are currently subscribed to cas-user@lists.jasig.org as: mor...@orst.edu > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user