You should login to CAS with the username "admin" and whatever your
password is for "admin" in your authentication backend, NOT the password
"test". The password provided in:
<sec:user name="admin" password="test" authorities="ROLE_ADMIN" />
is not used by CAS - it always uses your authentication backend.
Andy
On Tue, 15 Nov 2011, Ben Branch wrote:
> Scott,
>
> I have reverted my configuration back to the way you have specified:
>
> <sec:user-service id="userDetailsService">
> <sec:user name="admin" password="test" authorities="ROLE_ADMIN" />
> </sec:user-service>
>
> When I use this, I get an error message on the services page that says:
> "The credentials you provided cannot be determined to be authentic."
>
> Ben Branch
> Sun Administrator
> University of Central Oklahoma
> ITIL Foundation v3, Network+
>
> 100 N. University Drive, Box 122
> Edmond, OK 73034
> D: 405.974.2649 | M: 405.550.6804 | bbranch@uco.<mailto:bbranch@uco.>edu |
> www.uco.edu<http://www.uco.edu/>
>
> "If you wish to know your past, look at your present conditions. If you wish
> to know your future, look at your present actions." - Siddhartha Gautama
>
> From: Scott Battaglia [mailto:scott.battag...@gmail.com]
> Sent: Tuesday, November 15, 2011 10:21 AM
> To: cas-user@lists.jasig.org
> Subject: Re: [cas-user] Service Manager Configuration issue on CAS 3.4.10
>
> Yes, only the username changed. You're using CAS to control access to the
> Services Management Tool, so nothing sees your password OTHER than CAS.
> Therefore, the value in the Spring Security configured item is not used.
> This would be the same as if you used Spring Security in any of your CASified
> applications. Apologies if that was not clear.
>
> Cheers,
> Scott
>
> On Tue, Nov 15, 2011 at 11:18 AM, Ben Branch
> <bbra...@uco.edu<mailto:bbra...@uco.edu>> wrote:
> Scott,
>
> To be sure I'm clear on what you are referring too.
>
> You're saying that the current config that I have (below) is incorrect?:
> <bean id ="userDetailsService"
> class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl">
> <property name="userMap">
> <value>
> username=user_name_here,ROLE_ADMIN
> </value>
> </property>
> </bean>
>
> If the above portion is incorrect, I'm fine with that. What I'm still not
> understanding is what are the differences in the following examples you
> provided:
>
> You should replace just this line:
> 1.<sec:user name="user_name_here" password="XXXXXXX" authorities="ROLE_ADMIN"
> />
>
> with something like
> 2.<sec:user name="MYNAME" password="XXXXXXX" authorities="ROLE_ADMIN" />
>
> I don't understand the differences here, because it appears nothing has
> changed other than the username being provided. With you saying that the
> password doesn't matter leads me to believe that this should be setup with
> the SimpleTestUsernamePasswordAuthenticationHandler class, which appears to
> present a very large security concern. Please correct me if I am
> misunderstanding this.
>
>
>
>
> Ben Branch
> Sun Administrator
> University of Central Oklahoma
> ITIL Foundation v3, Network+
>
> 100 N. University Drive, Box 122
> Edmond, OK 73034
> D: 405.974.2649<tel:405.974.2649> | M: 405.550.6804<tel:405.550.6804> |
> bbranch@uco.<mailto:bbranch@uco.>edu | www.uco.edu<http://www.uco.edu/>
>
> "If you wish to know your past, look at your present conditions. If you wish
> to know your future, look at your present actions." - Siddhartha Gautama
>
> From: Scott Battaglia
> [mailto:scott.battag...@gmail.com<mailto:scott.battag...@gmail.com>]
> Sent: Tuesday, November 15, 2011 10:01 AM
>
> To: cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org>
> Subject: Re: [cas-user] Service Manager Configuration issue on CAS 3.4.10
>
> You replaced the existing bean that stores usernames. That's wrong.
>
> I highlighted the ONE line that needed to be changed.
>
> Cheers,
> Soctt
>
> On Mon, Nov 14, 2011 at 12:57 PM, Scott Battaglia
> <scott.battag...@gmail.com<mailto:scott.battag...@gmail.com>> wrote:
> Sorry, we've apparently got out of date config.
>
> You should replace just this line:
> <sec:user name="user_name_here" password="XXXXXXX" authorities="ROLE_ADMIN" />
>
> with something like
> <sec:user name="MYNAME" password="XXXXXXX" authorities="ROLE_ADMIN" />
>
> The password doesn't matter.
>
> We'll look into getting the documentation updated.
>
> Thanks
> Scott
>
> On Mon, Nov 14, 2011 at 12:53 PM, Ben Branch
> <bbra...@uco.edu<mailto:bbra...@uco.edu>> wrote:
> Marvin/Paul,
>
> I have been able to get the services manager portion up, but now I am unable
> to login to it. The documentation isn't clear on how to add users. I have
> reviewed the "Configuring" Service Manager page again
> (https://wiki.jasig.org/display/CASUM/Configuring).
>
> I replaced the normal section (from my deployerconfigcontext.xml):
>
> <sec:user-service id="userDetailsService">
> <sec:user name="user_name_here" password="XXXXXXX"
> authorities="ROLE_ADMIN" />
> </sec:user-service>
>
> With:
>
> <bean id ="userDetailsService"
> class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl">
> <property name="userMap">
> <value>
> username=user_name_here,ROLE_ADMIN
> </value>
> </property>
> </bean>
>
>
> After making this change, I began getting JavaClassNotFound exceptions for "
> org.acegisecurity.userdetails.memory.InMemoryDaoImpl". I did a search for
> this and found that I possibly needed the acegi-security-1.0.6.jar to resolve
> this. I downloaded this and copied it into my $TOMCAT_HOME/lib as well as my
> $TOMCAT_HOME/webapps/cas/WEB-INF/lib directory. After doing so, I began to
> get a different error, and I'm not sure why, or if I'm even going in the
> right direction with this.
>
> org.springframework.beans.factory.BeanCreationException: Error creating bean
> with name 'org.springframework.security.authentication.ProviderManager#0':
> Cannot create inner bean '(inner bean)' of type
> [org.springframework.security.config.authentication.AuthenticationManagerFactoryBean]
> while setting bean property 'parent'; nested exception is
> org.springframework.beans.factory.BeanCreationException: Error creating bean
> with name '(inner bean)': FactoryBean threw exception on object creation;
> nested exception is org.springframework.beans.factory.BeanCreationException:
> Error creating bean with name
> 'org.springframework.security.authenticationManager': Cannot resolve
> reference to bean 'casAuthenticationProvider' while setting bean property
> 'providers' with key [0]; nested exception is
> org.springframework.beans.factory.BeanCreationException: Error creating bean
> with name 'casAuthenticationProvider' defined in ServletContext resource
> [/WEB-INF/spring-configuration/securityContext.
xml]: Initialization of bean failed; nested exception is
org.springframework.beans.ConversionNotSupportedException: Failed to convert
property value of type 'org.acegisecurity.userdetails.memory.InMemoryDaoImpl'
to required type
'org.springframework.security.core.userdetails.UserDetailsService' for property
'userDetailsService'; nested exception is java.lang.IllegalStateException:
Cannot convert value of type
[org.acegisecurity.userdetails.memory.InMemoryDaoImpl] to required type
[org.springframework.security.core.userdetails.UserDetailsService] for property
'userDetailsService': no matching editors or conversion strategy found
>
> Many thanks for the assistance,
>
> Ben Branch
> Sun Administrator
> University of Central Oklahoma
> ITIL Foundation v3, Network+
>
> 100 N. University Drive, Box 122
> Edmond, OK 73034
> D: 405.974.2649<tel:405.974.2649> | M: 405.550.6804<tel:405.550.6804> |
> bbra...@uco.edu<mailto:bbra...@uco.edu> | www.uco.edu<http://www.uco.edu>
>
> "If you wish to know your past, look at your present conditions. If you wish
> to know your future, look at your present actions." - Siddhartha Gautama
>
> -----Original Message-----
> From: Marvin Addison
> [mailto:marvin.addi...@gmail.com<mailto:marvin.addi...@gmail.com>]
> Sent: Friday, November 11, 2011 9:37 AM
> To: cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org>
> Subject: Re: [cas-user] Service Manager Configuration issue on CAS 3.4.10
>> I'm getting some JavaClassNotFound Exceptions, which I believe are due
>> to missing jar libraries
>
> Looks like your JDBC driver is missing. It should be on the container's
> classpath as discussed in the "JDBC Driver" section of
> https://wiki.jasig.org/display/CASUM/JpaTicketRegistry.
>
> M
>
> --
> You are currently subscribed to
> cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as:
> bbra...@uco.edu<mailto:bbra...@uco.edu> To unsubscribe, change settings or
> access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
>
>
> **Bronze+Blue=Green** The University of Central Oklahoma is Bronze, Blue, and
> Green! Please print this e-mail only if absolutely necessary!
>
> **CONFIDENTIALITY** This e-mail (including any attachments) may contain
> confidential, proprietary and privileged information. Any unauthorized
> disclosure or use of this information is prohibited.
>
> --
> You are currently subscribed to
> cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as:
> scott.battag...@gmail.com<mailto:scott.battag...@gmail.com>
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
>
>
>
> --
> You are currently subscribed to
> cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as:
> bbra...@uco.edu<mailto:bbra...@uco.edu>
>
>
>
>
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
>
> **Bronze+Blue=Green** The University of Central Oklahoma is Bronze, Blue, and
> Green! Please print this e-mail only if absolutely necessary!
> **CONFIDENTIALITY** -This e-mail (including any attachments) may contain
> confidential, proprietary and privileged information. Any unauthorized
> disclosure or use of this information is prohibited.
>
> --
> You are currently subscribed to
> cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as:
> scott.battag...@gmail.com<mailto:scott.battag...@gmail.com>
>
>
>
>
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
>
>
> --
> You are currently subscribed to
> cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as:
> bbra...@uco.edu<mailto:bbra...@uco.edu>
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
>
>
> **Bronze+Blue=Green** The University of Central Oklahoma is Bronze, Blue, and
> Green! Please print this e-mail only if absolutely necessary!
>
> **CONFIDENTIALITY** This e-mail (including any attachments) may contain
> confidential, proprietary and privileged information. Any unauthorized
> disclosure or use of this information is prohibited.
>
>
> --
> You are currently subscribed to cas-user@lists.jasig.org as: mor...@orst.edu
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
