Carlos, Thank you for your reply. From my reading of the documentation, I didn't think I needed the CredentialsToLDAPAttributePrincipleResolver for versions later than 3.3.3. Just so you know, I've switched to using version 3.5.2.1 and am able to get a normal error page "CAS is Unavailable" instead of the plain text error I'd been getting with version 3.5.1, however I still get the same error in the cas log.
I tried putting in the CredentialsToLDAPAttributePrincipalResolver and tried a "principalAttributeName" of "uid" and "sAMAccountName" but the errors remain the same. We use an AD system, so sAMAccountName is our unique username and should always return a value. Thanks, Rachel Bird Enterprise Systems Analyst Taylor University 236 West Reade Avenue Upland, Indiana 46989-0001 Office: 765-998-5504 -----Original Message----- From: Carlos Fernandez [mailto:cfern...@sju.edu] Sent: Tuesday, July 22, 2014 11:19 AM To: cas-user@lists.jasig.org Subject: RE: [cas-user] CAS War Overlay "'principal' cannot be null." Rachel, What value do you have in the "principalAttributeName" property of the CredentialsToLDAPAttributePrincipalResolver? Does your LDAP server always send a value for that attribute? Best regards, -- Carlos. -----Original Message----- From: Bird, Rachel [mailto:rachel_b...@taylor.edu] Sent: Monday, 21 July, 2014 11:22 To: cas-user@lists.jasig.org Subject: RE: [cas-user] CAS War Overlay "'principal' cannot be null." Does anyone have any ideas for this? Thanks, Rachel Bird Enterprise Systems Analyst Taylor University 236 West Reade Avenue Upland, Indiana 46989-0001 Office: 765-998-5504 -----Original Message----- From: Rachel [mailto:rachel_b...@taylor.edu] Sent: Thursday, July 17, 2014 3:42 PM To: cas-user@lists.jasig.org Subject: [cas-user] CAS War Overlay "'principal' cannot be null." Hello, I'm trying to upgrade from 3.4.10 to 3.5.1 and move to the war overlay method at the same time. I've got it most of the way set up, but when I try add ldap authentication I run into trouble. I've included errors and config information below. Any help would be appreciated. Rachel Bird Enterprise Systems Analyst Taylor University 236 West Reade Avenue Upland, Indiana 46989-0001 Office: 765-998-5504 I'm able to load CAS, but when I try to log in, I get a page with the following error: {"failure":"true","exception.message":"org.springframework.webflow.execution.ActionExecutionException: Exception thrown executing [AnnotatedAction@fd99557 targetAction = [EvaluateAction@15db8ae2 expression = authenticationViaFormAction.submit(flowRequestContext, flowScope.credentials, messageContext), resultExpression = [null]], attributes = map[[empty]]] in state 'realSubmit' of flow 'login' -- action execution attributes were 'map[[empty]]'","exception.stacktrace":"org.springframework.webflow.execution.ActionExecutionException: Exception thrown executing [AnnotatedAction@fd99557 targetAction = [EvaluateAction@15db8ae2 expression = authenticationViaFormAction.submit(flowRequestContext, flowScope.credentials, messageContext), resultExpression = [null]], attributes = map[[empty]]] in state 'realSubmit' of flow 'login' -- action execution attributes were 'map[[empty]]'\r\n\tat org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:60)\r\n\tat org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:101)\r\n\tat [shorted for brevity] At the same time, I get the following in cas-stout: ============================================================= WHO: [username: rachel_bird] WHAT: 'principal' cannot be null. Check the correctness of @Audit annotation at the following audit point: execution(public abstract org.jasig.cas.authentication.Authentication org.jasig.cas.authentication.AuthenticationManager.authenticate(org.jasig.cas.authentication.principal.Credentials)) ACTION: TICKET_GRANTING_TICKET_NOT_CREATED APPLICATION: CAS WHEN: Thu Jul 17 10:33:55 EDT 2014 CLIENT IP ADDRESS: [client IP] SERVER IP ADDRESS: [server IP] ============================================================ Here is what I believe is the relevant portion of my deployerConfigContext: <bean id="authenticationManager" class="org.jasig.cas.authentication.AuthenticationManagerImpl"> <property name="credentialsToPrincipalResolvers"> <list> <bean class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" > <property name="attributeRepository" ref="attributeRepository" /> </bean> <bean class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver" /> </list> </property> <property name="authenticationHandlers"> <list> <bean class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler" p:httpClient-ref="httpClient" /> <bean class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler" p:filter="sAMAccountName=%u" p:searchBase="[OU with distinguished path]" p:contextSource-ref="contextSource" /> </list> </property> </bean> <bean id="contextSource" class="org.springframework.ldap.core.support.LdapContextSource"> <property name="anonymousReadOnly" value="false" /> <property name="password" value="**********" /> <property name="pooled" value="false" /> <property name="urls" value="ldaps://[domain]:636" /> <property name="userDn" value="[CN with distinguished path]" /> <property name="baseEnvironmentProperties"> <map> <entry key="java.naming.security.protocol" value="jndi" /> <entry key="java.naming.security.authentication" value="simple" /> </map> </property> </bean> <bean id="attributeRepository" class="org.jasig.services.persondir.support.StubPersonAttributeDao"> <property name="backingMap"> <map> <entry key="uid" value="uid" /> <entry key="eduPersonAffiliation" value="eduPersonAffiliation" /> <entry key="groupMembership" value="groupMembership" /> </map> </property> </bean> -- You are currently subscribed to cas-user@lists.jasig.org as: rachel_b...@taylor.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user The information in this communication is intended solely for the individual or entity to whom it is addressed. It may contain confidential or legally privileged information. If you are not the intended recipient, any disclosure, copying, distribution or reliance on the contents of this information is strictly prohibited, and may be unlawful. If you have received this communication in error, please notify us immediately by responding to the sender of this email, and then delete it from your system. Taylor University is not liable for the inaccurate or improper transmission of the information contained in this communication or for any delay in its receipt. -- You are currently subscribed to cas-user@lists.jasig.org as: cfern...@sju.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: rachel_b...@taylor.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user The information in this communication is intended solely for the individual or entity to whom it is addressed. It may contain confidential or legally privileged information. If you are not the intended recipient, any disclosure, copying, distribution or reliance on the contents of this information is strictly prohibited, and may be unlawful. If you have received this communication in error, please notify us immediately by responding to the sender of this email, and then delete it from your system. Taylor University is not liable for the inaccurate or improper transmission of the information contained in this communication or for any delay in its receipt. -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
