I tried to fix this " Problem with directory [/usr/share/tomcat7/common/classes], exists: [false], isDirectory: [false], canRead: [false]" . I tried many things, reinstalling tomcat7, deleting tomcat7 and installing lower version tomcat6, installing tomcat7 manually, etc. The thing is when I install tomcat7 via apt-get, during the installation I see : not creating directory /usr/share/tomcat7. I lost any hope to fix this. Then I decided to copy the directories from /var/lib/tomcat7 to /usr/share/tomcat7 and I couldn't copy the whole directories with files inside, so I copied file by file. The result is, i don't have that WARNING anymore,but still have the error: Application not authorized to use CAS.
This is my Catalina log now: May 12, 2015 4:35:38 PM org.apache.coyote.AbstractProtocol pause INFO: Pausing ProtocolHandler ["http-bio-8443"] May 12, 2015 4:35:39 PM org.apache.catalina.core.StandardService stopInternal INFO: Stopping service Catalina May 12, 2015 4:35:43 PM org.apache.catalina.loader.WebappClassLoader clearRefere ncesThreads SEVERE: The web application [/cas] appears to have started a thread named [FileW atchdog] but has failed to stop it. This is very likely to create a memory leak. May 12, 2015 4:35:43 PM org.apache.coyote.AbstractProtocol stop INFO: Stopping ProtocolHandler ["http-bio-8443"] May 12, 2015 4:35:43 PM org.apache.coyote.AbstractProtocol destroy INFO: Destroying ProtocolHandler ["http-bio-8443"] May 12, 2015 4:35:56 PM org.apache.coyote.AbstractProtocol init INFO: Initializing ProtocolHandler ["http-bio-8443"] May 12, 2015 4:36:00 PM org.apache.catalina.startup.Catalina load INFO: Initialization processed in 11400 ms May 12, 2015 4:36:01 PM org.apache.catalina.core.StandardService startInternal INFO: Starting service Catalina May 12, 2015 4:36:01 PM org.apache.catalina.core.StandardEngine startInternal INFO: Starting Servlet Engine: Apache Tomcat/7.0.52 (Ubuntu) May 12, 2015 4:36:01 PM org.apache.catalina.startup.HostConfig deployWAR INFO: Deploying web application archive /var/lib/tomcat7/webapps/cas.war May 12, 2015 4:36:58 PM org.apache.catalina.util.SessionIdGenerator createSecureRandom INFO: Creation of SecureRandom instance for session ID generation using [SHA1PRNG] took [328] milliseconds. May 12, 2015 4:37:05 PM org.apache.catalina.startup.HostConfig deployDirectory INFO: Deploying web application directory /var/lib/tomcat7/webapps/ROOT May 12, 2015 4:37:06 PM org.apache.coyote.AbstractProtocol start INFO: Starting ProtocolHandler ["http-bio-8443"] May 12, 2015 4:37:07 PM org.apache.catalina.startup.Catalina start INFO: Server startup in 66325 ms (END) Chris, I know I'm annoying, but I am also desperate, I really don't know what to do anymore. Ahmed Date: Tue, 12 May 2015 08:12:26 -0500 From: cmy...@mail.millikin.edu To: hadzic_ah...@hotmail.com; cas-user@lists.jasig.org Subject: RE: [cas-user] Application not authorized to use CAS That "....create a memory leak..." error comes about when you try to hot-deploy CAS in Tomcat (basically just re-loading the .war file with Tomcat already running, without first removing the application through Tomcat manager. CAS isn't necessarily designed to be hot-deployed like that.) With that said, I do it, and it works fine and hasn't caused issues. But I only do that very very rarely. On a test server, you shouldn't really have to worry about those specific error messages. However, I am concerned about the " Problem with directory [/usr/share/tomcat7/common/classes], exists: [false], isDirectory: [false], canRead: [false]" type errors. Those make me think that Tomcat isn't set up quite right, or the user you're running Tomcat as doesn't have permission to view the folders. That could definitely cause weirdness with your webapps. You might want to check to make sure that's all set up correctly before proceeding just to be safe. >>> Ahmed Hadzic <hadzic_ah...@hotmail.com> 05/12/15 5:44 AM >>> The Url I am using to acces KOHA over web browser is : http://library.ibu.edu.ba I've tried to use the following Url's in my deployerConfigContext.xml : http://library.ibu.edu.ba http://library.ibu.edu.ba/cgi-bin/koha/opac-user.pl and I still get the error that application is not authorized to use CAS. This is my Catalina log, maybe we can find out what is preventing KOHA to authenticate with CAS. I am not quite sure about this error message SEVERE: The web application [/cas] appears to have started a thread named [scheduler_Worker-1] but has failed to stop it. This is very likely to create a memory leak. May 12, 2015 12:17:40 PM org.apache.catalina.startup.ClassLoaderFactory validate File WARNING: Problem with directory [/usr/share/tomcat7/common/classes], exists: [fa lse], isDirectory: [false], canRead: [false] May 12, 2015 12:17:42 PM org.apache.catalina.startup.ClassLoaderFactory validate File WARNING: Problem with directory [/usr/share/tomcat7/common], exists: [false], is Directory: [false], canRead: [false] May 12, 2015 12:17:43 PM org.apache.catalina.startup.ClassLoaderFactory validate File WARNING: Problem with directory [/usr/share/tomcat7/server/classes], exists: [fa lse], isDirectory: [false], canRead: [false] May 12, 2015 12:17:43 PM org.apache.catalina.startup.ClassLoaderFactory validate File WARNING: Problem with directory [/usr/share/tomcat7/server], exists: [false], is Directory: [false], canRead: [false] May 12, 2015 12:17:43 PM org.apache.catalina.startup.ClassLoaderFactory validate File WARNING: Problem with directory [/usr/share/tomcat7/shared/classes], exists: [fa lse], isDirectory: [false], canRead: [false] May 12, 2015 12:17:44 PM org.apache.catalina.startup.ClassLoaderFactory validate File WARNING: Problem with directory [/usr/share/tomcat7/shared], exists: [false], is Directory: [false], canRead: [false] May 12, 2015 12:18:13 PM org.apache.coyote.AbstractProtocol init INFO: Initializing ProtocolHandler ["http-bio-8443"] May 12, 2015 12:18:21 PM org.apache.catalina.startup.Catalina load INFO: Initialization processed in 36771 ms May 12, 2015 12:18:21 PM org.apache.catalina.core.StandardService startInternal INFO: Starting service Catalina May 12, 2015 12:18:21 PM org.apache.catalina.core.StandardEngine startInternal INFO: Starting Servlet Engine: Apache Tomcat/7.0.52 (Ubuntu) May 12, 2015 12:18:22 PM org.apache.catalina.startup.HostConfig deployWAR INFO: Deploying web application archive /var/lib/tomcat7/webapps/cas.war May 12, 2015 12:19:44 PM org.apache.catalina.startup.HostConfig deployDirectory INFO: Deploying web application directory /var/lib/tomcat7/webapps/ROOT May 12, 2015 12:19:52 PM org.apache.coyote.AbstractProtocol start INFO: Starting ProtocolHandler ["http-bio-8443"] May 12, 2015 12:19:52 PM org.apache.catalina.startup.Catalina start INFO: Server startup in 91100 ms May 12, 2015 12:23:30 PM org.apache.coyote.AbstractProtocol pause INFO: Pausing ProtocolHandler ["http-bio-8443"] May 12, 2015 12:23:30 PM org.apache.catalina.core.StandardService stopInternal INFO: Stopping service Catalina May 12, 2015 12:23:31 PM org.apache.catalina.loader.WebappClassLoader clearReferencesThreads SEVERE: The web application [/cas] appears to have started a thread named [FileWatchdog] but has failed to stop it. This is very likely to create a memory leak. May 12, 2015 12:23:31 PM org.apache.catalina.loader.WebappClassLoader clearReferencesThreads SEVERE: The web application [/cas] appears to have started a thread named [scheduler_Worker-1] but has failed to stop it. This is very likely to create a memory leak. May 12, 2015 12:23:31 PM org.apache.catalina.loader.WebappClassLoader clearReferencesThreads cgi-bin/koha/opac-user.pl May 12, 2015 12:23:31 PM org.apache.catalina.loader.WebappClassLoader clearReferencesThreads SEVERE: The web application [/cas] appears to have started a thread named [scheduler_Worker-3] but has failed to stop it. This is very likely to create a memory leak. May 12, 2015 12:23:31 PM org.apache.catalina.loader.WebappClassLoader clearReferencesThreads SEVERE: The web application [/cas] appears to have started a thread named [scheduler_Worker-3] but has failed to stop it. This is very likely to create a memory leak. May 12, 2015 12:23:31 PM org.apache.catalina.loader.WebappClassLoader clearReferencesThreads SEVERE: The web application [/cas] appears to have started a thread named [scheduler_Worker-4] but has failed to stop it. This is very likely to create a memory leak. May 12, 2015 12:23:31 PM org.apache.catalina.loader.WebappClassLoader clearReferencesThreads SEVERE: The web application [/cas] appears to have started a thread named [scheduler_Worker-5] but has failed to stop it. This is very likely to create a memory leak. May 12, 2015 12:23:31 PM org.apache.catalina.loader.WebappClassLoader clearReferencesThreads SEVERE: The web application [/cas] appears to have started a thread named [scheduler_Worker-6] but has failed to stop it. This is very likely to create a memory leak. May 12, 2015 12:23:31 PM org.apache.catalina.loader.WebappClassLoader clearReferencesThreads SEVERE: The web application [/cas] appears to have started a thread named [scheduler_Worker-6] but has failed to stop it. This is very likely to create a memory leak. May 12, 2015 12:23:31 PM org.apache.catalina.loader.WebappClassLoader clearReferencesThreads SEVERE: The web application [/cas] appears to have started a thread named [scheduler_Worker-7] but has failed to stop it. This is very likely to create a memory leak. May 12, 2015 12:23:31 PM org.apache.catalina.loader.WebappClassLoader clearReferencesThreads SEVERE: The web application [/cas] appears to have started a thread named [scheduler_Worker-8] but has failed to stop it. This is very likely to create a memory leak. May 12, 2015 12:23:31 PM org.apache.catalina.loader.WebappClassLoader clearReferencesThreads SEVERE: The web application [/cas] appears to have started a thread named [scheduler_Worker-9] but has failed to stop it. This is very likely to create a memory leak. May 12, 2015 12:23:31 PM org.apache.catalina.loader.WebappClassLoader clearReferencesThreads SEVERE: The web application [/cas] appears to have started a thread named [scheduler_Worker-10] but has failed to stop it. This is very likely to create a memory leak. May 12, 2015 12:23:31 PM org.apache.coyote.AbstractProtocol stop INFO: Stopping ProtocolHandler ["http-bio-8443"] May 12, 2015 12:23:31 PM org.apache.coyote.AbstractProtocol destroy INFO: Destroying ProtocolHandler ["http-bio-8443"] May 12, 2015 12:23:34 PM org.apache.catalina.startup.ClassLoaderFactory validateFile WARNING: Problem with directory [/usr/share/tomcat7/common/classes], exists: [false], isDirectory: [false], canRead: [false] May 12, 2015 12:23:35 PM org.apache.catalina.startup.ClassLoaderFactory validateFile WARNING: Problem with directory [/usr/share/tomcat7/common], exists: [false], isDirectory: [false], canRead: [false] May 12, 2015 12:23:35 PM org.apache.catalina.startup.ClassLoaderFactory validateFile WARNING: Problem with directory [/usr/share/tomcat7/server/classes], exists: [false], isDirectory: [false], canRead: [false] May 12, 2015 12:23:35 PM org.apache.catalina.startup.ClassLoaderFactory validateFile WARNING: Problem with directory [/usr/share/tomcat7/server], exists: [false], isDirectory: [false], canRead: [false] May 12, 2015 12:23:35 PM org.apache.catalina.startup.ClassLoaderFactory validate: File WARNING: Problem with directory [/usr/share/tomcat7/shared], exists: [false], isDirectory: [false], canRead: [false] May 12, 2015 12:23:44 PM org.apache.coyote.AbstractProtocol init INFO: Initializing ProtocolHandler ["http-bio-8443"] May 12, 2015 12:23:50 PM org.apache.catalina.startup.Catalina load INFO: Initialization processed in 14717 ms May 12, 2015 12:23:51 PM org.apache.catalina.core.StandardService startInternal INFO: Starting service Catalina May 12, 2015 12:23:51 PM org.apache.catalina.core.StandardEngine startInternal INFO: Starting Servlet Engine: Apache Tomcat/7.0.52 (Ubuntu) May 12, 2015 12:23:51 PM org.apache.catalina.startup.HostConfig deployWAR INFO: Deploying web application archive /var/lib/tomcat7/webapps/cas.war May 12, 2015 12:25:35 PM org.apache.catalina.startup.HostConfig deployDirectory INFO: Deploying web application directory /var/lib/tomcat7/webapps/ROOT May 12, 2015 12:25:40 PM org.apache.coyote.AbstractProtocol start INFO: Starting ProtocolHandler ["http-bio-8443"] May 12, 2015 12:25:40 PM org.apache.catalina.startup.Catalina start INFO: Server startup in 109723 ms (END) Date: Mon, 11 May 2015 08:17:50 -0500 From: cmy...@mail.millikin.edu To: cas-user@lists.jasig.org Subject: RE: [cas-user] Application not authorized to use CAS Out of curiosity, what URL do you access your KOHA application from in your browser? The way that you have your URL set up in the serviceID, it should authenticate anything with a URL similar to: http://[anything_as_long_as_its_one_word_only].ibu.edu.ba/[anything] So things like these will work: http://server.ibu.edu.ba/something http://fred.ibu.edu.ba/something/else/here http://kuali.ibu.edu.ba/my/favorite/site.jsp but URLs like these will NOT work: https://[anything] ((notice the httpS) http://192.168.1.142/[anything] http://server.ibu.edu.ba:8443/[anything] (notice the alternate port) Basically, your setup is configured to only allow services to authenticate when the URL in your web browser matches something like in the first group; you won't be able to use alternate ports, SSL, IP addresses, etc. >>> Ahmed Hadzic <hadzic_ah...@hotmail.com> 05/10/15 7:14 AM >>> Thank you very much for explaining these things. My mentor advised me that I don't need to use services management webapp, I can use XML configuration for service registry data. I am using InMemoryServiceRegistryDaoImpl and my configuration looks like this : <bean id="serviceRegistryDao" class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl" p:registeredServices-ref="registeredServicesList" /> <util:list id="registeredServicesList"> <bean class="org.jasig.cas.services.RegisteredServiceImpl" p:id="1" p:name="HTTPS and IMAPS services on library.ibu.edu.ba" p:serviceId="http://*.ibu.edu.ba/**" p:ssoEnabled="true" p:evaluationOrder="0" /></util:list> When I'm trying to authenticate KOHA I get that error: Application not authorized to use CAS. Did I miss something ? Kind regards, Ahmed Date: Thu, 7 May 2015 10:11:34 -0500 From: cmy...@mail.millikin.edu To: cas-user@lists.jasig.org Subject: RE: [cas-user] Application not authorized to use CAS Ok cool, that's good to know that CAS was working properly initially. Were your services able to connect to CAS successfully at that point as well? That would be the next thing to check, because that way you know that everything is configured properly. Once you've verified that you can log into CAS, and an application can use it for authentication, then you can safely move onto the next step - changing your user directory to something like LDAP (if needed.) Once that's been tested, then you can go about the service management configuration, because at that point, you know that everything's working, so you have a config that you can revert to if something doesn't go right. (Once I'm at this point, I usually create a copy of the folder so that if I totally hose a config, I don't have to undo it, I just copy it back from the working point.) For your services management, you'll want to keep it all in the same place - whether LDAP, database, etc. Otherwise it would be like taking putting your shopping list in your car, and then riding your bike to the store. Essentially - the management webapp is just a nice GUI front-end for the CAS services management functionality. You can configure services manually as well. So if you're telling the webapp to use LDAP and CAS to use the database, it won't work. Chris >>> Ahmed Hadzic <hadzic_ah...@hotmail.com> 05/07/15 9:47 AM >>> Yes, CAS was functioning properly before I tried to do the service management stuff (I could login as default: casuser-Mellon) and I would get message (Login Successful). I haven't actually installed the service management config (I thought I need to do some configuration in CAS conf files and I would be able to access the service management). I was probably wrong.When I try to login to the management webapp (https://localhost:8443/cas-management) i get the error (http://pokit.org/get/?06a0b06e4b0c3f643ad66b6279a43fc5.jpg) I get the error "application is not authorized to use CAS" when I type: https://localhost:8443/cas/login?service=%2Fcgi-bin%2Fkoha%2Fopac-user.pl ( http://pokit.org/get/?55c4ebfd9cd76fd353e36a015b94f4d0.jpg, http://pokit.org/get/?4653a617ec77f3ecf60a6d1f094e2620.jpg) As for the LDAP service manager and JPA service registry I thought I need to use LDAP. They are two different things, but can I use them both or just one of them, and is it OK for management webapp to use LDAP for services management, and CAS to use the database for it? Maybe it's a stupid question but I really don't know these things quite enough to understand them. Ahmed Date: Thu, 7 May 2015 09:13:08 -0500 From: cmy...@mail.millikin.edu To: cas-user@lists.jasig.org Subject: RE: [cas-user] Application not authorized to use CAS Ok. I think we need to take a step back and figure some things out first. Typically, you'll want to configure CAS by itself (which will default to "open mode" which lets everything authenticate against it.) Once you've verified that everything's functioning correctly (you can log into CAS, apps can authenticate against the server successfully, etc.) then you'll want to look at configuring service management. Based on what you'd typed below, it seems like you tried to do it all at once. Just to make sure - was CAS functioning properly before you tried to do the service management stuff? If not, I'd start over with the server and make sure that CAS is functioning properly before trying the service management stuff, otherwise you don't really know for sure where problems lie. If everything was working properly, and then you installed the service management config - When you try to log into the management webapp, does it tell you that you can't login, or that the webapp isn't authorized? Next - based on what you pasted in below, I'm seeing entries for both the LDAP service manager and JPA service registry, which are two entirely different things. If I'm interpreting your pasting correctly, it looks like you told the management webapp to use LDAP for services management, and CAS to use the database for it? Chris >>> Ahmed Hadzic <hadzic_ah...@hotmail.com> 05/07/15 8:42 AM >>> I did mention installing the service management webapp and I'm not able to access it. I know if I manage to access it I can add KOHA as one of the CAS services and that would solve my problem. I tried to configure services following this guide http://jasig.github.io/cas/4.0.x/installation/Service-Management.htmlIs this the wright documentation to follow ? Ahmed Date: Thu, 7 May 2015 08:08:47 -0500 From: cmy...@mail.millikin.edu To: cas-user@lists.jasig.org Subject: RE: [cas-user] Application not authorized to use CAS Ok. Well, the cas log file would be the first place I'd look for errors with regard to the 404 you're getting; you can find more details on it here: http://jasig.github.io/cas/4.0.x/installation/Logging.html You may want to turn the logging level up to DEBUG for additional details. It should typically be logging details to your TOMCAT_LOG_FOLDER/cas.log To the "application not authorized" piece, the problem should be in your services configuration. You mentioned installing the service management webapp; are you able to access it? If so, if you log into it, do you see any services registered? If not, therein would lie your problem. I don't see where you mentioned configuring services to be able to access your CAS server, so if you didn't do that already, you'll definitely need to before anything will be able to talk to your server. Chris >>> Ahmed Hadzic <hadzic_ah...@hotmail.com> 05/06/15 6:19 PM >>> Yes, i can login to CAS when I omit that piece of code, maybe I put it in the wrong section of the file. When I add it, I get the error 404(service is unavailable). In KOHA (CAS settings) I set CAS Server Url to be: https://localhost:8443/cas and when I'm trying to access that over KOHA user login(if you have CAS account click here) I get the error: Application is not authorized to use CAS. I hope I explained my problem well enough. Ahmed Date: Wed, 6 May 2015 12:58:26 -0500 From: cmy...@mail.millikin.edu To: hadzic_ah...@hotmail.com; cas-user@lists.jasig.org Subject: Re: [cas-user] Application not authorized to use CAS Just for clarification - things work correctly when you omit this piece of code: <sec:ldap-server id="ldapServer" url="ldap://myserver:13060/" manager-dn="cn=adminusername,cn=Users,dc=london-scottish,dc=com" manager-password="mypassword" /> <sec:ldap-user-service id="userDetailsService" server-ref="ldapServer" group-search-base="cn=Groups,dc=mycompany,dc=com" group-role-attribute="cn" group-search-filter="(uniquemember={0})" user-search-base="cn=Users,dc=mycompany,dc=com" user-search-filter="(uid={0})"/> but fail once you add it? And to be sure, the error message that you're receiving is the "application not authorized to use CAS" message? The reason I'm curious is because that chunk of code there has absolutely nothing to do with an application talking to CAS; it's strictly for user-side things. Chris >>> Ahmed Hadzic <hadzic_ah...@hotmail.com> 05/06/15 10:03 AM >>> Hello all, I am about to graduate and for my senior design project I have to integrate CAS with KOHA (Open ILS). I am using Ubuntu server 14.04, so far I made secure connection for CAS, and now i need to login to CAS as KOHA user. This is where I encountered problems. I found out that I need to get the CAS server's Manager to add the OPAC Url to the Service management system in CAS itself. When I try to access over browser(https://localhost:8443/cas/services) I get redirected to CAS login page. I followed this documentation: http://jasig.github.io/cas/4.0.x/installation/Service-Management.html. Since I am pretty much newbie for CAS I would be thankful if you could help me. Here are the details of what I did from the guide above: LdapServiceRegistryDao <bean id="serviceRegistryDao" class="org.jasig.cas.adaptors.ldap.services.LdapServiceRegistryDao" p:connectionFactory-ref="pooledLdapConnectionFactory" p:searchRequest-ref="searchRequest" p:ldapServiceMapper-ref="ldapMapper" /> <bean id="ldapMapper" class="org.jasig.cas.adaptors.ldap.services.DefaultLdapServiceMapper"/> I added this in /home/ahmed/cas-server-4.0.0/cas-management-webapp/src/main/webapp/WEB-INF/managementConfigContext.xml JpaServiceRegistryDaoImpl <tx:annotation-driven transaction-manager-ref="transactionManager" /> <bean id="factoryBean" class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean" p:dataSource-ref="dataSource" p:jpaVendorAdapter-ref="jpaVendorAdapter" p:packagesToScan-ref="packagesToScan"> <property name="jpaProperties"> <props> <prop key="hibernate.dialect">${database.dialect}</prop> <prop key="hibernate.hbm2ddl.auto">update</prop> <prop key="hibernate.jdbc.batch_size">${database.batchSize}</prop> </props> </property> </bean> <bean id="jpaVendorAdapter" class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter" p:generateDdl="true" p:showSql="true" /> <bean id="serviceRegistryDao" class="org.jasig.cas.services.JpaServiceRegistryDaoImpl" /> <bean id="transactionManager" class="org.springframework.orm.jpa.JpaTransactionManager" p:entityManagerFactory-ref="factoryBean" /> <!-- | Injects EntityManager/Factory instances into beans with | @PersistenceUnit and @PersistenceContext --> <bean class="org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor" /> <!-- Configuration via JNDI --> <bean id="dataSource" class="org.springframework.jndi.JndiObjectFactoryBean" p:jndiName="java:comp/env/jdbc/cas-source" /> I added this in /home/ahmed/cas-server-4.0.0/cas-server-webapp/src/main/webapp/WEB-INF/deployerConfigContext.xml Installing the Services Management Webapp <dependency> <groupId>org.jasig.cas</groupId> <artifactId>cas-management-webapp</artifactId> <version>${cas.version}</version> <type>war</type> <scope>runtime</scope> </dependency> Added this in /home/ahmed/cas-server-4.0.0/cas-management-webapp/pom.xml Spring-security-ldap <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-ldap</artifactId> <version>${spring.security.ldap.version}</version> <exclusions> <exclusion> <groupId>org.springframework</groupId> <artifactId>spring-aop</artifactId> </exclusion> <exclusion> <groupId>org.springframework</groupId> <artifactId>spring-tx</artifactId> </exclusion> <exclusion> <groupId>org.springframework</groupId> <artifactId>spring-beans</artifactId> </exclusion> <exclusion> <groupId>org.springframework</groupId> <artifactId>spring-context</artifactId> </exclusion> <exclusion> <groupId>org.springframework</groupId> <artifactId>spring-core</artifactId> </exclusion> </exclusions> </dependency> Added this in /home/ahmed/cas-server-4.0.0/cas-management-webapp/pom.xml My CAS fails when I add this part to /var/lib/tomcat7/webapps/cas/WEB-INF/deployerConfigContext.xml <sec:ldap-server id="ldapServer" url="ldap://myserver:13060/" manager-dn="cn=adminusername,cn=Users,dc=london-scottish,dc=com" manager-password="mypassword" /> <sec:ldap-user-service id="userDetailsService" server-ref="ldapServer" group-search-base="cn=Groups,dc=mycompany,dc=com" group-role-attribute="cn" group-search-filter="(uniquemember={0})" user-search-base="cn=Users,dc=mycompany,dc=com" user-search-filter="(uid={0})"/> I don't quite understand this and I don't know if I am doing things right, so any help is very much appreciated. Kind regards, Ahmed -- You are currently subscribed to cas-user@lists.jasig.org as: cmy...@mail.millikin.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: hadzic_ah...@hotmail.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: cmy...@mail.millikin.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: hadzic_ah...@hotmail.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: cmy...@mail.millikin.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: hadzic_ah...@hotmail.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: hadzic_ah...@hotmail.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: cmy...@mail.millikin.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user