Hi,
I have populate this two proprety as :
<property name="userName" value="Manager" />
<property name="password" value="password" />
But I have the same error
PS : I could connect in ssl with jxplorer client and my Manager of
OpenLDAP tree is :
cn=Manager,dc=chabaka,dc=net
and my users tree is :
uid=toto,ou=users,dc=chabaka,dc=net
Thic could cause this error?
<bean id="contextSource"
class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource">
<property name="anonymousReadOnly" value="false"/>
<property name="password" value="password" />
<property name="pooled" value="true" />
<property name="urls">
<list>
<value>ldaps://127.0.0.1</value>
<value>ldaps://127.0.0.1</value>
</list>
</property>
<property name="userName" value="Manager" />
<property name="baseEnvironmentProperties">
<map>
<entry>
<key><value>java.naming.security.protocol</value></key>
<value>ssl</value>
</entry>
<entry>
<key><value>java.naming.security.authentication</value></key>
<value>simple</value>
</entry>
</map>
</property>
</bean>
</beans>
Thanks for yr reply
2007/5/3, Dmitry Kochelaev <[EMAIL PROTECTED]>:
> Hello,
>
> populate
> <property name="userName" value="{username_goes_here}" />
> <property name="password" value="{password_goes_here}" />
>
> with correct values
>
> On 5/3/07, Zouhair BOUNOUALA <[EMAIL PROTECTED]> wrote:
> > Hi,
> >
> > I have suuced to deploy my cas.war under tomcat. When I want to
> > connect to my http://bidaya.chabaka.net:8080/cas/login?null I have one
> > error : "CAS is UNvailable"
> >
> > I have this error in my catalina.out
> >
> > 2007-05-03 17:37:49,931 INFO
> > [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] -
> > <Starting cleaning of expired tickets from ticket registry at [Thu May
> > 03 17:37:49 WET 2007]>
> > 2007-05-03 17:37:49,931 INFO
> > [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] -
> > <0 found to be removed. Removing now.>
> > 2007-05-03 17:37:49,931 INFO
> > [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] -
> > <Finished cleaning of expired tickets from ticket registry at [Thu May
> > 03 17:37:49 WET 2007]>
> > 2007-05-03 17:37:55,558 INFO
> > [org.jasig.cas.web.flow.AutomaticCookiePathSetterAction] - <Setting
> > ContextPath for cookies to: /cas>
> > 2007-05-03 17:38:07,946 ERROR
> > [org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/cas].[cas]]
> > - <"Servlet.service()" pour la servlet cas a gÃ(c)nÃ(c)rÃ(c) une
> > exception>
> > javax.naming.InvalidNameException: [LDAP: error code 34 - invalid DN]
> > at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2926)
> > at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2732)
> > at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2646)
> > at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:283)
> > at
> > com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
> > at
> > com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
> > at
> > com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
> > at
> > com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
> > at
> > javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
> > at
> > javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:247)
> > at javax.naming.InitialContext.init(InitialContext.java:223)
> > at
> > javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:134)
> > at
> > org.springframework.ldap.support.LdapContextSource.getDirContextInstance(LdapContextSource.java:59)
> > at
> > org.springframework.ldap.support.AbstractContextSource.createContext(AbstractContextSource.java:193)
> > at
> > org.springframework.ldap.support.AbstractContextSource.getReadOnlyContext(AbstractContextSource.java:104)
> > at
> > org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:263)
> > at
> > org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:314)
> > at
> > org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler.authenticateUsernamePasswordInternal(BindLdapAuthenticationHandler.java:70)
> > at
> > org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler.authenticate(AbstractUsernamePasswordAuthenticationHandler.java:58)
> > at
> > org.jasig.cas.authentication.AuthenticationManagerImpl.authenticate(AuthenticationManagerImpl.java:79)
> > at
> > org.jasig.cas.CentralAuthenticationServiceImpl.createTicketGrantingTicket(CentralAuthenticationServiceImpl.java:282)
> > at
> > org.jasig.cas.web.flow.AuthenticationViaFormAction.submit(AuthenticationViaFormAction.java:116)
> > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> > at
> > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> > at
> > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> > at java.lang.reflect.Method.invoke(Method.java:585)
> > at
> > org.springframework.webflow.util.DispatchMethodInvoker.invoke(DispatchMethodInvoker.java:103)
> > at
> > org.springframework.webflow.action.MultiAction.doExecute(MultiAction.java:136)
> > at
> > org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:203)
> > at
> > org.springframework.webflow.engine.AnnotatedAction.execute(AnnotatedAction.java:142)
> > at
> > org.springframework.webflow.engine.ActionExecutor.execute(ActionExecutor.java:61)
> > at
> > org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:180)
> > at org.springframework.webflow.engine.State.enter(State.java:200)
> > at
> > org.springframework.webflow.engine.Transition.execute(Transition.java:229)
> > at
> > org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:112)
> > at org.springframework.webflow.engine.Flow.onEvent(Flow.java:572)
> > at
> > org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent(RequestControlContextImpl.java:207)
> > at
> > org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:185)
> > at org.springframework.webflow.engine.State.enter(State.java:200)
> > at
> > org.springframework.webflow.engine.Transition.execute(Transition.java:229)
> > at
> > org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:112)
> > at org.springframework.webflow.engine.Flow.onEvent(Flow.java:572)
> > at
> > org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent(RequestControlContextImpl.java:207)
> > at
> > org.springframework.webflow.engine.impl.FlowExecutionImpl.signalEvent(FlowExecutionImpl.java:214)
> > at
> > org.springframework.webflow.executor.FlowExecutorImpl.resume(FlowExecutorImpl.java:238)
> > at
> > org.springframework.webflow.executor.support.FlowRequestHandler.handleFlowRequest(FlowRequestHandler.java:115)
> > at
> > org.springframework.webflow.executor.mvc.FlowController.handleRequestInternal(FlowController.java:170)
> > at
> > org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153)
> > at
> > org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48)
> > at
> > org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:819)
> > at
> > org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:754)
> > at
> > org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:399)
> > at
> > org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:364)
> > at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
> > at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
> > at
> > org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115)
> > at
> > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
> > at
> > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
> > at
> > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
> > at
> > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
> > at
> > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
> > at
> > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
> > at
> > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
> > at
> > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
> > at
> > org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
> > at
> > org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
> > at
> > org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
> > at
> > org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
> > at
> > org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
> > at java.lang.Thread.run(Thread.java:595)
> >
> > How could I resolve this problem?
> >
> > Thanks for everybody can help me!
> >
> > PS : My deployerConfigContext.xml configuartion
> >
> > <?xml version="1.0" encoding="UTF-8"?>
> > <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
> > "http://www.springframework.org/dtd/spring-beans.dtd";>
> > <!--
> > | deployerConfigContext.xml centralizes into one file some of the
> > declarative configuration that
> > | all CAS deployers will need to modify.
> > |
> > | This file declares some of the Spring-managed JavaBeans that make
> > up a CAS deployment.
> > | The beans declared in this file are instantiated at context
> > initialization time by the Spring
> > | ContextLoaderListener declared in web.xml. It finds this file
> > because this
> > | file is among those declared in the context parameter
> > "contextConfigLocation".
> > |
> > | By far the most common change you will need to make in this file
> > is
> > to change the last bean
> > | declaration to replace the default
> > SimpleTestUsernamePasswordAuthenticationHandler with
> > | one implementing your approach for authenticating usernames and
> > passwords.
> > +-->
> > <beans>
> > <!--
> > | This bean declares our AuthenticationManager. The
> > CentralAuthenticationService service bean
> > | declared in applicationContext.xml picks up this
> > AuthenticationManager by reference to its id,
> > | "authenticationManager". Most deployers will be able to
> > use the
> > default AuthenticationManager
> > | implementation and so do not need to change the class of
> > this
> > bean. We include the whole
> > | AuthenticationManager here in the userConfigContext.xml
> > so that
> > you can see the things you will
> > | need to change in context.
> > +-->
> > <bean id="authenticationManager"
> >
> > class="org.jasig.cas.authentication.AuthenticationManagerImpl">
> > <!--
> > | This is the List of
> > CredentialToPrincipalResolvers that identify
> > what Principal is trying to authenticate.
> > | The AuthenticationManagerImpl considers them in
> > order, finding a
> > CredentialToPrincipalResolver which
> > | supports the presented credentials.
> > |
> > | AuthenticationManagerImpl uses these resolvers
> > for two purposes.
> > First, it uses them to identify the Principal
> > | attempting to authenticate to CAS /login . In
> > the default
> > configuration, it is the DefaultCredentialsToPrincipalResolver
> > | that fills this role. If you are using some
> > other kind of
> > credentials than UsernamePasswordCredentials, you will need to replace
> > | DefaultCredentialsToPrincipalResolver with a
> > CredentialsToPrincipalResolver that supports the credentials you are
> > | using.
> > |
> > | Second, AuthenticationManagerImpl uses these
> > resolvers to
> > identify a service requesting a proxy granting ticket.
> > | In the default configuration, it is the
> > HttpBasedServiceCredentialsToPrincipalResolver that serves this
> > purpose.
> > | You will need to change this list if you are
> > identifying services
> > by something more or other than their callback URL.
> > +-->
> > <property name="credentialsToPrincipalResolvers">
> > <list>
> > <!--
> > |
> > UsernamePasswordCredentialsToPrincipalResolver supports the
> > UsernamePasswordCredentials that we use for /login
> > | by default and produces
> > SimplePrincipal instances conveying the
> > username from the credentials.
> > |
> > | If you've changed your
> > LoginFormAction to use credentials other
> > than UsernamePasswordCredentials then you will also
> > | need to change this bean
> > declaration (or add additional
> > declarations) to declare a CredentialsToPrincipalResolver that
> > supports the
> > | Credentials you are using.
> > +-->
> > <bean
> >
> > class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver"
> > />
> > <!--
> > |
> > HttpBasedServiceCredentialsToPrincipalResolver supports
> > HttpBasedCredentials. It supports the CAS 2.0 approach of
> > | authenticating services by SSL
> > callback, extracting the
> > callback URL from the Credentials and representing it as a
> > | SimpleService identified by that
> > callback URL.
> > |
> > | If you are representing services
> > by something more or other
> > than an HTTPS URL whereat they are able to
> > | receive a proxy callback, you
> > will need to change this bean
> > declaration (or add additional declarations).
> > +-->
> > <bean
> >
> > class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver"
> > />
> > </list>
> > </property>
> >
> > <!--
> > | Whereas CredentialsToPrincipalResolvers identify
> > who it is some
> > Credentials might authenticate,
> > | AuthenticationHandlers actually authenticate
> > credentials. Here
> > we declare the AuthenticationHandlers that
> > | authenticate the Principals that the
> > CredentialsToPrincipalResolvers identified. CAS will try these
> > handlers in turn
> > | until it finds one that both supports the
> > Credentials presented
> > and succeeds in authenticating.
> > +-->
> > <property name="authenticationHandlers">
> > <list>
> > <!--
> > | This is the authentication
> > handler that authenticates services
> > by means of callback via SSL, thereby validating
> > | a server side SSL certificate.
> > +-->
> > <bean
> > class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler">
> > <property name="httpClient"
> > ref="httpClient" />
> > </bean>
> >
> > <!--
> > | This is the authentication
> > handler declaration that every CAS
> > deployer will need to change before deploying CAS
> > | into production. The default
> > SimpleTestUsernamePasswordAuthenticationHandler authenticates
> > UsernamePasswordCredentials
> > | where the username equals the
> > password. You will need to
> > replace this with an AuthenticationHandler that implements your
> > | local authentication strategy.
> > You might accomplish this by
> > coding a new such handler and declaring
> > |
> > edu.someschool.its.cas.MySpecialHandler here, or you might use
> > one of the handlers provided in the adaptors modules.
> > +-->
> > <bean
> >
> > class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler">
> > <property name="filter"
> > value="uid=%u" />
> > <property name="searchBase"
> > value="ou=users,dc=chabaka,dc=net" />
> > <property
> > name="contextSource"
> > ref="contextSource" />
> > </bean>
> > </list>
> > </property>
> > </bean>
> >
> > <bean id="contextSource"
> > class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource">
> > <property name="anonymousReadOnly" value="false"/>
> > <property name="password" value="{password_goes_here}" />
> > <property name="pooled" value="true" />
> > <property name="urls">
> > <list>
> > <value>ldaps://127.0.0.1</value>
> > <value>ldaps://127.0.0.1</value>
> > </list>
> > </property>
> > <property name="userName" value="{username_goes_here}" />
> > <property name="baseEnvironmentProperties">
> > <map>
> > <entry>
> >
> > <key><value>java.naming.security.protocol</value></key>
> > <value>ssl</value>
> > </entry>
> > <entry>
> >
> > <key><value>java.naming.security.authentication</value></key>
> > <value>simple</value>
> > </entry>
> > </map>
> > </property>
> > </bean>
> > </beans>
> > _______________________________________________
> > Yale CAS mailing list
> > [email protected]
> > http://tp.its.yale.edu/mailman/listinfo/cas
> >
>
>
> --
> Dmitry Kochelaev
> eVelopers Corporation
> _______________________________________________
> Yale CAS mailing list
> [email protected]
> http://tp.its.yale.edu/mailman/listinfo/cas
>
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
