try to populate userName with cn=Manager or cn=Manager,dc=chabaka,dc=net
On 5/3/07, Zouhair BOUNOUALA <[EMAIL PROTECTED]> wrote:
> Hi,
>
> I have populate this two proprety as :
>
> <property name="userName" value="Manager" />
> <property name="password" value="password" />
>
> But I have the same error
>
> PS : I could connect in ssl with jxplorer client and my Manager of
> OpenLDAP tree is :
>
> cn=Manager,dc=chabaka,dc=net
>
> and my users tree is :
>
> uid=toto,ou=users,dc=chabaka,dc=net
>
> Thic could cause this error?
>
>
> <bean id="contextSource"
> class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource">
> <property name="anonymousReadOnly" value="false"/>
> <property name="password" value="password" />
> <property name="pooled" value="true" />
> <property name="urls">
> <list>
> <value>ldaps://127.0.0.1</value>
> <value>ldaps://127.0.0.1</value>
> </list>
> </property>
> <property name="userName" value="Manager" />
> <property name="baseEnvironmentProperties">
> <map>
> <entry>
>
> <key><value>java.naming.security.protocol</value></key>
> <value>ssl</value>
> </entry>
> <entry>
>
> <key><value>java.naming.security.authentication</value></key>
> <value>simple</value>
> </entry>
> </map>
> </property>
> </bean>
> </beans>
>
>
> Thanks for yr reply
>
> 2007/5/3, Dmitry Kochelaev <[EMAIL PROTECTED]>:
> > Hello,
> >
> > populate
> > <property name="userName" value="{username_goes_here}" />
> > <property name="password" value="{password_goes_here}" />
> >
> > with correct values
> >
> > On 5/3/07, Zouhair BOUNOUALA <[EMAIL PROTECTED]> wrote:
> > > Hi,
> > >
> > > I have suuced to deploy my cas.war under tomcat. When I want to
> > > connect to my http://bidaya.chabaka.net:8080/cas/login?null I have one
> > > error : "CAS is UNvailable"
> > >
> > > I have this error in my catalina.out
> > >
> > > 2007-05-03 17:37:49,931 INFO
> > > [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] -
> > > <Starting cleaning of expired tickets from ticket registry at [Thu May
> > > 03 17:37:49 WET 2007]>
> > > 2007-05-03 17:37:49,931 INFO
> > > [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] -
> > > <0 found to be removed. Removing now.>
> > > 2007-05-03 17:37:49,931 INFO
> > > [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] -
> > > <Finished cleaning of expired tickets from ticket registry at [Thu May
> > > 03 17:37:49 WET 2007]>
> > > 2007-05-03 17:37:55,558 INFO
> > > [org.jasig.cas.web.flow.AutomaticCookiePathSetterAction] - <Setting
> > > ContextPath for cookies to: /cas>
> > > 2007-05-03 17:38:07,946 ERROR
> > > [org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/cas].[cas]]
> > > - <"Servlet.service()" pour la servlet cas a gÃ(c)nÃ(c)rÃ(c) une
> > > exception>
> > > javax.naming.InvalidNameException: [LDAP: error code 34 - invalid DN]
> > > at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2926)
> > > at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2732)
> > > at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2646)
> > > at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:283)
> > > at
> > > com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
> > > at
> > > com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
> > > at
> > > com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
> > > at
> > > com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
> > > at
> > > javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
> > > at
> > > javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:247)
> > > at javax.naming.InitialContext.init(InitialContext.java:223)
> > > at
> > > javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:134)
> > > at
> > > org.springframework.ldap.support.LdapContextSource.getDirContextInstance(LdapContextSource.java:59)
> > > at
> > > org.springframework.ldap.support.AbstractContextSource.createContext(AbstractContextSource.java:193)
> > > at
> > > org.springframework.ldap.support.AbstractContextSource.getReadOnlyContext(AbstractContextSource.java:104)
> > > at
> > > org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:263)
> > > at
> > > org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:314)
> > > at
> > > org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler.authenticateUsernamePasswordInternal(BindLdapAuthenticationHandler.java:70)
> > > at
> > > org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler.authenticate(AbstractUsernamePasswordAuthenticationHandler.java:58)
> > > at
> > > org.jasig.cas.authentication.AuthenticationManagerImpl.authenticate(AuthenticationManagerImpl.java:79)
> > > at
> > > org.jasig.cas.CentralAuthenticationServiceImpl.createTicketGrantingTicket(CentralAuthenticationServiceImpl.java:282)
> > > at
> > > org.jasig.cas.web.flow.AuthenticationViaFormAction.submit(AuthenticationViaFormAction.java:116)
> > > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> > > at
> > > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> > > at
> > > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> > > at java.lang.reflect.Method.invoke(Method.java:585)
> > > at
> > > org.springframework.webflow.util.DispatchMethodInvoker.invoke(DispatchMethodInvoker.java:103)
> > > at
> > > org.springframework.webflow.action.MultiAction.doExecute(MultiAction.java:136)
> > > at
> > > org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:203)
> > > at
> > > org.springframework.webflow.engine.AnnotatedAction.execute(AnnotatedAction.java:142)
> > > at
> > > org.springframework.webflow.engine.ActionExecutor.execute(ActionExecutor.java:61)
> > > at
> > > org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:180)
> > > at org.springframework.webflow.engine.State.enter(State.java:200)
> > > at
> > > org.springframework.webflow.engine.Transition.execute(Transition.java:229)
> > > at
> > > org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:112)
> > > at org.springframework.webflow.engine.Flow.onEvent(Flow.java:572)
> > > at
> > > org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent(RequestControlContextImpl.java:207)
> > > at
> > > org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:185)
> > > at org.springframework.webflow.engine.State.enter(State.java:200)
> > > at
> > > org.springframework.webflow.engine.Transition.execute(Transition.java:229)
> > > at
> > > org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:112)
> > > at org.springframework.webflow.engine.Flow.onEvent(Flow.java:572)
> > > at
> > > org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent(RequestControlContextImpl.java:207)
> > > at
> > > org.springframework.webflow.engine.impl.FlowExecutionImpl.signalEvent(FlowExecutionImpl.java:214)
> > > at
> > > org.springframework.webflow.executor.FlowExecutorImpl.resume(FlowExecutorImpl.java:238)
> > > at
> > > org.springframework.webflow.executor.support.FlowRequestHandler.handleFlowRequest(FlowRequestHandler.java:115)
> > > at
> > > org.springframework.webflow.executor.mvc.FlowController.handleRequestInternal(FlowController.java:170)
> > > at
> > > org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153)
> > > at
> > > org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48)
> > > at
> > > org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:819)
> > > at
> > > org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:754)
> > > at
> > > org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:399)
> > > at
> > > org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:364)
> > > at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
> > > at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
> > > at
> > > org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115)
> > > at
> > > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
> > > at
> > > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
> > > at
> > > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
> > > at
> > > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
> > > at
> > > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
> > > at
> > > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
> > > at
> > > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
> > > at
> > > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
> > > at
> > > org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
> > > at
> > > org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
> > > at
> > > org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
> > > at
> > > org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
> > > at
> > > org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
> > > at java.lang.Thread.run(Thread.java:595)
> > >
> > > How could I resolve this problem?
> > >
> > > Thanks for everybody can help me!
> > >
> > > PS : My deployerConfigContext.xml configuartion
> > >
> > > <?xml version="1.0" encoding="UTF-8"?>
> > > <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
> > > "http://www.springframework.org/dtd/spring-beans.dtd";>
> > > <!--
> > > | deployerConfigContext.xml centralizes into one file some of the
> > > declarative configuration that
> > > | all CAS deployers will need to modify.
> > > |
> > > | This file declares some of the Spring-managed JavaBeans that
> > > make
> > > up a CAS deployment.
> > > | The beans declared in this file are instantiated at context
> > > initialization time by the Spring
> > > | ContextLoaderListener declared in web.xml. It finds this file
> > > because this
> > > | file is among those declared in the context parameter
> > > "contextConfigLocation".
> > > |
> > > | By far the most common change you will need to make in this
> > > file is
> > > to change the last bean
> > > | declaration to replace the default
> > > SimpleTestUsernamePasswordAuthenticationHandler with
> > > | one implementing your approach for authenticating usernames and
> > > passwords.
> > > +-->
> > > <beans>
> > > <!--
> > > | This bean declares our AuthenticationManager. The
> > > CentralAuthenticationService service bean
> > > | declared in applicationContext.xml picks up this
> > > AuthenticationManager by reference to its id,
> > > | "authenticationManager". Most deployers will be able
> > > to use the
> > > default AuthenticationManager
> > > | implementation and so do not need to change the class
> > > of this
> > > bean. We include the whole
> > > | AuthenticationManager here in the userConfigContext.xml
> > > so that
> > > you can see the things you will
> > > | need to change in context.
> > > +-->
> > > <bean id="authenticationManager"
> > >
> > > class="org.jasig.cas.authentication.AuthenticationManagerImpl">
> > > <!--
> > > | This is the List of
> > > CredentialToPrincipalResolvers that identify
> > > what Principal is trying to authenticate.
> > > | The AuthenticationManagerImpl considers them in
> > > order, finding a
> > > CredentialToPrincipalResolver which
> > > | supports the presented credentials.
> > > |
> > > | AuthenticationManagerImpl uses these resolvers
> > > for two purposes.
> > > First, it uses them to identify the Principal
> > > | attempting to authenticate to CAS /login . In
> > > the default
> > > configuration, it is the DefaultCredentialsToPrincipalResolver
> > > | that fills this role. If you are using some
> > > other kind of
> > > credentials than UsernamePasswordCredentials, you will need to replace
> > > | DefaultCredentialsToPrincipalResolver with a
> > > CredentialsToPrincipalResolver that supports the credentials you are
> > > | using.
> > > |
> > > | Second, AuthenticationManagerImpl uses these
> > > resolvers to
> > > identify a service requesting a proxy granting ticket.
> > > | In the default configuration, it is the
> > > HttpBasedServiceCredentialsToPrincipalResolver that serves this
> > > purpose.
> > > | You will need to change this list if you are
> > > identifying services
> > > by something more or other than their callback URL.
> > > +-->
> > > <property name="credentialsToPrincipalResolvers">
> > > <list>
> > > <!--
> > > |
> > > UsernamePasswordCredentialsToPrincipalResolver supports the
> > > UsernamePasswordCredentials that we use for /login
> > > | by default and produces
> > > SimplePrincipal instances conveying the
> > > username from the credentials.
> > > |
> > > | If you've changed your
> > > LoginFormAction to use credentials other
> > > than UsernamePasswordCredentials then you will also
> > > | need to change this bean
> > > declaration (or add additional
> > > declarations) to declare a CredentialsToPrincipalResolver that
> > > supports the
> > > | Credentials you are using.
> > > +-->
> > > <bean
> > >
> > > class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver"
> > > />
> > > <!--
> > > |
> > > HttpBasedServiceCredentialsToPrincipalResolver supports
> > > HttpBasedCredentials. It supports the CAS 2.0 approach of
> > > | authenticating services by SSL
> > > callback, extracting the
> > > callback URL from the Credentials and representing it as a
> > > | SimpleService identified by
> > > that callback URL.
> > > |
> > > | If you are representing
> > > services by something more or other
> > > than an HTTPS URL whereat they are able to
> > > | receive a proxy callback, you
> > > will need to change this bean
> > > declaration (or add additional declarations).
> > > +-->
> > > <bean
> > >
> > > class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver"
> > > />
> > > </list>
> > > </property>
> > >
> > > <!--
> > > | Whereas CredentialsToPrincipalResolvers
> > > identify who it is some
> > > Credentials might authenticate,
> > > | AuthenticationHandlers actually authenticate
> > > credentials. Here
> > > we declare the AuthenticationHandlers that
> > > | authenticate the Principals that the
> > > CredentialsToPrincipalResolvers identified. CAS will try these
> > > handlers in turn
> > > | until it finds one that both supports the
> > > Credentials presented
> > > and succeeds in authenticating.
> > > +-->
> > > <property name="authenticationHandlers">
> > > <list>
> > > <!--
> > > | This is the authentication
> > > handler that authenticates services
> > > by means of callback via SSL, thereby validating
> > > | a server side SSL certificate.
> > > +-->
> > > <bean
> > > class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler">
> > > <property name="httpClient"
> > > ref="httpClient" />
> > > </bean>
> > >
> > > <!--
> > > | This is the authentication
> > > handler declaration that every CAS
> > > deployer will need to change before deploying CAS
> > > | into production. The default
> > > SimpleTestUsernamePasswordAuthenticationHandler authenticates
> > > UsernamePasswordCredentials
> > > | where the username equals the
> > > password. You will need to
> > > replace this with an AuthenticationHandler that implements your
> > > | local authentication strategy.
> > > You might accomplish this by
> > > coding a new such handler and declaring
> > > |
> > > edu.someschool.its.cas.MySpecialHandler here, or you might use
> > > one of the handlers provided in the adaptors modules.
> > > +-->
> > > <bean
> > >
> > > class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler">
> > > <property name="filter"
> > > value="uid=%u" />
> > > <property name="searchBase"
> > > value="ou=users,dc=chabaka,dc=net" />
> > > <property
> > > name="contextSource"
> > > ref="contextSource" />
> > > </bean>
> > > </list>
> > > </property>
> > > </bean>
> > >
> > > <bean id="contextSource"
> > > class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource">
> > > <property name="anonymousReadOnly" value="false"/>
> > > <property name="password" value="{password_goes_here}" />
> > > <property name="pooled" value="true" />
> > > <property name="urls">
> > > <list>
> > > <value>ldaps://127.0.0.1</value>
> > > <value>ldaps://127.0.0.1</value>
> > > </list>
> > > </property>
> > > <property name="userName" value="{username_goes_here}" />
> > > <property name="baseEnvironmentProperties">
> > > <map>
> > > <entry>
> > >
> > > <key><value>java.naming.security.protocol</value></key>
> > > <value>ssl</value>
> > > </entry>
> > > <entry>
> > >
> > > <key><value>java.naming.security.authentication</value></key>
> > > <value>simple</value>
> > > </entry>
> > > </map>
> > > </property>
> > > </bean>
> > > </beans>
> > > _______________________________________________
> > > Yale CAS mailing list
> > > [email protected]
> > > http://tp.its.yale.edu/mailman/listinfo/cas
> > >
> >
> >
> > --
> > Dmitry Kochelaev
> > eVelopers Corporation
> > _______________________________________________
> > Yale CAS mailing list
> > [email protected]
> > http://tp.its.yale.edu/mailman/listinfo/cas
> >
> _______________________________________________
> Yale CAS mailing list
> [email protected]
> http://tp.its.yale.edu/mailman/listinfo/cas
>
--
Dmitry Kochelaev
eVelopers Corporation
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
