Hi, In your log file there should be a root exception that tells you what is actually going on.
-Scott On 8/31/07, Virgi Fdez Satorre <[EMAIL PROTECTED]> wrote: > > > Hi all > > have a problem with CAS and LDAP... > > My web browser displays : > > > *type* Informe de Excepción > *mensaje* ** > *descripción* *El servidor encontró un error interno () que hizo que no > pudiera rellenar este requerimiento.* > *excepción* > > org.springframework.context.ApplicationContextException: Unable to initialize > application context. > > org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:117) > > > *nota* *La traza completa de la causa de este error se encuentra en los > archivos de diario de Apache Tomcat/5.5.23.* > ** > I have read the forum... > I have tried to start cas with SSL (with the certificated)... > > %JAVA_HOME%\bin\keytool -delete -alias tomcat -keypass changeit > %JAVA_HOME%\bin\keytool -genkey -alias tomcat -keypass changeit -keyalg > RSA > %JAVA_HOME%\bin\keytool -export -alias tomcat -keypass changeit -file > %FILE_NAME% > %JAVA_HOME%\bin\keytool -import -file server.crt -keypass changeit > -keystore %JAVA_HOME%/jre/lib/security/cacerts > %JAVA_HOME%\bin\keytool -import -file server.crt -keypass changeit > > > without SSL : > > 1. In the cas-servlet.xml, the two cookie generators need the "secure" > property set to false. > 2. If you plan on doing proxy callback to clients without SSL, the > HttpBasedServiceCredentialsAuthenticationHandler needs to be configured to > allow non-https urls. Its a property on the handler. > I have added all libraries > > and my deployerConfigContext.xml : > > > <?xml version="1.0" encoding="UTF-8"?> > > <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" " > http://www.springframework.org/dtd/spring-beans.dtd";> > > <!-- > > | deployerConfigContext.xml centralizes into one file some of the > declarative configuration that > > | all CAS deployers will need to modify. > > | > > | This file declares some of the Spring-managed JavaBeans that make up a > CAS deployment. > > | The beans declared in this file are instantiated at context > initialization time by the Spring > > | ContextLoaderListener declared in web.xml. It finds this file because > this > > | file is among those declared in the context parameter > "contextConfigLocation". > > | > > | By far the most common change you will need to make in this file is to > change the last bean > > | declaration to replace the default > SimpleTestUsernamePasswordAuthenticationHandler with > > | one implementing your approach for authenticating usernames and > passwords. > > +--> > > <beans> > > <!-- > > | This bean declares our AuthenticationManager. The > CentralAuthenticationService service bean > > | declared in applicationContext.xml picks up this AuthenticationManager > by reference to its id, > > | "authenticationManager". Most deployers will be able to use the default > AuthenticationManager > > | implementation and so do not need to change the class of this bean. We > include the whole > > | AuthenticationManager here in the userConfigContext.xml so that you can > see the things you will > > | need to change in context. > > +--> > > <bean id="authenticationManager" > > class="org.jasig.cas.authentication.AuthenticationManagerImpl"> > > <!-- > > | This is the List of CredentialToPrincipalResolvers that identify what > Principal is trying to authenticate. > > | The AuthenticationManagerImpl considers them in order, finding a > CredentialToPrincipalResolver which > > | supports the presented credentials. > > | > > | AuthenticationManagerImpl uses these resolvers for two purposes. First, > it uses them to identify the Principal > > | attempting to authenticate to CAS /login . In the default configuration, > it is the DefaultCredentialsToPrincipalResolver > > | that fills this role. If you are using some other kind of credentials > than UsernamePasswordCredentials, you will need to replace > > | DefaultCredentialsToPrincipalResolver with a > CredentialsToPrincipalResolver that supports the credentials you are > > | using. > > | > > | Second, AuthenticationManagerImpl uses these resolvers to identify a > service requesting a proxy granting ticket. > > | In the default configuration, it is the > HttpBasedServiceCredentialsToPrincipalResolver that serves this purpose. > > | You will need to change this list if you are identifying services by > something more or other than their callback URL. > > +--> > > <property name="credentialsToPrincipalResolvers"> > > <list> > > <!-- > > | UsernamePasswordCredentialsToPrincipalResolver supports the > UsernamePasswordCredentials that we use for /login > > | by default and produces SimplePrincipal instances conveying the username > from the credentials. > > | > > | If you've changed your LoginFormAction to use credentials other than > UsernamePasswordCredentials then you will also > > | need to change this bean declaration (or add additional declarations) to > declare a CredentialsToPrincipalResolver that supports the > > | Credentials you are using. > > +--> > > <bean > > class=" > org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" > /> > > <!-- > > | HttpBasedServiceCredentialsToPrincipalResolver supports > HttpBasedCredentials. It supports the CAS 2.0 approach of > > | authenticating services by SSL callback, extracting the callback URL > from the Credentials and representing it as a > > | SimpleService identified by that callback URL. > > | > > | If you are representing services by something more or other than an > HTTPS URL whereat they are able to > > | receive a proxy callback, you will need to change this bean declaration > (or add additional declarations). > > +--> > > <bean > > class=" > org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver" > /> > > </list> > > </property> > > <!-- > > | Whereas CredentialsToPrincipalResolvers identify who it is some > Credentials might authenticate, > > | AuthenticationHandlers actually authenticate credentials. Here we > declare the AuthenticationHandlers that > > | authenticate the Principals that the CredentialsToPrincipalResolvers > identified. CAS will try these handlers in turn > > | until it finds one that both supports the Credentials presented and > succeeds in authenticating. > > +--> > > > > > > > > <!-- NUEVA MODIFICACION > > LDAP search-and-bind authentication > > This method first searches the user.s node in the directory. When it finds > the user it attemps to do a bind with the user.s node DN that resulted > from the search and the password from the user's submitted credentials. Note > that for this method you will need a special user that is allowed to search > the directory (OR allow anonymous access to search the directory). > > To configure this CAS AuthenticationHandler, open the > ${project.home}/webapp/WEB-INF/deployerConfigContext.xml > and edit the authenticationHandlers property list to make it look like this: > > > > > ANADIDO PARA LA INTEGRACION CON LDAP --> > > <property name="authenticationHandlers"> > > <list> > > <!-- > > | This is the authentication handler that authenticates services by means > of callback via SSL, thereby validating > > | a server side SSL certificate. > > +--> > > <bean > > class=" > org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler" > /> > > <property name="httpClient" ref="httpClient" /> > > </bean> > > <!-- > > | This is the authentication handler declaration that every CAS deployer > will need to change before deploying CAS > > | into production. > > | With this configuration you.ll be using LDAP search-and-bind > authentication. > > +--> > > <bean > > class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler" > > > <property name="filter" value="uid=%" /> > > <property name="searchBase" value="ou=people,dc=rutgers,dc=edu" /> > > <property name="contextSource" ref="contextSource" /> > > </bean> > > </list> > > </property> > > </bean> > > <!-- NUEVA MODIFICACION > > The filter property is the LDAP filter that will be used for the search. > The "%u" will be replaced by the userName from the credentials. > > The search base is the node in the directory from where the search will be > performed. > > > > The contextSource property is a reference in this example. The > contextSource property is a reference in this example. This means you should > define another bean in the top level list of beans (add it at the bottom of > the same file, right before the </beans> tag), here's an example. > > --> > > > > <bean id="contextSource" class=" > org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource"> > > <!--<property name="authenticatedReadOnly" value="true" />--> > > <property name="anonymousReadOnly" value="false"/> > > <property name="pooled" value="true" /> > > <property name="userName" value="username" /> > > <property name="password" value="secret" /> > > <property name="urls" value="ldap://192.168.45.217:389"; /> > > <!-- <list> > > <value>ldap://192.168.45.217:389/</value> > > </list> --> > > <property name="baseEnvironmentProperties"> > > <map> > > <entry> > > <key><value>java.naming.security.authentication</value></key> > > <value>simple</value> > > </entry> > > </map> > > </property> > > </bean> > > </beans> > > Can you help me? (sorry my english is very bad) > > Thanks !! > > > ** > > ------------------------------ > Llama a tus amigos de PC a PC: ¡Es GRATIS! > Pruébalo<http://get.live.com/messenger/overview> > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > > -- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
