[cas-user] CAS 6.2 Monitoring and Statistics
We are trying to get the /status /health endpoints to work on the CAS 6.2
main branch following this guide:
https://apereo.github.io/cas/development/monitoring/Monitoring-Statistics.html
We have this in our pom.xml:
implementation
"org.apereo.cas:cas-server-support-reports:${project.'cas.version'}"
Our cas.properties has:
#settings for monitoring and statistics
spring.boot.admin.url=https://cas6test.go.utah.edu:8444
spring.boot.admin.client.managementUrl=${cas.server.prefix}/status
management.endpoints.web.exposure.include=*
management.endpoints.enabled-by-default=true
cas.monitor.endpoints.endpoint.defaults.access=AUTHENTICATED
spring.security.user.name=casuser
spring.security.user.password=Mellon
I don't see port 8444 open using:
netstat -tulpn | grep LISTEN
In catalina.out I see:
22-Jun-2020 10:53:21.601 WARNING
[AsyncReporter{org.springframework.cloud.sleuth.zipkin2.sender.RestTemplateSender@1063035f}]
zipkin2.reporter.AsyncReporter$BoundedAsyncReporter.flush Dropped 2 spans
due to ResourceAccessException(I/O error on POST request for "
http://localhost:9411/api/v2/spans": Connection refused (Connection
refused); nested exception is java.net.ConnectException: Connection refused
(Connection refused))
org.springframework.web.client.ResourceAccessException: I/O error
on POST request for "http://localhost:9411/api/v2/spans": Connection
refused (Connection refused); nested exception is
java.net.ConnectException: Connection refused (Connection refused)
at
org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:751)
at
org.springframework.cloud.sleuth.zipkin2.sender.ZipkinRestTemplateWrapper.doExecute(ZipkinRestTemplateSenderConfiguration.java:228)
at
org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:644)
Any hints or clues? We need this as it seems to be a prerequisite for:
https://apereo.github.io/cas/6.0.x/monitoring/Configuring-Monitoring-Administration.html#configuration
Thanks,
Bryan
University of Utah
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAG9x2GWtaRwDPbMP%2B%3D6Lmpu9BHbjJNV__BJiMfguav0%2BdaGS8w%40mail.gmail.com.
Re: [cas-user] Re: Issue with cas 6 password managenment
Hi Arti,
How are you proceeding with ldap password management. Please involve me as
well as I want to incorporate this in my application.
Thanks and Regards
On Sat, Jun 20, 2020 at 9:59 AM arti wavale wrote:
> can you explain me, how implemented password management in cas 5.2 and can
> share cas.properties file and which dependency are you used in pox.xml file?
>
> On Tuesday, November 20, 2018 at 10:33:06 PM UTC+5:30, MD. Fazla Rabby
> wrote:
>>
>> We are already using CAS5.2 and password management working fine. But for
>> CAS version 6 we are getting the ldap referral error
>> "java.security.cert.CertificateException: Hostname does not match the
>> hostname in the server's certificate site:stackoverflow.com"
>> How to get around with this
>>
>> This is my cas.properties
>>
>>
>>
>> cas.authn.pm.enabled=true
>> cas.authn.pm.policyPattern=^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9
>> ])(?=.*?[#?!@$%~()_{}-]).{8,}$
>> cas.authn.pm.reset.text=Reset your password with this link: %s
>> cas.authn.pm.reset.subject=Password Reset Request
>> cas.authn.pm.reset.from=myemail.mydomain.com
>>
>>
>> #password reset expiry is set to 1 day equivalent minutes
>> cas.authn.pm.reset.expirationMinutes=1440
>> cas.authn.pm.reset.emailAttribute=secondaryEmail
>> cas.authn.pm.reset.securityQuestionsEnabled=true
>>
>> # Automatically log in after successful password change
>> cas.authn.pm.autoLogin=false
>>
>> # Used to sign/encrypt the password-reset link
>> cas.authn.pm.reset.crypto.encryption.key=asdasdasdasdasdasdasdasdasdasd
>> cas.authn.pm.reset.crypto.signing.key
>> =asdasdasasdasdasdasdadsadasdasdasdasd
>> cas.authn.pm.reset.crypto.enabled=true
>>
>>
>> #Email Submissions
>>
>> spring.mail.host=smtp.office365.com
>> spring.mail.port=587
>> spring.mail.username=mye...@email.com
>> spring.mail.password=pass
>> spring.mail.testConnection=true
>> spring.mail.properties.mail.smtp.auth=true
>> spring.mail.properties.mail.smtp.starttls.enable=true
>>
>> #
>> ##LDAP Password management
>> #
>> cas.authn.pm.ldap.type=AD
>> #
>> cas.authn.pm.ldap.ldapUrl=ldaps://myldap:636
>> cas.authn.pm.ldap.useSsl=true
>> cas.authn.pm.ldap.useStartTls=false
>> cas.authn.pm.ldap.connectTimeout=5
>> cas.authn.pm.ldap.baseDn=DC=xx,DC=xx,DC=xx,DC=xx
>> cas.authn.pm.ldap.searchFilter=cn={user}
>> cas.authn.pm.ldap.subtreeSearch=true
>> cas.authn.pm.ldap.bindDn=CN=xx,OU=xx,DC=xx,DC=xx,DC=xx,DC=xx
>> cas.authn.pm.ldap.bindCredential=pass
>> # cas.authn.pm.ldap.connectionStrategy=
>> cas.authn.pm.ldap.trustCertificates=file:/etc/cas/myldap.cer
>> ## cas.authn.pm.ldap.keystore=
>> ## cas.authn.pm.ldap.keystorePassword=
>> ## cas.authn.pm.ldap.keystoreType=JKS|JCEKS|PKCS12
>> cas.authn.pm.ldap.poolPassivator=BIND
>> cas.authn.pm.ldap.minPoolSize=3
>> cas.authn.pm.ldap.maxPoolSize=10
>> cas.authn.pm.ldap.validateOnCheckout=true
>> cas.authn.pm.ldap.validatePeriodically=true
>> cas.authn.pm.ldap.validatePeriod=600
>> cas.authn.pm.ldap.validateTimeout=5000
>> cas.authn.pm.ldap.failFast=true
>> cas.authn.pm.ldap.idleTime=500
>> cas.authn.pm.ldap.prunePeriod=600
>> cas.authn.pm.ldap.blockWaitTime=5000
>>
>> ##cas.authn.pm.ldap.providerClass=org.ldaptive.provider.unboundid.UnboundIDProvider
>> #
>> ## Attributes that should be fetched to indicate security questions and
>> answers,
>> ## assuming security questions are enabled.
>> cas.authn.pm.ldap.securityQuestionsAttributes.attributeQuestion1
>> =attributeAnswer1
>> cas.authn.pm.ldap.securityQuestionsAttributes.attributeQuestion2
>> =attributeAnswer2
>> cas.authn.pm.ldap.securityQuestionsAttributes.attrQuestion3=
>> attributeAnswer2
>> #
>> cas.authn.pm.ldap.validator.type=SEARCH
>> cas.authn.pm.ldap.validator.baseDn=DC=xx,DC=xx,DC=xx,DC=xx
>> ##cas.authn.pm.ldap.validator.searchFilter=(objectClass=*)
>> cas.authn.pm.ldap.validator.scope=SUBTREE
>>
>>
>> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/1d2b5ab2-a319-47b7-a802-be92b1008802o%40apereo.org
>
> .
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/a
Re: [cas-user] CAS 6.2 Monitoring and Statistics
Hi Bryan,
Are you using SpringBoot Admin Server?
Here is how we have monitoring configured without SpringBoot Admin Server:
## Management/Monitoring Settings ##
# Blog post:
https://apereo.github.io/2018/11/06/cas6-admin-endpoints-security/
# And https://apereo.github.io/2019/02/07/cas61-healthstatus-springboot/
management.endpoints.enabled-by-default= true
management.endpoints.defaults.sensitive= false
management.endpoints.web.base-path= /actuator
management.endpoints.web.exposure.include=
info,health,status,registeredServices
management.server.add-application-context-header= false
management.endpoint.health.enabled= true
management.endpoint.health.show-details= always
management.endpoint.info.enabled= true
management.endpoint.status.enabled= true
management.endpoint.registeredServices.enabled= true
# basic auth to health and info used for ecs health check
cas.monitor.endpoints.endpoint.health.access=AUTHENTICATED
cas.monitor.endpoints.endpoint.info.access=AUTHENTICATED
cas.monitor.endpoints.endpoint.registeredServices.access=AUTHENTICATED
spring.security.user.name=${spring_security_user_name}
spring.security.user.password=${spring_security_user_password}
The monitoring endpoints do not listen on a different port, they are all
part of the same application.
Take a look at the linked blog posts in the code block also.
Hope this helps!
On Mon, Jun 22, 2020 at 12:13 PM Bryan Wooten wrote:
> We are trying to get the /status /health endpoints to work on the CAS 6.2
> main branch following this guide:
>
>
> https://apereo.github.io/cas/development/monitoring/Monitoring-Statistics.html
>
> We have this in our pom.xml:
>
> implementation
> "org.apereo.cas:cas-server-support-reports:${project.'cas.version'}"
>
> Our cas.properties has:
> #settings for monitoring and statistics
> spring.boot.admin.url=https://cas6test.go.utah.edu:8444
> spring.boot.admin.client.managementUrl=${cas.server.prefix}/status
>
> management.endpoints.web.exposure.include=*
> management.endpoints.enabled-by-default=true
> cas.monitor.endpoints.endpoint.defaults.access=AUTHENTICATED
>
> spring.security.user.name=casuser
> spring.security.user.password=Mellon
>
> I don't see port 8444 open using:
> netstat -tulpn | grep LISTEN
>
> In catalina.out I see:
>
> 22-Jun-2020 10:53:21.601 WARNING
> [AsyncReporter{org.springframework.cloud.sleuth.zipkin2.sender.RestTemplateSender@1063035f}]
> zipkin2.reporter.AsyncReporter$BoundedAsyncReporter.flush Dropped 2 spans
> due to ResourceAccessException(I/O error on POST request for "
> http://localhost:9411/api/v2/spans": Connection refused (Connection
> refused); nested exception is java.net.ConnectException: Connection
> refused (Connection refused))
>
> org.springframework.web.client.ResourceAccessException: I/O error
> on POST request for "http://localhost:9411/api/v2/spans": Connection
> refused (Connection refused); nested exception is
> java.net.ConnectException: Connection refused (Connection refused)
>
> at
> org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:751)
>
> at
> org.springframework.cloud.sleuth.zipkin2.sender.ZipkinRestTemplateWrapper.doExecute(ZipkinRestTemplateSenderConfiguration.java:228)
>
> at
> org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:644)
>
> Any hints or clues? We need this as it seems to be a prerequisite for:
>
>
> https://apereo.github.io/cas/6.0.x/monitoring/Configuring-Monitoring-Administration.html#configuration
>
>
> Thanks,
>
> Bryan
>
> University of Utah
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAG9x2GWtaRwDPbMP%2B%3D6Lmpu9BHbjJNV__BJiMfguav0%2BdaGS8w%40mail.gmail.com
>
> .
>
--
Robert Bond
Network Administrator
(918) 444-5886
Northeastern State University
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAOA9z6ofm%3DyKbh5%2BePfczJv%2BkAoiXDi4dbDxxE0HeZjChMNT5g%40
Re: [cas-user] Re: Issue with cas 6 password managenment
Hey Arti,
Can u share your number. I have some doubts.
Vikash Chandra
+918567019627
On Tue 23 Jun, 2020, 11:14 arti wavale, wrote:
> All detail information provided in a document . Please find the attachment
>
> I am facing error such as "could not update the account password "
>
> If anyone can help to resolve this issue
>
>
> -
>
> *Pom.xml:*
> org.apereo.cas
> cas-server-support-pm-ldap
> ${cas.version}
>
>
>
>
>
>
>
>
>
>
> *cas.properties:*
>
>
> cas.authn.accept.users= cas.authn.ldap[0].order=0 cas.authn.ldap[0].name=LDAP
> Server cas.authn.ldap[0].type=AUTHENTICATED
> cas.authn.ldap[0].ldapUrl=ldap://localhost cas.authn.ldap[0].useSsl=false
> cas.authn.ldap[0].useStartTls=false cas.authn.ldap[0].connectTimeout=5
> cas.authn.ldap[0].subtreeSearch=true cas.authn.ldap[0].validatePeriod=270
> cas.authn.ldap[0].userFilter=cn={user}
> #cas.authn.ldap[0].userFilter=(|(uid={user})(cn={user})(mail={user}))
> cas.authn.ldap[0].baseDn=dc=example,dc=com
> #cas.authn.ldap[0].enhanceWithEntryResolver=true
> #cas.authn.ldap[0].dnFormat:cn=%s,cn=admin,dc=example,dc=com
> cas.authn.ldap[0].bindDn=cn=admin,dc=example,dc=com
> cas.authn.ldap[0].bindCredential=administrator
> cas.authn.ldap[0].enhanceWithEntryResolver=true
> cas.authn.ldap[0].dnFormat:cn=%s,cn=admin,dc=example,dc=com
> cas.authn.ldap[0].principalAttributeList=memberOf,uid,cn,mail
> cas.authn.ldap[0].collectDnAttribute=false
>
>
> cas.authn.ldap[0].principalAttributeId=cncas.authn.ldap[0].principalAttributePassword=userPassword#
> attributes to be retrieved from LDAP
> userPassword#cas.authn.ldap[0].principalAttributeList=uid,cn,mail#cas.authn.ldap[0].collectDnAttribute=falsecas.authn.ldap[0].principalDnAttributeName=principalLdapDncas.authn.ldap[0].allowMultiplePrincipalAttributeValues=truecas.authn.ldap[0].allowMissingPrincipalAttributeValue=true#
> cas.authn.ldap[0].credentialCriteria=# LDAP Password Encoding#
> cas.authn.ldap[0].passwordEncoder.type=#
> cas.authn.ldap[0].passwordEncoder.characterEncoding=UTF-8#
> cas.authn.ldap[0].passwordEncoder.encodingAlgorithm=SHA# LDAP
> Poolingcas.authn.ldap[0].minPoolSize=3cas.authn.ldap[0].maxPoolSize=50cas.authn.ldap[0].validateOnCheckout=truecas.authn.ldap[0].validatePeriodically=truecas.authn.ldap[0].validatePeriod=600cas.authn.ldap[0].failFast=truecas.authn.ldap[0].idleTime=5000cas.authn.ldap[0].prunePeriod=5000cas.authn.ldap[0].blockWaitTime=5000
> cas.authn.ldap[0].providerClass=org.ldaptive.provider.unboundid.UnboundIDProvidercas.authn.ldap[0].allowMultipleDns=false
>
>
>
>
> #Password Management
> spring.mail.host=mail.technology.comspring.mail.port=587spring.mail.username=x...@technology.comspring.mail.password=xxspring.mail.testConnection=truespring.mail.properties.mail.smtp.auth=truespring.mail.properties.mail.smtp.starttls.enable=true
>
>
>
>
>
>
>
>
>
> cas.authn.pm.enabled=true#cas.authn.pm.policyPattern=^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])(?=.*?[#?!@$%~()_{}-]).{8,}$
> #cas.authn.pm.reset.text=password reset:%scas.authn.pm.reset.text=Reset your
> password with this link: %s#cas.authn.pm.reset.subject=armor password
> resetcas.authn.pm.reset.subject=Password Reset
> Requestcas.authn.pm.reset.from=${spring.mail.username}cas.authn.pm.reset.expirationMinutes=10cas.authn.pm.reset.emailAttribute=mailcas.authn.pm.reset.securityQuestionsEnabled=falsecas.authn.pm.autoLogin=false
> cas.authn.pm.reset.crypto.encryption.key=cas.authn.pm.reset.crypto.signing.key=xxcas.authn.pm.reset.crypto.enabled=true
>
> #cas.authn.pm.enabled=truecas.authn.pm.ldap.type=GENERICcas.authn.pm.ldap.ldapUrl=${cas.authn.ldap[0].ldapUrl}cas.authn.pm.ldap.useSsl=falsecas.authn.pm.ldap.connectTimeout=5000cas.authn.pm.ldap.baseDn=${cas.authn.ldap[0].baseDn}cas.authn.pm.ldap.userFilter=${cas.authn.ldap[0].userFilter}cas.authn.pm.ldap.subtreeSearch=truecas.authn.pm.ldap.bindDn=cn=admin,dc=example,dc=comcas.authn.pm.ldap.bindCredential=administratorcas.authn.pm.ldap.poolPassivator=BINDcas.authn.pm.ldap.minPoolSize=3cas.authn.pm.ldap.maxPoolSize=10cas.authn.pm.ldap.validateOnCheckout=truecas.authn.pm.ldap.validatePeriodically=truecas.authn.pm.ldap.validatePeriod=600cas.authn.pm.ldap.validateTimeout=5000cas.authn.pm.ldap.failFast=true
>
>
>
>
>
>
>
>
>
> cas.authn.pm.ldap.idleTime=500cas.authn.pm.ldap.prunePeriod=600cas.authn.pm.ldap.blockWaitTime=5000cas.authn.pm.ldap.providerClass=org.ldaptive.provider.unboundid.UnboundIDProvider
> #validatorcas.authn.pm.ldap.validator.type=SEARCHcas.authn.pm.ldap.validator.baseDn=dc=example,dc=com#cas.authn.pm.ldap.validator.searchFilter=(objectClass=*)cas.authn.pm.ldap.validator.scope=SUBTREE
>
> ---
>
>
>
> Thanks and Regards
> Arti
>
>
>
>
> On Monday, Ju
Re: [cas-user] Re: Issue with cas 6 password managenment
@Arthi,
Have you included "cas.authn.pm.ldap.searchFilter=cn={user}" in
cas.properties?, and you should enable debug mode in both CAS and LDAP
server side and check both logs to get more detail.
On Tuesday, June 23, 2020 at 11:14:12 AM UTC+5:30, arti wavale wrote:
>
> All detail information provided in a document . Please find the attachment
>
> I am facing error such as "could not update the account password "
>
> If anyone can help to resolve this issue
>
>
> -
>
> *Pom.xml:*
> org.apereo.cas
> cas-server-support-pm-ldap
> ${cas.version}
>
>
>
>
>
>
>
>
>
>
> *cas.properties:*
>
>
> cas.authn.accept.users= cas.authn.ldap[0].order=0 cas.authn.ldap[0].name=LDAP
> Server cas.authn.ldap[0].type=AUTHENTICATED
> cas.authn.ldap[0].ldapUrl=ldap://localhost cas.authn.ldap[0].useSsl=false
> cas.authn.ldap[0].useStartTls=false cas.authn.ldap[0].connectTimeout=5
> cas.authn.ldap[0].subtreeSearch=true cas.authn.ldap[0].validatePeriod=270
> cas.authn.ldap[0].userFilter=cn={user}
> #cas.authn.ldap[0].userFilter=(|(uid={user})(cn={user})(mail={user}))
> cas.authn.ldap[0].baseDn=dc=example,dc=com
> #cas.authn.ldap[0].enhanceWithEntryResolver=true
> #cas.authn.ldap[0].dnFormat:cn=%s,cn=admin,dc=example,dc=com
> cas.authn.ldap[0].bindDn=cn=admin,dc=example,dc=com
> cas.authn.ldap[0].bindCredential=administrator
> cas.authn.ldap[0].enhanceWithEntryResolver=true
> cas.authn.ldap[0].dnFormat:cn=%s,cn=admin,dc=example,dc=com
> cas.authn.ldap[0].principalAttributeList=memberOf,uid,cn,mail
> cas.authn.ldap[0].collectDnAttribute=false
>
>
> cas.authn.ldap[0].principalAttributeId=cncas.authn.ldap[0].principalAttributePassword=userPassword#
> attributes to be retrieved from LDAP
> userPassword#cas.authn.ldap[0].principalAttributeList=uid,cn,mail#cas.authn.ldap[0].collectDnAttribute=falsecas.authn.ldap[0].principalDnAttributeName=principalLdapDncas.authn.ldap[0].allowMultiplePrincipalAttributeValues=truecas.authn.ldap[0].allowMissingPrincipalAttributeValue=true#
> cas.authn.ldap[0].credentialCriteria=# LDAP Password Encoding#
> cas.authn.ldap[0].passwordEncoder.type=#
> cas.authn.ldap[0].passwordEncoder.characterEncoding=UTF-8#
> cas.authn.ldap[0].passwordEncoder.encodingAlgorithm=SHA# LDAP
> Poolingcas.authn.ldap[0].minPoolSize=3cas.authn.ldap[0].maxPoolSize=50cas.authn.ldap[0].validateOnCheckout=truecas.authn.ldap[0].validatePeriodically=truecas.authn.ldap[0].validatePeriod=600cas.authn.ldap[0].failFast=truecas.authn.ldap[0].idleTime=5000cas.authn.ldap[0].prunePeriod=5000cas.authn.ldap[0].blockWaitTime=5000
> cas.authn.ldap[0].providerClass=org.ldaptive.provider.unboundid.UnboundIDProvidercas.authn.ldap[0].allowMultipleDns=false
>
>
>
>
> #Password Management
> spring.mail.host=mail.technology.comspring.mail.port=587spring.mail.username=x...@technology.com
>
> spring.mail.password=xxspring.mail.testConnection=truespring.mail.properties.mail.smtp.auth=truespring.mail.properties.mail.smtp.starttls.enable=true
>
>
>
>
>
>
>
>
>
> cas.authn.pm.enabled=true#cas.authn.pm.policyPattern=^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])(?=.*?[#?!@$%~()_{}-]).{8,}$
> #cas.authn.pm.reset.text=password reset:%scas.authn.pm.reset.text=Reset your
> password with this link: %s#cas.authn.pm.reset.subject=armor password
> resetcas.authn.pm.reset.subject=Password Reset
> Requestcas.authn.pm.reset.from=${spring.mail.username}cas.authn.pm.reset.expirationMinutes=10cas.authn.pm.reset.emailAttribute=mailcas.authn.pm.reset.securityQuestionsEnabled=falsecas.authn.pm.autoLogin=false
> cas.authn.pm.reset.crypto.encryption.key=cas.authn.pm.reset.crypto.signing.key=xxcas.authn.pm.reset.crypto.enabled=true
>
> #cas.authn.pm.enabled=truecas.authn.pm.ldap.type=GENERICcas.authn.pm.ldap.ldapUrl=${cas.authn.ldap[0].ldapUrl}cas.authn.pm.ldap.useSsl=falsecas.authn.pm.ldap.connectTimeout=5000cas.authn.pm.ldap.baseDn=${cas.authn.ldap[0].baseDn}cas.authn.pm.ldap.userFilter=${cas.authn.ldap[0].userFilter}cas.authn.pm.ldap.subtreeSearch=truecas.authn.pm.ldap.bindDn=cn=admin,dc=example,dc=comcas.authn.pm.ldap.bindCredential=administratorcas.authn.pm.ldap.poolPassivator=BINDcas.authn.pm.ldap.minPoolSize=3cas.authn.pm.ldap.maxPoolSize=10cas.authn.pm.ldap.validateOnCheckout=truecas.authn.pm.ldap.validatePeriodically=truecas.authn.pm.ldap.validatePeriod=600cas.authn.pm.ldap.validateTimeout=5000cas.authn.pm.ldap.failFast=true
>
>
>
>
>
>
>
>
>
> cas.authn.pm.ldap.idleTime=500cas.authn.pm.ldap.prunePeriod=600cas.authn.pm.ldap.blockWaitTime=5000cas.authn.pm.ldap.providerClass=org.ldaptive.provider.unboundid.UnboundIDProvider
> #validatorcas.authn.pm.ldap.validator.type=SEARCHcas.authn.pm.ldap.validator.baseDn=dc=example,dc=com#cas.authn.pm.ldap.validator.searchFilter=(objectClass=*)cas.authn.p
