[cas-user] Re: CAS Management overlay run failed - Error creating bean with name 'servicesManager'

[Iñigo Jiménez]

The exact same thing happened to me.

I am unable since a few days ago to do the docker compose of the image.

I have tried everything, download again the docker with the CAS 
Initializer, update the references and I have not achieved any progress.

Please someone to give us a hand please?

This is exactly the error I get:

mgmt-1  | 2024-07-02 12:55:28,633 TRACE 
[org.apereo.cas.config.CasCoreServicesConfiguration] - 
mgmt-1  | 2024-07-02 12:55:28,633 TRACE 
[org.apereo.cas.services.DefaultServiceRegistryExecutionPlan] - 

mgmt-1  | 2024-07-02 12:55:28,694 WARN 
[org.springframework.boot.web.servlet.context.AnnotationConfigServletWebServerApplicationContext]
 
- 
mgmt-1  | 2024-07-02 12:55:28,694 TRACE 
[org.apereo.cas.util.io.PathWatcherService] - 
mgmt-1  | 2024-07-02 12:55:28,696 TRACE 
[org.apereo.cas.util.io.PathWatcherService] - 
mgmt-1  | 2024-07-02 12:55:28,705 TRACE 
[org.apereo.cas.util.io.PathWatcherService] - 
mgmt-1  | java.nio.file.ClosedWatchServiceException: null
mgmt-1  | at 
java.base/sun.nio.fs.AbstractWatchService.checkOpen(AbstractWatchService.java:80)
 
~[?:?]
mgmt-1  | at 
java.base/sun.nio.fs.AbstractWatchService.checkKey(AbstractWatchService.java:92)
 
~[?:?]
mgmt-1  | at 
java.base/sun.nio.fs.AbstractWatchService.take(AbstractWatchService.java:119) 
~[?:?]
mgmt-1  | at 
org.apereo.cas.util.io.PathWatcherService.run(PathWatcherService.java:72) 
~[cas-server-core-util-api-7.0.5.1.jar!/:7.0.5.1]
mgmt-1  | at java.base/java.lang.VirtualThread.run(VirtualThread.java:309) 
~[?:?]
mgmt-1  | 2024-07-02 12:55:28,742 INFO 
[org.springframework.boot.autoconfigure.logging.ConditionEvaluationReportLogger]
 
- <
mgmt-1  | 
mgmt-1  | Error starting ApplicationContext. To display the condition 
evaluation report re-run your application with 'debug' enabled.>
mgmt-1  | 2024-07-02 12:55:28,800 ERROR 
[org.springframework.boot.SpringApplication] - 
mgmt-1  | org.springframework.beans.factory.BeanCreationException: Error 
creating bean with name 'servicesManager' defined in class path resource 
[org/apereo/cas/mgmt/config/CasManagementCoreServicesConfiguration.class]: 
Failed to instantiate [org.apereo.cas.services.ChainingServicesManager]: 
Factory method 'servicesManager' threw exception with message: 
casProperties is marked non-null but is null
mgmt-1  | at 
org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:648)
 
~[spring-beans-6.1.6.jar!/:6.1.6]
mgmt-1  | at 
org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:636)
 
~[spring-beans-6.1.6.jar!/:6.1.6]
mgmt-1  | at 
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1335)
 
~[spring-beans-6.1.6.jar!/:6.1.6]
mgmt-1  | at 
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1165)
 
~[spring-beans-6.1.6.jar!/:6.1.6]
mgmt-1  | at 
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:562)
 
~[spring-beans-6.1.6.jar!/:6.1.6]
mgmt-1  | at 
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:522)
 
~[spring-beans-6.1.6.jar!/:6.1.6]
mgmt-1  | at 
org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:326)
 
~[spring-beans-6.1.6.jar!/:6.1.6]
mgmt-1  | at 
org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234)
 
~[spring-beans-6.1.6.jar!/:6.1.6]
mgmt-1  | at 
org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:324)
 
~[spring-beans-6.1.6.jar!/:6.1.6]
mgmt-1  | at 
org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:200)
 
~[spring-beans-6.1.6.jar!/:6.1.6]
mgmt-1  | at 
org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:975)
 
~[spring-beans-6.1.6.jar!/:6.1.6]
mgmt-1  | at 
org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:962)
 
~[spring-context-6.1.6.jar!/:6.1.6]
mgmt-1  | at 
org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:624)
 
~[spring-context-6.1.6.jar!/:6.1.6]
mgmt-1  | at 
org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:146)
 
~[spring-boot-3.2.5.jar!/:3.2.5]
mgmt-1  | at 
org.springframework.boot.SpringApplication.refresh(SpringApplication.java:754) 
~[spring-boot-3.2.5.jar!/:3.2.5]
mgmt-1  | at 
org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:456)
 
~[spring-boot-3.2.5.jar!/:3.2.5]
mgmt-1  |

[cas-user] Re: CAS management (with MongoDB as service registry) delay on showing changes to configurations

['martin....@springer.com' via CAS Community]

Hi Luis,

This is a known behavior, it seems CAS management is also using the 
scheduled reloading of all service definitions just like CAS server itself. 
The effect at CAS management is, that changes are not immediately reflected 
in the GUI. You may try the reload button to see the changes.

Other than that, feel invited to improve the CAS management GUI any time by 
creating PRs at https://github.com/apereo/cas-management.

Regards

Martin

On Friday, May 10, 2024 at 11:40:05 AM UTC+2 Luís Costa wrote:

> CAS management (with MongoDB as service registry) delay on showing changes 
> to configurations
>
> Hello community,
>
>
> I’m having some problems related with CAS management web app and MongoDB 
> as Service Registry.
>
> I'm using CAs server 6.6.14, CAS management 6.6.4 and MongoDB 4.0.5.
>
> I also have other technologies involved, like docker and apache web server.
>
>
> One of the problems is related with saving configuration changes.
>
> Everytime I make changes to the configurations (eg CAS Services => Basics 
> => Description), those changes are not immediately reflected on CAS 
> management screens. After some debugging it seems that those changes take 
> some time (some seconds, a minute or more) to be reflected on CAS 
> management.
>
> I found no errors on MongoDB log, /var/log/mongod.log and on CAS 
> management log, with trace on several packages.
>
> It seems that this problem is related with MongoDB configurations, 
> technology which I don't know well.
>
> Initially I’ve tried to change CAS management documented configs 
> “cas.service-registry.mongo.read-concern=LINEARIZABLE” and 
> “cas.service-registry.mongo.write-concern=MAJORITY”, but it seems they are 
> ignored by MongoDB initialization code.
>
> Then I tried to force Read Concern config and Write Concern config on the 
> connection string, like this, 
> “mongodb://:@mongodb:/?readConcernLevel=linearizable&w=majority&wtimeoutMS=5000”,
>  
> hoping to prioritize data consistency over performance. This configuration 
> seems to be applied, but the delay behaviour keeps happening.
>
>
> This may be more a MongoDB question than a CAS question, but I ask if 
> someone had this problem.
>
>
> Kind Regards,
>
> Luís Costa
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/e092ec93-9ae9-426a-bb16-b87d7fffe433n%40apereo.org.

[cas-user] Re: CAS Management 6.6.4 run tasks failed with cas-server-ldap-support

[mohsen saeedi]

I checkout to version 6.4 and run it successfully with same 
management.properties and same dependencies. 

But version 6.5 and 6.6 have return same error on tasks run:

2023-12-23 16:22:14,742 WARN 
[org.springframework.boot.web.servlet.context.AnnotationConfigServletWebServerApplicationContext]
 
- 
2023-12-23 16:22:19,896 ERROR 
[org.springframework.boot.diagnostics.LoggingFailureAnalysisReporter] - <


On Saturday, December 23, 2023 at 5:27:20 PM UTC+3:30 mohsen saeedi wrote:

> I use Apereo CAS from 3.x version. I decide to switch from CAS 5.3.x to 
> 6.6.x. 
> We use multiple dependencies for our service such as LDAP. We don't have 
> any problem to build and run CAS 6.6.14 and we change all property from 
> 5.3.x to 6.6.14 and everything is working very well. 
>
> But for CAS Management we have one problem. after use ./gradlew run with 
> the below config we got a error like this. I think CAS management docs are 
> not updated according to 6.6.x version. Also they are very short. 
>
> 2023-12-23 16:22:14,742 WARN 
> [org.springframework.boot.web.servlet.context.AnnotationConfigServletWebServerApplicationContext]
>  
> -  attempt: org.springframework.beans.factory.UnsatisfiedDependencyException: 
> Error creating bean with name 
> 'ldapAuthenticationEventExecutionPlanConfigurer' defined in class path 
> resource 
> [org/apereo/cas/config/LdapAuthenticationConfiguration$LdapAuthenticationPlanConfiguration.class]:
>  
> Unsatisfied dependency expressed through method 
> 'ldapAuthenticationEventExecutionPlanConfigurer' parameter 1; nested 
> exception is 
> org.springframework.beans.factory.NoSuchBeanDefinitionException: No 
> qualifying bean of type 
> 'org.apereo.cas.authentication.principal.PrincipalResolver' available: 
> expected at least 1 bean which qualifies as autowire candidate. Dependency 
> annotations: 
> {@org.springframework.beans.factory.annotation.Qualifier(value="defaultPrincipalResolver")}>
> 2023-12-23 16:22:19,896 ERROR 
> [org.springframework.boot.diagnostics.LoggingFailureAnalysisReporter] - <
>
> ***
> APPLICATION FAILED TO START
> ***
>
> Description:
>
> Parameter 1 of method ldapAuthenticationEventExecutionPlanConfigurer in 
> org.apereo.cas.config.LdapAuthenticationConfiguration$LdapAuthenticationPlanConfiguration
>  
> required a bean of type 
> 'org.apereo.cas.authentication.principal.PrincipalResolver' that could not 
> be found.
>
> The injection point has the following annotations:
> - 
> @org.springframework.beans.factory.annotation.Qualifier(value="defaultPrincipalResolver")
>
>
> Action:
>
> Consider defining a bean of type 
> 'org.apereo.cas.authentication.principal.PrincipalResolver' in your 
> configuration.
> >
>
> > Task :run FAILED
>
> FAILURE: Build failed with an exception.
>
> Our CAS management config:
> cas.server.name=https://cas.mbsco.local:8443/
> cas.server.prefix=${cas.server.name}/cas
> server.port=8080
> mgmt.server-name=https://cas.mbsco.local:8080
> server.context-path=/cas-management
> mgmt.admin-roles[0]=ROLE_ADMIN
> mgmt.user-properties-file=classpath:user-details.properties
> logging.config=file:/etc/cas/config/log4j2-management.xml
> cas.service-registry.core.init-from-json=false
> cas.service-registry.json.location=file:/etc/cas/services
> cas.service-registry.jpa.health-query=SELECT 1 FROM 
> INFORMATION_SCHEMA.VIEWS
> cas.service-registry.jpa.url=jdbc:mariadb://127.0.0.1:3306/cas2
> cas.service-registry.jpa.user=root
> cas.service-registry.jpa.password=
> cas.service-registry.jpa.ddl-auto=create
> cas.service-registry.jpa.dialect=org.hibernate.dialect.MariaDBDialect
> cas.service-registry.jpa.leak-threshold=5
> cas.service-registry.jpa.autocommit=true
> cas.service-registry.jpa.driver-class=org.mariadb.jdbc.Driver
> cas.service-registry.jpa.pool.min-size=20
> cas.service-registry.jpa.pool.max-size=100
> cas.service-registry.jpa.pool.max-wait=1
> cas.service-registry.jpa.idle-timeout=5000
>
> mgmt.ldap.ldap-url=ldap://192.168.10.10
> mgmt.ldap.bind-dn=cn=manager,dc=example,dc=com
> mgmt.ldap.bind-credential=ldap_manager_password
> mgmt.ldap.use-start-tls=false
> mgmt.ldap.subtree-search=true
>
> mgmt.ldap.ldap-authz.allow-multiple-results=true
> mgmt.ldap.ldap-authz.base-dn=dc=example,dc=com
> mgmt.ldap.ldap-authz.group-attribute=cn
> mgmt.ldap.ldap-authz.group-filter=(memberUid={user})
> mgmt.ldap.ldap-authz.group-base-dn=dc=example,dc=com
> mgmt.ldap.ldap-authz.search-filter=(uid={user})
>
> And we added this dependencies:
>
> implementation "org.apereo.cas:cas-server-support-jpa-service-registry"
> implementation "org.apereo.cas:cas-server-support-ldap"
> implementation "org.apereo.cas:cas-server-support-jdbc-drivers"
>
>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Gro

[cas-user] Re: cas-management-gradle-overlay class path resource cannot be resolved

[fasr favk]

I'am facing the same error. Did you fix it ?

On Wednesday, August 18, 2021 at 1:15:17 AM UTC soli...@gmail.com wrote:

> I was trying to setup cas-management with 
> https://github.com/apereo/cas-management-gradle-overlay at branch 6.3.x, 
> ./gradlew run give me following warnning:
>
> 2021-08-18 09:03:29,028 INFO 
> [org.apereo.cas.configuration.DefaultCasConfigurationPropertiesSourceLocator] 
> -  the specific pat
> h>:run
> 2021-08-18 09:03:29,277 INFO 
> [org.apereo.cas.mgmt.web.CasManagementWebApplication] -  profiles are active: standalone>
> 2021-08-18 09:04:06,976 INFO 
> [org.springframework.boot.web.embedded.tomcat.TomcatWebServer] -  initialized with port(s): 8443 (https)>
> 2021-08-18 09:04:55,352 INFO 
> [org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext]
>  
> - 
> 2021-08-18 09:04:58,685 WARN 
> [org.apereo.cas.mgmt.web.CasManagementWebApplicationContext] -  encountered during context initialization - cancelling refresh attempt: 
> org.springframework.bea
> ns.factory.UnsatisfiedDependencyException: Error creating bean with name 
> 'org.springframework.boot.autoconfigure.web.servlet.WebMvcAutoConfiguration$EnableWebMvcConfiguration':
>  
> Unsatisfied dependenc
> y expressed through method 'setConfigurers' parameter 0; nested exception 
> is org.springframework.beans.factory.UnsatisfiedDependencyException: Error 
> creating bean with name 'casManagementWebAppConfi
> guration': Unsatisfied dependency expressed through field 
> 'authenticationClients'; nested exception is 
> org.springframework.beans.factory.BeanCreationException: Error creating 
> bean with name 'authent
> icationClients' defined in class path resource 
> [org/apereo/cas/mgmt/config/CasManagementAuthenticationConfiguration.class]: 
> Bean instantiation via factory method failed; nested exception is org.spri
> ngframework.beans.BeanInstantiationException: Failed to instantiate 
> [java.util.List]: Factory method 'authenticationClients' threw exception; 
> nested exception is org.springframework.beans.factory.Be
> anCreationException: Error creating bean with name 
> 'authorizationGenerator' defined in class path resource 
> [org/apereo/cas/mgmt/config/CasManagementAuthorizationConfiguration.class]: 
> Bean instantiat
> ion via factory method failed; nested exception is 
> org.springframework.beans.BeanInstantiationException: Failed to instantiate 
> [org.pac4j.core.authorization.generator.AuthorizationGenerator]: Factor
> y method 'authorizationGenerator' threw exception; nested exception is 
> org.springframework.beans.factory.BeanCreationException: Error creating 
> bean with name 'springSecurityPropertiesAuthorizationGe
> nerator' defined in class path resource 
> [org/apereo/cas/mgmt/config/CasManagementAuthorizationConfiguration.class]: 
> Bean instantiation via factory method failed; nested exception is 
> org.springframew
> ork.beans.BeanInstantiationException: Failed to instantiate 
> [org.pac4j.core.authorization.generator.AuthorizationGenerator]: Factory 
> method 'springSecurityPropertiesAuthorizationGenerator' threw exc
> eption; nested exception is java.io.FileNotFoundException: class path 
> resource [users.json] cannot be resolved to absolute file path because it 
> does not reside in the file system: jar:file:/mnt/c/Us
>
> ers/kyle/Documents/workspace/ideaprojects/cas/cas-management-overlay/build/libs/app.war!/WEB-INF/classes!/users.json>
>
> I haddn't make any change, what should I do?
>
> PS: I found cas documentation are really very confusing, there are always 
> surprises waiting for you.
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/de05e72b-374c-451b-8452-55aeb57d3eb8n%40apereo.org.

[cas-user] Re: cas-management-gradle-overlay class path resource cannot be resolved

[Florent Thomas]

Hi same thing here.
I've successfuly installed and run cas 6.6.7 on the same machine
Did you copy the management configuration in the /etc/cas/config folder ?


Le mercredi 18 août 2021 à 03:15:17 UTC+2, soli...@gmail.com a écrit :

> I was trying to setup cas-management with 
> https://github.com/apereo/cas-management-gradle-overlay at branch 6.3.x, 
> ./gradlew run give me following warnning:
>
> 2021-08-18 09:03:29,028 INFO 
> [org.apereo.cas.configuration.DefaultCasConfigurationPropertiesSourceLocator] 
> -  the specific pat
> h>:run
> 2021-08-18 09:03:29,277 INFO 
> [org.apereo.cas.mgmt.web.CasManagementWebApplication] -  profiles are active: standalone>
> 2021-08-18 09:04:06,976 INFO 
> [org.springframework.boot.web.embedded.tomcat.TomcatWebServer] -  initialized with port(s): 8443 (https)>
> 2021-08-18 09:04:55,352 INFO 
> [org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext]
>  
> - 
> 2021-08-18 09:04:58,685 WARN 
> [org.apereo.cas.mgmt.web.CasManagementWebApplicationContext] -  encountered during context initialization - cancelling refresh attempt: 
> org.springframework.bea
> ns.factory.UnsatisfiedDependencyException: Error creating bean with name 
> 'org.springframework.boot.autoconfigure.web.servlet.WebMvcAutoConfiguration$EnableWebMvcConfiguration':
>  
> Unsatisfied dependenc
> y expressed through method 'setConfigurers' parameter 0; nested exception 
> is org.springframework.beans.factory.UnsatisfiedDependencyException: Error 
> creating bean with name 'casManagementWebAppConfi
> guration': Unsatisfied dependency expressed through field 
> 'authenticationClients'; nested exception is 
> org.springframework.beans.factory.BeanCreationException: Error creating 
> bean with name 'authent
> icationClients' defined in class path resource 
> [org/apereo/cas/mgmt/config/CasManagementAuthenticationConfiguration.class]: 
> Bean instantiation via factory method failed; nested exception is org.spri
> ngframework.beans.BeanInstantiationException: Failed to instantiate 
> [java.util.List]: Factory method 'authenticationClients' threw exception; 
> nested exception is org.springframework.beans.factory.Be
> anCreationException: Error creating bean with name 
> 'authorizationGenerator' defined in class path resource 
> [org/apereo/cas/mgmt/config/CasManagementAuthorizationConfiguration.class]: 
> Bean instantiat
> ion via factory method failed; nested exception is 
> org.springframework.beans.BeanInstantiationException: Failed to instantiate 
> [org.pac4j.core.authorization.generator.AuthorizationGenerator]: Factor
> y method 'authorizationGenerator' threw exception; nested exception is 
> org.springframework.beans.factory.BeanCreationException: Error creating 
> bean with name 'springSecurityPropertiesAuthorizationGe
> nerator' defined in class path resource 
> [org/apereo/cas/mgmt/config/CasManagementAuthorizationConfiguration.class]: 
> Bean instantiation via factory method failed; nested exception is 
> org.springframew
> ork.beans.BeanInstantiationException: Failed to instantiate 
> [org.pac4j.core.authorization.generator.AuthorizationGenerator]: Factory 
> method 'springSecurityPropertiesAuthorizationGenerator' threw exc
> eption; nested exception is java.io.FileNotFoundException: class path 
> resource [users.json] cannot be resolved to absolute file path because it 
> does not reside in the file system: jar:file:/mnt/c/Us
>
> ers/kyle/Documents/workspace/ideaprojects/cas/cas-management-overlay/build/libs/app.war!/WEB-INF/classes!/users.json>
>
> I haddn't make any change, what should I do?
>
> PS: I found cas documentation are really very confusing, there are always 
> surprises waiting for you.
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/50774d7c-cb76-4113-afc0-e281dba4b0dan%40apereo.org.

[cas-user] Re: cas-management - Service cannot be changed in WebUI

[robertoschwald]

Same here with CAS-MGMT 6.6.1 and CAS 6.6.6. 
Switched back to RegexRegisteredService for now.

On Tuesday, 6 December 2022 at 10:15:31 UTC+1 BenDDD wrote:

> Hello,
>
> Thank you Fabio for your feedback.
>
> Does anyone have a solution to this problem or do I have to open an issue?
>
> Le lundi 5 décembre 2022 à 11:56:07 UTC+1, fabiob...@gmail.com a écrit :
>
>> Same configuration, same problem here.
>> I had to switch back the service definitions to RegexRegisteredService 
>> (and swallow the logs warnings, for now) in order to see them in management.
>>
>>
>> Il giorno mercoledì 30 novembre 2022 alle 17:28:30 UTC+1 BenDDD ha 
>> scritto:
>>
>>> Hi there,
>>>
>>> We used CAS (6.6.2) and CAS-management (6.6.0).
>>>
>>> On the CAS-management web interface, if I create a new service, for the 
>>> "Service type" field, I have the choice between "CAS Client (Deprecated)" 
>>> and "Cas Client". It doesn't matter which of the two I use, the JSON 
>>> service created uses the "org.apereo.cas.services.RegexRegisteredService" 
>>> type.
>>>
>>> In the CAS logs, using this type triggers the following warning: 
>>> *"WARN [org.apereo.cas.services.RegexRegisteredService] - >> located a service definition type that is now tagged as 
>>> [RegexRegisteredService]. This registered service definition type is 
>>> scheduled for removal and should no longer be used for CAS-enabled 
>>> applications, and MUST be replaced with 
>>> [org.apereo.cas.services.CasRegisteredService] instead. We STRONGLY advise 
>>> that you update your service definitions and make the replacement to 
>>> facilitate future CAS upgrades.>"*
>>>
>>> So I manually changed the type to 
>>> "org.apereo.cas.services.CasRegisteredService" in 
>>> /etc/cas/services/service-timestamp.json. I no longer have a warning in the 
>>> logs but I can no longer display the service in the WebUI. When I click on 
>>> the service, it shows an empty page. There are no particular logs in 
>>> cas.log or cas-management.log.
>>>
>>> Do you have any idea what could be causing this problem?
>>>
>>> Thanks in advance.
>>>
>>>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/d6bdf130-b24e-4530-aa11-4dbc983b04a3n%40apereo.org.

[cas-user] Re: CAS Management 6.6.1 - CAS Services Entries Not Editable

[robertoschwald]

Same here.
The effect here is, that in ngOnInit() line 84 it is asynchronously 
performing this.loadService(data.resp), but in line 89 
of form.component.ts, the form is used synchronously.

https://github.com/apereo/cas-management/blob/6.6.x/webapp/cas-mgmt-webapp-workspace/projects/management/src/app/form/form.component.ts#L89
03/24/2021 there was a change commit which made showEdit() synchronous. 
I'm not familiar with Angular, but this might be the problem.

On Thursday, 2 March 2023 at 17:52:10 UTC+1 phal...@gmail.com wrote:

> Just an update on this issue.  The previous issue was reported in my Test 
> Environment.  I upgraded my Production Environment today, minus the 
> OIDC/Oauth2 modules, and the issue is now happening there. This seems to be 
> an issue with CAS-Management and not related to deploying OIDC/Oauth 2.  
>
> Phil
> On Tuesday, February 28, 2023 at 11:26:24 AM UTC-6 Phil Hale wrote:
>
>> I recently enabled OAUTH/OIDC support on my CAS 6.6.x servers and created 
>> an entry in the "OAuth Services" tab in CAS Management for them.  
>> Afterwards, I'm no longer able to edit CAS Services entries in the "CAS 
>> Services" tab.  I can see the list of services, but nothing comes up on the 
>> edit:
>> [image: Screenshot from 2023-02-28 11-14-58.png]
>>
>> [image: Screenshot from 2023-02-28 11-15-41.png]
>>
>> I'm not seeing any errors in the cas-management logs or the tomcat logs.  
>> Anyone have any ideas?
>>
>> Thanks,
>>
>> Phil
>>
>>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/5d3ef0c6-e2e0-41a2-8253-5b449295eeefn%40apereo.org.

[cas-user] Re: CAS Management 6.6.1 - CAS Services Entries Not Editable

[Phil Hale]

Just an update on this issue.  The previous issue was reported in my Test 
Environment.  I upgraded my Production Environment today, minus the 
OIDC/Oauth2 modules, and the issue is now happening there. This seems to be 
an issue with CAS-Management and not related to deploying OIDC/Oauth 2.  

Phil
On Tuesday, February 28, 2023 at 11:26:24 AM UTC-6 Phil Hale wrote:

> I recently enabled OAUTH/OIDC support on my CAS 6.6.x servers and created 
> an entry in the "OAuth Services" tab in CAS Management for them.  
> Afterwards, I'm no longer able to edit CAS Services entries in the "CAS 
> Services" tab.  I can see the list of services, but nothing comes up on the 
> edit:
> [image: Screenshot from 2023-02-28 11-14-58.png]
>
> [image: Screenshot from 2023-02-28 11-15-41.png]
>
> I'm not seeing any errors in the cas-management logs or the tomcat logs.  
> Anyone have any ideas?
>
> Thanks,
>
> Phil
>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/4c248efb-d23b-4236-ba16-e45ac4b85db0n%40apereo.org.

[cas-user] Re: cas-management unable to log in

[Vincent Delhommmeau]

Ray,

That did it, thank you !!

Now I can see the main page (cas-management/management/registry) with a 
menu bar on the left (CAS Services, OAuth Services ...).
But I can't do anything, and I have a new error in the log : 

[org.springframework.web.util.NestedServletException: Request processing 
failed; nested exception is java.lang.IllegalAccessException: You do not 
have permission to the domain 'default']

It is related to the services registry, which is ruled globally (default) 
or by domain.
The only place I see to set permissions is the users json file :

{
  "casuser" : {
"@class" : "org.apereo.cas.mgmt.authz.json.UserAuthorizationDefinition",
"roles" : [ "ROLE_ADMIN" ],
"permissions" : [ "DOMAIN1" ,"DOMAIN2" ]
  }
}

I changed the permissions to "default" for my user, with no change.
Is this the right way to set permissions ?

management.properties :
mgmt.userPropertiesFile=file:/etc/cas/users/users.json
tomcat has read permission on the folder and the file

Any idea ?

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/9587e12f-b904-4b4b-b8ec-e8c39b205b06n%40apereo.org.

[cas-user] Re: cas-management unable to log in

[Vincent Delhommmeau]

I made a typo, it is a cas server 6.6.4

Le jeudi 9 février 2023 à 06:54:01 UTC+1, Vincent Delhommmeau a écrit :

> Hello,
>
> I am trying to set up a cas-management web application 6.6.0 on a cas 
> server 6.4.0.
> After a successful cas login, this message is displayed by the 
> cas-management application (approximate translation) :
> "The CAS management application is unavailable.
> An error has occurred. Please contact your support or try again"
>
> In cas-management.log I have this (short version) :
> "Unable to authorize access, since the authenticated profile does not 
> contain any required roles"
>
> In management.properties I tried
> mgmt.userPropertiesFile=file:/etc/cas/config/users.json
> and
> mgmt.userPropertiesFile=file:/etc/cas/config/users.properties
>
> I also defined a second admin role (which should match a returned 
> attribute) :
> mgmt.adminRoles[0]=ROLE_ADMIN
> mgmt.adminRoles[1]=EHPRSI_INF
>
> users.propertes :
> # Only 'casuser' is authorized to use cas services management app
> vdelhomm=notused,ROLE_ADMIN
>
> users.json :
> {
>   "vdelhomm" : {
> "@class" : 
> "org.apereo.cas.mgmt.authz.json.UserAuthorizationDefinition",
> "roles" : [ "ROLE_ADMIN" ]
>   }
> }
>
> I also created a cas attribute which is returned to th service after 
> authentication :
>
> attribute-def-store.json :
> {
> "@class" : "java.util.TreeMap",
> "roles" : {
>   "@class" : 
> "org.apereo.cas.authentication.attribute.DefaultAttributeDefinition",
>   "key" : "roles",
>   "scoped" : false,
>   "attribute" : "supannEntiteAffectation"
> }
> }
>
> service json file :
> ...
>  "attributeReleasePolicy" : {
> "@class" : 
> "org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy",
> "allowedAttributes" :
> [ "java.util.ArrayList", [ "uid", "roles" ] ]
>  }
>
> The attribute is returned, but the cas management application doesnt care 
> about it.
> I suppose that it was not a good idea.
>
> What did I miss ?
> It seems that the user is not found in users.properties or users.json
> Is "uid" the correct attribute to return ?
>
> thanks,
>
> PS : the cas-management.log message long version :
> 2023-02-08 17:42:57,530 WARN 
> [org.apereo.cas.mgmt.authz.CasRoleBasedAuthorizer] - Unable to authorize 
> access, since the authenticated profile [#CasProfile# | id: vdelhomm 
> | attributes: {clientIpAddress=x.x.x.x, 
> credentialType=UsernamePasswordCredential, uid=vdelhomm, 
> isFromNewLogin=true, authenticationDate=2023-02-08T16:42:57.273849Z, 
> authenticationMethod=LdapAuthenticationHandler, roles=EHPRSI_INF, 
> successfulAuthenticationHandlers=LdapAuthenticationHandler, 
> serverIpAddress=y.y.y.y, 
> userAgent=Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 
> (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36 OPR/58.0.3135.127, 
> longTermAuthenticationRequestTokenUsed=false} | roles: [] | permissions: 
> [] | isRemembered: false | clientName: CasClient | linkedId: null |] does 
> not contain any required roles
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/ec304f58-11ab-43b3-a288-cbadd060966an%40apereo.org.

[cas-user] Re: cas-management - Service cannot be changed in WebUI

[Laurent Sanglard]

hi
same here, except that the CAS server does not work anymore with 
"*RegexRegisteredService", 
*i'm obliged to replace all my services with Cas*RegisteredService that i 
can't manage with casmanagement :(*
*i test with all the last version (6.6.x)*

Le mardi 6 décembre 2022 à 10:15:31 UTC+1, BenDDD a écrit :

> Hello,
>
> Thank you Fabio for your feedback.
>
> Does anyone have a solution to this problem or do I have to open an issue?
>
> Le lundi 5 décembre 2022 à 11:56:07 UTC+1, fabiob...@gmail.com a écrit :
>
>> Same configuration, same problem here.
>> I had to switch back the service definitions to RegexRegisteredService 
>> (and swallow the logs warnings, for now) in order to see them in management.
>>
>>
>> Il giorno mercoledì 30 novembre 2022 alle 17:28:30 UTC+1 BenDDD ha 
>> scritto:
>>
>>> Hi there,
>>>
>>> We used CAS (6.6.2) and CAS-management (6.6.0).
>>>
>>> On the CAS-management web interface, if I create a new service, for the 
>>> "Service type" field, I have the choice between "CAS Client (Deprecated)" 
>>> and "Cas Client". It doesn't matter which of the two I use, the JSON 
>>> service created uses the "org.apereo.cas.services.RegexRegisteredService" 
>>> type.
>>>
>>> In the CAS logs, using this type triggers the following warning: 
>>> *"WARN [org.apereo.cas.services.RegexRegisteredService] - >> located a service definition type that is now tagged as 
>>> [RegexRegisteredService]. This registered service definition type is 
>>> scheduled for removal and should no longer be used for CAS-enabled 
>>> applications, and MUST be replaced with 
>>> [org.apereo.cas.services.CasRegisteredService] instead. We STRONGLY advise 
>>> that you update your service definitions and make the replacement to 
>>> facilitate future CAS upgrades.>"*
>>>
>>> So I manually changed the type to 
>>> "org.apereo.cas.services.CasRegisteredService" in 
>>> /etc/cas/services/service-timestamp.json. I no longer have a warning in the 
>>> logs but I can no longer display the service in the WebUI. When I click on 
>>> the service, it shows an empty page. There are no particular logs in 
>>> cas.log or cas-management.log.
>>>
>>> Do you have any idea what could be causing this problem?
>>>
>>> Thanks in advance.
>>>
>>>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/53a6b071-f43a-40e3-b81b-c7ae68949741n%40apereo.org.

[cas-user] Re: cas-management - Service cannot be changed in WebUI

[BenDDD]

Hello,

Thank you Fabio for your feedback.

Does anyone have a solution to this problem or do I have to open an issue?

Le lundi 5 décembre 2022 à 11:56:07 UTC+1, fabiob...@gmail.com a écrit :

> Same configuration, same problem here.
> I had to switch back the service definitions to RegexRegisteredService 
> (and swallow the logs warnings, for now) in order to see them in management.
>
>
> Il giorno mercoledì 30 novembre 2022 alle 17:28:30 UTC+1 BenDDD ha scritto:
>
>> Hi there,
>>
>> We used CAS (6.6.2) and CAS-management (6.6.0).
>>
>> On the CAS-management web interface, if I create a new service, for the 
>> "Service type" field, I have the choice between "CAS Client (Deprecated)" 
>> and "Cas Client". It doesn't matter which of the two I use, the JSON 
>> service created uses the "org.apereo.cas.services.RegexRegisteredService" 
>> type.
>>
>> In the CAS logs, using this type triggers the following warning: 
>> *"WARN [org.apereo.cas.services.RegexRegisteredService] - > located a service definition type that is now tagged as 
>> [RegexRegisteredService]. This registered service definition type is 
>> scheduled for removal and should no longer be used for CAS-enabled 
>> applications, and MUST be replaced with 
>> [org.apereo.cas.services.CasRegisteredService] instead. We STRONGLY advise 
>> that you update your service definitions and make the replacement to 
>> facilitate future CAS upgrades.>"*
>>
>> So I manually changed the type to 
>> "org.apereo.cas.services.CasRegisteredService" in 
>> /etc/cas/services/service-timestamp.json. I no longer have a warning in the 
>> logs but I can no longer display the service in the WebUI. When I click on 
>> the service, it shows an empty page. There are no particular logs in 
>> cas.log or cas-management.log.
>>
>> Do you have any idea what could be causing this problem?
>>
>> Thanks in advance.
>>
>>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/9b598d11-e3ee-4488-839b-2d41f108bb00n%40apereo.org.

[cas-user] Re: cas-management - Service cannot be changed in WebUI

[Fabio Bettiol]

Same configuration, same problem here.
I had to switch back the service definitions to RegexRegisteredService (and 
swallow the logs warnings, for now) in order to see them in management.


Il giorno mercoledì 30 novembre 2022 alle 17:28:30 UTC+1 BenDDD ha scritto:

> Hi there,
>
> We used CAS (6.6.2) and CAS-management (6.6.0).
>
> On the CAS-management web interface, if I create a new service, for the 
> "Service type" field, I have the choice between "CAS Client (Deprecated)" 
> and "Cas Client". It doesn't matter which of the two I use, the JSON 
> service created uses the "org.apereo.cas.services.RegexRegisteredService" 
> type.
>
> In the CAS logs, using this type triggers the following warning: 
> *"WARN [org.apereo.cas.services.RegexRegisteredService] -  a service definition type that is now tagged as [RegexRegisteredService]. 
> This registered service definition type is scheduled for removal and should 
> no longer be used for CAS-enabled applications, and MUST be replaced with 
> [org.apereo.cas.services.CasRegisteredService] instead. We STRONGLY advise 
> that you update your service definitions and make the replacement to 
> facilitate future CAS upgrades.>"*
>
> So I manually changed the type to 
> "org.apereo.cas.services.CasRegisteredService" in 
> /etc/cas/services/service-timestamp.json. I no longer have a warning in the 
> logs but I can no longer display the service in the WebUI. When I click on 
> the service, it shows an empty page. There are no particular logs in 
> cas.log or cas-management.log.
>
> Do you have any idea what could be causing this problem?
>
> Thanks in advance.
>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/755296cf-2336-4c9b-9446-98a54f47f61fn%40apereo.org.

[cas-user] Re: cas-management - Service cannot be changed in WebUI

[BenDDD]

Hi there,

Does anyone have any idea what I might have missed that could be causing 
this behavior?

Thanks in advance.

Le mercredi 30 novembre 2022 à 17:28:30 UTC+1, BenDDD a écrit :

> Hi there,
>
> We used CAS (6.6.2) and CAS-management (6.6.0).
>
> On the CAS-management web interface, if I create a new service, for the 
> "Service type" field, I have the choice between "CAS Client (Deprecated)" 
> and "Cas Client". It doesn't matter which of the two I use, the JSON 
> service created uses the "org.apereo.cas.services.RegexRegisteredService" 
> type.
>
> In the CAS logs, using this type triggers the following warning: 
> *"WARN [org.apereo.cas.services.RegexRegisteredService] -  a service definition type that is now tagged as [RegexRegisteredService]. 
> This registered service definition type is scheduled for removal and should 
> no longer be used for CAS-enabled applications, and MUST be replaced with 
> [org.apereo.cas.services.CasRegisteredService] instead. We STRONGLY advise 
> that you update your service definitions and make the replacement to 
> facilitate future CAS upgrades.>"*
>
> So I manually changed the type to 
> "org.apereo.cas.services.CasRegisteredService" in 
> /etc/cas/services/service-timestamp.json. I no longer have a warning in the 
> logs but I can no longer display the service in the WebUI. When I click on 
> the service, it shows an empty page. There are no particular logs in 
> cas.log or cas-management.log.
>
> Do you have any idea what could be causing this problem?
>
> Thanks in advance.
>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/2c1350b8-25e7-467e-9652-5ebe6f41a070n%40apereo.org.

Re: [cas-user] Re: cas-management error creating service

[Ray Bon]

lanf,

Apologies, that is the the location of the local git repo; and the 6.6.x 
property is:
mgmt.version-control.services-repo

If you are using json service registry:
cas.serviceRegistry.json.location=file:/etc/cas/services

Had to go through the source docs to find it.
https://github.com/apereo/cas-management/blob/6.6.x/docs/cas-mgmt-documentation/installation/Installing-ServicesMgmt-Webapp.md
 under the Sync Script section.

The cas doc page for json services is 
https://apereo.github.io/cas/6.6.x/services/JSON-Service-Management.html.

Ray

On Wed, 2022-11-09 at 23:00 -0800, lanf detroy wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

it does not work. the application no longer launches. Here is the error:

[2022-11-10 07:55:15] [info] 2022-11-10 07:55:15,391 WARN 
[org.springframework.boot.web.servlet.context.AnnotationConfigServletWebServerApplicationContext]
 - 
[2022-11-10 07:55:15] [info] 2022-11-10 07:55:15,456 ERROR 
[org.springframework.boot.diagnostics.LoggingFailureAnalysisReporter] - <
[2022-11-10 07:55:15] [info] ***
[2022-11-10 07:55:15] [info] APPLICATION FAILED TO START
[2022-11-10 07:55:15] [info] ***
[2022-11-10 07:55:15] [info] Description:
[2022-11-10 07:55:15] [info] Binding to target [Bindable@669aa5d3 type = 
org.apereo.cas.configuration.CasManagementConfigurationProperties, value = 
'provided', annotations = 
array[@org.springframework.boot.context.properties.ConfigurationProperties(ignoreInvalidFields=false,
 ignoreUnknownFields=false, prefix="mgmt", value="mgmt")]] failed:
[2022-11-10 07:55:15] [info] Property: mgmt.services-repo
[2022-11-10 07:55:15] [info] Value: "/etc/cas/services-repo"
[2022-11-10 07:55:15] [info] Origin: "mgmt.services-repo" from property 
source "bootstrapProperties-casCompositePropertySource"
[2022-11-10 07:55:15] [info] Reason: The elements [mgmt.services-repo] were 
left unbound.
[2022-11-10 07:55:15] [info] Action:
[2022-11-10 07:55:15] [info] Update your application's configuration
[2022-11-10 07:55:15] [info] >


 I am in version 6.6.0 for the case-management, the properties have not changed?


Le mercredi 9 novembre 2022 à 22:03:06 UTC+1, lanf detroy a écrit :
I changed the permissions but it didn't change anything. Is there anything else 
to do?


Le lundi 7 novembre 2022 à 19:09:52 UTC+1, Ray Bon a écrit :
lanf,

You can change the group for the services directory and give it write 
permissions.

sudo chgrp --recursive tomcat /etc/cas/services
sudo chmod g+w --recursive /etc/cas/services/

Ray

On Sun, 2022-11-06 at 22:46 -0800, lanf detroy wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

hello, the directory user is root and the CAS user is tomcat. Do you have to 
give CAS directory rights to tomcat?

ls -l /etc/cas/
drwxr-xr-x 2 root root 4096 27 oct.  16:07 config
drwxr-xr-x 2 root root 4096 28 oct.  09:56 services

ps aux | grep tomcat
tomcat 35266  1.8 16.3 5092560 128 ? Ssl  oct.27 278:49 
/usr/lib/jvm/java-11-openjdk-amd64/bin/java 
-Djava.util.logging.config.file=/var/lib/tomcat9/conf/logging.properties 
-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 
-Dlog4j2.formatMsgNoLookups=True -Djdk.tls.ephemeralDHKeySize=2048 
-Djava.protocol.handler.pkgs=org.apache.catalina.webresources 
-Dorg.apache.catalina.security.SecurityListener.UMASK=0027 
-Dignore.endorsed.dirs= -classpath 
/usr/share/tomcat9/bin/bootstrap.jar:/usr/share/tomcat9/bin/tomcat-juli.jar 
-Dcatalina.base=/var/lib/tomcat9 -Dcatalina.home=/usr/share/tomcat9 
-Djava.io.tmpdir=/tmp org.apache.catalina.startup.Bootstrap start



Le vendredi 28 octobre 2022 à 20:15:35 UTC+2, Ray Bon a écrit :
lanf,

If you are on linux you can use this command to see access and ownership of the 
services directory (on my laptop):
ls -l /etc/cas/
total 4
drwxrwxr-x 3 rbon rbon 4096 Jun 16 18:36 services

To see the process owner for the container running cas (this is for tomcat 
running, substitute your app server)
ps aux | grep tomcat

rbon 336911 338 7.0 11769108 2314612 pts/10 SNl 11:12 1:17 /usr/bin/java 
-Djava.util.logging.config.file=/home/rbon/Applications/mgmt/conf/logging.properties
 -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 
-Djdk.tls.ephemeralDHKeySize=2048 
-Djava.protocol.handler.pkgs=org.apache.catalina.webresources 
-Dorg.apache.catalina.security.SecurityListener.UMASK=0027 
-Djava.awt.headless=true -XX:+UseG1GC -Xms1024m -Xmx2048m 
-Dcas.standalone.configurationDirectory=/home/uvtomcat/cas-management_config 
-Dignore.endorsed.dirs= -classpath 
/home/rbon/Applications/mgmt/bin/bootstrap.jar:/home/rbon/Applications/mgmt/bin/tomcat-juli.jar
 -Dcatalina.base=/home/rbon/Applications/mgmt 
-Dcatalina.

Re: [cas-user] Re: cas-management error creating service

[lanf detroy]

 it does not work. the application no longer launches. Here is the error:

[2022-11-10 07:55:15] [info] 2022-11-10 07:55:15,391 WARN 
[org.springframework.boot.web.servlet.context.AnnotationConfigServletWebServerApplicationContext]
 
- 
[2022-11-10 07:55:15] [info] 2022-11-10 07:55:15,456 ERROR 
[org.springframework.boot.diagnostics.LoggingFailureAnalysisReporter] - <
[2022-11-10 07:55:15] [info] ***
[2022-11-10 07:55:15] [info] APPLICATION FAILED TO START
[2022-11-10 07:55:15] [info] ***
[2022-11-10 07:55:15] [info] Description:
[2022-11-10 07:55:15] [info] Binding to target [Bindable@669aa5d3 type = 
org.apereo.cas.configuration.CasManagementConfigurationProperties, value = 
'provided', annotations = 
array[@org.springframework.boot.context.properties.ConfigurationProperties(ignoreInvalidFields=false,
 
ignoreUnknownFields=false, prefix="mgmt", value="mgmt")]] failed:
[2022-11-10 07:55:15] [info] Property: mgmt.services-repo
[2022-11-10 07:55:15] [info] Value: "/etc/cas/services-repo"
[2022-11-10 07:55:15] [info] Origin: "mgmt.services-repo" from property 
source "bootstrapProperties-casCompositePropertySource"
[2022-11-10 07:55:15] [info] Reason: The elements [mgmt.services-repo] 
were left unbound.
[2022-11-10 07:55:15] [info] Action:
[2022-11-10 07:55:15] [info] Update your application's configuration
[2022-11-10 07:55:15] [info] >


 I am in version 6.6.0 for the case-management, the properties have not 
changed?


Le mercredi 9 novembre 2022 à 22:03:06 UTC+1, lanf detroy a écrit :

> I changed the permissions but it didn't change anything. Is there anything 
> else to do? 
>
> Le lundi 7 novembre 2022 à 19:09:52 UTC+1, Ray Bon a écrit :
>
>> lanf,
>>
>> You can change the group for the services directory and give it write 
>> permissions.
>>
>> sudo chgrp --recursive tomcat /etc/cas/services
>> sudo chmod g+w --recursive /etc/cas/services/
>>
>> Ray
>>
>> On Sun, 2022-11-06 at 22:46 -0800, lanf detroy wrote:
>>
>> Notice: This message was sent from outside the University of Victoria 
>> email system. Please be cautious with links and sensitive information.
>>
>> hello, the directory user is root and the CAS user is tomcat. Do you have 
>> to give CAS directory rights to tomcat?
>>
>> ls -l /etc/cas/
>> drwxr-xr-x 2 root root 4096 27 oct.  16:07 config
>> drwxr-xr-x 2 root root 4096 28 oct.  09:56 services
>>
>> ps aux | grep tomcat
>> tomcat 35266  1.8 16.3 5092560 128 ? Ssl  oct.27 278:49 
>> /usr/lib/jvm/java-11-openjdk-amd64/bin/java 
>> -Djava.util.logging.config.file=/var/lib/tomcat9/conf/logging.properties 
>> -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 
>> -Dlog4j2.formatMsgNoLookups=True -Djdk.tls.ephemeralDHKeySize=2048 
>> -Djava.protocol.handler.pkgs=org.apache.catalina.webresources 
>> -Dorg.apache.catalina.security.SecurityListener.UMASK=0027 
>> -Dignore.endorsed.dirs= -classpath 
>> /usr/share/tomcat9/bin/bootstrap.jar:/usr/share/tomcat9/bin/tomcat-juli.jar 
>> -Dcatalina.base=/var/lib/tomcat9 -Dcatalina.home=/usr/share/tomcat9 
>> -Djava.io.tmpdir=/tmp org.apache.catalina.startup.Bootstrap start
>>
>>
>>
>> Le vendredi 28 octobre 2022 à 20:15:35 UTC+2, Ray Bon a écrit :
>>
>> lanf,
>>
>> If you are on linux you can use this command to see access and ownership 
>> of the services directory (on my laptop):
>> ls -l /etc/cas/
>> total 4
>> drwxrwxr-x 3 rbon rbon 4096 Jun 16 18:36 services
>>
>> To see the process owner for the container running cas (this is for 
>> tomcat running, substitute your app server)
>> ps aux | grep tomcat
>> rbon 336911 338 7.0 11769108 2314612 pts/10 SNl 11:12 1:17 /usr/bin/java 
>> -Djava.util.logging.config.file=/home/rbon/Applications/mgmt/conf/logging.properties
>>  
>> -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 
>> -Djdk.tls.ephemeralDHKeySize=2048 
>> -Djava.protocol.handler.pkgs=org.apache.catalina.webresources 
>> -Dorg.apache.catalina.security.SecurityListener.UMASK=0027 
>> -Djava.awt.headless=true -XX:+UseG1GC -Xms1024m -Xmx2048m 
>> -Dcas.standalone.configurationDirectory=/home/uvtomcat/cas-management_config 
>> -Dignore.endorsed.dirs= -classpath 
>> /home/rbon/Applications/mgmt/bin/bootstrap.jar:/home/rbon/Applications/mgmt/bin/tomcat-juli.jar
>>  
>> -Dcatalina.base=/home/rbon/Applications/mgmt 
>> -Dcatalina.home=/home/rbon/Applications/mgmt 
>> -Djava.io.tmpdir=/home/rbon/Applications/mgmt/temp 
>> org.apache.catalina.startup.Bootstrap start
>>
>> If you need more info, provide more details about your configuration.
>>
>> Ray
>>
>> On Thu, 2022-10-27 at 22:46 -0700, lanf detroy wrote:
>>
>> Notice: This message was sent from outside the University of Victoria 
>> email system. Please be cautious with links and sensitive information.
>>
>> I don't know where to look for this? What parameter to put?
>>
>> Le jeudi 27 octobre 2022 à 18:37:46 UTC+2, Ray Bon a écrit :
>>
>> lanf,
>>
>> Check that the process that is running cas m

Re: [cas-user] Re: cas-management error creating service

[lanf detroy]

 I changed the permissions but it didn't change anything. Is there anything 
else to do? 

Le lundi 7 novembre 2022 à 19:09:52 UTC+1, Ray Bon a écrit :

> lanf,
>
> You can change the group for the services directory and give it write 
> permissions.
>
> sudo chgrp --recursive tomcat /etc/cas/services
> sudo chmod g+w --recursive /etc/cas/services/
>
> Ray
>
> On Sun, 2022-11-06 at 22:46 -0800, lanf detroy wrote:
>
> Notice: This message was sent from outside the University of Victoria 
> email system. Please be cautious with links and sensitive information.
>
> hello, the directory user is root and the CAS user is tomcat. Do you have 
> to give CAS directory rights to tomcat?
>
> ls -l /etc/cas/
> drwxr-xr-x 2 root root 4096 27 oct.  16:07 config
> drwxr-xr-x 2 root root 4096 28 oct.  09:56 services
>
> ps aux | grep tomcat
> tomcat 35266  1.8 16.3 5092560 128 ? Ssl  oct.27 278:49 
> /usr/lib/jvm/java-11-openjdk-amd64/bin/java 
> -Djava.util.logging.config.file=/var/lib/tomcat9/conf/logging.properties 
> -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 
> -Dlog4j2.formatMsgNoLookups=True -Djdk.tls.ephemeralDHKeySize=2048 
> -Djava.protocol.handler.pkgs=org.apache.catalina.webresources 
> -Dorg.apache.catalina.security.SecurityListener.UMASK=0027 
> -Dignore.endorsed.dirs= -classpath 
> /usr/share/tomcat9/bin/bootstrap.jar:/usr/share/tomcat9/bin/tomcat-juli.jar 
> -Dcatalina.base=/var/lib/tomcat9 -Dcatalina.home=/usr/share/tomcat9 
> -Djava.io.tmpdir=/tmp org.apache.catalina.startup.Bootstrap start
>
>
>
> Le vendredi 28 octobre 2022 à 20:15:35 UTC+2, Ray Bon a écrit :
>
> lanf,
>
> If you are on linux you can use this command to see access and ownership 
> of the services directory (on my laptop):
> ls -l /etc/cas/
> total 4
> drwxrwxr-x 3 rbon rbon 4096 Jun 16 18:36 services
>
> To see the process owner for the container running cas (this is for tomcat 
> running, substitute your app server)
> ps aux | grep tomcat
> rbon 336911 338 7.0 11769108 2314612 pts/10 SNl 11:12 1:17 /usr/bin/java 
> -Djava.util.logging.config.file=/home/rbon/Applications/mgmt/conf/logging.properties
>  
> -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 
> -Djdk.tls.ephemeralDHKeySize=2048 
> -Djava.protocol.handler.pkgs=org.apache.catalina.webresources 
> -Dorg.apache.catalina.security.SecurityListener.UMASK=0027 
> -Djava.awt.headless=true -XX:+UseG1GC -Xms1024m -Xmx2048m 
> -Dcas.standalone.configurationDirectory=/home/uvtomcat/cas-management_config 
> -Dignore.endorsed.dirs= -classpath 
> /home/rbon/Applications/mgmt/bin/bootstrap.jar:/home/rbon/Applications/mgmt/bin/tomcat-juli.jar
>  
> -Dcatalina.base=/home/rbon/Applications/mgmt 
> -Dcatalina.home=/home/rbon/Applications/mgmt 
> -Djava.io.tmpdir=/home/rbon/Applications/mgmt/temp 
> org.apache.catalina.startup.Bootstrap start
>
> If you need more info, provide more details about your configuration.
>
> Ray
>
> On Thu, 2022-10-27 at 22:46 -0700, lanf detroy wrote:
>
> Notice: This message was sent from outside the University of Victoria 
> email system. Please be cautious with links and sensitive information.
>
> I don't know where to look for this? What parameter to put?
>
> Le jeudi 27 octobre 2022 à 18:37:46 UTC+2, Ray Bon a écrit :
>
> lanf,
>
> Check that the process that is running cas management has write access to 
> the directory in the config.
>
> Ray
>
> On Thu, 2022-10-27 at 07:42 -0700, lanf detroy wrote:
>
> Notice: This message was sent from outside the University of Victoria 
> email system. Please be cautious with links and sensitive information.
>
>
> [2022-10-27 16:40:14] [info] 
> =
> [2022-10-27 16:40:14] [info] WHO: me
> [2022-10-27 16:40:14] [info] WHAT: IO error opening file stream.
> [2022-10-27 16:40:14] [info] ACTION: SAVE_SERVICE_FAILED
> [2022-10-27 16:40:14] [info] APPLICATION: CAS_Management
> [2022-10-27 16:40:14] [info] WHEN: Thu Oct 27 16:40:14 CEST 2022
> [2022-10-27 16:40:14] [info] CLIENT IP ADDRESS: 192.168.1.254
> [2022-10-27 16:40:14] [info] SERVER IP ADDRESS: 192.168.1.14
> [2022-10-27 16:40:14] [info] 
> =
> [2022-10-27 16:40:14] [info] >
> [2022-10-27 16:40:14] [info] 2022-10-27 16:40:14,159 ERROR 
> [org.springframework.boot.web.servlet.support.ErrorPageFilter] - 
>  [org.springframework.web.util.NestedServletException: Request processing 
> failed; nested exception is java.lang.IllegalArgumentException: IO error 
> opening file stream.]>
> [2022-10-27 16:40:14] [info] java.lang.RuntimeException: 
> org.springframework.web.util.NestedServletException: Request processing 
> failed; nested exception is java.lang.IllegalArgumentException: IO error 
> opening file stream
>
> Le jeudi 27 octobre 2022 à 15:45:52 UTC+2, lanf detroy a écrit :
>
>
> Hello,
>  I installed cas-management in version 6.6.0, and when I create a service 
> and I want to register it I have the follow

Re: [cas-user] Re: cas-management error creating service

[Ray Bon]

lanf,

This looks to be the default directory

# mgmt.services-repo=/etc/cas/services-repo

https://apereo.github.io/cas-management/6.3.x/installation/Configuration-Properties.html#properties

Have you changed it in your management.properties?

Ray

On Wed, 2022-11-09 at 02:28 -0800, lanf detroy wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

I changed the permissions but it didn't change anything. Is there anything else 
to do?

Le lundi 7 novembre 2022 à 19:09:52 UTC+1, Ray Bon a écrit :
lanf,

You can change the group for the services directory and give it write 
permissions.

sudo chgrp --recursive tomcat /etc/cas/services
sudo chmod g+w --recursive /etc/cas/services/

Ray

On Sun, 2022-11-06 at 22:46 -0800, lanf detroy wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

hello, the directory user is root and the CAS user is tomcat. Do you have to 
give CAS directory rights to tomcat?

ls -l /etc/cas/
drwxr-xr-x 2 root root 4096 27 oct.  16:07 config
drwxr-xr-x 2 root root 4096 28 oct.  09:56 services

ps aux | grep tomcat
tomcat 35266  1.8 16.3 5092560 128 ? Ssl  oct.27 278:49 
/usr/lib/jvm/java-11-openjdk-amd64/bin/java 
-Djava.util.logging.config.file=/var/lib/tomcat9/conf/logging.properties 
-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 
-Dlog4j2.formatMsgNoLookups=True -Djdk.tls.ephemeralDHKeySize=2048 
-Djava.protocol.handler.pkgs=org.apache.catalina.webresources 
-Dorg.apache.catalina.security.SecurityListener.UMASK=0027 
-Dignore.endorsed.dirs= -classpath 
/usr/share/tomcat9/bin/bootstrap.jar:/usr/share/tomcat9/bin/tomcat-juli.jar 
-Dcatalina.base=/var/lib/tomcat9 -Dcatalina.home=/usr/share/tomcat9 
-Djava.io.tmpdir=/tmp org.apache.catalina.startup.Bootstrap start



Le vendredi 28 octobre 2022 à 20:15:35 UTC+2, Ray Bon a écrit :
lanf,

If you are on linux you can use this command to see access and ownership of the 
services directory (on my laptop):
ls -l /etc/cas/
total 4
drwxrwxr-x 3 rbon rbon 4096 Jun 16 18:36 services

To see the process owner for the container running cas (this is for tomcat 
running, substitute your app server)
ps aux | grep tomcat

rbon 336911 338 7.0 11769108 2314612 pts/10 SNl 11:12 1:17 /usr/bin/java 
-Djava.util.logging.config.file=/home/rbon/Applications/mgmt/conf/logging.properties
 -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 
-Djdk.tls.ephemeralDHKeySize=2048 
-Djava.protocol.handler.pkgs=org.apache.catalina.webresources 
-Dorg.apache.catalina.security.SecurityListener.UMASK=0027 
-Djava.awt.headless=true -XX:+UseG1GC -Xms1024m -Xmx2048m 
-Dcas.standalone.configurationDirectory=/home/uvtomcat/cas-management_config 
-Dignore.endorsed.dirs= -classpath 
/home/rbon/Applications/mgmt/bin/bootstrap.jar:/home/rbon/Applications/mgmt/bin/tomcat-juli.jar
 -Dcatalina.base=/home/rbon/Applications/mgmt 
-Dcatalina.home=/home/rbon/Applications/mgmt 
-Djava.io.tmpdir=/home/rbon/Applications/mgmt/temp 
org.apache.catalina.startup.Bootstrap start

If you need more info, provide more details about your configuration.

Ray

On Thu, 2022-10-27 at 22:46 -0700, lanf detroy wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

I don't know where to look for this? What parameter to put?

Le jeudi 27 octobre 2022 à 18:37:46 UTC+2, Ray Bon a écrit :
lanf,

Check that the process that is running cas management has write access to the 
directory in the config.

Ray

On Thu, 2022-10-27 at 07:42 -0700, lanf detroy wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

[2022-10-27 16:40:14] [info] 
=
[2022-10-27 16:40:14] [info] WHO: me
[2022-10-27 16:40:14] [info] WHAT: IO error opening file stream.
[2022-10-27 16:40:14] [info] ACTION: SAVE_SERVICE_FAILED
[2022-10-27 16:40:14] [info] APPLICATION: CAS_Management
[2022-10-27 16:40:14] [info] WHEN: Thu Oct 27 16:40:14 CEST 2022
[2022-10-27 16:40:14] [info] CLIENT IP ADDRESS: 192.168.1.254
[2022-10-27 16:40:14] [info] SERVER IP ADDRESS: 192.168.1.14
[2022-10-27 16:40:14] [info] 
=
[2022-10-27 16:40:14] [info] >
[2022-10-27 16:40:14] [info] 2022-10-27 16:40:14,159 ERROR 
[org.springframework.boot.web.servlet.support.ErrorPageFilter] - 
[2022-10-27 16:40:14] [info] java.lang.RuntimeException: 
org.springframework.web.util.NestedServletException: Request processing failed; 
nested exception is java.lang.IllegalArgumentException: IO error opening file 
stream

Le jeudi 27 octobre 2022 à 15:45:52 UTC+2, lanf detroy a écrit :

Hello,
 I installed cas-management in version 6.6.0, and when I create a 

Re: [cas-user] Re: cas-management error creating service

[Ray Bon]

lanf,

You can change the group for the services directory and give it write 
permissions.

sudo chgrp --recursive tomcat /etc/cas/services
sudo chmod g+w --recursive /etc/cas/services/

Ray

On Sun, 2022-11-06 at 22:46 -0800, lanf detroy wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

hello, the directory user is root and the CAS user is tomcat. Do you have to 
give CAS directory rights to tomcat?

ls -l /etc/cas/
drwxr-xr-x 2 root root 4096 27 oct.  16:07 config
drwxr-xr-x 2 root root 4096 28 oct.  09:56 services

ps aux | grep tomcat
tomcat 35266  1.8 16.3 5092560 128 ? Ssl  oct.27 278:49 
/usr/lib/jvm/java-11-openjdk-amd64/bin/java 
-Djava.util.logging.config.file=/var/lib/tomcat9/conf/logging.properties 
-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 
-Dlog4j2.formatMsgNoLookups=True -Djdk.tls.ephemeralDHKeySize=2048 
-Djava.protocol.handler.pkgs=org.apache.catalina.webresources 
-Dorg.apache.catalina.security.SecurityListener.UMASK=0027 
-Dignore.endorsed.dirs= -classpath 
/usr/share/tomcat9/bin/bootstrap.jar:/usr/share/tomcat9/bin/tomcat-juli.jar 
-Dcatalina.base=/var/lib/tomcat9 -Dcatalina.home=/usr/share/tomcat9 
-Djava.io.tmpdir=/tmp org.apache.catalina.startup.Bootstrap start



Le vendredi 28 octobre 2022 à 20:15:35 UTC+2, Ray Bon a écrit :
lanf,

If you are on linux you can use this command to see access and ownership of the 
services directory (on my laptop):
ls -l /etc/cas/
total 4
drwxrwxr-x 3 rbon rbon 4096 Jun 16 18:36 services

To see the process owner for the container running cas (this is for tomcat 
running, substitute your app server)
ps aux | grep tomcat
rbon 336911 338 7.0 11769108 2314612 pts/10 SNl 11:12 1:17 /usr/bin/java 
-Djava.util.logging.config.file=/home/rbon/Applications/mgmt/conf/logging.properties
 -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 
-Djdk.tls.ephemeralDHKeySize=2048 
-Djava.protocol.handler.pkgs=org.apache.catalina.webresources 
-Dorg.apache.catalina.security.SecurityListener.UMASK=0027 
-Djava.awt.headless=true -XX:+UseG1GC -Xms1024m -Xmx2048m 
-Dcas.standalone.configurationDirectory=/home/uvtomcat/cas-management_config 
-Dignore.endorsed.dirs= -classpath 
/home/rbon/Applications/mgmt/bin/bootstrap.jar:/home/rbon/Applications/mgmt/bin/tomcat-juli.jar
 -Dcatalina.base=/home/rbon/Applications/mgmt 
-Dcatalina.home=/home/rbon/Applications/mgmt 
-Djava.io.tmpdir=/home/rbon/Applications/mgmt/temp 
org.apache.catalina.startup.Bootstrap start

If you need more info, provide more details about your configuration.

Ray

On Thu, 2022-10-27 at 22:46 -0700, lanf detroy wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

I don't know where to look for this? What parameter to put?

Le jeudi 27 octobre 2022 à 18:37:46 UTC+2, Ray Bon a écrit :
lanf,

Check that the process that is running cas management has write access to the 
directory in the config.

Ray

On Thu, 2022-10-27 at 07:42 -0700, lanf detroy wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

[2022-10-27 16:40:14] [info] 
=
[2022-10-27 16:40:14] [info] WHO: me
[2022-10-27 16:40:14] [info] WHAT: IO error opening file stream.
[2022-10-27 16:40:14] [info] ACTION: SAVE_SERVICE_FAILED
[2022-10-27 16:40:14] [info] APPLICATION: CAS_Management
[2022-10-27 16:40:14] [info] WHEN: Thu Oct 27 16:40:14 CEST 2022
[2022-10-27 16:40:14] [info] CLIENT IP ADDRESS: 192.168.1.254
[2022-10-27 16:40:14] [info] SERVER IP ADDRESS: 192.168.1.14
[2022-10-27 16:40:14] [info] 
=
[2022-10-27 16:40:14] [info] >
[2022-10-27 16:40:14] [info] 2022-10-27 16:40:14,159 ERROR 
[org.springframework.boot.web.servlet.support.ErrorPageFilter] - 
[2022-10-27 16:40:14] [info] java.lang.RuntimeException: 
org.springframework.web.util.NestedServletException: Request processing failed; 
nested exception is java.lang.IllegalArgumentException: IO error opening file 
stream

Le jeudi 27 octobre 2022 à 15:45:52 UTC+2, lanf detroy a écrit :

Hello,
 I installed cas-management in version 6.6.0, and when I create a service and I 
want to register it I have the following error:
An error has occurred while attempting to save the service. Please try again 
later.

I see the services that I created by hand in the directory /etc/cas/services

Can you help me?





-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an 

Re: [cas-user] Re: cas-management error creating service

[lanf detroy]

 hello, the directory user is root and the CAS user is tomcat. Do you have 
to give CAS directory rights to tomcat?

ls -l /etc/cas/
drwxr-xr-x 2 root root 4096 27 oct.  16:07 config
drwxr-xr-x 2 root root 4096 28 oct.  09:56 services

ps aux | grep tomcat
tomcat 35266  1.8 16.3 5092560 128 ? Ssl  oct.27 278:49 
/usr/lib/jvm/java-11-openjdk-amd64/bin/java 
-Djava.util.logging.config.file=/var/lib/tomcat9/conf/logging.properties 
-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 
-Dlog4j2.formatMsgNoLookups=True -Djdk.tls.ephemeralDHKeySize=2048 
-Djava.protocol.handler.pkgs=org.apache.catalina.webresources 
-Dorg.apache.catalina.security.SecurityListener.UMASK=0027 
-Dignore.endorsed.dirs= -classpath 
/usr/share/tomcat9/bin/bootstrap.jar:/usr/share/tomcat9/bin/tomcat-juli.jar 
-Dcatalina.base=/var/lib/tomcat9 -Dcatalina.home=/usr/share/tomcat9 
-Djava.io.tmpdir=/tmp org.apache.catalina.startup.Bootstrap start



Le vendredi 28 octobre 2022 à 20:15:35 UTC+2, Ray Bon a écrit :

> lanf,
>
> If you are on linux you can use this command to see access and ownership 
> of the services directory (on my laptop):
> ls -l /etc/cas/
> total 4
> drwxrwxr-x 3 rbon rbon 4096 Jun 16 18:36 services
>
> To see the process owner for the container running cas (this is for tomcat 
> running, substitute your app server)
> ps aux | grep tomcat
> rbon 336911 338 7.0 11769108 2314612 pts/10 SNl 11:12 1:17 /usr/bin/java 
> -Djava.util.logging.config.file=/home/rbon/Applications/mgmt/conf/logging.properties
>  
> -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 
> -Djdk.tls.ephemeralDHKeySize=2048 
> -Djava.protocol.handler.pkgs=org.apache.catalina.webresources 
> -Dorg.apache.catalina.security.SecurityListener.UMASK=0027 
> -Djava.awt.headless=true -XX:+UseG1GC -Xms1024m -Xmx2048m 
> -Dcas.standalone.configurationDirectory=/home/uvtomcat/cas-management_config 
> -Dignore.endorsed.dirs= -classpath 
> /home/rbon/Applications/mgmt/bin/bootstrap.jar:/home/rbon/Applications/mgmt/bin/tomcat-juli.jar
>  
> -Dcatalina.base=/home/rbon/Applications/mgmt 
> -Dcatalina.home=/home/rbon/Applications/mgmt 
> -Djava.io.tmpdir=/home/rbon/Applications/mgmt/temp 
> org.apache.catalina.startup.Bootstrap start
>
> If you need more info, provide more details about your configuration.
>
> Ray
>
> On Thu, 2022-10-27 at 22:46 -0700, lanf detroy wrote:
>
> Notice: This message was sent from outside the University of Victoria 
> email system. Please be cautious with links and sensitive information.
>
> I don't know where to look for this? What parameter to put?
>
> Le jeudi 27 octobre 2022 à 18:37:46 UTC+2, Ray Bon a écrit :
>
> lanf,
>
> Check that the process that is running cas management has write access to 
> the directory in the config.
>
> Ray
>
> On Thu, 2022-10-27 at 07:42 -0700, lanf detroy wrote:
>
> Notice: This message was sent from outside the University of Victoria 
> email system. Please be cautious with links and sensitive information.
>
>
> [2022-10-27 16:40:14] [info] 
> =
> [2022-10-27 16:40:14] [info] WHO: me
> [2022-10-27 16:40:14] [info] WHAT: IO error opening file stream.
> [2022-10-27 16:40:14] [info] ACTION: SAVE_SERVICE_FAILED
> [2022-10-27 16:40:14] [info] APPLICATION: CAS_Management
> [2022-10-27 16:40:14] [info] WHEN: Thu Oct 27 16:40:14 CEST 2022
> [2022-10-27 16:40:14] [info] CLIENT IP ADDRESS: 192.168.1.254
> [2022-10-27 16:40:14] [info] SERVER IP ADDRESS: 192.168.1.14
> [2022-10-27 16:40:14] [info] 
> =
> [2022-10-27 16:40:14] [info] >
> [2022-10-27 16:40:14] [info] 2022-10-27 16:40:14,159 ERROR 
> [org.springframework.boot.web.servlet.support.ErrorPageFilter] - 
>  [org.springframework.web.util.NestedServletException: Request processing 
> failed; nested exception is java.lang.IllegalArgumentException: IO error 
> opening file stream.]>
> [2022-10-27 16:40:14] [info] java.lang.RuntimeException: 
> org.springframework.web.util.NestedServletException: Request processing 
> failed; nested exception is java.lang.IllegalArgumentException: IO error 
> opening file stream
>
> Le jeudi 27 octobre 2022 à 15:45:52 UTC+2, lanf detroy a écrit :
>
>
> Hello,
>  I installed cas-management in version 6.6.0, and when I create a service 
> and I want to register it I have the following error:
> An error has occurred while attempting to save the service. Please try 
> again later.
>
> I see the services that I created by hand in the directory 
> /etc/cas/services
>
> Can you help me?
>
>
>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To

Re: [cas-user] Re: cas-management error creating service

[Ray Bon]

lanf,

If you are on linux you can use this command to see access and ownership of the 
services directory (on my laptop):
ls -l /etc/cas/
total 4
drwxrwxr-x 3 rbon rbon 4096 Jun 16 18:36 services

To see the process owner for the container running cas (this is for tomcat 
running, substitute your app server)
ps aux | grep tomcat
rbon 336911 338 7.0 11769108 2314612 pts/10 SNl 11:12 1:17 /usr/bin/java 
-Djava.util.logging.config.file=/home/rbon/Applications/mgmt/conf/logging.properties
 -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 
-Djdk.tls.ephemeralDHKeySize=2048 
-Djava.protocol.handler.pkgs=org.apache.catalina.webresources 
-Dorg.apache.catalina.security.SecurityListener.UMASK=0027 
-Djava.awt.headless=true -XX:+UseG1GC -Xms1024m -Xmx2048m 
-Dcas.standalone.configurationDirectory=/home/uvtomcat/cas-management_config 
-Dignore.endorsed.dirs= -classpath 
/home/rbon/Applications/mgmt/bin/bootstrap.jar:/home/rbon/Applications/mgmt/bin/tomcat-juli.jar
 -Dcatalina.base=/home/rbon/Applications/mgmt 
-Dcatalina.home=/home/rbon/Applications/mgmt 
-Djava.io.tmpdir=/home/rbon/Applications/mgmt/temp 
org.apache.catalina.startup.Bootstrap start

If you need more info, provide more details about your configuration.

Ray

On Thu, 2022-10-27 at 22:46 -0700, lanf detroy wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

I don't know where to look for this? What parameter to put?

Le jeudi 27 octobre 2022 à 18:37:46 UTC+2, Ray Bon a écrit :
lanf,

Check that the process that is running cas management has write access to the 
directory in the config.

Ray

On Thu, 2022-10-27 at 07:42 -0700, lanf detroy wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

[2022-10-27 16:40:14] [info] 
=
[2022-10-27 16:40:14] [info] WHO: me
[2022-10-27 16:40:14] [info] WHAT: IO error opening file stream.
[2022-10-27 16:40:14] [info] ACTION: SAVE_SERVICE_FAILED
[2022-10-27 16:40:14] [info] APPLICATION: CAS_Management
[2022-10-27 16:40:14] [info] WHEN: Thu Oct 27 16:40:14 CEST 2022
[2022-10-27 16:40:14] [info] CLIENT IP ADDRESS: 192.168.1.254
[2022-10-27 16:40:14] [info] SERVER IP ADDRESS: 192.168.1.14
[2022-10-27 16:40:14] [info] 
=
[2022-10-27 16:40:14] [info] >
[2022-10-27 16:40:14] [info] 2022-10-27 16:40:14,159 ERROR 
[org.springframework.boot.web.servlet.support.ErrorPageFilter] - 
[2022-10-27 16:40:14] [info] java.lang.RuntimeException: 
org.springframework.web.util.NestedServletException: Request processing failed; 
nested exception is java.lang.IllegalArgumentException: IO error opening file 
stream

Le jeudi 27 octobre 2022 à 15:45:52 UTC+2, lanf detroy a écrit :

Hello,
 I installed cas-management in version 6.6.0, and when I create a service and I 
want to register it I have the following error:
An error has occurred while attempting to save the service. Please try again 
later.

I see the services that I created by hand in the directory /etc/cas/services

Can you help me?



-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/56c885094d1507ff4f989971e887390cb7da4737.camel%40uvic.ca.

Re: [cas-user] Re: cas-management error creating service

[lanf detroy]

 I don't know where to look for this? What parameter to put? 

Le jeudi 27 octobre 2022 à 18:37:46 UTC+2, Ray Bon a écrit :

> lanf,
>
> Check that the process that is running cas management has write access to 
> the directory in the config.
>
> Ray
>
> On Thu, 2022-10-27 at 07:42 -0700, lanf detroy wrote:
>
> Notice: This message was sent from outside the University of Victoria 
> email system. Please be cautious with links and sensitive information.
>
>
> [2022-10-27 16:40:14] [info] 
> =
> [2022-10-27 16:40:14] [info] WHO: me
> [2022-10-27 16:40:14] [info] WHAT: IO error opening file stream.
> [2022-10-27 16:40:14] [info] ACTION: SAVE_SERVICE_FAILED
> [2022-10-27 16:40:14] [info] APPLICATION: CAS_Management
> [2022-10-27 16:40:14] [info] WHEN: Thu Oct 27 16:40:14 CEST 2022
> [2022-10-27 16:40:14] [info] CLIENT IP ADDRESS: 192.168.1.254
> [2022-10-27 16:40:14] [info] SERVER IP ADDRESS: 192.168.1.14
> [2022-10-27 16:40:14] [info] 
> =
> [2022-10-27 16:40:14] [info] >
> [2022-10-27 16:40:14] [info] 2022-10-27 16:40:14,159 ERROR 
> [org.springframework.boot.web.servlet.support.ErrorPageFilter] - 
>  [org.springframework.web.util.NestedServletException: Request processing 
> failed; nested exception is java.lang.IllegalArgumentException: IO error 
> opening file stream.]>
> [2022-10-27 16:40:14] [info] java.lang.RuntimeException: 
> org.springframework.web.util.NestedServletException: Request processing 
> failed; nested exception is java.lang.IllegalArgumentException: IO error 
> opening file stream
>
> Le jeudi 27 octobre 2022 à 15:45:52 UTC+2, lanf detroy a écrit :
>
>
> Hello,
>  I installed cas-management in version 6.6.0, and when I create a service 
> and I want to register it I have the following error:
> An error has occurred while attempting to save the service. Please try 
> again later.
>
> I see the services that I created by hand in the directory 
> /etc/cas/services
>
> Can you help me?
>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/97240d83-5246-4088-9144-f89222f3ab33n%40apereo.org.

Re: [cas-user] Re: cas-management error creating service

[Ray Bon]

lanf,

Check that the process that is running cas management has write access to the 
directory in the config.

Ray

On Thu, 2022-10-27 at 07:42 -0700, lanf detroy wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

[2022-10-27 16:40:14] [info] 
=
[2022-10-27 16:40:14] [info] WHO: me
[2022-10-27 16:40:14] [info] WHAT: IO error opening file stream.
[2022-10-27 16:40:14] [info] ACTION: SAVE_SERVICE_FAILED
[2022-10-27 16:40:14] [info] APPLICATION: CAS_Management
[2022-10-27 16:40:14] [info] WHEN: Thu Oct 27 16:40:14 CEST 2022
[2022-10-27 16:40:14] [info] CLIENT IP ADDRESS: 192.168.1.254
[2022-10-27 16:40:14] [info] SERVER IP ADDRESS: 192.168.1.14
[2022-10-27 16:40:14] [info] 
=
[2022-10-27 16:40:14] [info] >
[2022-10-27 16:40:14] [info] 2022-10-27 16:40:14,159 ERROR 
[org.springframework.boot.web.servlet.support.ErrorPageFilter] - 
[2022-10-27 16:40:14] [info] java.lang.RuntimeException: 
org.springframework.web.util.NestedServletException: Request processing failed; 
nested exception is java.lang.IllegalArgumentException: IO error opening file 
stream

Le jeudi 27 octobre 2022 à 15:45:52 UTC+2, lanf detroy a écrit :

Hello,
 I installed cas-management in version 6.6.0, and when I create a service and I 
want to register it I have the following error:
An error has occurred while attempting to save the service. Please try again 
later.

I see the services that I created by hand in the directory /etc/cas/services

Can you help me?


-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/72dcd5f119bf26f3949bd3e5f5dcd6408c87fbb8.camel%40uvic.ca.

[cas-user] Re: cas-management error creating service

[lanf detroy]

[2022-10-27 16:40:14] [info] 
=
[2022-10-27 16:40:14] [info] WHO: me
[2022-10-27 16:40:14] [info] WHAT: IO error opening file stream.
[2022-10-27 16:40:14] [info] ACTION: SAVE_SERVICE_FAILED
[2022-10-27 16:40:14] [info] APPLICATION: CAS_Management
[2022-10-27 16:40:14] [info] WHEN: Thu Oct 27 16:40:14 CEST 2022
[2022-10-27 16:40:14] [info] CLIENT IP ADDRESS: 192.168.1.254
[2022-10-27 16:40:14] [info] SERVER IP ADDRESS: 192.168.1.14
[2022-10-27 16:40:14] [info] 
=
[2022-10-27 16:40:14] [info] >
[2022-10-27 16:40:14] [info] 2022-10-27 16:40:14,159 ERROR 
[org.springframework.boot.web.servlet.support.ErrorPageFilter] - 

[2022-10-27 16:40:14] [info] java.lang.RuntimeException: 
org.springframework.web.util.NestedServletException: Request processing 
failed; nested exception is java.lang.IllegalArgumentException: IO error 
opening file stream

Le jeudi 27 octobre 2022 à 15:45:52 UTC+2, lanf detroy a écrit :

>
> Hello,
>  I installed cas-management in version 6.6.0, and when I create a service 
> and I want to register it I have the following error: 
> An error has occurred while attempting to save the service. Please try 
> again later.
>
> I see the services that I created by hand in the directory 
> /etc/cas/services
>
> Can you help me?
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/bcf8ffb3-bb01-4887-b6fa-2de5ab9ff3e9n%40apereo.org.

[cas-user] Re: CAS Management 6.5 tomcat AJP

[Jonathan MacDonald]

Hi Eric, would you mind posting your apache https proxy config?  I may be 
able to point you in the right direction to make that work.

On Tuesday, 23 August 2022 at 08:53:40 UTC-5 Mallory, Erik wrote:

> Hello,
> Is there a way to get the CAS Management Webapp to use AJP ports, I'd
> like to front end the application with Apache.
> I attempted to use Apache's https proxy to 8443 which works, but when I
> authenticate against CAS it redirects me to cas-mgmt.domain.tld:8443. 
> It would appear that the management app is inserting the server.port
> property into the the data sent to CAS, and cas dutifully returns the
> user to the server:port. 
>
> If I could use AJP that would solve this problem.
> I includled the following in the build.gradle
> compile "org.apereo.cas:cas-mgmt-webapp-
> tomcat:${project.'casmgmt.version'}
>
> And attempted to use the following properties:
>
> server.tomcat.ajp.enabled=true
> server.tomcat.ajp.port=8009
> server.tomcat.ajp.protocol=AJP/1.3
> server.tomcat.ajp.async-timeout=5000
> server.tomcat.ajp.scheme=https
> server.tomcat.ajp.max-post-size=20971520
> server.tomcat.ajp.proxy-port=10443
> server.tomcat.ajp.enable-lookups=false
> #cas.server.tomcat.ajp.redirect-port=-1
> server.tomcat.ajp.allow-trace=false
> server.tomcat.ajp.secure=false
>
> If ajp does not work with the cas-management webapp
> Is there away to NOT send the server.port propperty in the connection 
> string so cas will just redirect to cas-mgmt.domain.tld ?
> Thanks,
> -- 
> Erik Mallory
> Server Analyst
> Wichita State University
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/cc5ada5a-4610-4201-b302-0ad0d31d5fffn%40apereo.org.

[cas-user] Re: CAS Management overlay 6.3.7 run failed due to ConnectTimeoutException: Connect to mdq.incommon.org:443

[Arnauld Peyrou]

Hello,

Thank you for your message, you solve my problem with the launch of  
cas-management 6.3.7

Le jeudi 10 février 2022 à 17:14:21 UTC+1, petr.f...@gmail.com a écrit :

> Hello,
> Some versions of the CAS Mgmt app have an if-statement in their code that 
> disables the incommon checking when the incommon URL is empty. For example:
>
> https://github.com/apereo/cas-management/blob/6.2.x/support/cas-mgmt-support-saml/src/main/java/org/apereo/cas/mgmt/InCommonMetadataAggregateResolver.java#L116
>
> Try setting the properties like this (yes, set property to null)
> mgmt.in-common-mdq-url=
>
> I have this tested and working on a 6.2.x branch of CAS Mgmt, but the 
> 6.3.x didnt seem to have such option, at least in some versions.
> Cheers,
> Fiisch
> Dne čtvrtek 10. února 2022 v 11:54:37 UTC+1 uživatel pranee...@gmail.com 
> napsal:
>
>> Thanks Olivier for your reply.
>>
>> The site   mdq.incommon.org:443 is blocked in my machine. I tried 
>> adding   
>> spring.autoconfigure.exclude=org.apereo.cas.mgmt.config.CasManagementSamlConfiguration
>> property in cas.properties of CAS server overlay as well as 
>> management.properties of CAS management overlay but still the same error 
>> persists.
>>
>> Thanks,
>> Praneeth.
>>
>> On Monday, February 7, 2022 at 8:33:52 PM UTC+5:30 Olivier Begon wrote:
>>
>>> Hi Pranee,
>>>
>>> The error you have is seems to be that the CAS Management cannot connect 
>>> to mdq.incommon.org:443. Have you checked if you have access to that 
>>> address from your local machine running CAS Mgmt? Can you telnet/ping that 
>>> site?
>>> If you are not able to open access, you can try to add the following 
>>> property to your cas.properties file, this should disable the InCommon MDQ 
>>> check:
>>>
>>> spring.autoconfigure.exclude=org.apereo.cas.mgmt.config.CasManagementSamlConfiguration
>>>
>>> Thanks
>>> Olivier.
>>>
>>> On Friday, February 4, 2022 at 6:19:11 AM UTC-5 pranee...@gmail.com 
>>> wrote:
>>>
 Hi All,

 I am trying to run CAS Management overlay 6.3.7 in my local. While 
 build is successful, gradlew run command stops with below logs. I have 
 tried adding incommon.pem certificate too under src/main/resources but 
 error persists. PFB error log.. any suggestions would be helpful. 
 Thanks.

 2022-02-04 16:17:52,026 ERROR [org.apereo.cas.util.HttpUtils] - 
 >>> mdq.incommon.org/13.249.208.33, mdq.incommon.org/13.249.208.107, 
 mdq.incommon.org/13.249.208.65] failed: connect timed out>
 org.apache.http.conn.ConnectTimeoutException: Connect to 
 mdq.incommon.org:443 [mdq.incommon.org/13.249.208.69, 
 mdq.incommon.org/13.249.208.33, mdq.incommon.org/13.249.208.107, 
 mdq.incommon.org/13.249.208.65] failed: connect timed out
 at 
 org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:151)
  
 ~[httpclient-4.5.13.jar!/:4.5.13]
 at 
 org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:376)
  
 ~[httpclient-4.5.13.jar!/:4.5.13]
 at 
 org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393)
  
 ~[httpclient-4.5.13.jar!/:4.5.13]
 at 
 org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
  
 ~[httpclient-4.5.13.jar!/:4.5.13]
 at 
 org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186) 
 ~[httpclient-4.5.13.jar!/:4.5.13]
 at 
 org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89) 
 ~[httpclient-4.5.13.jar!/:4.5.13]
 at 
 org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110) 
 ~[httpclient-4.5.13.jar!/:4.5.13]
 at 
 org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
  
 ~[httpclient-4.5.13.jar!/:4.5.13]
 at 
 org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
  
 ~[httpclient-4.5.13.jar!/:4.5.13]
 at 
 org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108)
  
 ~[httpclient-4.5.13.jar!/:4.5.13]
 at org.apereo.cas.util.HttpUtils.execute(HttpUtils.java:200) 
 ~[cas-server-core-util-api-6.3.7.4.jar!/:6.3.7.4]
 at org.apereo.cas.util.HttpUtils.executeGet(HttpUtils.java:275) 
 ~[cas-server-core-util-api-6.3.7.4.jar!/:6.3.7.4]
 at org.apereo.cas.util.HttpUtils.executeGet(HttpUtils.java:255) 
 ~[cas-server-core-util-api-6.3.7.4.jar!/:6.3.7.4]
 at 
 org.apereo.cas.mgmt.InCommonMetadataAggregateResolver.fetchMetadata(InCommonMetadataAggregateResolver.java:115)
  
 ~[cas-mgmt-support-saml-6.3.7.jar!/:6.3.7]
 at 
 org.apereo.cas.mgmt.InCommonMetadataAggregateResolver.fromInCommon(InCommonMetadataAggregateResolver

[cas-user] Re: CAS Management overlay 6.3.7 run failed due to ConnectTimeoutException: Connect to mdq.incommon.org:443

[Petr Fišer]

Hello,
Some versions of the CAS Mgmt app have an if-statement in their code that 
disables the incommon checking when the incommon URL is empty. For example:
https://github.com/apereo/cas-management/blob/6.2.x/support/cas-mgmt-support-saml/src/main/java/org/apereo/cas/mgmt/InCommonMetadataAggregateResolver.java#L116

Try setting the properties like this (yes, set property to null)
mgmt.in-common-mdq-url=

I have this tested and working on a 6.2.x branch of CAS Mgmt, but the 6.3.x 
didnt seem to have such option, at least in some versions.
Cheers,
Fiisch
Dne čtvrtek 10. února 2022 v 11:54:37 UTC+1 uživatel pranee...@gmail.com 
napsal:

> Thanks Olivier for your reply.
>
> The site   mdq.incommon.org:443 is blocked in my machine. I tried 
> adding   
> spring.autoconfigure.exclude=org.apereo.cas.mgmt.config.CasManagementSamlConfiguration
> property in cas.properties of CAS server overlay as well as 
> management.properties of CAS management overlay but still the same error 
> persists.
>
> Thanks,
> Praneeth.
>
> On Monday, February 7, 2022 at 8:33:52 PM UTC+5:30 Olivier Begon wrote:
>
>> Hi Pranee,
>>
>> The error you have is seems to be that the CAS Management cannot connect 
>> to mdq.incommon.org:443. Have you checked if you have access to that 
>> address from your local machine running CAS Mgmt? Can you telnet/ping that 
>> site?
>> If you are not able to open access, you can try to add the following 
>> property to your cas.properties file, this should disable the InCommon MDQ 
>> check:
>>
>> spring.autoconfigure.exclude=org.apereo.cas.mgmt.config.CasManagementSamlConfiguration
>>
>> Thanks
>> Olivier.
>>
>> On Friday, February 4, 2022 at 6:19:11 AM UTC-5 pranee...@gmail.com 
>> wrote:
>>
>>> Hi All,
>>>
>>> I am trying to run CAS Management overlay 6.3.7 in my local. While build 
>>> is successful, gradlew run command stops with below logs. I have tried 
>>> adding incommon.pem certificate too under src/main/resources but error 
>>> persists. PFB error log.. any suggestions would be helpful. 
>>> Thanks.
>>>
>>> 2022-02-04 16:17:52,026 ERROR [org.apereo.cas.util.HttpUtils] - >> to mdq.incommon.org:443 [mdq.incommon.org/13.249.208.69, 
>>> mdq.incommon.org/13.249.208.33, mdq.incommon.org/13.249.208.107, 
>>> mdq.incommon.org/13.249.208.65] failed: connect timed out>
>>> org.apache.http.conn.ConnectTimeoutException: Connect to 
>>> mdq.incommon.org:443 [mdq.incommon.org/13.249.208.69, 
>>> mdq.incommon.org/13.249.208.33, mdq.incommon.org/13.249.208.107, 
>>> mdq.incommon.org/13.249.208.65] failed: connect timed out
>>> at 
>>> org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:151)
>>>  
>>> ~[httpclient-4.5.13.jar!/:4.5.13]
>>> at 
>>> org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:376)
>>>  
>>> ~[httpclient-4.5.13.jar!/:4.5.13]
>>> at 
>>> org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393)
>>>  
>>> ~[httpclient-4.5.13.jar!/:4.5.13]
>>> at 
>>> org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
>>>  
>>> ~[httpclient-4.5.13.jar!/:4.5.13]
>>> at 
>>> org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186) 
>>> ~[httpclient-4.5.13.jar!/:4.5.13]
>>> at 
>>> org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89) 
>>> ~[httpclient-4.5.13.jar!/:4.5.13]
>>> at 
>>> org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110) 
>>> ~[httpclient-4.5.13.jar!/:4.5.13]
>>> at 
>>> org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
>>>  
>>> ~[httpclient-4.5.13.jar!/:4.5.13]
>>> at 
>>> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
>>>  
>>> ~[httpclient-4.5.13.jar!/:4.5.13]
>>> at 
>>> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108)
>>>  
>>> ~[httpclient-4.5.13.jar!/:4.5.13]
>>> at org.apereo.cas.util.HttpUtils.execute(HttpUtils.java:200) 
>>> ~[cas-server-core-util-api-6.3.7.4.jar!/:6.3.7.4]
>>> at org.apereo.cas.util.HttpUtils.executeGet(HttpUtils.java:275) 
>>> ~[cas-server-core-util-api-6.3.7.4.jar!/:6.3.7.4]
>>> at org.apereo.cas.util.HttpUtils.executeGet(HttpUtils.java:255) 
>>> ~[cas-server-core-util-api-6.3.7.4.jar!/:6.3.7.4]
>>> at 
>>> org.apereo.cas.mgmt.InCommonMetadataAggregateResolver.fetchMetadata(InCommonMetadataAggregateResolver.java:115)
>>>  
>>> ~[cas-mgmt-support-saml-6.3.7.jar!/:6.3.7]
>>> at 
>>> org.apereo.cas.mgmt.InCommonMetadataAggregateResolver.fromInCommon(InCommonMetadataAggregateResolver.java:128)
>>>  
>>> ~[cas-mgmt-support-saml-6.3.7.jar!/:6.3.7]
>>> at 
>>> org.apereo.cas.mgmt.InCommonMetadataAggregateResolver.reloadInCommon(InCommonMetadataAggregateResolver.java:105)
>>>  
>>> ~[cas-mgmt-support-saml-6.3.7.jar!/:

[cas-user] Re: CAS Management overlay 6.3.7 run failed due to ConnectTimeoutException: Connect to mdq.incommon.org:443

[Praneeth Yaji]

Thanks Olivier for your reply.

The site   mdq.incommon.org:443 is blocked in my machine. I tried adding   
spring.autoconfigure.exclude=org.apereo.cas.mgmt.config.CasManagementSamlConfiguration
property in cas.properties of CAS server overlay as well as 
management.properties of CAS management overlay but still the same error 
persists.

Thanks,
Praneeth.

On Monday, February 7, 2022 at 8:33:52 PM UTC+5:30 Olivier Begon wrote:

> Hi Pranee,
>
> The error you have is seems to be that the CAS Management cannot connect 
> to mdq.incommon.org:443. Have you checked if you have access to that 
> address from your local machine running CAS Mgmt? Can you telnet/ping that 
> site?
> If you are not able to open access, you can try to add the following 
> property to your cas.properties file, this should disable the InCommon MDQ 
> check:
>
> spring.autoconfigure.exclude=org.apereo.cas.mgmt.config.CasManagementSamlConfiguration
>
> Thanks
> Olivier.
>
> On Friday, February 4, 2022 at 6:19:11 AM UTC-5 pranee...@gmail.com wrote:
>
>> Hi All,
>>
>> I am trying to run CAS Management overlay 6.3.7 in my local. While build 
>> is successful, gradlew run command stops with below logs. I have tried 
>> adding incommon.pem certificate too under src/main/resources but error 
>> persists. PFB error log.. any suggestions would be helpful. 
>> Thanks.
>>
>> 2022-02-04 16:17:52,026 ERROR [org.apereo.cas.util.HttpUtils] - > to mdq.incommon.org:443 [mdq.incommon.org/13.249.208.69, 
>> mdq.incommon.org/13.249.208.33, mdq.incommon.org/13.249.208.107, 
>> mdq.incommon.org/13.249.208.65] failed: connect timed out>
>> org.apache.http.conn.ConnectTimeoutException: Connect to 
>> mdq.incommon.org:443 [mdq.incommon.org/13.249.208.69, 
>> mdq.incommon.org/13.249.208.33, mdq.incommon.org/13.249.208.107, 
>> mdq.incommon.org/13.249.208.65] failed: connect timed out
>> at 
>> org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:151)
>>  
>> ~[httpclient-4.5.13.jar!/:4.5.13]
>> at 
>> org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:376)
>>  
>> ~[httpclient-4.5.13.jar!/:4.5.13]
>> at 
>> org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393)
>>  
>> ~[httpclient-4.5.13.jar!/:4.5.13]
>> at 
>> org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
>>  
>> ~[httpclient-4.5.13.jar!/:4.5.13]
>> at 
>> org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186) 
>> ~[httpclient-4.5.13.jar!/:4.5.13]
>> at 
>> org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89) 
>> ~[httpclient-4.5.13.jar!/:4.5.13]
>> at 
>> org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110) 
>> ~[httpclient-4.5.13.jar!/:4.5.13]
>> at 
>> org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
>>  
>> ~[httpclient-4.5.13.jar!/:4.5.13]
>> at 
>> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
>>  
>> ~[httpclient-4.5.13.jar!/:4.5.13]
>> at 
>> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108)
>>  
>> ~[httpclient-4.5.13.jar!/:4.5.13]
>> at org.apereo.cas.util.HttpUtils.execute(HttpUtils.java:200) 
>> ~[cas-server-core-util-api-6.3.7.4.jar!/:6.3.7.4]
>> at org.apereo.cas.util.HttpUtils.executeGet(HttpUtils.java:275) 
>> ~[cas-server-core-util-api-6.3.7.4.jar!/:6.3.7.4]
>> at org.apereo.cas.util.HttpUtils.executeGet(HttpUtils.java:255) 
>> ~[cas-server-core-util-api-6.3.7.4.jar!/:6.3.7.4]
>> at 
>> org.apereo.cas.mgmt.InCommonMetadataAggregateResolver.fetchMetadata(InCommonMetadataAggregateResolver.java:115)
>>  
>> ~[cas-mgmt-support-saml-6.3.7.jar!/:6.3.7]
>> at 
>> org.apereo.cas.mgmt.InCommonMetadataAggregateResolver.fromInCommon(InCommonMetadataAggregateResolver.java:128)
>>  
>> ~[cas-mgmt-support-saml-6.3.7.jar!/:6.3.7]
>> at 
>> org.apereo.cas.mgmt.InCommonMetadataAggregateResolver.reloadInCommon(InCommonMetadataAggregateResolver.java:105)
>>  
>> ~[cas-mgmt-support-saml-6.3.7.jar!/:6.3.7]
>> at 
>> org.apereo.cas.mgmt.InCommonMetadataAggregateResolver.(InCommonMetadataAggregateResolver.java:61)
>>  
>> ~[cas-mgmt-support-saml-6.3.7.jar!/:6.3.7]
>> at 
>> org.apereo.cas.mgmt.config.CasManagementSamlConfiguration.metadataAggregateResolver(CasManagementSamlConfiguration.java:104)
>>  
>> ~[cas-mgmt-config-saml-6.3.7.jar!/:6.3.7]
>> at 
>> org.apereo.cas.mgmt.config.CasManagementSamlConfiguration$$EnhancerBySpringCGLIB$$81689af3.CGLIB$metadataAggregateResolver$3()
>>  
>> ~[cas-mgmt-config-saml-6.3.7.jar!/:6.3.7]
>> at 
>> org.apereo.cas.mgmt.config.CasManagementSamlConfiguration$$EnhancerBySpringCGLIB$$81689af3$$FastClassBySpringCGLIB$$b2943942.invoke()
>>  
>> ~[cas-mgmt-config-saml-6.3.7.jar!/:6.3

Re: [cas-user] Re: CAS Management Overlay 6.5 LDAP Issues?

[Ray Bon]

I was not quite done the previous email.

cas.authn.ldap[0]...
cas.authn.ldap[1]...
etc.


Ray

On Tue, 2022-02-08 at 10:13 -0800, Michael Santangelo wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

I changed my config to:

cas.authn.ldap[0].order=0
cas.authn.ldap[0].name=Tech Active Directory
cas.authn.ldap[0].type=AD
cas.authn.ldap[0].ldapUrl=ldap://:389
cas.authn.ldap[0].validatePeriod=270
cas.authn.ldap[0].poolPassivator=NONE
cas.authn.ldap[0].searchFilter=sAMAccountName={user}
cas.authn.ldap[0].baseDn=OU=Technology,OU=Staff,DC=CHS,DC=...
cas.authn.ldap[0].dnFormat=CN=%s,OU=Technology,OU=Staff,DC=...
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].bindDn=CN=casbind,CN=Users,DC=...
cas.authn.ldap[0].bindCredential=

And now it's working for people in that OU... Time to see if I can expand it to 
the entire Staff OU...

On Tuesday, February 8, 2022 at 11:03:31 AM UTC-5 Michael Santangelo wrote:
Hello all,

Forgive me for this, I'm brand new to CAS and I'm trying to get LDAP working.

I built an Ubuntu VM and did initial setup by doing:

  1.  git clone https://github.com/apereo/cas-overlay-template
  2.  I did some initial config changes in the cas.properties to get SSL up and 
running
  3.  Ran sudo ./gradlew clean copyCasConfiguration build run
  4.  I can login using the casuser and the default password as expected.  This 
part is all working fine.

So I tried adding LDAP support by:

  1.  Modify build.gradle by adding
implementation 
"org.apereo.cas:cas-server-support-ldap:${project.'cas.version'}"
to the dependencies section.
  2.  Modify cas.properties by adding:
# Disable casuser
cas.authn.accept.users=
# LDAP Servers Authenticated
cas.authn.ldap[0].ldapUrl=ldap://:389
#cas.authn.ldap[0].usessl=false
cas.authn.ldap[0].useStartTls=false
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].bindDn=cn=cas bind,CN=Users,DC=...
cas.authn.ldap[0].bindCredential=
# LDAP Servers Authenticated

# Search For CAS User
cas.authn.ldap[0].baseDn=OU=Technology,OU=Staff,DC=CHS,DC=...
cas.authn.ldap[0].subtreeSearch=true
#cas.authn.ldap[0].searchFilter=(&(objectClass=person)(uid={user}))
#cas.authn.ldap[0].searchFilter=uid={user}
cas.authn.ldap[0].searchFilter=sAMAaccountName={user}
#cas.authn.ldap[0].principalAttributeList=cn,givenName,mail,sn
# Search for CAS User
  3.  Ran sudo ./gradlew clean copyCasConfiguration build run

The page loads as usual.  I am unable to login as casuser, which is expected.  
I cannot login with any domain credentials.

In the log I get an error:
2022-02-08 15:43:49,567 INFO 
[org.apereo.cas.authentication.DefaultAuthenticationManager] - 
<[LdapAuthenticationHandler] exception details: [Unable to resolve user dn for 
].>

So I tried to verify that the server can connect via LDAP:

ldapsearch -H ldap://:389 -D "CN=cas bind,CN=Users,DC=..." -W 
samaccountname= -b "OU=Technology,OU=Staff,DC=..." -v

And I receive a valid result.

I'm not sure where the disconnect is, or what else I should search for.  Any 
tips or suggestions that you could provide would be helpful.

I'm attaching the output of Task :run.


--

Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE 019 | r...@uvic.ca

I acknowledge and respect the lək̓ʷəŋən peoples on whose traditional territory 
the university stands, and the Songhees, Esquimalt and WSÁNEĆ peoples whose 
historical relationships with the land continue to this day.

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/f58a9f3248ab49ae7a9afaddfa43d671f86b18d8.camel%40uvic.ca.

Re: [cas-user] Re: CAS Management Overlay 6.5 LDAP Issues?

[Michael Santangelo]

The finalized working bit for Active Directory LDAP was:

# Working LDAP Auth
cas.authn.ldap[0].order=0
cas.authn.ldap[0].name=Active Directory
cas.authn.ldap[0].type=AD
cas.authn.ldap[0].ldapUrl=ldap://:389
cas.authn.ldap[0].validatePeriod=270
cas.authn.ldap[0].poolPassivator=NONE
cas.authn.ldap[0].searchFilter=sAMAccountName={user}
cas.authn.ldap[0].baseDn=OU=Staff,DC=...
cas.authn.ldap[0].subtreeSearch=true
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].bindDn=CN=casbind,CN=Users,DC=...
cas.authn.ldap[0].bindCredential=
# Working LDAP Auth

:D

I even got Duo MFA working today. Thanks all!


On Tuesday, February 8, 2022 at 3:55:18 PM UTC-5 Felix Schumacher wrote:

> Are you sure, that you need to set dnFormat? If you have users in 
> different ou's, it will be difficult to use with a template as cn=%s,ou=... 
> and should not the dn be found by the searchFilter?
>
> Felix
> Am 08.02.22 um 19:13 schrieb Michael Santangelo:
>
> I changed my config to: 
>
> cas.authn.ldap[0].order=0
> cas.authn.ldap[0].name=Tech Active Directory
> cas.authn.ldap[0].type=AD
> cas.authn.ldap[0].ldapUrl=ldap://:389
> cas.authn.ldap[0].validatePeriod=270
> cas.authn.ldap[0].poolPassivator=NONE
> cas.authn.ldap[0].searchFilter=sAMAccountName={user}
> cas.authn.ldap[0].baseDn=OU=Technology,OU=Staff,DC=CHS,DC=...
> cas.authn.ldap[0].dnFormat=CN=%s,OU=Technology,OU=Staff,DC=...
> cas.authn.ldap[0].type=AUTHENTICATED
> cas.authn.ldap[0].bindDn=CN=casbind,CN=Users,DC=...
> cas.authn.ldap[0].bindCredential=
>
> And now it's working for people in that OU... Time to see if I can expand 
> it to the entire Staff OU... 
>
> On Tuesday, February 8, 2022 at 11:03:31 AM UTC-5 Michael Santangelo wrote:
>
>> Hello all, 
>>
>> Forgive me for this, I'm brand new to CAS and I'm trying to get LDAP 
>> working.
>>
>> I built an Ubuntu VM and did initial setup by doing:
>>
>>1. git clone https://github.com/apereo/cas-overlay-template
>>2. I did some initial config changes in the cas.properties to get SSL 
>>up and running 
>>3. Ran sudo ./gradlew clean copyCasConfiguration build run 
>>4. I can login using the casuser and the default password as 
>>expected.  This part is all working fine. 
>>
>> So I tried adding LDAP support by:
>>
>>1. Modify build.gradle by adding 
>>implementation 
>>"org.apereo.cas:cas-server-support-ldap:${project.'cas.version'}"
>>to the dependencies section. 
>>2. Modify cas.properties by adding:
>># Disable casuser
>>cas.authn.accept.users=
>># LDAP Servers Authenticated
>>cas.authn.ldap[0].ldapUrl=ldap://:389
>>#cas.authn.ldap[0].usessl=false
>>cas.authn.ldap[0].useStartTls=false
>>cas.authn.ldap[0].type=AUTHENTICATED
>>cas.authn.ldap[0].bindDn=cn=cas bind,CN=Users,DC=...
>>cas.authn.ldap[0].bindCredential=
>># LDAP Servers Authenticated
>>
>># Search For CAS User
>>cas.authn.ldap[0].baseDn=OU=Technology,OU=Staff,DC=CHS,DC=...
>>cas.authn.ldap[0].subtreeSearch=true
>>#cas.authn.ldap[0].searchFilter=(&(objectClass=person)(uid={user}))
>>#cas.authn.ldap[0].searchFilter=uid={user}
>>cas.authn.ldap[0].searchFilter=sAMAaccountName={user}
>>#cas.authn.ldap[0].principalAttributeList=cn,givenName,mail,sn
>># Search for CAS User 
>>3. Ran sudo ./gradlew clean copyCasConfiguration build run 
>>
>> The page loads as usual.  I am unable to login as casuser, which is 
>> expected.  I cannot login with any domain credentials.
>>
>> In the log I get an error:
>> 2022-02-08 15:43:49,567 INFO 
>> [org.apereo.cas.authentication.DefaultAuthenticationManager] - 
>> <[LdapAuthenticationHandler] exception details: [Unable to resolve user dn 
>> for ].>
>>
>> So I tried to verify that the server can connect via LDAP:
>>
>> ldapsearch -H ldap://:389 -D "CN=cas 
>> bind,CN=Users,DC=..." -W samaccountname= -b 
>> "OU=Technology,OU=Staff,DC=..." -v
>>
>> And I receive a valid result.
>>
>> I'm not sure where the disconnect is, or what else I should search for.  
>> Any tips or suggestions that you could provide would be helpful.
>>
>> I'm attaching the output of Task :run.
>>
> -- 
>
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> --- 
> You received this message because you are subscribed to the Google Groups 
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to cas-user+u...@apereo.org.
>
> To view this discussion on the web visit 
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/bff98751-3a50-4786-81a9-cc38a6228cc4n%40apereo.org
>  
> 
> .
>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7

Re: [cas-user] Re: CAS Management Overlay 6.5 LDAP Issues?

[Ray Bon]

Michael,

To follow up on Felix's post.
You can create multiple ldap (ldap entries, one for each ou. cas will search 
them the order they are in your properties file.

Ray

On Tue, 2022-02-08 at 10:13 -0800, Michael Santangelo wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

I changed my config to:

cas.authn.ldap[0].order=0
cas.authn.ldap[0].name=Tech Active Directory
cas.authn.ldap[0].type=AD
cas.authn.ldap[0].ldapUrl=ldap://:389
cas.authn.ldap[0].validatePeriod=270
cas.authn.ldap[0].poolPassivator=NONE
cas.authn.ldap[0].searchFilter=sAMAccountName={user}
cas.authn.ldap[0].baseDn=OU=Technology,OU=Staff,DC=CHS,DC=...
cas.authn.ldap[0].dnFormat=CN=%s,OU=Technology,OU=Staff,DC=...
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].bindDn=CN=casbind,CN=Users,DC=...
cas.authn.ldap[0].bindCredential=

And now it's working for people in that OU... Time to see if I can expand it to 
the entire Staff OU...

On Tuesday, February 8, 2022 at 11:03:31 AM UTC-5 Michael Santangelo wrote:
Hello all,

Forgive me for this, I'm brand new to CAS and I'm trying to get LDAP working.

I built an Ubuntu VM and did initial setup by doing:

  1.  git clone https://github.com/apereo/cas-overlay-template
  2.  I did some initial config changes in the cas.properties to get SSL up and 
running
  3.  Ran sudo ./gradlew clean copyCasConfiguration build run
  4.  I can login using the casuser and the default password as expected.  This 
part is all working fine.

So I tried adding LDAP support by:

  1.  Modify build.gradle by adding
implementation 
"org.apereo.cas:cas-server-support-ldap:${project.'cas.version'}"
to the dependencies section.
  2.  Modify cas.properties by adding:
# Disable casuser
cas.authn.accept.users=
# LDAP Servers Authenticated
cas.authn.ldap[0].ldapUrl=ldap://:389
#cas.authn.ldap[0].usessl=false
cas.authn.ldap[0].useStartTls=false
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].bindDn=cn=cas bind,CN=Users,DC=...
cas.authn.ldap[0].bindCredential=
# LDAP Servers Authenticated

# Search For CAS User
cas.authn.ldap[0].baseDn=OU=Technology,OU=Staff,DC=CHS,DC=...
cas.authn.ldap[0].subtreeSearch=true
#cas.authn.ldap[0].searchFilter=(&(objectClass=person)(uid={user}))
#cas.authn.ldap[0].searchFilter=uid={user}
cas.authn.ldap[0].searchFilter=sAMAaccountName={user}
#cas.authn.ldap[0].principalAttributeList=cn,givenName,mail,sn
# Search for CAS User
  3.  Ran sudo ./gradlew clean copyCasConfiguration build run

The page loads as usual.  I am unable to login as casuser, which is expected.  
I cannot login with any domain credentials.

In the log I get an error:
2022-02-08 15:43:49,567 INFO 
[org.apereo.cas.authentication.DefaultAuthenticationManager] - 
<[LdapAuthenticationHandler] exception details: [Unable to resolve user dn for 
].>

So I tried to verify that the server can connect via LDAP:

ldapsearch -H ldap://:389 -D "CN=cas bind,CN=Users,DC=..." -W 
samaccountname= -b "OU=Technology,OU=Staff,DC=..." -v

And I receive a valid result.

I'm not sure where the disconnect is, or what else I should search for.  Any 
tips or suggestions that you could provide would be helpful.

I'm attaching the output of Task :run.


--

Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE 019 | r...@uvic.ca

I acknowledge and respect the lək̓ʷəŋən peoples on whose traditional territory 
the university stands, and the Songhees, Esquimalt and WSÁNEĆ peoples whose 
historical relationships with the land continue to this day.

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/e35a3b68aac5bc9c6a3684e36340bd5e69460ae4.camel%40uvic.ca.

Re: [cas-user] Re: CAS Management Overlay 6.5 LDAP Issues?

[Felix Schumacher]

I think you should use only one entry for "type". (Currently you will 
probably use AUTHENTICATED)


Felix

Am 08.02.22 um 22:07 schrieb Michael Santangelo:

The finalized working bit for Active Directory LDAP was:

# Working LDAP Auth
cas.authn.ldap[0].order=0
cas.authn.ldap[0].name=Active Directory
cas.authn.ldap[0].type=AD
cas.authn.ldap[0].ldapUrl=ldap://:389
cas.authn.ldap[0].validatePeriod=270
cas.authn.ldap[0].poolPassivator=NONE
cas.authn.ldap[0].searchFilter=sAMAccountName={user}
cas.authn.ldap[0].baseDn=OU=Staff,DC=...
cas.authn.ldap[0].subtreeSearch=true
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].bindDn=CN=casbind,CN=Users,DC=...
cas.authn.ldap[0].bindCredential=
# Working LDAP Auth

:D

I even got Duo MFA working today. Thanks all!


On Tuesday, February 8, 2022 at 3:55:18 PM UTC-5 Felix Schumacher wrote:

Are you sure, that you need to set dnFormat? If you have users in
different ou's, it will be difficult to use with a template as
cn=%s,ou=... and should not the dn be found by the searchFilter?

Felix

Am 08.02.22 um 19:13 schrieb Michael Santangelo:

I changed my config to:

cas.authn.ldap[0].order=0
cas.authn.ldap[0].name=Tech Active Directory
cas.authn.ldap[0].type=AD
cas.authn.ldap[0].ldapUrl=ldap://:389
cas.authn.ldap[0].validatePeriod=270
cas.authn.ldap[0].poolPassivator=NONE
cas.authn.ldap[0].searchFilter=sAMAccountName={user}
cas.authn.ldap[0].baseDn=OU=Technology,OU=Staff,DC=CHS,DC=...
cas.authn.ldap[0].dnFormat=CN=%s,OU=Technology,OU=Staff,DC=...
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].bindDn=CN=casbind,CN=Users,DC=...
cas.authn.ldap[0].bindCredential=

And now it's working for people in that OU... Time to see if I
can expand it to the entire Staff OU...

On Tuesday, February 8, 2022 at 11:03:31 AM UTC-5 Michael
Santangelo wrote:

Hello all,

Forgive me for this, I'm brand new to CAS and I'm trying to
get LDAP working.

I built an Ubuntu VM and did initial setup by doing:

 1. git clone https://github.com/apereo/cas-overlay-template
 2. I did some initial config changes in the cas.properties
to get SSL up and running
 3. Ran sudo ./gradlew clean copyCasConfiguration build run
 4. I can login using the casuser and the default password as
expected.  This part is all working fine.

So I tried adding LDAP support by:

 1. Modify build.gradle by adding
    implementation
"org.apereo.cas:cas-server-support-ldap:${project.'cas.version'}"
to the dependencies section.
 2. Modify cas.properties by adding:
# Disable casuser
cas.authn.accept.users=
# LDAP Servers Authenticated
cas.authn.ldap[0].ldapUrl=ldap://:389
#cas.authn.ldap[0].usessl=false
cas.authn.ldap[0].useStartTls=false
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].bindDn=cn=cas bind,CN=Users,DC=...
cas.authn.ldap[0].bindCredential=
# LDAP Servers Authenticated

# Search For CAS User
cas.authn.ldap[0].baseDn=OU=Technology,OU=Staff,DC=CHS,DC=...
cas.authn.ldap[0].subtreeSearch=true
#cas.authn.ldap[0].searchFilter=(&(objectClass=person)(uid={user}))
#cas.authn.ldap[0].searchFilter=uid={user}
cas.authn.ldap[0].searchFilter=sAMAaccountName={user}
#cas.authn.ldap[0].principalAttributeList=cn,givenName,mail,sn
# Search for CAS User
 3. Ran sudo ./gradlew clean copyCasConfiguration build run

The page loads as usual.  I am unable to login as casuser,
which is expected.  I cannot login with any domain credentials.

In the log I get an error:
2022-02-08 15:43:49,567 INFO
[org.apereo.cas.authentication.DefaultAuthenticationManager]
- <[LdapAuthenticationHandler] exception details: [Unable to
resolve user dn for ].>

So I tried to verify that the server can connect via LDAP:

ldapsearch -H ldap://:389 -D "CN=cas
bind,CN=Users,DC=..." -W samaccountname= -b
"OU=Technology,OU=Staff,DC=..." -v

And I receive a valid result.

I'm not sure where the disconnect is, or what else I should
search for.  Any tips or suggestions that you could provide
would be helpful.

I'm attaching the output of Task :run.

-- 
- Website: https://apereo.github.io/cas

- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the
Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it,
send an email to cas-user+u...@apereo.org.
To view this disc

Re: [cas-user] Re: CAS Management Overlay 6.5 LDAP Issues?

[Felix Schumacher]

Are you sure, that you need to set dnFormat? If you have users in 
different ou's, it will be difficult to use with a template as 
cn=%s,ou=... and should not the dn be found by the searchFilter?


Felix

Am 08.02.22 um 19:13 schrieb Michael Santangelo:

I changed my config to:

cas.authn.ldap[0].order=0
cas.authn.ldap[0].name=Tech Active Directory
cas.authn.ldap[0].type=AD
cas.authn.ldap[0].ldapUrl=ldap://:389
cas.authn.ldap[0].validatePeriod=270
cas.authn.ldap[0].poolPassivator=NONE
cas.authn.ldap[0].searchFilter=sAMAccountName={user}
cas.authn.ldap[0].baseDn=OU=Technology,OU=Staff,DC=CHS,DC=...
cas.authn.ldap[0].dnFormat=CN=%s,OU=Technology,OU=Staff,DC=...
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].bindDn=CN=casbind,CN=Users,DC=...
cas.authn.ldap[0].bindCredential=

And now it's working for people in that OU... Time to see if I can 
expand it to the entire Staff OU...


On Tuesday, February 8, 2022 at 11:03:31 AM UTC-5 Michael Santangelo 
wrote:


Hello all,

Forgive me for this, I'm brand new to CAS and I'm trying to get
LDAP working.

I built an Ubuntu VM and did initial setup by doing:

 1. git clone https://github.com/apereo/cas-overlay-template
 2. I did some initial config changes in the cas.properties to get
SSL up and running
 3. Ran sudo ./gradlew clean copyCasConfiguration build run
 4. I can login using the casuser and the default password as
expected.  This part is all working fine.

So I tried adding LDAP support by:

 1. Modify build.gradle by adding
    implementation
"org.apereo.cas:cas-server-support-ldap:${project.'cas.version'}"
to the dependencies section.
 2. Modify cas.properties by adding:
# Disable casuser
cas.authn.accept.users=
# LDAP Servers Authenticated
cas.authn.ldap[0].ldapUrl=ldap://:389
#cas.authn.ldap[0].usessl=false
cas.authn.ldap[0].useStartTls=false
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].bindDn=cn=cas bind,CN=Users,DC=...
cas.authn.ldap[0].bindCredential=
# LDAP Servers Authenticated

# Search For CAS User
cas.authn.ldap[0].baseDn=OU=Technology,OU=Staff,DC=CHS,DC=...
cas.authn.ldap[0].subtreeSearch=true
#cas.authn.ldap[0].searchFilter=(&(objectClass=person)(uid={user}))
#cas.authn.ldap[0].searchFilter=uid={user}
cas.authn.ldap[0].searchFilter=sAMAaccountName={user}
#cas.authn.ldap[0].principalAttributeList=cn,givenName,mail,sn
# Search for CAS User
 3. Ran sudo ./gradlew clean copyCasConfiguration build run

The page loads as usual.  I am unable to login as casuser, which
is expected.  I cannot login with any domain credentials.

In the log I get an error:
2022-02-08 15:43:49,567 INFO
[org.apereo.cas.authentication.DefaultAuthenticationManager] -
<[LdapAuthenticationHandler] exception details: [Unable to resolve
user dn for ].>

So I tried to verify that the server can connect via LDAP:

ldapsearch -H ldap://:389 -D "CN=cas
bind,CN=Users,DC=..." -W samaccountname= -b
"OU=Technology,OU=Staff,DC=..." -v

And I receive a valid result.

I'm not sure where the disconnect is, or what else I should search
for.  Any tips or suggestions that you could provide would be helpful.

I'm attaching the output of Task :run.

--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google 
Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send 
an email to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/bff98751-3a50-4786-81a9-cc38a6228cc4n%40apereo.org 
.


--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS Community" group.

To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/dad9c50c-89b1-bb0a-acb4-40fda83823c1%40internetallee.de.


OpenPGP_0xEA6C3728EA91C4AF.asc
Description: OpenPGP public key


OpenPGP_signature
Description: OpenPGP digital signature

[cas-user] Re: CAS Management Overlay 6.5 LDAP Issues?

[Pablo Vidaurri]

Are you modifying the cas.properties created in /etc/cas or the one in your 
project folder? I don't think you want to do a  copyCasConfiguration on 
each run as it will overwrite the cas.properies file in your /etc/cas folder

Anyhow, my config looks similar to yours. One think I did run a problem 
with is the password policy. If you don't plan on managing passwords via 
CAS then also use this setting:
cas.authn.ldap[0].passwordPolicy.enabled:   false

On Tuesday, February 8, 2022 at 10:03:31 AM UTC-6 michael.s...@gmail.com 
wrote:

> Hello all,
>
> Forgive me for this, I'm brand new to CAS and I'm trying to get LDAP 
> working.
>
> I built an Ubuntu VM and did initial setup by doing:
>
>1. git clone https://github.com/apereo/cas-overlay-template
>2. I did some initial config changes in the cas.properties to get SSL 
>up and running
>3. Ran sudo ./gradlew clean copyCasConfiguration build run
>4. I can login using the casuser and the default password as 
>expected.  This part is all working fine.
>
> So I tried adding LDAP support by:
>
>1. Modify build.gradle by adding 
>implementation 
>"org.apereo.cas:cas-server-support-ldap:${project.'cas.version'}"
>to the dependencies section.
>2. Modify cas.properties by adding:
># Disable casuser
>cas.authn.accept.users=
># LDAP Servers Authenticated
>cas.authn.ldap[0].ldapUrl=ldap://:389
>#cas.authn.ldap[0].usessl=false
>cas.authn.ldap[0].useStartTls=false
>cas.authn.ldap[0].type=AUTHENTICATED
>cas.authn.ldap[0].bindDn=cn=cas bind,CN=Users,DC=...
>cas.authn.ldap[0].bindCredential=
># LDAP Servers Authenticated
>
># Search For CAS User
>cas.authn.ldap[0].baseDn=OU=Technology,OU=Staff,DC=CHS,DC=...
>cas.authn.ldap[0].subtreeSearch=true
>#cas.authn.ldap[0].searchFilter=(&(objectClass=person)(uid={user}))
>#cas.authn.ldap[0].searchFilter=uid={user}
>cas.authn.ldap[0].searchFilter=sAMAaccountName={user}
>#cas.authn.ldap[0].principalAttributeList=cn,givenName,mail,sn
># Search for CAS User
>3. Ran sudo ./gradlew clean copyCasConfiguration build run
>
> The page loads as usual.  I am unable to login as casuser, which is 
> expected.  I cannot login with any domain credentials.
>
> In the log I get an error:
> 2022-02-08 15:43:49,567 INFO 
> [org.apereo.cas.authentication.DefaultAuthenticationManager] - 
> <[LdapAuthenticationHandler] exception details: [Unable to resolve user dn 
> for ].>
>
> So I tried to verify that the server can connect via LDAP:
>
> ldapsearch -H ldap://:389 -D "CN=cas bind,CN=Users,DC=..." 
> -W samaccountname= -b "OU=Technology,OU=Staff,DC=..." -v
>
> And I receive a valid result.
>
> I'm not sure where the disconnect is, or what else I should search for.  
> Any tips or suggestions that you could provide would be helpful.
>
> I'm attaching the output of Task :run.
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/77fde6cb-b48b-40e9-9c70-c3bf6fcff6f6n%40apereo.org.

[cas-user] Re: CAS Management Overlay 6.5 LDAP Issues?

[Michael Santangelo]

I changed my config to:

cas.authn.ldap[0].order=0
cas.authn.ldap[0].name=Tech Active Directory
cas.authn.ldap[0].type=AD
cas.authn.ldap[0].ldapUrl=ldap://:389
cas.authn.ldap[0].validatePeriod=270
cas.authn.ldap[0].poolPassivator=NONE
cas.authn.ldap[0].searchFilter=sAMAccountName={user}
cas.authn.ldap[0].baseDn=OU=Technology,OU=Staff,DC=CHS,DC=...
cas.authn.ldap[0].dnFormat=CN=%s,OU=Technology,OU=Staff,DC=...
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].bindDn=CN=casbind,CN=Users,DC=...
cas.authn.ldap[0].bindCredential=

And now it's working for people in that OU... Time to see if I can expand 
it to the entire Staff OU... 

On Tuesday, February 8, 2022 at 11:03:31 AM UTC-5 Michael Santangelo wrote:

> Hello all,
>
> Forgive me for this, I'm brand new to CAS and I'm trying to get LDAP 
> working.
>
> I built an Ubuntu VM and did initial setup by doing:
>
>1. git clone https://github.com/apereo/cas-overlay-template
>2. I did some initial config changes in the cas.properties to get SSL 
>up and running
>3. Ran sudo ./gradlew clean copyCasConfiguration build run
>4. I can login using the casuser and the default password as 
>expected.  This part is all working fine.
>
> So I tried adding LDAP support by:
>
>1. Modify build.gradle by adding 
>implementation 
>"org.apereo.cas:cas-server-support-ldap:${project.'cas.version'}"
>to the dependencies section.
>2. Modify cas.properties by adding:
># Disable casuser
>cas.authn.accept.users=
># LDAP Servers Authenticated
>cas.authn.ldap[0].ldapUrl=ldap://:389
>#cas.authn.ldap[0].usessl=false
>cas.authn.ldap[0].useStartTls=false
>cas.authn.ldap[0].type=AUTHENTICATED
>cas.authn.ldap[0].bindDn=cn=cas bind,CN=Users,DC=...
>cas.authn.ldap[0].bindCredential=
># LDAP Servers Authenticated
>
># Search For CAS User
>cas.authn.ldap[0].baseDn=OU=Technology,OU=Staff,DC=CHS,DC=...
>cas.authn.ldap[0].subtreeSearch=true
>#cas.authn.ldap[0].searchFilter=(&(objectClass=person)(uid={user}))
>#cas.authn.ldap[0].searchFilter=uid={user}
>cas.authn.ldap[0].searchFilter=sAMAaccountName={user}
>#cas.authn.ldap[0].principalAttributeList=cn,givenName,mail,sn
># Search for CAS User
>3. Ran sudo ./gradlew clean copyCasConfiguration build run
>
> The page loads as usual.  I am unable to login as casuser, which is 
> expected.  I cannot login with any domain credentials.
>
> In the log I get an error:
> 2022-02-08 15:43:49,567 INFO 
> [org.apereo.cas.authentication.DefaultAuthenticationManager] - 
> <[LdapAuthenticationHandler] exception details: [Unable to resolve user dn 
> for ].>
>
> So I tried to verify that the server can connect via LDAP:
>
> ldapsearch -H ldap://:389 -D "CN=cas bind,CN=Users,DC=..." 
> -W samaccountname= -b "OU=Technology,OU=Staff,DC=..." -v
>
> And I receive a valid result.
>
> I'm not sure where the disconnect is, or what else I should search for.  
> Any tips or suggestions that you could provide would be helpful.
>
> I'm attaching the output of Task :run.
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/bff98751-3a50-4786-81a9-cc38a6228cc4n%40apereo.org.

[cas-user] Re: CAS Management Overlay 6.5 LDAP Issues?

[Michael Santangelo]

I am modifying the file project file not the file in the local /etc
folder.  the full path is
/home//cas-management-overlay/etc/cas/config/cas.properties

On Tue, Feb 8, 2022 at 12:38 PM Pablo Vidaurri  wrote:

> Are you modifying the cas.properties created in /etc/cas or the one in
> your project folder? I don't think you want to do a
> copyCasConfiguration on each run as it will overwrite the cas.properies
> file in your /etc/cas folder
>
> Anyhow, my config looks similar to yours. One think I did run a problem
> with is the password policy. If you don't plan on managing passwords via
> CAS then also use this setting:
> cas.authn.ldap[0].passwordPolicy.enabled:   false
>
> On Tuesday, February 8, 2022 at 10:03:31 AM UTC-6 michael.s...@gmail.com
> wrote:
>
>> Hello all,
>>
>> Forgive me for this, I'm brand new to CAS and I'm trying to get LDAP
>> working.
>>
>> I built an Ubuntu VM and did initial setup by doing:
>>
>>1. git clone https://github.com/apereo/cas-overlay-template
>>2. I did some initial config changes in the cas.properties to get SSL
>>up and running
>>3. Ran sudo ./gradlew clean copyCasConfiguration build run
>>4. I can login using the casuser and the default password as
>>expected.  This part is all working fine.
>>
>> So I tried adding LDAP support by:
>>
>>1. Modify build.gradle by adding
>>implementation
>>"org.apereo.cas:cas-server-support-ldap:${project.'cas.version'}"
>>to the dependencies section.
>>2. Modify cas.properties by adding:
>># Disable casuser
>>cas.authn.accept.users=
>># LDAP Servers Authenticated
>>cas.authn.ldap[0].ldapUrl=ldap://:389
>>#cas.authn.ldap[0].usessl=false
>>cas.authn.ldap[0].useStartTls=false
>>cas.authn.ldap[0].type=AUTHENTICATED
>>cas.authn.ldap[0].bindDn=cn=cas bind,CN=Users,DC=...
>>cas.authn.ldap[0].bindCredential=
>># LDAP Servers Authenticated
>>
>># Search For CAS User
>>cas.authn.ldap[0].baseDn=OU=Technology,OU=Staff,DC=CHS,DC=...
>>cas.authn.ldap[0].subtreeSearch=true
>>#cas.authn.ldap[0].searchFilter=(&(objectClass=person)(uid={user}))
>>#cas.authn.ldap[0].searchFilter=uid={user}
>>cas.authn.ldap[0].searchFilter=sAMAaccountName={user}
>>#cas.authn.ldap[0].principalAttributeList=cn,givenName,mail,sn
>># Search for CAS User
>>3. Ran sudo ./gradlew clean copyCasConfiguration build run
>>
>> The page loads as usual.  I am unable to login as casuser, which is
>> expected.  I cannot login with any domain credentials.
>>
>> In the log I get an error:
>> 2022-02-08 15:43:49,567 INFO
>> [org.apereo.cas.authentication.DefaultAuthenticationManager] -
>> <[LdapAuthenticationHandler] exception details: [Unable to resolve user dn
>> for ].>
>>
>> So I tried to verify that the server can connect via LDAP:
>>
>> ldapsearch -H ldap://:389 -D "CN=cas
>> bind,CN=Users,DC=..." -W samaccountname= -b
>> "OU=Technology,OU=Staff,DC=..." -v
>>
>> And I receive a valid result.
>>
>> I'm not sure where the disconnect is, or what else I should search for.
>> Any tips or suggestions that you could provide would be helpful.
>>
>> I'm attaching the output of Task :run.
>>
>

-- 
: Michael A. Santangelo
:: Owner, https://talesofatech.com
:: Primary: (908) 285-8760
:: Rutgers University, Class of 2007 & 2011
 B.A. in Mathematics
 B.S. in Information Technology

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAE2VgAVHgne2V%2BkOKu7ib7wgNRHFsGOCE17dv0p43QXe2DChQA%40mail.gmail.com.

[cas-user] Re: CAS Management overlay 6.3.7 run failed due to ConnectTimeoutException: Connect to mdq.incommon.org:443

['Olivier Begon' via CAS Community]

Hi Pranee,

The error you have is seems to be that the CAS Management cannot connect to 
mdq.incommon.org:443. Have you checked if you have access to that address 
from your local machine running CAS Mgmt? Can you telnet/ping that site?
If you are not able to open access, you can try to add the following 
property to your cas.properties file, this should disable the InCommon MDQ 
check:
spring.autoconfigure.exclude=org.apereo.cas.mgmt.config.CasManagementSamlConfiguration

Thanks
Olivier.

On Friday, February 4, 2022 at 6:19:11 AM UTC-5 pranee...@gmail.com wrote:

> Hi All,
>
> I am trying to run CAS Management overlay 6.3.7 in my local. While build 
> is successful, gradlew run command stops with below logs. I have tried 
> adding incommon.pem certificate too under src/main/resources but error 
> persists. PFB error log.. any suggestions would be helpful. 
> Thanks.
>
> 2022-02-04 16:17:52,026 ERROR [org.apereo.cas.util.HttpUtils] -  to mdq.incommon.org:443 [mdq.incommon.org/13.249.208.69, 
> mdq.incommon.org/13.249.208.33, mdq.incommon.org/13.249.208.107, 
> mdq.incommon.org/13.249.208.65] failed: connect timed out>
> org.apache.http.conn.ConnectTimeoutException: Connect to 
> mdq.incommon.org:443 [mdq.incommon.org/13.249.208.69, 
> mdq.incommon.org/13.249.208.33, mdq.incommon.org/13.249.208.107, 
> mdq.incommon.org/13.249.208.65] failed: connect timed out
> at 
> org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:151)
>  
> ~[httpclient-4.5.13.jar!/:4.5.13]
> at 
> org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:376)
>  
> ~[httpclient-4.5.13.jar!/:4.5.13]
> at 
> org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393)
>  
> ~[httpclient-4.5.13.jar!/:4.5.13]
> at 
> org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
>  
> ~[httpclient-4.5.13.jar!/:4.5.13]
> at 
> org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186) 
> ~[httpclient-4.5.13.jar!/:4.5.13]
> at 
> org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89) 
> ~[httpclient-4.5.13.jar!/:4.5.13]
> at 
> org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110) 
> ~[httpclient-4.5.13.jar!/:4.5.13]
> at 
> org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
>  
> ~[httpclient-4.5.13.jar!/:4.5.13]
> at 
> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
>  
> ~[httpclient-4.5.13.jar!/:4.5.13]
> at 
> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108)
>  
> ~[httpclient-4.5.13.jar!/:4.5.13]
> at org.apereo.cas.util.HttpUtils.execute(HttpUtils.java:200) 
> ~[cas-server-core-util-api-6.3.7.4.jar!/:6.3.7.4]
> at org.apereo.cas.util.HttpUtils.executeGet(HttpUtils.java:275) 
> ~[cas-server-core-util-api-6.3.7.4.jar!/:6.3.7.4]
> at org.apereo.cas.util.HttpUtils.executeGet(HttpUtils.java:255) 
> ~[cas-server-core-util-api-6.3.7.4.jar!/:6.3.7.4]
> at 
> org.apereo.cas.mgmt.InCommonMetadataAggregateResolver.fetchMetadata(InCommonMetadataAggregateResolver.java:115)
>  
> ~[cas-mgmt-support-saml-6.3.7.jar!/:6.3.7]
> at 
> org.apereo.cas.mgmt.InCommonMetadataAggregateResolver.fromInCommon(InCommonMetadataAggregateResolver.java:128)
>  
> ~[cas-mgmt-support-saml-6.3.7.jar!/:6.3.7]
> at 
> org.apereo.cas.mgmt.InCommonMetadataAggregateResolver.reloadInCommon(InCommonMetadataAggregateResolver.java:105)
>  
> ~[cas-mgmt-support-saml-6.3.7.jar!/:6.3.7]
> at 
> org.apereo.cas.mgmt.InCommonMetadataAggregateResolver.(InCommonMetadataAggregateResolver.java:61)
>  
> ~[cas-mgmt-support-saml-6.3.7.jar!/:6.3.7]
> at 
> org.apereo.cas.mgmt.config.CasManagementSamlConfiguration.metadataAggregateResolver(CasManagementSamlConfiguration.java:104)
>  
> ~[cas-mgmt-config-saml-6.3.7.jar!/:6.3.7]
> at 
> org.apereo.cas.mgmt.config.CasManagementSamlConfiguration$$EnhancerBySpringCGLIB$$81689af3.CGLIB$metadataAggregateResolver$3()
>  
> ~[cas-mgmt-config-saml-6.3.7.jar!/:6.3.7]
> at 
> org.apereo.cas.mgmt.config.CasManagementSamlConfiguration$$EnhancerBySpringCGLIB$$81689af3$$FastClassBySpringCGLIB$$b2943942.invoke()
>  
> ~[cas-mgmt-config-saml-6.3.7.jar!/:6.3.7]
> at 
> org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:244) 
> ~[spring-core-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
> at 
> org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:331)
>  
> ~[spring-context-5.2.12.RELEASE.jar!/:5.2.12.RELEASE]
> at 
> org.apereo.cas.mgmt.config.CasManagementSamlConfiguration$$EnhancerBySpringCGLIB$$81689af3.metadataAggregateResolver()
>  
> ~[cas-mgmt-config-saml-6.3.7.jar!/:6.3.7]
>

Re: [cas-user] Re: Cas-management-Overlay archived

[Mickaël]

Thanks for your intervention.

Sincerely,

Le jeudi 10 septembre 2020 à 16:38:45 UTC+2, Misagh Moayyed a écrit :

> This was an obvious mistake; sorry about that. The repo status is restored.
>
> On Thu, Sep 10, 2020 at 6:31 PM randomuser878  wrote:
> >
> > Greetings
> >
> > Can not add anything concrete to your observation.
> > This looks promising 
> https://apereo.github.io/cas/development/release_notes/RC2.html#dynamic-jpa-service-management
>  
> in terms of future of the component but totally unclear how does it fit 
> with your observation of archived repo.
> >
> > Can anyone in cas development community shed some light on 
> cas-management direction per 6.3.x.
> >
> > Thanks.
> >
> >
> >
> > On Monday, September 7, 2020 at 6:33:22 AM UTC-4 Mickaël wrote:
> >>
> >>
> >> Hello all,
> >>
> >> The repo https://github.com/apereo/cas-management-overlay has been 
> archived.
> >> It will not have news overlay repo for the CAS-Manager in the future or 
> I have missed something about manegement of CAS server ?
> >>
> >> Sincerely,
> >>
> >> Mickaël
> >
> > --
> > - Website: https://apereo.github.io/cas
> > - Gitter Chatroom: https://gitter.im/apereo/cas
> > - List Guidelines: https://goo.gl/1VRrw7
> > - Contributions: https://goo.gl/mh7qDG
> > ---
> > You received this message because you are subscribed to the Google 
> Groups "CAS Community" group.
> > To unsubscribe from this group and stop receiving emails from it, send 
> an email to cas-user+u...@apereo.org.
> > To view this discussion on the web visit 
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/dcbecc23-5ba5-46eb-97e1-4c24a241322bn%40apereo.org
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/47ee4643-f388-44c0-8750-4a5e400fb429n%40apereo.org.

Re: [cas-user] Re: Cas-management-Overlay archived

[Misagh]

This was an obvious mistake; sorry about that. The repo status is restored.

On Thu, Sep 10, 2020 at 6:31 PM randomuser878  wrote:
>
> Greetings
>
> Can not add anything concrete to your observation.
> This looks promising 
> https://apereo.github.io/cas/development/release_notes/RC2.html#dynamic-jpa-service-management
>  in terms of future of the component but totally unclear how does it fit with 
> your observation of archived repo.
>
>  Can anyone in cas development community shed some light on 
> cas-management direction per 6.3.x.
>
> Thanks.
>
>
>
> On Monday, September 7, 2020 at 6:33:22 AM UTC-4 Mickaël wrote:
>>
>>
>> Hello all,
>>
>> The repo https://github.com/apereo/cas-management-overlay has been archived.
>> It will not have news overlay repo for the CAS-Manager in the future or I 
>> have missed something about manegement of CAS server ?
>>
>> Sincerely,
>>
>> Mickaël
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups 
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit 
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/dcbecc23-5ba5-46eb-97e1-4c24a241322bn%40apereo.org.

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAGSBKkeqROm8jfY5qTaOV%3DnqG2BBQbD4Q01_HP5cLvW2rrttEA%40mail.gmail.com.

[cas-user] Re: Cas-management-Overlay archived

[randomuser878]

Greetings

Can not add anything concrete to your observation.
This looks promising 
https://apereo.github.io/cas/development/release_notes/RC2.html#dynamic-jpa-service-management
 
in terms of future of the component but totally unclear how does it fit 
with your observation of archived repo.

 Can anyone in cas development community shed some light on 
cas-management direction per 6.3.x.  

Thanks.
  
 

On Monday, September 7, 2020 at 6:33:22 AM UTC-4 Mickaël wrote:

>
> Hello all,
>
> The repo https://github.com/apereo/cas-management-overlay has been 
> archived.
> It will not have news overlay repo for the CAS-Manager in the future or I 
> have missed something about manegement of CAS server ?
>
> Sincerely,
>
> Mickaël
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/dcbecc23-5ba5-46eb-97e1-4c24a241322bn%40apereo.org.

[cas-user] Re: CAS-management-webapp spring boot/beans version compatibility with mongo/json service registry

[Jeremiah Garmatter]

Duncan,

I know this thread is over a year old, but I have been tasked with 
upgrading a (very old) CAS deployment to 5.3 and have run into the same 
issue.
"Caused by: java.lang.IllegalArgumentException: More than one fragment with 
the name [spring_web] was found. This is not legal with relative ordering. 
See section 8.2.2 2c of the Servlet specification for details. Consider 
using absolute ordering."

Did you or anybody else find a solution?

On Friday, March 29, 2019 at 7:57:34 AM UTC-4 d...@st-andrews.ac.uk wrote:

>  
>
> Afternoon All,
>
> We’re having some issues upgrading from Cas 5.2 to 5.3 (or 
> 6.x) in that while we can get CAS up and running ok, 
>
> as soon as we try to run the management webapp with either mongo or json 
> service registries then they won’t deploy in tomcat.
>
>  
>
> The error in the tomcat logs is
>
> “More than one fragment with the name [spring_web] was found. This is not 
> legal with relative ordering. See section 8.2.2 2c of the Servlet 
> specification for details. Consider using absolute ordering.”
>
>  
>
> and seems to be due to having 2 copies or spring boot and/or beans 
> libraries.
>
>  
>
> After 5.3.0-RC4 I can’t find any version of the management webapp with the 
> same boot/beans version pair as any of the CAS mongo/json service registry 
> plugins.
>
>  
>
> I’ve tried adding in  to the pom.xml file but still can’t seem 
> to get that compiled war to just have one version of the spring libraries.
>
>  
>
> Strangely, despite not including the mongo dependency, as soon as I create 
> a management.properties file the cas-management app starts looking for a 
> mongo database.
>
> (without complaining about spring_web) is this normal?
>
>  
>
> Thanks,
>
> Duncan
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/03f40a8e-fb57-4a2f-8d5e-ab8475514fcdn%40apereo.org.

[cas-user] Re: cas-management 6.1 RC4 turn off version control

[randomuser878]

Hello

  Using master of cas-management release. 
  So far with all those changes noted by JC and parameters and permissions, 
I just add this when exploding war on the webapps folder
rm -v 
"SOME_PATH/cas-management/WEB-INF/lib/cas-mgmt-config-version-control-${VERSION}.jar"
rm -v 
"SOME_PATH/cas-management/WEB-INF/lib/cas-mgmt-config-delegated-${VERSION}.jar"

Otherwise it also simply would not work for me.  

Also hoping cas-management will be compatible (have not tried yet) with 
cas-6.2 since cas 6.1 will reach EOL in October or such?

B.


On Tuesday, September 17, 2019 at 12:43:03 PM UTC-4, rbon wrote:
>
> How do I turn off version control in cas-management 6.1 RC4.
>
> In 5.3.x branch there was a config setting: mgmt.enableVersionControl=true, 
> but this has been replaced by the following code (line 155 in 
> https://github.com/apereo/cas-management/blob/master/api/cas-mgmt-api-configuration/src/main/java/org/apereo/cas/configuration/CasManagementConfigurationProperties.java
> ):
> private boolean enabled = ClassUtils.isPresent("
> org.apereo.cas.mgmt.config.CasManagementVersionControlConfiguration", 
> this.getClass().getClassLoader());
>
> It looks like 
> org.apereo.cas.mgmt.config.CasManagementVersionControlConfiguration 
> is included by default (the libraries are in the war). All I have/want is 
> ldap service registry (compile 
> "org.apereo.cas:cas-server-support-ldap-service-registry:${project.'casmgmt.version'}")
>  
> but it is being ignored.
>
> Thanks
> Ray
>
> -- 
>
> Ray Bon
> Programmer Analyst
> Development Services, University Systems
> 2507218831 | CLE 019 | rb...@uvic.ca 
>
> I respectfully acknowledge that my place of work is located within the 
> ancestral, traditional and unceded territory of the Songhees, Esquimalt and 
> WSÁNEĆ Nations.
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/aea14f21-4544-4a5e-8c86-81c2abca28c1o%40apereo.org.

[cas-user] Re: cas-management 6.1 RC4 turn off version control

[Jonathon Taylor]

Sorry to also chime in on an old thread but I've just been trying to 
upgrade to the latest cas-management overlay today and ran into similar 
issues.

For the issue where *existing* services weren't showing up it might be 
incorrect permissions on the git repo that is automatically generated in 
the mgmt.versionControl.servicesRepo path.  If I recall several items under 
.git had bad permission preventing the tomcat service from reading the repo 
(e.g. .git/index, .git/config) and a chown tomcat: -R .git fixed it after a 
service restart.


On Thursday, March 26, 2020 at 11:02:19 AM UTC-7, JC wrote:
>
> I know this topic is five months old, but I wanted to add what I 
> discovered so that it will be here if someone else finds this in a search, 
> like I did.
>
> I have found that the documentation that shows the two properties' syntax 
> referenced is wrong, unsurprisingly. The values that worked for me in the 
> 6.1.5 management web app are:
>
> mgmt.versionControl.enabled=false
> mgmt.delegated.enabled=false
>
> However, even with version control disabled, the management app *still* 
> wants to put stuff in '/etc/cas/services-repo'. The following property 
> changes that:
>
> mgmt.versionControl.servicesRepo=file:/path/to/services
>
> Now the management app saves *new *services in the directory I want, but 
> doesn't show existing services. This whole version control thing is a real 
> pain.
>
> J
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/f5efb6b6-40de-4640-a359-7fffd462c09eo%40apereo.org.

[cas-user] Re: cas-management-overlay attribute virtual rename 5.3.6 AND 6.1.5 not working

[JC]

The link that I provided 
(https://apereo.github.io/cas/6.1.x/configuration/Configuration-Properties.html#multimapped-attribute)
 
shows '[type-placeholder]' in a generic definition.


# cas.authn.attributeRepository.[type-placeholder].attributes.uid=userId


The 'stub', which you referenced, and 'ldap[0]' sections both show the 
virtual renaming. In the documentation, they are renaming cn to commonName:

# cas.authn.attributeRepository.stub.attributes.cn=commonName


and

# cas.authn.attributeRepository.ldap[0].attributes.cn=commonName


I have tried both 'stub' and 'ldap[0]' and neither works.



On Thursday, April 23, 2020 at 8:41:47 AM UTC-4, ste wrote:
>
> Hello JC,
>
> I think what you use, is not what you discribe.
>
>
> cas.authn.attributeRepository.stub.attributes.udcid=UDC_IDENTIFIER
> Enter code here...
>
> This is for define a static attribute "udcid" with value "UDC_IDENTIFIER".
>
> https://apereo.github.io/cas/6.1.x/configuration/Configuration-Properties.html#stub
>
> Jérôme.
>
> Le mercredi 22 avril 2020 17:48:21 UTC+2, JC a écrit :
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/d7d2c758-e1e7-4105-9373-ac4787e140cb%40apereo.org.

[cas-user] Re: cas-management-overlay attribute virtual rename 5.3.6 AND 6.1.5 not working

[Jérôme Steve]

Hello JC,

I think what you use, is not what you discribe.


cas.authn.attributeRepository.stub.attributes.udcid=UDC_IDENTIFIER
Enter code here...

This is for define a static attribute "udcid" with value "UDC_IDENTIFIER".
https://apereo.github.io/cas/6.1.x/configuration/Configuration-Properties.html#stub

Jérôme.

Le mercredi 22 avril 2020 17:48:21 UTC+2, JC a écrit :
>
> Hello all.
>
> I am having an issue where the virtual rename of attributes that works 
> fine in 5.2.6 is not working any longer in versions 5.3.6 or 6.1.5. What I 
> am referring to is at this link in the documentation: 
> Configuration-Properties.html#multimapped-attribute 
> 
> .
>
> The issue is that while the attribute is available, but is not being 
> renamed as desired.This is the relevant part of the code in my 
> management.properties:
>
> cas.authn.attributeRepository.stub.attributes.udcid=UDC_IDENTIFIER
> Enter code here...
>
> The attribute shows up in the web app as udcid instead of UDC_IDENTIFIER. 
> I have tried other attributes, but none of them are renamed properly. I 
> cannot see any errors or warnings in the logs.
>
> Anyone have any ideas?
>
> J
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/18ef4648-7721-45fa-88f0-1758474a0a17%40apereo.org.

[cas-user] Re: cas management 6.1-RC4 : modify an existent service entry (on change the type attribute release policy), bug ?

[JC]

I think it is a bug.

I'm using 6.1.5, and after doing some investigating, I have found that when 
a service name is changed the VersionControlServicesManager class calls the 
checkForRename function, which builds the path and appends ".json" to the 
end (with a period). This has the effect of making the filename contain two 
periods (for example 'MyService..json'). Of course, this file cannot be 
found and throws an error as shown below

DEBUG [org.apereo.cas.mgmt.GitUtil] - Attempting to move 
[CAS6ServuceManagementTEST-1585162164930..json] to 
[CAS6ServiceManagementTEST-1585162164930..json]
DEBUG [org.apereo.cas.mgmt.GitUtil] - Moving 
[/etc/cas/services-repo/CAS6ServuceManagementTEST-1585162164930..json] to 
[/etc/cas/services-repo/CAS6ServiceManagementTEST-1585162164930..json]
ERROR 
[org.apache.catalina.core.ContainerBase.[Tomcat].[localhost].[/cas-management].[dispatcherServlet]]
 - Servlet.service() for servlet [dispatcherServlet] in context with path 
[/cas-management] threw exception
java.nio.file.NoSuchFileException: 
/etc/cas/services-repo/CAS6ServuceManagementTEST-1585162164930..json
at 
sun.nio.fs.UnixException.translateToIOException(UnixException.java:92) ~[?:?]
at 
sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111) ~[?:?]
at 
sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:116) ~[?:?]
at sun.nio.fs.UnixCopyFile.move(UnixCopyFile.java:430) ~[?:?]
at 
sun.nio.fs.UnixFileSystemProvider.move(UnixFileSystemProvider.java:267) ~[?:?]
at java.nio.file.Files.move(Files.java:1421) ~[?:?]
at org.apereo.cas.mgmt.GitUtil.move(GitUtil.java:1202) 
~[cas-mgmt-support-version-control-6.1.0-RC4.jar!/:6.1.0-RC4]
at 
org.apereo.cas.mgmt.VersionControlServicesManager.checkForRename(VersionControlServicesManager.java:77)
 ~[cas-mgmt-support-version-control-6.1.0-RC4.jar!/:6.1.0-RC4]
at 
org.apereo.cas.mgmt.controller.ServiceController.save(ServiceController.java:118)
 ~[cas-mgmt-core-6.1.0-RC4.jar!/:6.1.0-RC4]
at 
org.apereo.cas.mgmt.controller.ServiceController.saveService(ServiceController.java:108)
 ~[cas-mgmt-core-6.1.0-RC4.jar!/:6.1.0-RC4]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
~[?:?]
at 
jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
 ~[?:?]
at 
jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
 ~[?:?]
at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?]
...

Not sure how this helps, but there you go.

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/3fb5ef1e-cbac-4253-bb6a-e9dcff06%40apereo.org.

[cas-user] Re: cas-management 6.1 RC4 turn off version control

[JC]

I know this topic is five months old, but I wanted to add what I discovered 
so that it will be here if someone else finds this in a search, like I did.

I have found that the documentation that shows the two properties' syntax 
referenced is wrong, unsurprisingly. The values that worked for me in the 
6.1.5 management web app are:

mgmt.versionControl.enabled=false
mgmt.delegated.enabled=false

However, even with version control disabled, the management app *still* 
wants to put stuff in '/etc/cas/services-repo'. The following property 
changes that:

mgmt.versionControl.servicesRepo=file:/path/to/services

Now the management app saves *new *services in the directory I want, but 
doesn't show existing services. This whole version control thing is a real 
pain.

J

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/c998d9e6-887c-42ac-a774-72d1067f6a9c%40apereo.org.

[cas-user] Re: CAS Management Web App 6.1.4-RC error

[B Ran]

Hello,

not sure if that helps, but to disable the git tracking you'd need to set 
the property

mgmt.versionControl.enabled=false

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/0c46c0b3-1bfa-4d2a-9763-90612d37df1b%40apereo.org.

Re: [cas-user] Re: CAS Management Web App 6.1.4-RC error

[Ray Bon]

Thanh,

I ran in to the same problem and could find no way to turn off git requirement. 
As such, we are still using 5.2 version.

Ray

On Mon, 2020-03-09 at 16:52 +0700, Nguyen Tran Thanh Lam wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

Dear Mr B Ran,
I don't use git and don't enable any dependencies relevant git.

Thank you. Regards

Vào Th 2, 9 thg 3, 2020 vào lúc 16:49 B Ran 
mailto:rb149...@gmail.com>> đã viết:
I remember having an issue on that one.
Can you try this configuration ?

mgmt.versionControl.servicesRepo=//etc/cas/services-repo


Make sure whatever runs cas-management has read/write access to 
/etc/cas/services-repo and on the git

--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/1d34c4ca-4f14-4f8a-ab94-2f8cd83864f6%40apereo.org.


--

Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE 019 | r...@uvic.ca

I respectfully acknowledge that my place of work is located within the 
ancestral, traditional and unceded territory of the Songhees, Esquimalt and 
WSÁNEĆ Nations.

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/32c18b3e444cf68dfe3f043efd245c38b2664d0f.camel%40uvic.ca.

Re: [cas-user] Re: CAS Management Web App 6.1.4-RC error

[Nguyen Tran Thanh Lam]

Dear Mr B Ran,
I don't use git and don't enable any dependencies relevant git.

Thank you. Regards

Vào Th 2, 9 thg 3, 2020 vào lúc 16:49 B Ran  đã viết:

> I remember having an issue on that one.
> Can you try this configuration ?
>
> mgmt.versionControl.servicesRepo=//etc/cas/services-repo
>
>
> Make sure whatever runs cas-management has read/write access to
> /etc/cas/services-repo and on the git
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/1d34c4ca-4f14-4f8a-ab94-2f8cd83864f6%40apereo.org
> 
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAEjUsAghwpb8OgMi%2B0HZVLVduL6Wc%3DdDJCkXY%3D_OCKdm6h5GYQ%40mail.gmail.com.

Re: [cas-user] Re: CAS Management Web App 6.1.4-RC error

[B Ran]

I remember having an issue on that one.
Can you try this configuration ?

mgmt.versionControl.servicesRepo=//etc/cas/services-repo


Make sure whatever runs cas-management has read/write access to 
/etc/cas/services-repo and on the git

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/1d34c4ca-4f14-4f8a-ab94-2f8cd83864f6%40apereo.org.

Re: [cas-user] Re: CAS Management Web App 6.1.4-RC error

[B Ran]

I remember having an issue on that one.
Can you try this configuration ?

mgmt.versionControl.servicesRepo=//etc/cas/services-repo


Make sure whatever runs cas-management has read/write access to 
/etc/cas/services-repo and on the git
Once the git repo is initialized, make sure to configure the default git 
user (name+email)

Le samedi 7 mars 2020 04:25:46 UTC+1, Napoleon Ponaparte a écrit :
>
> Sorry,
> I have put this config to my management.properties
> mgmt.versionControl.servicesRepo=/etc/cas/services-repo
> But it still error.
> I have test with CAS Management 6.0 but it has error too, when I save 
> registry service.
> [image: image.png]
> ERROR 
> [org.apache.catalina.core.ContainerBase.[Tomcat].[localhost].[/cas-management].[dispatcherServlet]]
>  
> -  [/cas-management] threw exception>
> org.eclipse.jgit.errors.RepositoryNotFoundException: repository not found: 
> /etc/cas/services-repo/.git
> [image: image.png]
> Please help me. Thanks
>
>
> Vào Th 6, 6 thg 3, 2020 vào lúc 20:14 B Ran  > đã viết:
>
>> cas-management usually creates a git repository and then offers to push 
>> commits made through the UI to service registries.
>>
>> You can configure the location of the git repo with the property 
>> mgmt.versionControl.servicesRepo
>>
>> Assuming both CAS and cas-management are running on the same machine 
>> you'd have to define 'cas.serviceRegistry.json.location' in the management 
>> properties as well
>>
>> However I don't think setting both properties with the same folder is a 
>> good practice (since changes made through the UI would be reflected in CAS 
>> before you decide to publish)
>>
>> Le vendredi 6 mars 2020 09:13:59 UTC+1, Napoleon Ponaparte a écrit :
>>>
>>> Hi,
>>> I have a trouble with CAS Management Web App (version 6.1.0-RC and 
>>> version 6.0.x) , while I save new registry to CAS.
>>>  Here is my error:
>>> *Error 1:*
>>>
>>> ERROR 
>>> [org.apache.catalina.core.ContainerBase.[Tomcat].[localhost].[/cas-management].[dispatcherServlet]]
>>>  
>>> - >> [/cas-management] threw exception>
>>>
>>> org.eclipse.jgit.errors.RepositoryNotFoundException: repository not 
>>> found: /etc/cas/services-repo/.git
>>>
>>> Here is my config:
>>> *1. CAS config*
>>> cas.server.name=https://ssostandalone.vdc2.com.vn:8443
>>> cas.server.prefix=${cas.server.name}/cas
>>>
>>> logging.config: file:/etc/cas/config/log4j2.xml
>>> server.port=8443
>>> server.ssl.enabled=true
>>>
>>> cas.serviceRegistry.initFromJson=false
>>> #cas.serviceRegistry.json.location=file:/etc/cas/services-repo
>>> cas.serviceRegistry.json.location=file:/etc/cas/vnpt-service-repo
>>> cas.authn.oauth.grants.resourceOwner.requireServiceHeader=true
>>> cas.authn.oauth.userProfileViewType=NESTED
>>>
>>> cas.authn.policy.requiredHandlerAuthenticationPolicyEnabled=false
>>>
>>> cas.authn.attributeRepository.stub.attributes.email=cas...@example.org
>>> #REST API JSON
>>> cas.rest.attributeName=email
>>> cas.rest.attributeValue=.+example.*
>>> *2. CAS Management Config*
>>> cas.server.name=https://ssostandalone.vdc2.com.vn:8443
>>> cas.server.prefix=${cas.server.name}/cas
>>> mgmt.serverName=https://ssostandalone.vdc2.com.vn:8088
>>> mgmt.adminRoles[0]=ROLE_ADMIN
>>> mgmt.userPropertiesFile=file:/etc/cas/config/users.json
>>> mgmt.userRoles[0]=ROLE_USER
>>> spring.thymeleaf.mode=HTML
>>> server.port=8088
>>> server.ssl.enabled=true
>>> server.ssl.keyStore=file:/etc/cas/thekeystore
>>> server.ssl.keyStorePassword=changeit
>>> server.ssl.keyPassword=changeit
>>> logging.config=file:/etc/cas/config/log4j2-management.xml
>>> *3. Service registry (in /etc/cas/vnpt-service-repo)*
>>> root@ssostandalone:/etc/cas/vnpt-service-repo# cat casManagement-4.json 
>>> {
>>>   "@class" : "org.apereo.cas.services.RegexRegisteredService",
>>>   "serviceId":"^https://ssostandalone.vdc2.com.vn:8088/.+";,
>>>   "name" : "casManagement",
>>>   "id" : 4,
>>>   "evaluationOrder" : 10,
>>>   "allowedAttributes":["cn","mail"]
>>> }
>>>
>>> Please help me. 
>>> Thank you.
>>>
>>>
>>> -- 
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> --- 
>> You received this message because you are subscribed to the Google Groups 
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to cas-...@apereo.org .
>> To view this discussion on the web visit 
>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/b60a72a7-389d-4465-9cc4-0bfd6c5ff2b5%40apereo.org
>>  
>> 
>> .
>>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community"

[cas-user] Re: CAS Management Web App 6.1.4-RC error

[B Ran]

cas-management usually creates a git repository and then offers to push 
commits made through the UI to service registries.

You can configure the location of the git repo with the property 
mgmt.versionControl.servicesRepo

Assuming both CAS and cas-management are running on the same machine you'd 
have to define 'cas.serviceRegistry.json.location' in the management 
properties as well

However I don't think setting both properties with the same folder is a 
good practice (since changes made through the UI would be reflected in CAS 
before you decide to publish)

Le vendredi 6 mars 2020 09:13:59 UTC+1, Napoleon Ponaparte a écrit :
>
> Hi,
> I have a trouble with CAS Management Web App (version 6.1.0-RC and version 
> 6.0.x) , while I save new registry to CAS.
>  Here is my error:
> *Error 1:*
>
> ERROR 
> [org.apache.catalina.core.ContainerBase.[Tomcat].[localhost].[/cas-management].[dispatcherServlet]]
>  
> -  [/cas-management] threw exception>
>
> org.eclipse.jgit.errors.RepositoryNotFoundException: repository not found: 
> /etc/cas/services-repo/.git
>
> Here is my config:
> *1. CAS config*
> cas.server.name=https://ssostandalone.vdc2.com.vn:8443
> cas.server.prefix=${cas.server.name}/cas
>
> logging.config: file:/etc/cas/config/log4j2.xml
> server.port=8443
> server.ssl.enabled=true
>
> cas.serviceRegistry.initFromJson=false
> #cas.serviceRegistry.json.location=file:/etc/cas/services-repo
> cas.serviceRegistry.json.location=file:/etc/cas/vnpt-service-repo
> cas.authn.oauth.grants.resourceOwner.requireServiceHeader=true
> cas.authn.oauth.userProfileViewType=NESTED
>
> cas.authn.policy.requiredHandlerAuthenticationPolicyEnabled=false
>
> cas.authn.attributeRepository.stub.attributes.email=cas...@example.org 
> 
> #REST API JSON
> cas.rest.attributeName=email
> cas.rest.attributeValue=.+example.*
> *2. CAS Management Config*
> cas.server.name=https://ssostandalone.vdc2.com.vn:8443
> cas.server.prefix=${cas.server.name}/cas
> mgmt.serverName=https://ssostandalone.vdc2.com.vn:8088
> mgmt.adminRoles[0]=ROLE_ADMIN
> mgmt.userPropertiesFile=file:/etc/cas/config/users.json
> mgmt.userRoles[0]=ROLE_USER
> spring.thymeleaf.mode=HTML
> server.port=8088
> server.ssl.enabled=true
> server.ssl.keyStore=file:/etc/cas/thekeystore
> server.ssl.keyStorePassword=changeit
> server.ssl.keyPassword=changeit
> logging.config=file:/etc/cas/config/log4j2-management.xml
> *3. Service registry (in /etc/cas/vnpt-service-repo)*
> root@ssostandalone:/etc/cas/vnpt-service-repo# cat casManagement-4.json 
> {
>   "@class" : "org.apereo.cas.services.RegexRegisteredService",
>   "serviceId":"^https://ssostandalone.vdc2.com.vn:8088/.+";,
>   "name" : "casManagement",
>   "id" : 4,
>   "evaluationOrder" : 10,
>   "allowedAttributes":["cn","mail"]
> }
>
> Please help me. 
> Thank you.
>
>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/b60a72a7-389d-4465-9cc4-0bfd6c5ff2b5%40apereo.org.

Re: [cas-user] Re: cas-management 6.1 RC4 turn off version control

[Ray Bon]

I tried building from source to add more debugging, but was unable to build 
without error. If I fixed one error, then another popped up. I do not have time 
to chase them down.
I will come back to it, perhaps in the new year. Until then we will use an 
older version.

Ray

On Fri, 2019-10-25 at 06:55 -0700, randomuser878 wrote:
Hello

  Thanks for the hint per 
CasManagementConfigurationProperties.java
  Have been really struggling with this one as well.  Really feel 
cas-management is behind cas and sure hope the recent indicators of moving 
dashboards from cas to cas-management means better product eventually.

  Ranting aside, cas-management 6.1 RC4, these two flags end up as non-bound 
and service will fail/crash to restart.
   mgmt.enableVersionControl=false
   mgmt.enableDelegatedMgmt=false

  Overlaying this file 
src/main/java/org/apereo/cas/configuration/CasManagementConfigurationProperties.java
 by setting the two references you alluded to false it will compile but then on 
restart it will throw tons of errors about ALL mgmt parameters being unbound.  
If you can figure out what I could have missed by just modifying that code 
directly that would be great.
  Added this to build.gradle
compile "org.apereo.cas:cas-mgmt-api-core:${project.'casmgmt.version'}"
compile "org.projectlombok:lombok:1.18.8"

  Then tried the 6.1. RC5 snapshot, maybe those two parameters that are in 
documentation would work but nope, it would crash per  some collusion about 
groovy libraries and such, anyway gave up on that front, it is snapshot after 
all.

  HERE is what currently WORKS for me (not sure if it breaks anything else but 
I am past the point of desperation)
  1) deploy cas-management.war and explode into webapps (remove war afterwards)
  rm -v 
$CATALINA_BASE/webapps/cas-management/WEB-INF/lib/cas-mgmt-config-version-control-6.1.0-RC4.jar
  rm -v 
$CATALINA_BASE/webapps/cas-management/WEB-INF/lib/cas-mgmt-config-delegated-6.1.0-RC4.jar


  Now here are other gems
  1) using JPA so would really like to tell JSON to take a back-seat.
 cas.serviceRegistry.initFromJson=false
   YET it loads from services default or whatever you specify including 
commenting out or leaving default or whatever:  
cas.serviceRegistry.json.location=classpath:/services
   Implicit PROBLEM for me: when you create new service you see double entries. 
One for JPA, the other one for json. Which is which?
   Workaround:
1) do not specify at all cas.serviceRegistry.json.location in config (not 
sure it matters)
2) same as above post explode cas-management.war (not sure how can I remove 
them from overlay, I could just try empty files in overlay but removing is 
cleaner)
   rm -v 
$CATALINA_BASE/webapps/cas-management/WEB-INF/classes/services/*.json

   Another headache: I want to have search work for me. Why can't I change the 
path of luceneIndexDir. (no parameter, nor can change and compile above without 
other failures)
   So must create folder /etc/cas/lucene even though for this scenario it is 
just a placeholder, so I can get search working. I never see anything get 
stored there?

   And finally,  really no idea why but if you logout the manager with a 
success message at /cas-management/logout.html,
  throws an exception 500 in access logs like "GET 
/cas-management/error?ticket=ST-XYZ...  but you click on "Services Management" 
link to get you back to /cas-management/manage.html and then cas-management is 
unavailable.
 WORKAROUND: just change URL to /cas-management/ and voila you are back to 
admin

  Stuff like this, I really really hope cas-management gets its love back.  Not 
gonna bother with discoveryEndpointPath = "/actuator/discoveryProfile" and how 
to actually properly securely setup magical setting in CAS separate service 
itself to that cas-management can get info. Tried but at this point I am happy 
to just use the web app.

  All the best.




On Tuesday, September 17, 2019 at 12:43:03 PM UTC-4, rbon wrote:
How do I turn off version control in cas-management 6.1 RC4.

In 5.3.x branch there was a config setting: mgmt.enableVersionControl=true, but 
this has been replaced by the following code (line 155 in 
https://github.com/apereo/cas-management/blob/master/api/cas-mgmt-api-configuration/src/main/java/org/apereo/cas/configuration/CasManagementConfigurationProperties.java):
private boolean enabled = 
ClassUtils.isPresent("org.ape

Re: [cas-user] Re: cas-management 6.1 RC4 turn off version control

[Travis Schmidt]

Admittedly the CAS Mgmt documentation is lagging some of the latest
refactors in the snapshots.  I usually try and make an effort when GA rolls
around to try and make sure at least config properties are updated.  You
can look here directly at the source of truth:

https://github.com/apereo/cas-management/blob/master/api/cas-mgmt-api-configuration/src/main/java/org/apereo/cas/configuration/CasManagementConfigurationProperties.java

The property name would just follow object "." notation starting with
"mgmt."

You can specify a luceneIndexDir and I think it only uses this directory as
temp storage when executing queries, so I think it is always cleaned up.
Anyways Lucene needed some file system dir configured.

If you are using version control then you will always see a
JSONServiceRegistry popup in the logs, since JSON files in a Git repository
is how that is implemented, regardless of the persistence you use for your
configured service registry.

Not sure what the logout thing is.

For the /dashboard and discovery endpoint, I have it configured and about
the only way I know it would work is to open up the admin endpoints by IP
address to the IP of your running CAS Management webapp.  Documentation can
be found here:

https://apereo.github.io/cas/development/monitoring/Monitoring-Statistics.html

I do not personally use the gradle overlays or even do any real testing
with them.  It has turned out in the past that the overlay was picking up
conflicting config from cas in the overlay that wasn't realized when just
building and deploying from source.

Lastly, I do believe some resources may be picking up the cause of CAS
Mgmt, and I may have some more time for the OS version freeing up soon, at
least will try and smooth out some rough edges for GA.  As always pull
requests are welcomed and encouraged.

Travis






On Fri, Oct 25, 2019 at 6:55 AM randomuser878  wrote:

> Hello
>
>   Thanks for the hint per CasManagementConfigurationProperties.java
> 
>   Have been really struggling with this one as well.  Really feel
> cas-management is behind cas and sure hope the recent indicators of moving
> dashboards from cas to cas-management means better product eventually.
>
>   Ranting aside, cas-management 6.1 RC4, these two flags end up as
> non-bound and service will fail/crash to restart.
>mgmt.enableVersionControl=false
>mgmt.enableDelegatedMgmt=false
>
>   Overlaying this
> file 
> src/main/java/org/apereo/cas/configuration/CasManagementConfigurationProperties.java
> by setting the two references you alluded to false it will compile but then
> on restart it will throw tons of errors about ALL mgmt parameters being
> unbound.  If you can figure out what I could have missed by just modifying
> that code directly that would be great.
>   Added this to build.gradle
> compile "org.apereo.cas:cas-mgmt-api-core:${project.'casmgmt.version'}"
> compile "org.projectlombok:lombok:1.18.8"
>
>   Then tried the 6.1. RC5 snapshot, maybe those two parameters that are in
> documentation would work but nope, it would crash per  some collusion about
> groovy libraries and such, anyway gave up on that front, it is snapshot
> after all.
>
>   HERE is what currently WORKS for me (not sure if it breaks anything else
> but I am past the point of desperation)
>   1) deploy cas-management.war and explode into webapps (remove war
> afterwards)
>   rm -v
> $CATALINA_BASE/webapps/cas-management/WEB-INF/lib/cas-mgmt-config-version-control-6.1.0-RC4.jar
>   rm -v
> $CATALINA_BASE/webapps/cas-management/WEB-INF/lib/cas-mgmt-config-delegated-6.1.0-RC4.jar
>
>
>   Now here are other gems
>   1) using JPA so would really like to tell JSON to take a back-seat.
>  cas.serviceRegistry.initFromJson=false
>YET it loads from services default or whatever you specify including
> commenting out or leaving default or whatever:
> cas.serviceRegistry.json.location=classpath:/services
>Implicit PROBLEM for me: when you create new service you see double
> entries. One for JPA, the other one for json. Which is which?
>Workaround:
> 1) do not specify at all cas.serviceRegistry.json.location in config
> (not sure it matters)
> 2) same as above post explode cas-management.war (not sure how can I
> remove them from overlay, I could just try empty files in overlay but
> removing is cleaner)
>rm -v
> $CATALINA_BASE/webapps/cas-management/WEB-INF/classes/services/*.json
>
>Another headache: I want to have search work for me. Why can't I change
> the path of luceneIndexDir. (no parameter, nor can change and compile above
> without other failures)
>So must create folder /etc/cas/lucene even though for this scenario it
> is just a placeho

[cas-user] Re: cas-management 6.1 RC4 turn off version control

[randomuser878]

Hello

  Thanks for the hint per CasManagementConfigurationProperties.java 

  Have been really struggling with this one as well.  Really feel 
cas-management is behind cas and sure hope the recent indicators of moving 
dashboards from cas to cas-management means better product eventually.

  Ranting aside, cas-management 6.1 RC4, these two flags end up as 
non-bound and service will fail/crash to restart.
   mgmt.enableVersionControl=false
   mgmt.enableDelegatedMgmt=false

  Overlaying this 
file 
src/main/java/org/apereo/cas/configuration/CasManagementConfigurationProperties.java
 
by setting the two references you alluded to false it will compile but then 
on restart it will throw tons of errors about ALL mgmt parameters being 
unbound.  If you can figure out what I could have missed by just modifying 
that code directly that would be great.
  Added this to build.gradle
compile "org.apereo.cas:cas-mgmt-api-core:${project.'casmgmt.version'}"
compile "org.projectlombok:lombok:1.18.8"

  Then tried the 6.1. RC5 snapshot, maybe those two parameters that are in 
documentation would work but nope, it would crash per  some collusion about 
groovy libraries and such, anyway gave up on that front, it is snapshot 
after all.

  HERE is what currently WORKS for me (not sure if it breaks anything else 
but I am past the point of desperation)
  1) deploy cas-management.war and explode into webapps (remove war 
afterwards) 
  rm -v 
$CATALINA_BASE/webapps/cas-management/WEB-INF/lib/cas-mgmt-config-version-control-6.1.0-RC4.jar
  rm -v 
$CATALINA_BASE/webapps/cas-management/WEB-INF/lib/cas-mgmt-config-delegated-6.1.0-RC4.jar


  Now here are other gems
  1) using JPA so would really like to tell JSON to take a back-seat.
 cas.serviceRegistry.initFromJson=false
   YET it loads from services default or whatever you specify including 
commenting out or leaving default or whatever:  
cas.serviceRegistry.json.location=classpath:/services
   Implicit PROBLEM for me: when you create new service you see double 
entries. One for JPA, the other one for json. Which is which?
   Workaround: 
1) do not specify at all cas.serviceRegistry.json.location in config 
(not sure it matters)
2) same as above post explode cas-management.war (not sure how can I 
remove them from overlay, I could just try empty files in overlay but 
removing is cleaner)
   rm -v 
$CATALINA_BASE/webapps/cas-management/WEB-INF/classes/services/*.json

   Another headache: I want to have search work for me. Why can't I change 
the path of luceneIndexDir. (no parameter, nor can change and compile above 
without other failures)
   So must create folder /etc/cas/lucene even though for this scenario it 
is just a placeholder, so I can get search working. I never see anything 
get stored there?

   And finally,  really no idea why but if you logout the manager with a 
success message at /cas-management/logout.html, 
  throws an exception 500 in access logs like "GET 
/cas-management/error?ticket=ST-XYZ...  but you click on "Services 
Management" link to get you back to /cas-management/manage.html and then 
cas-management is unavailable.
 WORKAROUND: just change URL to /cas-management/ and voila you are back 
to admin

  Stuff like this, I really really hope cas-management gets its love back.  
Not gonna bother with discoveryEndpointPath = "/actuator/discoveryProfile" 
and how to actually properly securely setup magical setting in CAS separate 
service itself to that cas-management can get info. Tried but at this point 
I am happy to just use the web app. 

  All the best.


  

On Tuesday, September 17, 2019 at 12:43:03 PM UTC-4, rbon wrote:
>
> How do I turn off version control in cas-management 6.1 RC4.
>
> In 5.3.x branch there was a config setting: mgmt.enableVersionControl=true, 
> but this has been replaced by the following code (line 155 in 
> https://github.com/apereo/cas-management/blob/master/api/cas-mgmt-api-configuration/src/main/java/org/apereo/cas/configuration/CasManagementConfigurationProperties.java
>  
> 
> ):
> private boolean enabled = ClassUtils.isPresent("
> org.apereo.cas.mgmt.config.CasManagementVersionControlConfiguration", 
> this.getClass().getClassLoader());
>
> It looks like 
> org.apereo.cas.mgmt.config.CasManagementVersionControlConfiguration 
> is included by default (the libraries are in the war). All I have/want is 
> ldap service registry (com

[cas-user] Re: cas-management 6.1 RC4 turn off version control

[mbar...@scad.edu]

I would like to know that too.  

Thanks,
Mike


Michael Barsic
Director of Technical Architecture
Savannah College of Art and Design®
mbar...@scad.edu - www.scad.edu


On Tuesday, September 17, 2019 at 12:43:03 PM UTC-4, rbon wrote:
>
> How do I turn off version control in cas-management 6.1 RC4.
>
> In 5.3.x branch there was a config setting: mgmt.enableVersionControl=true, 
> but this has been replaced by the following code (line 155 in 
> https://github.com/apereo/cas-management/blob/master/api/cas-mgmt-api-configuration/src/main/java/org/apereo/cas/configuration/CasManagementConfigurationProperties.java
> ):
> private boolean enabled = ClassUtils.isPresent("
> org.apereo.cas.mgmt.config.CasManagementVersionControlConfiguration", 
> this.getClass().getClassLoader());
>
> It looks like 
> org.apereo.cas.mgmt.config.CasManagementVersionControlConfiguration 
> is included by default (the libraries are in the war). All I have/want is 
> ldap service registry (compile 
> "org.apereo.cas:cas-server-support-ldap-service-registry:${project.'casmgmt.version'}")
>  
> but it is being ignored.
>
> Thanks
> Ray
>
> -- 
>
> Ray Bon
> Programmer Analyst
> Development Services, University Systems
> 2507218831 | CLE 019 | rb...@uvic.ca 
>
> I respectfully acknowledge that my place of work is located within the 
> ancestral, traditional and unceded territory of the Songhees, Esquimalt and 
> WSÁNEĆ Nations.
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/243709fa-fad0-42b5-9f37-281ca36b9c8b%40apereo.org.

[cas-user] Re: CAS Management 6 non-JSON issue

[Dmitry Malinin]

Try to build cas management from 
https://github.com/apereo/cas-management/releases/tag/v6.0.0-RC4 (not from 
overlay)
Append dependencies to build.gradle:
 compile 
"org.apereo.cas:cas-server-support-jpa-service-registry:${casVersion}"
 compile "org.apereo.cas:cas-server-support-jdbc-drivers:${casVersion}"
 runtime "net.bytebuddy:byte-buddy:1.10.1"

четверг, 22 августа 2019 г., 20:27:54 UTC+3 пользователь mba...@scad.edu 
написал:
>
> I've been trying to get CAS Management v6 to work with a JPA service 
> registry, but it seems to be stuck with JSON.  After logging into the 
> management Web app, I never see any of the services that are stored in my 
> database.  The only services that display are ones created via the 
> management web app and are stored in JSON at /etc/cas/services-repo/  I've 
> tried committing too, but the new service never makes it to the database.
>
> Now, I can see services being pulled from my database in the log file.  
> Here's a snippet below:
> ---
> 2019-08-22 13:23:55,847 DEBUG 
> [org.apereo.cas.services.AbstractServicesManager] -  service [^(https|imaps)://.*]>
> 2019-08-22 13:23:55,847 DEBUG 
> [org.apereo.cas.services.AbstractServicesManager] -  service [^https://www.apereo.org]>
> 2019-08-22 13:23:55,847 DEBUG 
> [org.apereo.cas.services.AbstractServicesManager] -  service [^http://localhost:8080.*]>
> 2019-08-22 13:23:55,848 INFO 
> [org.apereo.cas.services.AbstractServicesManager] -  from [JpaServiceRegistry].>
> 
>
> I've added the JPA service registry to build.gradle and I do not have the 
> JSON service registry in build.gradle.
>
> The management.properties file looks like this:
> --
> cas.server.name=https://poc-sso.scad.edu
> cas.server.prefix=${cas.server.name}/cas-web
>
> server.port=8444
> server.ssl.keyStore=file:/etc/cas/newks
> server.ssl.keyStorePassword=CHANGEME
> server.ssl.keyPassword=CHANGEME
>
> mgmt.serverName=https://ppoc-sso.scad.edu:8444
> mgmt.adminRoles[0]=ROLE_ADMIN
> mgmt.userPropertiesFile=file:/etc/cas/config/users.json
>
> logging.config=file:/etc/cas/config/log4j2-management.xml
>
> cas.authn.attributeRepository.stub.attributes.UDC_IDENTIFIER:   
> UDC_IDENTIFIER
> cas.authn.attributeRepository.stub.attributes.cn:   cn
> cas.authn.attributeRepository.stub.attributes.displayName:  displayName
> cas.authn.attributeRepository.stub.attributes.mail: mail
> cas.authn.attributeRepository.stub.attributes.sn:   sn
> cas.authn.attributeRepository.stub.attributes.uid:  uid
>
> #cas.serviceRegistry.initFromJson=false
> cas.serviceRegistry.jpa.user=${CAS_DB_USER}
> cas.serviceRegistry.jpa.password=${CAS_DB_PW}
> cas.serviceRegistry.jpa.driverClass=oracle.jdbc.OracleDriver
> cas.serviceRegistry.jpa.url=${CAS_DB_URL}
> cas.serviceRegistry.jpa.dialect=org.hibernate.dialect.Oracle12cDialect
>
> cas.serviceRegistry.jpa.healthQuery=select 1 from dual
> cas.serviceRegistry.jpa.ddlAuto=update
> cas.serviceRegistry.jpa.pool.minSize=3
> cas.serviceRegistry.jpa.pool.maxSize=20
> cas.serviceRegistry.jpa.pool.maxWait=2000
> cas.serviceRegistry.jpa.pool.timeoutMillis=1000
> --
>
> Any help would be appreciated.
>
> Thanks in advance,
> Mike
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/b18d2938-3fe0-4c81-a4e0-9a0947d6b505%40apereo.org.

[cas-user] Re: CAS management

[alain ubfc]

Hello David

I've been going in circles for several weeks now

My case server works well it is on another vm. 

Same Linux Debian operating system 10

Thank you

Best regard

Le lundi 22 juillet 2019 12:04:48 UTC+2, alain ubfc a écrit :
>
> Hello,
>
> I’ve been stuck on cas-management for several weeks now.
>
> I followed the Dacurry documentation 
> https://dacurry-tns.github.io/deploying-apereo-cas/building_svcmgmt_overview.html
>  
> but nothing works.
>
> Here is my configuration of my cas-management.properties file
>
> # Adresse du Serveur CAS
> cas.server.name=https://cas.osnetworking.com:8443
> cas.server.prefix=https://cas.osnetworking.com:8443/cas
> #cas.server.prefix=${cas.server.name}/cas
>
> logging.config=file:/etc/cas/config/log4j2-management.xml
>
> ##
> # Update this URL to point at server running this management app #
> ##
>
> #cas.mgmt.serverName: ${cas.server.name}
> mgmt.serverName=https://casmanagement.osnetworking.com:8443
> server.context-path=/cas-management
> #server.port=8443
>
> spring.thymeleaf.mode = HTML
>
> mgmt.adminRoles[0]=ROLE_ADMIN
> mgmt.userRoles[0]=ROLE_USER
>
> mgmt.userPropertiesFile=file:/etc/cas/config/users.json
>
> ##
> # Gestion des Logs de cas-management #
> ##
>
> logging.config=file:/etc/cas/config/log4j2-management.xml
>
> 
> # Gestion des services en JSON #
> 
>
> cas.serviceRegistry.json.location=file:/etc/cas/services
> cas.serviceRegistry.initFromJson = true
>
> 
> # Liste des attributs sélectionables depuis le CAS-Manager #
> 
>
> cas.authn.attributeRepository.stub.attributes.UDC_IDENTIFIER:   
> UDC_IDENTIFIER
> cas.authn.attributeRepository.stub.attributes.cn:   cn
> cas.authn.attributeRepository.stub.attributes.displayName: 
>  displayName
> cas.authn.attributeRepository.stub.attributes.givenName:givenName
> cas.authn.attributeRepository.stub.attributes.mail: mail
> cas.authn.attributeRepository.stub.attributes.sn:   sn
> cas.authn.attributeRepository.stub.attributes.uid:  uid
>
>
> Here is my json file.
>
> /*
>* Wildcard service définition that applies to any https or imaps url.
>* Do not use this definition in a production environment.
>*/
> {
>  "@class" :"org.apereo.cas.services.RegexRegisteredService",
>   "serviceId" : "^
> https://casmanagment.osnetworking.com/cas-management/.*";,
>   "name" :  "CAS Services Management",
>   "id" :1563530823,
>   "description" : "CAS services management webapp",
>   "evaluationOrder" : 5500
>   "allowedAttributes":["cn","sAMAccountName","mail"]
> }
>
> Is my file correct ?
>
> Thank you
>
> Best regard
>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/f03a6bba-32f7-4c0c-a344-6340bf79a55d%40apereo.org.

Re: [cas-user] Re: CAS management

[alain ubfc]

Hello Matthew,

I just looked in /etc/cas/config ans i have the file you asked me to check.

I removed the excess line line in /etc/cas/config/management.properties

For the user casermgnt i saw that he has no right to launch tomcat when i 
make the following command :

systemctl restart tomcat9.service

I have do a sudo to throw it.

Do you have any idea ?

Thank you

Le mercredi 24 juillet 2019 18:51:27 UTC+2, Matthew Uribe a écrit :
>
> Thank you for confirming that your /var mount point is rw. Also, since you 
> are running tomcat as root (definitely not recommended for PROD), 
> permissions should not be an issue. It sounds like you need to make sure 
> your configurations are all uniform. Specifically, that 
> your /etc/cas/config/log4j2-management.xml file exists, and contains the 
> correct path to /var/log/cas-management 
>
> Also, I noticed that your cas-management.properties file contains this 
> line twice (I don't know if that causes problems or not):
>
> logging.config=file:/etc/cas/config/log4j2-management.xml
>
>
> On Wednesday, July 24, 2019 at 8:53:07 AM UTC-6, alain ubfc wrote:
>>
>> Matthew,
>>
>> I relanched tomcat each time as root.
>> So i addes the user toto in the casermgnt group.
>> I cheched the mounting of the partitions :
>>
>> casermgnt@casermgnt:~$ cat /proc/mounts
>> sysfs /sys sysfs rw,nosuid,nodev,noexec,relatime 0 0
>> proc /proc proc rw,nosuid,nodev,noexec,relatime 0 0
>> udev /dev devtmpfs rw,nosuid,relatime,size=1005320k,nr_inodes=251330,mode
>> =755 0 0
>> devpts /dev/pts devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=
>> 000 0 0
>> tmpfs /run tmpfs rw,nosuid,noexec,relatime,size=204244k,mode=755 0 0
>> /dev/mapper/casermgnt--vg-root / ext4 rw,relatime,errors=remount-ro 0 0
>> securityfs /sys/kernel/security securityfs rw,nosuid,nodev,noexec,relatime 
>> 0 0
>> tmpfs /dev/shm tmpfs rw,nosuid,nodev 0 0
>> tmpfs /run/lock tmpfs rw,nosuid,nodev,noexec,relatime,size=5120k 0 0
>> tmpfs /sys/fs/cgroup tmpfs ro,nosuid,nodev,noexec,mode=755 0 0
>> cgroup2 /sys/fs/cgroup/unified cgroup2 
>> rw,nosuid,nodev,noexec,relatime,nsdelegate 
>> 0 0
>> cgroup /sys/fs/cgroup/systemd cgroup rw,nosuid,nodev,noexec,relatime,
>> xattr,name=systemd 0 0
>> pstore /sys/fs/pstore pstore rw,nosuid,nodev,noexec,relatime 0 0
>> bpf /sys/fs/bpf bpf rw,nosuid,nodev,noexec,relatime,mode=700 0 0
>> cgroup /sys/fs/cgroup/net_cls,net_prio cgroup rw,nosuid,nodev,noexec,
>> relatime,net_cls,net_prio 0 0
>> cgroup /sys/fs/cgroup/cpu,cpuacct cgroup rw,nosuid,nodev,noexec,relatime,
>> cpu,cpuacct 0 0
>> cgroup /sys/fs/cgroup/devices cgroup rw,nosuid,nodev,noexec,relatime,devices 
>> 0 0
>> cgroup /sys/fs/cgroup/perf_event cgroup 
>> rw,nosuid,nodev,noexec,relatime,perf_event 
>> 0 0
>> cgroup /sys/fs/cgroup/blkio cgroup rw,nosuid,nodev,noexec,relatime,blkio 
>> 0 0
>> cgroup /sys/fs/cgroup/pids cgroup rw,nosuid,nodev,noexec,relatime,pids 0 
>> 0
>> cgroup /sys/fs/cgroup/cpuset cgroup rw,nosuid,nodev,noexec,relatime,cpuset 
>> 0 0
>> cgroup /sys/fs/cgroup/memory cgroup rw,nosuid,nodev,noexec,relatime,memory 
>> 0 0
>> cgroup /sys/fs/cgroup/rdma cgroup rw,nosuid,nodev,noexec,relatime,rdma 0 
>> 0
>> cgroup /sys/fs/cgroup/freezer cgroup rw,nosuid,nodev,noexec,relatime,freezer 
>> 0 0
>> systemd-1 /proc/sys/fs/binfmt_misc autofs rw,relatime,fd=28,pgrp=1,
>> timeout=0,minproto=5,maxproto=5,direct,pipe_ino=10494 0 0
>> hugetlbfs /dev/hugepages hugetlbfs rw,relatime,pagesize=2M 0 0
>> debugfs /sys/kernel/debug debugfs rw,relatime 0 0
>> mqueue /dev/mqueue mqueue rw,relatime 0 0
>> /dev/sda1 /boot ext2 rw,relatime,block_validity,barrier,user_xattr,acl 0 
>> 0
>> /dev/mapper/casermgnt--vg-home /home ext4 rw,relatime 0 0
>> /dev/mapper/casermgnt--vg-tmp /tmp ext4 rw,relatime 0 0
>> /dev/mapper/casermgnt--vg-var /var ext4 rw,relatime 0 0
>> tmpfs /run/user/1000 tmpfs rw,nosuid,nodev,relatime,size=204240k,mode=700
>> ,uid=1000,gid=1000 0 0
>>
>> We can see that the /var is in rw.
>>
>> Is that why the server doesn't start ?
>>
>> Or it has nothing to do with.
>>
>> Thank you
>>
>> Le mercredi 24 juillet 2019 15:32:44 UTC+2, Matthew Uribe a écrit :
>>>
>>> Alain,
>>>
>>> Your fstab file shows that /var should be mounting correctly, but a file 
>>> system can become read-only for any number of reasons. If it is in fact 
>>> read only, then any user, even root, would not be able to write to it. You 
>>> could try the following command from the directory /var/log/cas-management 
>>> : touch testfile
>>>
>>> If it creates testfile, then the file system is not read only. If it is 
>>> read only, you may need to un/remount /var, or simply reboot. If the file 
>>> system encountered some kind of error, a reboot should hopefully correct it.
>>>
>>> That's a good start, just to reduce the problem down to either something 
>>> wrong at the OS level, or otherwise, something wrong in the configuration 
>>> of your application. If the file system is not read only, then, as David 
>>> said, check everything detail by det

Re: [cas-user] Re: CAS management

[Matthew Uribe]

Thank you for confirming that your /var mount point is rw. Also, since you 
are running tomcat as root (definitely not recommended for PROD), 
permissions should not be an issue. It sounds like you need to make sure 
your configurations are all uniform. Specifically, that 
your /etc/cas/config/log4j2-management.xml file exists, and contains the 
correct path to /var/log/cas-management 

Also, I noticed that your cas-management.properties file contains this line 
twice (I don't know if that causes problems or not):

logging.config=file:/etc/cas/config/log4j2-management.xml


On Wednesday, July 24, 2019 at 8:53:07 AM UTC-6, alain ubfc wrote:
>
> Matthew,
>
> I relanched tomcat each time as root.
> So i addes the user toto in the casermgnt group.
> I cheched the mounting of the partitions :
>
> casermgnt@casermgnt:~$ cat /proc/mounts
> sysfs /sys sysfs rw,nosuid,nodev,noexec,relatime 0 0
> proc /proc proc rw,nosuid,nodev,noexec,relatime 0 0
> udev /dev devtmpfs rw,nosuid,relatime,size=1005320k,nr_inodes=251330,mode=
> 755 0 0
> devpts /dev/pts devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=
> 000 0 0
> tmpfs /run tmpfs rw,nosuid,noexec,relatime,size=204244k,mode=755 0 0
> /dev/mapper/casermgnt--vg-root / ext4 rw,relatime,errors=remount-ro 0 0
> securityfs /sys/kernel/security securityfs rw,nosuid,nodev,noexec,relatime 
> 0 0
> tmpfs /dev/shm tmpfs rw,nosuid,nodev 0 0
> tmpfs /run/lock tmpfs rw,nosuid,nodev,noexec,relatime,size=5120k 0 0
> tmpfs /sys/fs/cgroup tmpfs ro,nosuid,nodev,noexec,mode=755 0 0
> cgroup2 /sys/fs/cgroup/unified cgroup2 
> rw,nosuid,nodev,noexec,relatime,nsdelegate 
> 0 0
> cgroup /sys/fs/cgroup/systemd cgroup rw,nosuid,nodev,noexec,relatime,xattr
> ,name=systemd 0 0
> pstore /sys/fs/pstore pstore rw,nosuid,nodev,noexec,relatime 0 0
> bpf /sys/fs/bpf bpf rw,nosuid,nodev,noexec,relatime,mode=700 0 0
> cgroup /sys/fs/cgroup/net_cls,net_prio cgroup rw,nosuid,nodev,noexec,
> relatime,net_cls,net_prio 0 0
> cgroup /sys/fs/cgroup/cpu,cpuacct cgroup rw,nosuid,nodev,noexec,relatime,
> cpu,cpuacct 0 0
> cgroup /sys/fs/cgroup/devices cgroup rw,nosuid,nodev,noexec,relatime,devices 
> 0 0
> cgroup /sys/fs/cgroup/perf_event cgroup 
> rw,nosuid,nodev,noexec,relatime,perf_event 
> 0 0
> cgroup /sys/fs/cgroup/blkio cgroup rw,nosuid,nodev,noexec,relatime,blkio 0 
> 0
> cgroup /sys/fs/cgroup/pids cgroup rw,nosuid,nodev,noexec,relatime,pids 0 0
> cgroup /sys/fs/cgroup/cpuset cgroup rw,nosuid,nodev,noexec,relatime,cpuset 
> 0 0
> cgroup /sys/fs/cgroup/memory cgroup rw,nosuid,nodev,noexec,relatime,memory 
> 0 0
> cgroup /sys/fs/cgroup/rdma cgroup rw,nosuid,nodev,noexec,relatime,rdma 0 0
> cgroup /sys/fs/cgroup/freezer cgroup rw,nosuid,nodev,noexec,relatime,freezer 
> 0 0
> systemd-1 /proc/sys/fs/binfmt_misc autofs rw,relatime,fd=28,pgrp=1,timeout
> =0,minproto=5,maxproto=5,direct,pipe_ino=10494 0 0
> hugetlbfs /dev/hugepages hugetlbfs rw,relatime,pagesize=2M 0 0
> debugfs /sys/kernel/debug debugfs rw,relatime 0 0
> mqueue /dev/mqueue mqueue rw,relatime 0 0
> /dev/sda1 /boot ext2 rw,relatime,block_validity,barrier,user_xattr,acl 0 0
> /dev/mapper/casermgnt--vg-home /home ext4 rw,relatime 0 0
> /dev/mapper/casermgnt--vg-tmp /tmp ext4 rw,relatime 0 0
> /dev/mapper/casermgnt--vg-var /var ext4 rw,relatime 0 0
> tmpfs /run/user/1000 tmpfs rw,nosuid,nodev,relatime,size=204240k,mode=700,
> uid=1000,gid=1000 0 0
>
> We can see that the /var is in rw.
>
> Is that why the server doesn't start ?
>
> Or it has nothing to do with.
>
> Thank you
>
> Le mercredi 24 juillet 2019 15:32:44 UTC+2, Matthew Uribe a écrit :
>>
>> Alain,
>>
>> Your fstab file shows that /var should be mounting correctly, but a file 
>> system can become read-only for any number of reasons. If it is in fact 
>> read only, then any user, even root, would not be able to write to it. You 
>> could try the following command from the directory /var/log/cas-management 
>> : touch testfile
>>
>> If it creates testfile, then the file system is not read only. If it is 
>> read only, you may need to un/remount /var, or simply reboot. If the file 
>> system encountered some kind of error, a reboot should hopefully correct it.
>>
>> That's a good start, just to reduce the problem down to either something 
>> wrong at the OS level, or otherwise, something wrong in the configuration 
>> of your application. If the file system is not read only, then, as David 
>> said, check everything detail by detail. Also to one of David's points, 
>> start up Tomcat and look at ps or top to see which uid the is running the 
>> Tomcat process. If it's not tomcat or root (please don't run tomcat as 
>> root!), then it won't be able to write to /var/log/cas-management
>>
>> Matt
>>
>> On Wednesday, July 24, 2019 at 7:13:02 AM UTC-6, alain ubfc wrote:
>>>
>>> David,
>>>
>>> I have the log of tomcat /var/log/tomcat/catalina.ou. And it works.
>>>
>>> Here is my file /etc/fstab
>>>
>>> # /etc/fstab: static file system information.
>>> #
>>> # Use 'blkid' to print the uni

Re: [cas-user] Re: CAS management

[alain ubfc]

Matthew,

I relanched tomcat each time as root.
So i addes the user toto in the casermgnt group.
I cheched the mounting of the partitions :

casermgnt@casermgnt:~$ cat /proc/mounts
sysfs /sys sysfs rw,nosuid,nodev,noexec,relatime 0 0
proc /proc proc rw,nosuid,nodev,noexec,relatime 0 0
udev /dev devtmpfs rw,nosuid,relatime,size=1005320k,nr_inodes=251330,mode=
755 0 0
devpts /dev/pts devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000 
0 0
tmpfs /run tmpfs rw,nosuid,noexec,relatime,size=204244k,mode=755 0 0
/dev/mapper/casermgnt--vg-root / ext4 rw,relatime,errors=remount-ro 0 0
securityfs /sys/kernel/security securityfs rw,nosuid,nodev,noexec,relatime 0 
0
tmpfs /dev/shm tmpfs rw,nosuid,nodev 0 0
tmpfs /run/lock tmpfs rw,nosuid,nodev,noexec,relatime,size=5120k 0 0
tmpfs /sys/fs/cgroup tmpfs ro,nosuid,nodev,noexec,mode=755 0 0
cgroup2 /sys/fs/cgroup/unified cgroup2 
rw,nosuid,nodev,noexec,relatime,nsdelegate 
0 0
cgroup /sys/fs/cgroup/systemd cgroup rw,nosuid,nodev,noexec,relatime,xattr,
name=systemd 0 0
pstore /sys/fs/pstore pstore rw,nosuid,nodev,noexec,relatime 0 0
bpf /sys/fs/bpf bpf rw,nosuid,nodev,noexec,relatime,mode=700 0 0
cgroup /sys/fs/cgroup/net_cls,net_prio cgroup rw,nosuid,nodev,noexec,
relatime,net_cls,net_prio 0 0
cgroup /sys/fs/cgroup/cpu,cpuacct cgroup rw,nosuid,nodev,noexec,relatime,cpu
,cpuacct 0 0
cgroup /sys/fs/cgroup/devices cgroup rw,nosuid,nodev,noexec,relatime,devices 
0 0
cgroup /sys/fs/cgroup/perf_event cgroup 
rw,nosuid,nodev,noexec,relatime,perf_event 
0 0
cgroup /sys/fs/cgroup/blkio cgroup rw,nosuid,nodev,noexec,relatime,blkio 0 0
cgroup /sys/fs/cgroup/pids cgroup rw,nosuid,nodev,noexec,relatime,pids 0 0
cgroup /sys/fs/cgroup/cpuset cgroup rw,nosuid,nodev,noexec,relatime,cpuset 0 
0
cgroup /sys/fs/cgroup/memory cgroup rw,nosuid,nodev,noexec,relatime,memory 0 
0
cgroup /sys/fs/cgroup/rdma cgroup rw,nosuid,nodev,noexec,relatime,rdma 0 0
cgroup /sys/fs/cgroup/freezer cgroup rw,nosuid,nodev,noexec,relatime,freezer 
0 0
systemd-1 /proc/sys/fs/binfmt_misc autofs rw,relatime,fd=28,pgrp=1,timeout=0
,minproto=5,maxproto=5,direct,pipe_ino=10494 0 0
hugetlbfs /dev/hugepages hugetlbfs rw,relatime,pagesize=2M 0 0
debugfs /sys/kernel/debug debugfs rw,relatime 0 0
mqueue /dev/mqueue mqueue rw,relatime 0 0
/dev/sda1 /boot ext2 rw,relatime,block_validity,barrier,user_xattr,acl 0 0
/dev/mapper/casermgnt--vg-home /home ext4 rw,relatime 0 0
/dev/mapper/casermgnt--vg-tmp /tmp ext4 rw,relatime 0 0
/dev/mapper/casermgnt--vg-var /var ext4 rw,relatime 0 0
tmpfs /run/user/1000 tmpfs rw,nosuid,nodev,relatime,size=204240k,mode=700,
uid=1000,gid=1000 0 0

We can see that the /var is in rw.

Is that why the server doesn't start ?

Or it has nothing to do with.

Thank you

Le mercredi 24 juillet 2019 15:32:44 UTC+2, Matthew Uribe a écrit :
>
> Alain,
>
> Your fstab file shows that /var should be mounting correctly, but a file 
> system can become read-only for any number of reasons. If it is in fact 
> read only, then any user, even root, would not be able to write to it. You 
> could try the following command from the directory /var/log/cas-management 
> : touch testfile
>
> If it creates testfile, then the file system is not read only. If it is 
> read only, you may need to un/remount /var, or simply reboot. If the file 
> system encountered some kind of error, a reboot should hopefully correct it.
>
> That's a good start, just to reduce the problem down to either something 
> wrong at the OS level, or otherwise, something wrong in the configuration 
> of your application. If the file system is not read only, then, as David 
> said, check everything detail by detail. Also to one of David's points, 
> start up Tomcat and look at ps or top to see which uid the is running the 
> Tomcat process. If it's not tomcat or root (please don't run tomcat as 
> root!), then it won't be able to write to /var/log/cas-management
>
> Matt
>
> On Wednesday, July 24, 2019 at 7:13:02 AM UTC-6, alain ubfc wrote:
>>
>> David,
>>
>> I have the log of tomcat /var/log/tomcat/catalina.ou. And it works.
>>
>> Here is my file /etc/fstab
>>
>> # /etc/fstab: static file system information.
>> #
>> # Use 'blkid' to print the universally unique identifier for a
>> # device; this may be used with UUID= as a more robust way to name devices
>> # that works even if disks are added and removed. See fstab(5).
>> #
>> #
>> /dev/mapper/casermgnt--vg-root /   ext4errors=remount-ro 
>> 0   1
>> # /boot was on /dev/sda1 during installation
>> UUID=af1e7cbd-4161-4099-9000-a7ebbb14c336 /boot   ext2   
>>  defaults0   2
>> /dev/mapper/casermgnt--vg-home /home   ext4defaults0 
>>   2
>> /dev/mapper/casermgnt--vg-tmp /tmpext4defaults0 
>>   2
>> /dev/mapper/casermgnt--vg-var /varext4defaults0 
>>   2
>> /dev/mapper/casermgnt--vg-swap_1 noneswapsw  
>> 0   0
>> /dev/sr0

Re: [cas-user] Re: CAS management

[Matthew Uribe]

Alain,

Your fstab file shows that /var should be mounting correctly, but a file 
system can become read-only for any number of reasons. If it is in fact 
read only, then any user, even root, would not be able to write to it. You 
could try the following command from the directory /var/log/cas-management 
: touch testfile

If it creates testfile, then the file system is not read only. If it is 
read only, you may need to un/remount /var, or simply reboot. If the file 
system encountered some kind of error, a reboot should hopefully correct it.

That's a good start, just to reduce the problem down to either something 
wrong at the OS level, or otherwise, something wrong in the configuration 
of your application. If the file system is not read only, then, as David 
said, check everything detail by detail. Also to one of David's points, 
start up Tomcat and look at ps or top to see which uid the is running the 
Tomcat process. If it's not tomcat or root (please don't run tomcat as 
root!), then it won't be able to write to /var/log/cas-management

Matt

On Wednesday, July 24, 2019 at 7:13:02 AM UTC-6, alain ubfc wrote:
>
> David,
>
> I have the log of tomcat /var/log/tomcat/catalina.ou. And it works.
>
> Here is my file /etc/fstab
>
> # /etc/fstab: static file system information.
> #
> # Use 'blkid' to print the universally unique identifier for a
> # device; this may be used with UUID= as a more robust way to name devices
> # that works even if disks are added and removed. See fstab(5).
> #
> #
> /dev/mapper/casermgnt--vg-root /   ext4errors=remount-ro 0 
>   1
> # /boot was on /dev/sda1 during installation
> UUID=af1e7cbd-4161-4099-9000-a7ebbb14c336 /boot   ext2   
>  defaults0   2
> /dev/mapper/casermgnt--vg-home /home   ext4defaults0 
>   2
> /dev/mapper/casermgnt--vg-tmp /tmpext4defaults0   
> 2
> /dev/mapper/casermgnt--vg-var /varext4defaults0   
> 2
> /dev/mapper/casermgnt--vg-swap_1 noneswapsw  0 
>   0
> /dev/sr0/media/cdrom0   udf,iso9660 user,noauto 0   0
>
> I don't see it.
>
>
> Le mercredi 24 juillet 2019 13:30:30 UTC+2, David Curry a écrit :
>>
>> [2019-07-22 08:57:45] [info] 2019-07-22 08:57:45,023 main ERROR 
>> RollingFileManager (/var/log/cas-management/cas-management.log) 
>> java.io.FileNotFoundException: /var/log/cas-management/cas-management.log 
>> (Read-only 
>> file system)
>>
>> Is your file system mounted read-only? Is the directory writable by the 
>> tomcat user (or whatever user is running the tomcat process)? 
>> RollingFileAppenders need write permission to the directory the log files 
>> are in, not just the log files themselves.
>>
>> --
>>
>> DAVID A. CURRY, CISSP
>> *DIRECTOR • INFORMATION SECURITY & PRIVACY*
>> THE NEW SCHOOL • INFORMATION TECHNOLOGY
>>
>> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
>> +1 646 909-4728 • david...@newschool.edu
>>
>>
>> On Wed, Jul 24, 2019 at 2:14 AM alain ubfc  wrote:
>>
>>> Hello,
>>>
>>> In fact I noticed that the/var/log/case-management file has nothing in 
>>> it.
>>>
>>> Yet I set the rights for the file cas-management.log with the chown -R 
>>> tomcat:tomcat/var/log/cas-management command.
>>>
>>> [2019-07-22 08:57:43] [info] 2019-07-22 08:57:43,429 main ERROR Could 
>>> not create plugin of type class org.apache.logging.log4j.core.appender.
>>> RollingFileAppender for element RollingFile: java.lang.
>>> IllegalStateException: ManagerFactory [org.apache.logging.log4j.core.
>>> appender.rolling.RollingFileManager$RollingFileManagerFactory@6ea59bb2] 
>>> unable to create manager for [/var/log/cas-management/cas-management.log
>>> ] with data [org.apache.logging.log4j.core.appender.rolling.
>>> RollingFileManager$FactoryData@506344b1[pattern=/var/log/cas-management/
>>> cas-%d{-MM-dd-HH}-%i.log, append=true, bufferedIO=true, bufferSize=
>>> 8192, policy=CompositeTriggeringPolicy(policies=[
>>> OnStartupTriggeringPolicy, SizeBasedTriggeringPolicy(size=10485760), 
>>> TimeBasedTriggeringPolicy(nextRolloverMillis=0, interval=1, modulate=
>>> false)]), strategy=DefaultRolloverStrategy(min=1, max=5, useMax=true), 
>>> advertiseURI=null, layout=%highlight{%d %p [%c] - <%m>%n}, 
>>> filePermissions=null, fileOwner=null]] java.lang.IllegalStateException: 
>>> ManagerFactory [org.apache.logging.log4j.core.appender.rolling.
>>> RollingFileManager$RollingFileManagerFactory@6ea59bb2] unable to create 
>>> manager for [/var/log/cas-management/cas-management.log] with data [org.
>>> apache.logging.log4j.core.appender.rolling.
>>> RollingFileManager$FactoryData@506344b1[pattern=/var/log/cas-management/
>>> cas-%d{-MM-dd-HH}-%i.log, append=true, bufferedIO=true, bufferSize=
>>> 8192, policy=CompositeTriggeringPolicy(policies=[
>>> OnStartupTriggeringPolicy, SizeBasedTriggeringPolicy(size=10485760), 
>>> TimeBasedTriggeringPolicy(nextRolloverMillis=0, interval=

Re: [cas-user] Re: CAS management

[David Curry]

Check that the process is actually running as tomcat. Turn on debug logging
and see what's happening. Compare the owners and modes of the working logs
(cas) to the non-working ones (cas-management).

There's a permission that's wrong, or it's running as the wrong user, or
there's a typo in a path name, or something. It's really just a matter of
meticulously checking everything. Don't assume anything, check everything.

--

DAVID A. CURRY, CISSP
*DIRECTOR • INFORMATION SECURITY & PRIVACY*
THE NEW SCHOOL • INFORMATION TECHNOLOGY

71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 646 909-4728 • david.cu...@newschool.edu


On Wed, Jul 24, 2019 at 9:13 AM alain ubfc  wrote:

> David,
>
> I have the log of tomcat /var/log/tomcat/catalina.ou. And it works.
>
> Here is my file /etc/fstab
>
> # /etc/fstab: static file system information.
> #
> # Use 'blkid' to print the universally unique identifier for a
> # device; this may be used with UUID= as a more robust way to name devices
> # that works even if disks are added and removed. See fstab(5).
> #
> #
> /dev/mapper/casermgnt--vg-root /   ext4errors=remount-ro 0
>   1
> # /boot was on /dev/sda1 during installation
> UUID=af1e7cbd-4161-4099-9000-a7ebbb14c336 /boot   ext2
>  defaults0   2
> /dev/mapper/casermgnt--vg-home /home   ext4defaults0
>   2
> /dev/mapper/casermgnt--vg-tmp /tmpext4defaults0
> 2
> /dev/mapper/casermgnt--vg-var /varext4defaults0
> 2
> /dev/mapper/casermgnt--vg-swap_1 noneswapsw  0
>   0
> /dev/sr0/media/cdrom0   udf,iso9660 user,noauto 0   0
>
> I don't see it.
>
>
> Le mercredi 24 juillet 2019 13:30:30 UTC+2, David Curry a écrit :
>>
>> [2019-07-22 08:57:45] [info] 2019-07-22 08:57:45,023 main ERROR
>> RollingFileManager (/var/log/cas-management/cas-management.log)
>> java.io.FileNotFoundException: /var/log/cas-management/cas-management.log 
>> (Read-only
>> file system)
>>
>> Is your file system mounted read-only? Is the directory writable by the
>> tomcat user (or whatever user is running the tomcat process)?
>> RollingFileAppenders need write permission to the directory the log files
>> are in, not just the log files themselves.
>>
>> --
>>
>> DAVID A. CURRY, CISSP
>> *DIRECTOR • INFORMATION SECURITY & PRIVACY*
>> THE NEW SCHOOL • INFORMATION TECHNOLOGY
>>
>> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
>> +1 646 909-4728 • david...@newschool.edu
>>
>>
>> On Wed, Jul 24, 2019 at 2:14 AM alain ubfc  wrote:
>>
>>> Hello,
>>>
>>> In fact I noticed that the/var/log/case-management file has nothing in
>>> it.
>>>
>>> Yet I set the rights for the file cas-management.log with the chown -R
>>> tomcat:tomcat/var/log/cas-management command.
>>>
>>> [2019-07-22 08:57:43] [info] 2019-07-22 08:57:43,429 main ERROR Could
>>> not create plugin of type class org.apache.logging.log4j.core.appender.
>>> RollingFileAppender for element RollingFile: java.lang.
>>> IllegalStateException: ManagerFactory [org.apache.logging.log4j.core.
>>> appender.rolling.RollingFileManager$RollingFileManagerFactory@6ea59bb2]
>>> unable to create manager for [/var/log/cas-management/cas-management.log
>>> ] with data [org.apache.logging.log4j.core.appender.rolling.
>>> RollingFileManager$FactoryData@506344b1[pattern=/var/log/cas-management/
>>> cas-%d{-MM-dd-HH}-%i.log, append=true, bufferedIO=true, bufferSize=
>>> 8192, policy=CompositeTriggeringPolicy(policies=[
>>> OnStartupTriggeringPolicy, SizeBasedTriggeringPolicy(size=10485760),
>>> TimeBasedTriggeringPolicy(nextRolloverMillis=0, interval=1, modulate=
>>> false)]), strategy=DefaultRolloverStrategy(min=1, max=5, useMax=true),
>>> advertiseURI=null, layout=%highlight{%d %p [%c] - <%m>%n},
>>> filePermissions=null, fileOwner=null]] java.lang.IllegalStateException:
>>> ManagerFactory [org.apache.logging.log4j.core.appender.rolling.
>>> RollingFileManager$RollingFileManagerFactory@6ea59bb2] unable to create
>>> manager for [/var/log/cas-management/cas-management.log] with data [org.
>>> apache.logging.log4j.core.appender.rolling.
>>> RollingFileManager$FactoryData@506344b1[pattern=/var/log/cas-management/
>>> cas-%d{-MM-dd-HH}-%i.log, append=true, bufferedIO=true, bufferSize=
>>> 8192, policy=CompositeTriggeringPolicy(policies=[
>>> OnStartupTriggeringPolicy, SizeBasedTriggeringPolicy(size=10485760),
>>> TimeBasedTriggeringPolicy(nextRolloverMillis=0, interval=1, modulate=
>>> false)]), strategy=DefaultRolloverStrategy(min=1, max=5, useMax=true>> style="color:rgb(102,102,0
>>>
>> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email t

Re: [cas-user] Re: CAS management

[alain ubfc]

David,

I have the log of tomcat /var/log/tomcat/catalina.ou. And it works.

Here is my file /etc/fstab

# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab(5).
#
#
/dev/mapper/casermgnt--vg-root /   ext4errors=remount-ro 0 
  1
# /boot was on /dev/sda1 during installation
UUID=af1e7cbd-4161-4099-9000-a7ebbb14c336 /boot   ext2defaults 
   0   2
/dev/mapper/casermgnt--vg-home /home   ext4defaults0   
2
/dev/mapper/casermgnt--vg-tmp /tmpext4defaults0 
  2
/dev/mapper/casermgnt--vg-var /varext4defaults0 
  2
/dev/mapper/casermgnt--vg-swap_1 noneswapsw  0 
  0
/dev/sr0/media/cdrom0   udf,iso9660 user,noauto 0   0

I don't see it.


Le mercredi 24 juillet 2019 13:30:30 UTC+2, David Curry a écrit :
>
> [2019-07-22 08:57:45] [info] 2019-07-22 08:57:45,023 main ERROR 
> RollingFileManager (/var/log/cas-management/cas-management.log) 
> java.io.FileNotFoundException: /var/log/cas-management/cas-management.log 
> (Read-only 
> file system)
>
> Is your file system mounted read-only? Is the directory writable by the 
> tomcat user (or whatever user is running the tomcat process)? 
> RollingFileAppenders need write permission to the directory the log files 
> are in, not just the log files themselves.
>
> --
>
> DAVID A. CURRY, CISSP
> *DIRECTOR • INFORMATION SECURITY & PRIVACY*
> THE NEW SCHOOL • INFORMATION TECHNOLOGY
>
> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
> +1 646 909-4728 • david...@newschool.edu 
>
>
> On Wed, Jul 24, 2019 at 2:14 AM alain ubfc  > wrote:
>
>> Hello,
>>
>> In fact I noticed that the/var/log/case-management file has nothing in it.
>>
>> Yet I set the rights for the file cas-management.log with the chown -R 
>> tomcat:tomcat/var/log/cas-management command.
>>
>> [2019-07-22 08:57:43] [info] 2019-07-22 08:57:43,429 main ERROR Could not 
>> create plugin of type class org.apache.logging.log4j.core.appender.
>> RollingFileAppender for element RollingFile: java.lang.
>> IllegalStateException: ManagerFactory [org.apache.logging.log4j.core.
>> appender.rolling.RollingFileManager$RollingFileManagerFactory@6ea59bb2] 
>> unable to create manager for [/var/log/cas-management/cas-management.log] 
>> with data [org.apache.logging.log4j.core.appender.rolling.
>> RollingFileManager$FactoryData@506344b1[pattern=/var/log/cas-management/
>> cas-%d{-MM-dd-HH}-%i.log, append=true, bufferedIO=true, bufferSize=
>> 8192, policy=CompositeTriggeringPolicy(policies=[
>> OnStartupTriggeringPolicy, SizeBasedTriggeringPolicy(size=10485760), 
>> TimeBasedTriggeringPolicy(nextRolloverMillis=0, interval=1, modulate=
>> false)]), strategy=DefaultRolloverStrategy(min=1, max=5, useMax=true), 
>> advertiseURI=null, layout=%highlight{%d %p [%c] - <%m>%n}, 
>> filePermissions=null, fileOwner=null]] java.lang.IllegalStateException: 
>> ManagerFactory [org.apache.logging.log4j.core.appender.rolling.
>> RollingFileManager$RollingFileManagerFactory@6ea59bb2] unable to create 
>> manager for [/var/log/cas-management/cas-management.log] with data [org.
>> apache.logging.log4j.core.appender.rolling.
>> RollingFileManager$FactoryData@506344b1[pattern=/var/log/cas-management/
>> cas-%d{-MM-dd-HH}-%i.log, append=true, bufferedIO=true, bufferSize=
>> 8192, policy=CompositeTriggeringPolicy(policies=[
>> OnStartupTriggeringPolicy, SizeBasedTriggeringPolicy(size=10485760), 
>> TimeBasedTriggeringPolicy(nextRolloverMillis=0, interval=1, modulate=
>> false)]), strategy=DefaultRolloverStrategy(min=1, max=5, useMax=true> style="color:rgb(102,102,0
>>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/cd674a0f-844e-4397-a374-fbbe0b7d1219%40apereo.org.

Re: [cas-user] Re: CAS management

[David Curry]

Are you positive that the tomcat process is actually running as the tomcat
user?

The error message says read-only file system. Are you sure the file system
is mounted read-write? Can you create files in it?

Have you turned on debug-level logging to get a more granular idea of
what's going on?

Are all the file and directory names spelled correctly everywhere?

Is the regular cas log file (not the management server) in /var/log/cas? Is
it being successfully written to?

Beyond "check everything" I'm not sure what advice to give you; it could be
a dozen different things.


--

DAVID A. CURRY, CISSP
*DIRECTOR • INFORMATION SECURITY & PRIVACY*
THE NEW SCHOOL • INFORMATION TECHNOLOGY

71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 646 909-4728 • david.cu...@newschool.edu


On Wed, Jul 24, 2019 at 8:49 AM alain ubfc  wrote:

> Hello David,
>
> Thank you for your answer.
>
> The directory /var/log/cas-management has the following rights :
>
> drwxr-x---  2 tomcat adm  4096 juil. 22 09:23 cas-management
>
> And for the filecas-management.log
>
> -rw-r-  1 tomcat tomcat0 juil. 19 14:39 cas-management.log
>
> That's what i did. And i doesn't work.
>
> How to do this ?
>
> Best regard
>
> Le mercredi 24 juillet 2019 13:30:30 UTC+2, David Curry a écrit :
>>
>> [2019-07-22 08:57:45] [info] 2019-07-22 08:57:45,023 main ERROR
>> RollingFileManager (/var/log/cas-management/cas-management.log)
>> java.io.FileNotFoundException: /var/log/cas-management/cas-management.log 
>> (Read-only
>> file system)
>>
>> Is your file system mounted read-only? Is the directory writable by the
>> tomcat user (or whatever user is running the tomcat process)?
>> RollingFileAppenders need write permission to the directory the log files
>> are in, not just the log files themselves.
>>
>> --
>>
>> DAVID A. CURRY, CISSP
>> *DIRECTOR • INFORMATION SECURITY & PRIVACY*
>> THE NEW SCHOOL • INFORMATION TECHNOLOGY
>>
>> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
>> +1 646 909-4728 • david...@newschool.edu
>>
>>
>> On Wed, Jul 24, 2019 at 2:14 AM alain ubfc  wrote:
>>
>>> Hello,
>>>
>>> In fact I noticed that the/var/log/case-management file has nothing in
>>> it.
>>>
>>> Yet I set the rights for the file cas-management.log with the chown -R
>>> tomcat:tomcat/var/log/cas-management command.
>>>
>>> [2019-07-22 08:57:43] [info] 2019-07-22 08:57:43,429 main ERROR Could
>>> not create plugin of type class org.apache.logging.log4j.core.appender.
>>> RollingFileAppender for element RollingFile: java.lang.
>>> IllegalStateException: ManagerFactory [org.apache.logging.log4j.core.
>>> appender.rolling.RollingFileManager$RollingFileManagerFactory@6ea59bb2]
>>> unable to create manager for [/var/log/cas-management/cas-management.log
>>> ] with data [org.apache.logging.log4j.core.appender.rolling.
>>> RollingFileManager$FactoryData@506344b1[pattern=/var/log/cas-management/
>>> cas-%d{-MM-dd-HH}-%i.log, append=true, bufferedIO=true, bufferSize=
>>> 8192, policy=CompositeTriggeringPolicy(policies=[
>>> OnStartupTriggeringPolicy, SizeBasedTriggeringPolicy(size=10485760),
>>> TimeBasedTriggeringPolicy(nextRolloverMillis=0, interval=1, modulate=
>>> false)]), strategy=DefaultRolloverStrategy(min=1, max=5, useMax=true),
>>> advertiseURI=null, layout=%highlight{%d %p [%c] - <%m>%n},
>>> filePermissions=null, fileOwner=null]] java.lang.IllegalStateException:
>>> ManagerFactory [org.apache.logging.log4j.core.appender.rolling.
>>> RollingFileManager$RollingFileManagerFactory@6ea59bb2] unable to create
>>> manager for [/var/log/cas-management/cas-management.log] with data [org.
>>> apache.logging.log4j.core.appender.rolling.
>>> RollingFileManager$FactoryData@506344b1[pattern=/var/log/cas-management/
>>> cas-%d{-MM-dd-HH}-%i.log, append=true, bufferedIO=true, bufferSize=
>>> 8192, policy=CompositeTriggeringPolicy(policies=[
>>> OnStartupTriggeringPolicy, SizeBasedTriggeringPolicy(size=10485760),
>>> TimeBasedTriggeringPolicy(nextRolloverMillis=0, interval=1, modulate=
>>> false)]), strategy=DefaultRolloverStrategy(min=1, max=5, useMax=true>> style="color:rgb(102,102,0
>>>
>> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/5e999c26-0b23-4cc9-a521-cbdfa36fa1a1%40apereo.org
> 
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You receiv

Re: [cas-user] Re: CAS management

[alain ubfc]

Hello David,

Thank you for your answer.

The directory /var/log/cas-management has the following rights :

drwxr-x---  2 tomcat adm  4096 juil. 22 09:23 cas-management

And for the filecas-management.log

-rw-r-  1 tomcat tomcat0 juil. 19 14:39 cas-management.log

That's what i did. And i doesn't work.

How to do this ?

Best regard

Le mercredi 24 juillet 2019 13:30:30 UTC+2, David Curry a écrit :
>
> [2019-07-22 08:57:45] [info] 2019-07-22 08:57:45,023 main ERROR 
> RollingFileManager (/var/log/cas-management/cas-management.log) 
> java.io.FileNotFoundException: /var/log/cas-management/cas-management.log 
> (Read-only 
> file system)
>
> Is your file system mounted read-only? Is the directory writable by the 
> tomcat user (or whatever user is running the tomcat process)? 
> RollingFileAppenders need write permission to the directory the log files 
> are in, not just the log files themselves.
>
> --
>
> DAVID A. CURRY, CISSP
> *DIRECTOR • INFORMATION SECURITY & PRIVACY*
> THE NEW SCHOOL • INFORMATION TECHNOLOGY
>
> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
> +1 646 909-4728 • david...@newschool.edu 
>
>
> On Wed, Jul 24, 2019 at 2:14 AM alain ubfc  > wrote:
>
>> Hello,
>>
>> In fact I noticed that the/var/log/case-management file has nothing in it.
>>
>> Yet I set the rights for the file cas-management.log with the chown -R 
>> tomcat:tomcat/var/log/cas-management command.
>>
>> [2019-07-22 08:57:43] [info] 2019-07-22 08:57:43,429 main ERROR Could not 
>> create plugin of type class org.apache.logging.log4j.core.appender.
>> RollingFileAppender for element RollingFile: java.lang.
>> IllegalStateException: ManagerFactory [org.apache.logging.log4j.core.
>> appender.rolling.RollingFileManager$RollingFileManagerFactory@6ea59bb2] 
>> unable to create manager for [/var/log/cas-management/cas-management.log] 
>> with data [org.apache.logging.log4j.core.appender.rolling.
>> RollingFileManager$FactoryData@506344b1[pattern=/var/log/cas-management/
>> cas-%d{-MM-dd-HH}-%i.log, append=true, bufferedIO=true, bufferSize=
>> 8192, policy=CompositeTriggeringPolicy(policies=[
>> OnStartupTriggeringPolicy, SizeBasedTriggeringPolicy(size=10485760), 
>> TimeBasedTriggeringPolicy(nextRolloverMillis=0, interval=1, modulate=
>> false)]), strategy=DefaultRolloverStrategy(min=1, max=5, useMax=true), 
>> advertiseURI=null, layout=%highlight{%d %p [%c] - <%m>%n}, 
>> filePermissions=null, fileOwner=null]] java.lang.IllegalStateException: 
>> ManagerFactory [org.apache.logging.log4j.core.appender.rolling.
>> RollingFileManager$RollingFileManagerFactory@6ea59bb2] unable to create 
>> manager for [/var/log/cas-management/cas-management.log] with data [org.
>> apache.logging.log4j.core.appender.rolling.
>> RollingFileManager$FactoryData@506344b1[pattern=/var/log/cas-management/
>> cas-%d{-MM-dd-HH}-%i.log, append=true, bufferedIO=true, bufferSize=
>> 8192, policy=CompositeTriggeringPolicy(policies=[
>> OnStartupTriggeringPolicy, SizeBasedTriggeringPolicy(size=10485760), 
>> TimeBasedTriggeringPolicy(nextRolloverMillis=0, interval=1, modulate=
>> false)]), strategy=DefaultRolloverStrategy(min=1, max=5, useMax=true> style="color:rgb(102,102,0
>>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/5e999c26-0b23-4cc9-a521-cbdfa36fa1a1%40apereo.org.

Re: [cas-user] Re: CAS management

[David Curry]

[2019-07-22 08:57:45] [info] 2019-07-22 08:57:45,023 main ERROR
RollingFileManager (/var/log/cas-management/cas-management.log)
java.io.FileNotFoundException:
/var/log/cas-management/cas-management.log (Read-only
file system)

Is your file system mounted read-only? Is the directory writable by the
tomcat user (or whatever user is running the tomcat process)?
RollingFileAppenders need write permission to the directory the log files
are in, not just the log files themselves.

--

DAVID A. CURRY, CISSP
*DIRECTOR • INFORMATION SECURITY & PRIVACY*
THE NEW SCHOOL • INFORMATION TECHNOLOGY

71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 646 909-4728 • david.cu...@newschool.edu


On Wed, Jul 24, 2019 at 2:14 AM alain ubfc  wrote:

> Hello,
>
> In fact I noticed that the/var/log/case-management file has nothing in it.
>
> Yet I set the rights for the file cas-management.log with the chown -R
> tomcat:tomcat/var/log/cas-management command.
>
> [2019-07-22 08:57:43] [info] 2019-07-22 08:57:43,429 main ERROR Could not
> create plugin of type class org.apache.logging.log4j.core.appender.
> RollingFileAppender for element RollingFile: java.lang.
> IllegalStateException: ManagerFactory [org.apache.logging.log4j.core.
> appender.rolling.RollingFileManager$RollingFileManagerFactory@6ea59bb2]
> unable to create manager for [/var/log/cas-management/cas-management.log]
> with data [org.apache.logging.log4j.core.appender.rolling.
> RollingFileManager$FactoryData@506344b1[pattern=/var/log/cas-management/
> cas-%d{-MM-dd-HH}-%i.log, append=true, bufferedIO=true, bufferSize=
> 8192, policy=CompositeTriggeringPolicy(policies=[OnStartupTriggeringPolicy
> , SizeBasedTriggeringPolicy(size=10485760), TimeBasedTriggeringPolicy(
> nextRolloverMillis=0, interval=1, modulate=false)]), strategy=
> DefaultRolloverStrategy(min=1, max=5, useMax=true), advertiseURI=null,
> layout=%highlight{%d %p [%c] - <%m>%n}, filePermissions=null, fileOwner=
> null]] java.lang.IllegalStateException: ManagerFactory [org.apache.logging
> .log4j.core.appender.rolling.
> RollingFileManager$RollingFileManagerFactory@6ea59bb2] unable to create
> manager for [/var/log/cas-management/cas-management.log] with data [org.
> apache.logging.log4j.core.appender.rolling.
> RollingFileManager$FactoryData@506344b1[pattern=/var/log/cas-management/
> cas-%d{-MM-dd-HH}-%i.log, append=true, bufferedIO=true, bufferSize=
> 8192, policy=CompositeTriggeringPolicy(policies=[OnStartupTriggeringPolicy
> , SizeBasedTriggeringPolicy(size=10485760), TimeBasedTriggeringPolicy(
> nextRolloverMillis=0, interval=1, modulate=false)]), strategy=
> DefaultRolloverStrategy(min=1, max=5, useMax=true), advertiseURI=null,
> layout=%highlight{%d %p [%c] - <%m>%n}, filePermissions=null, fileOwner=
> null]]
>
>
> [2019-07-22 08:57:43] [info] 2019-07-22 08:57:43,442 main ERROR Null
> object returned for RollingFile in Appenders.
> [2019-07-22 08:57:45] [info] 2019-07-22 08:57:45,023 main ERROR
> RollingFileManager (/var/log/cas-management/cas-management.log) java.io.
> FileNotFoundException: /var/log/cas-management/cas-management.log (Read-only
> file system) java.io.FileNotFoundException: /var/log/cas-management/cas-
> management.log (Read-only file system)
>
>
> Do you have any idea?
>
> Thank you
>
> Best regard
>
> Le lundi 22 juillet 2019 12:04:48 UTC+2, alain ubfc a écrit :
>>
>> Hello,
>>
>> I’ve been stuck on cas-management for several weeks now.
>>
>> I followed the Dacurry documentation
>> https://dacurry-tns.github.io/deploying-apereo-cas/building_svcmgmt_overview.html
>> but nothing works.
>>
>> Here is my configuration of my cas-management.properties file
>>
>> # Adresse du Serveur CAS
>> cas.server.name=https://cas.osnetworking.com:8443
>> cas.server.prefix=https://cas.osnetworking.com:8443/cas
>> #cas.server.prefix=${cas.server.name}/cas
>>
>> logging.config=file:/etc/cas/config/log4j2-management.xml
>>
>> ##
>> # Update this URL to point at server running this management app #
>> ##
>>
>> #cas.mgmt.serverName: ${cas.server.name}
>> mgmt.serverName=https://casmanagement.osnetworking.com:8443
>> server.context-path=/cas-management
>> #server.port=8443
>>
>> spring.thymeleaf.mode = HTML
>>
>> mgmt.adminRoles[0]=ROLE_ADMIN
>> mgmt.userRoles[0]=ROLE_USER
>>
>> mgmt.userPropertiesFile=file:/etc/cas/config/users.json
>>
>> ##
>> # Gestion des Logs de cas-management #
>> ##
>>
>> logging.config=file:/etc/cas/config/log4j2-management.xml
>>
>> 
>> # Gestion des services en JSON #
>> 
>>
>> cas.serviceRegistry.json.location=file:/etc/cas/services
>> cas.serviceRegistry.initFromJson = true
>>
>> 
>> # Liste des attributs sélectionables depuis le CAS-Manager #
>> ###

[cas-user] Re: CAS management

[alain ubfc]

Hello,

In fact I noticed that the/var/log/case-management file has nothing in it.

Yet I set the rights for the file cas-management.log with the chown -R 
tomcat:tomcat/var/log/cas-management command.

[2019-07-22 08:57:43] [info] 2019-07-22 08:57:43,429 main ERROR Could not 
create plugin of type class org.apache.logging.log4j.core.appender.
RollingFileAppender for element RollingFile: java.lang.IllegalStateException
: ManagerFactory [org.apache.logging.log4j.core.appender.rolling.
RollingFileManager$RollingFileManagerFactory@6ea59bb2] unable to create 
manager for [/var/log/cas-management/cas-management.log] with data [org.
apache.logging.log4j.core.appender.rolling.
RollingFileManager$FactoryData@506344b1[pattern=/var/log/cas-management/cas
-%d{-MM-dd-HH}-%i.log, append=true, bufferedIO=true, bufferSize=8192, 
policy=CompositeTriggeringPolicy(policies=[OnStartupTriggeringPolicy, 
SizeBasedTriggeringPolicy(size=10485760), TimeBasedTriggeringPolicy(
nextRolloverMillis=0, interval=1, modulate=false)]), strategy=
DefaultRolloverStrategy(min=1, max=5, useMax=true), advertiseURI=null, 
layout=%highlight{%d %p [%c] - <%m>%n}, filePermissions=null, fileOwner=null
]] java.lang.IllegalStateException: ManagerFactory [org.apache.logging.log4j
.core.appender.rolling.RollingFileManager$RollingFileManagerFactory@6ea59bb2
] unable to create manager for [/var/log/cas-management/cas-management.log] 
with data [org.apache.logging.log4j.core.appender.rolling.
RollingFileManager$FactoryData@506344b1[pattern=/var/log/cas-management/cas
-%d{-MM-dd-HH}-%i.log, append=true, bufferedIO=true, bufferSize=8192, 
policy=CompositeTriggeringPolicy(policies=[OnStartupTriggeringPolicy, 
SizeBasedTriggeringPolicy(size=10485760), TimeBasedTriggeringPolicy(
nextRolloverMillis=0, interval=1, modulate=false)]), strategy=
DefaultRolloverStrategy(min=1, max=5, useMax=true), advertiseURI=null, 
layout=%highlight{%d %p [%c] - <%m>%n}, filePermissions=null, fileOwner=null
]]


[2019-07-22 08:57:43] [info] 2019-07-22 08:57:43,442 main ERROR Null object 
returned for RollingFile in Appenders.
[2019-07-22 08:57:45] [info] 2019-07-22 08:57:45,023 main ERROR 
RollingFileManager (/var/log/cas-management/cas-management.log) java.io.
FileNotFoundException: /var/log/cas-management/cas-management.log (Read-only 
file system) java.io.FileNotFoundException: /var/log/cas-management/cas-
management.log (Read-only file system)


Do you have any idea?

Thank you 

Best regard

Le lundi 22 juillet 2019 12:04:48 UTC+2, alain ubfc a écrit :
>
> Hello,
>
> I’ve been stuck on cas-management for several weeks now.
>
> I followed the Dacurry documentation 
> https://dacurry-tns.github.io/deploying-apereo-cas/building_svcmgmt_overview.html
>  
> but nothing works.
>
> Here is my configuration of my cas-management.properties file
>
> # Adresse du Serveur CAS
> cas.server.name=https://cas.osnetworking.com:8443
> cas.server.prefix=https://cas.osnetworking.com:8443/cas
> #cas.server.prefix=${cas.server.name}/cas
>
> logging.config=file:/etc/cas/config/log4j2-management.xml
>
> ##
> # Update this URL to point at server running this management app #
> ##
>
> #cas.mgmt.serverName: ${cas.server.name}
> mgmt.serverName=https://casmanagement.osnetworking.com:8443
> server.context-path=/cas-management
> #server.port=8443
>
> spring.thymeleaf.mode = HTML
>
> mgmt.adminRoles[0]=ROLE_ADMIN
> mgmt.userRoles[0]=ROLE_USER
>
> mgmt.userPropertiesFile=file:/etc/cas/config/users.json
>
> ##
> # Gestion des Logs de cas-management #
> ##
>
> logging.config=file:/etc/cas/config/log4j2-management.xml
>
> 
> # Gestion des services en JSON #
> 
>
> cas.serviceRegistry.json.location=file:/etc/cas/services
> cas.serviceRegistry.initFromJson = true
>
> 
> # Liste des attributs sélectionables depuis le CAS-Manager #
> 
>
> cas.authn.attributeRepository.stub.attributes.UDC_IDENTIFIER:   
> UDC_IDENTIFIER
> cas.authn.attributeRepository.stub.attributes.cn:   cn
> cas.authn.attributeRepository.stub.attributes.displayName: 
>  displayName
> cas.authn.attributeRepository.stub.attributes.givenName:givenName
> cas.authn.attributeRepository.stub.attributes.mail: mail
> cas.authn.attributeRepository.stub.attributes.sn:   sn
> cas.authn.attributeRepository.stub.attributes.uid:  uid
>
>
> Here is my json file.
>
> /*
>* Wildcard service définition that applies to any https or imaps url.
>* Do not use this definition in a production environment.
>*/
> {
>  "@class" :"org.apereo.cas.services.RegexRegisteredService",
>   "serviceId" : "^

[cas-user] Re: CAS management

[alain ubfc]

Hello,

Sorry i had erased the message of Mailvaganam Hari by making a bad handling 
:

*Is port 8443 appearing in the URL redirect? If it is – won’t match with 
the ACL in the JSON file.*

Le lundi 22 juillet 2019 12:04:48 UTC+2, alain ubfc a écrit :
>
> Hello,
>
> I’ve been stuck on cas-management for several weeks now.
>
> I followed the Dacurry documentation 
> https://dacurry-tns.github.io/deploying-apereo-cas/building_svcmgmt_overview.html
>  
> but nothing works.
>
> Here is my configuration of my cas-management.properties file
>
> # Adresse du Serveur CAS
> cas.server.name=https://cas.osnetworking.com:8443
> cas.server.prefix=https://cas.osnetworking.com:8443/cas
> #cas.server.prefix=${cas.server.name}/cas
>
> logging.config=file:/etc/cas/config/log4j2-management.xml
>
> ##
> # Update this URL to point at server running this management app #
> ##
>
> #cas.mgmt.serverName: ${cas.server.name}
> mgmt.serverName=https://casmanagement.osnetworking.com:8443
> server.context-path=/cas-management
> #server.port=8443
>
> spring.thymeleaf.mode = HTML
>
> mgmt.adminRoles[0]=ROLE_ADMIN
> mgmt.userRoles[0]=ROLE_USER
>
> mgmt.userPropertiesFile=file:/etc/cas/config/users.json
>
> ##
> # Gestion des Logs de cas-management #
> ##
>
> logging.config=file:/etc/cas/config/log4j2-management.xml
>
> 
> # Gestion des services en JSON #
> 
>
> cas.serviceRegistry.json.location=file:/etc/cas/services
> cas.serviceRegistry.initFromJson = true
>
> 
> # Liste des attributs sélectionables depuis le CAS-Manager #
> 
>
> cas.authn.attributeRepository.stub.attributes.UDC_IDENTIFIER:   
> UDC_IDENTIFIER
> cas.authn.attributeRepository.stub.attributes.cn:   cn
> cas.authn.attributeRepository.stub.attributes.displayName: 
>  displayName
> cas.authn.attributeRepository.stub.attributes.givenName:givenName
> cas.authn.attributeRepository.stub.attributes.mail: mail
> cas.authn.attributeRepository.stub.attributes.sn:   sn
> cas.authn.attributeRepository.stub.attributes.uid:  uid
>
>
> Here is my json file.
>
> /*
>* Wildcard service définition that applies to any https or imaps url.
>* Do not use this definition in a production environment.
>*/
> {
>  "@class" :"org.apereo.cas.services.RegexRegisteredService",
>   "serviceId" : "^
> https://casmanagment.osnetworking.com/cas-management/.*";,
>   "name" :  "CAS Services Management",
>   "id" :1563530823,
>   "description" : "CAS services management webapp",
>   "evaluationOrder" : 5500
>   "allowedAttributes":["cn","sAMAccountName","mail"]
> }
>
> Is my file correct ?
>
> Thank you
>
> Best regard
>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/8edab259-7016-480b-aeb5-a7ed407d6c64%40apereo.org.

Re: [cas-user] Re: cas-management 6.0 + MongoDB

[Chad Merritt]

Same issue here.  It crashes/locks up Tomcat .

r/Chad

On Friday, May 10, 2019 at 10:15:05 AM UTC-4, Alexi Pascual wrote:
>
> hi,
>
> Has anyone managed to install without problems the ca-management- 6.0 ?. I 
> have the same error, without the mongoDB configuration.
>
> Alexi.
> El 07-05-19 a las 13:07, Mathias Rosenberg escribió:
>
> I'm also facing the same problem, did you find some solution for it?
>
> Mathias.
>
> El miércoles, 27 de marzo de 2019, 6:56:34 (UTC-3), Taupasse escribió: 
>>
>> Hello,
>>
>> I'm currently trying to set up the cas management webapp 6.0 against a 
>> working Cas 6.0 with a ticket registry in a replicated MongoDB.
>>
>> When I try to build the cas-management.war from the 
>> cas-management-overlay, I add the following line to the build.gradle :
>>
>> compile "org.apereo.cas:cas-server-support-mongo-service-registry:6.0.2"
>>
>> I build it with 
>>
>> ./build.sh package
>>
>> Everything seems to be fine, but when i'm publishing the war file in my 
>> tomcat, it crashes with some "pretty" java errors :
>>
>> ERROR [org.apereo.cas.CasEmbeddedContainerUtils] - > CasEmbeddedContainerUtils cannot access a member of class org.apereo.cas.
>> mgmt.CasManagementEmbeddedContainerUtils$1 with modifiers "">
>> java.lang.IllegalAccessException: class org.apereo.cas.
>> CasEmbeddedContainerUtils cannot access a member of class org.apereo.cas.
>> mgmt.CasManagementEmbeddedContainerUtils$1 with modifiers ""
>> at jdk.internal.reflect.Reflection.newIllegalAccessException(
>> Reflection.java:361) ~[?:?]
>> at java.lang.reflect.AccessibleObject.checkAccess(
>> AccessibleObject.java:591) ~[?:?]
>> at java.lang.reflect.Constructor.newInstance(Constructor.java:481
>> ) ~[?:?]
>> at org.apereo.cas.CasEmbeddedContainerUtils.getCasBannerInstance(
>> CasEmbeddedContainerUtils.java:65) ~[cas-server-webapp-init-6.0.2-
>> SNAPSHOT.jar:6.0.2-SNAPSHOT]
>> at org.apereo.cas.web.CasWebApplicationServletInitializer.
>> configure(CasWebApplicationServletInitializer.java:23) ~[cas-server-
>> webapp-init-6.0.2-SNAPSHOT.jar:6.0.2-SNAPSHOT]
>> at org.springframework.boot.web.servlet.support.
>> SpringBootServletInitializer.createRootApplicationContext(
>> SpringBootServletInitializer.java:122) ~[spring-boot-2.1.1.RELEASE.jar:
>> 2.1.1.RELEASE]
>> at org.springframework.boot.web.servlet.support.
>> SpringBootServletInitializer.onStartup(SpringBootServletInitializer.java:
>> 91) ~[spring-boot-2.1.1.RELEASE.jar:2.1.1.RELEASE]
>> at org.springframework.web.SpringServletContainerInitializer.
>> onStartup(SpringServletContainerInitializer.java:171) ~[spring-web-5.1.
>> 3.RELEASE.jar:5.1.3.RELEASE]
>>
>>
>>
>>
>> And 
>>
>>  ERROR [org.springframework.boot.SpringApplication] - > failed>
>> java.lang.IllegalStateException: No Scope registered for scope name 
>> 'refresh'
>> at org.springframework.beans.factory.support.AbstractBeanFactory.
>> doGetBean(AbstractBeanFactory.java:350) ~[spring-beans-5.1.3.RELEASE.jar:
>> 5.1.3.RELEASE]
>> at org.springframework.beans.factory.support.AbstractBeanFactory.
>> getBean(AbstractBeanFactory.java:199) ~[spring-beans-5.1.3.RELEASE.jar:
>> 5.1.3.RELEASE]
>> at org.springframework.aop.target.SimpleBeanTargetSource.
>> getTarget(SimpleBeanTargetSource.java:35) ~[spring-aop-5.1.4.RELEASE.jar:
>> 5.1.4.RELEASE]
>> at org.springframework.aop.framework.
>> CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:672) 
>> ~[spring-aop-5.1.4.RELEASE.jar:5.1.4.RELEASE]
>> at org.apereo.cas.mgmt.web.
>> DefaultCasManagementEventListener$$EnhancerBySpringCGLIB$$5744b79f.
>> handleApplicationReadyEvent() ~[cas-mgmt-webapp-init-6.0.2-
>> SNAPSHOT.jar:6.0.2-SNAPSHOT]
>> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native 
>> Method) ~[?:?]
>> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(
>> NativeMethodAccessorImpl.java:62) ~[?:?]
>> at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(
>> DelegatingMethodAccessorImpl.java:43) ~[?:?]
>> at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?]
>> at org.springframework.context.event.
>> ApplicationListenerMethodAdapter.doInvoke(
>> ApplicationListenerMethodAdapter.java:259) ~[spring-context-5.1.3.RELEASE
>> .jar:5.1.3.RELEASE]
>> at org.springframework.context.event.
>> ApplicationListenerMethodAdapter.processEvent(
>> ApplicationListenerMethodAdapter.java:179) ~[spring-context-5.1.3.RELEASE
>> .jar:5.1.3.RELEASE]
>> at org.springframework.context.event.
>> ApplicationListenerMethodAdapter.onApplicationEvent(
>> ApplicationListenerMethodAdapter.java:142) ~[spring-context-5.1.3.RELEASE
>> .jar:5.1.3.RELEASE]
>> at org.springframework.context.event.
>> SimpleApplicationEventMulticaster.doInvokeListener(
>> SimpleApplicationEventMulticaster.java:172) ~[spring-context-5.1.
>> 3.RELEASE.jar:5.1.3.RELEASE]
>> at org.springframework.context

Re: [cas-user] Re: cas-management 6.0 + MongoDB

[Alexi Pascual]

hi,

Has anyone managed to install without problems the ca-management- 6.0 ?. 
I have the same error, without the mongoDB configuration.


Alexi.

El 07-05-19 a las 13:07, Mathias Rosenberg escribió:

I'm also facing the same problem, did you find some solution for it?

Mathias.

El miércoles, 27 de marzo de 2019, 6:56:34 (UTC-3), Taupasse escribió:

Hello,

I'm currently trying to set up the cas management webapp 6.0
against a working Cas 6.0 with a ticket registry in a replicated
MongoDB.

When I try to build the cas-management.war from the
cas-management-overlay, I add the following line to the build.gradle :

|
compile
"org.apereo.cas:cas-server-support-mongo-service-registry:6.0.2"
|

I build it with

|
./build.sh package
|

Everything seems to be fine, but when i'm publishing the war file
in my tomcat, it crashes with some "pretty" java errors :

|
ERROR

[org.apereo.cas.CasEmbeddedContainerUtils]-

java.lang.IllegalAccessException:classorg.apereo.cas.CasEmbeddedContainerUtilscannot
access a member of
classorg.apereo.cas.mgmt.CasManagementEmbeddedContainerUtils$1withmodifiers
""
        at

jdk.internal.reflect.Reflection.newIllegalAccessException(Reflection.java:361)~[?:?]
        at

java.lang.reflect.AccessibleObject.checkAccess(AccessibleObject.java:591)~[?:?]
        at
java.lang.reflect.Constructor.newInstance(Constructor.java:481)~[?:?]
        at

org.apereo.cas.CasEmbeddedContainerUtils.getCasBannerInstance(CasEmbeddedContainerUtils.java:65)~[cas-server-webapp-init-6.0.2-SNAPSHOT.jar:6.0.2-SNAPSHOT]
        at

org.apereo.cas.web.CasWebApplicationServletInitializer.configure(CasWebApplicationServletInitializer.java:23)~[cas-server-webapp-init-6.0.2-SNAPSHOT.jar:6.0.2-SNAPSHOT]
        at

org.springframework.boot.web.servlet.support.SpringBootServletInitializer.createRootApplicationContext(SpringBootServletInitializer.java:122)~[spring-boot-2.1.1.RELEASE.jar:2.1.1.RELEASE]
        at

org.springframework.boot.web.servlet.support.SpringBootServletInitializer.onStartup(SpringBootServletInitializer.java:91)~[spring-boot-2.1.1.RELEASE.jar:2.1.1.RELEASE]
        at

org.springframework.web.SpringServletContainerInitializer.onStartup(SpringServletContainerInitializer.java:171)~[spring-web-5.1.3.RELEASE.jar:5.1.3.RELEASE]
|




And

|
 ERROR
[org.springframework.boot.SpringApplication]-
java.lang.IllegalStateException:NoScoperegistered forscope name
'refresh'
        at

org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:350)~[spring-beans-5.1.3.RELEASE.jar:5.1.3.RELEASE]
        at

org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:199)~[spring-beans-5.1.3.RELEASE.jar:5.1.3.RELEASE]
        at

org.springframework.aop.target.SimpleBeanTargetSource.getTarget(SimpleBeanTargetSource.java:35)~[spring-aop-5.1.4.RELEASE.jar:5.1.4.RELEASE]
        at

org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:672)~[spring-aop-5.1.4.RELEASE.jar:5.1.4.RELEASE]
        at

org.apereo.cas.mgmt.web.DefaultCasManagementEventListener$$EnhancerBySpringCGLIB$$5744b79f.handleApplicationReadyEvent()~[cas-mgmt-webapp-init-6.0.2-SNAPSHOT.jar:6.0.2-SNAPSHOT]
        at
jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(NativeMethod)~[?:?]
        at

jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)~[?:?]
        at

jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)~[?:?]
        at java.lang.reflect.Method.invoke(Method.java:566)~[?:?]
        at

org.springframework.context.event.ApplicationListenerMethodAdapter.doInvoke(ApplicationListenerMethodAdapter.java:259)~[spring-context-5.1.3.RELEASE.jar:5.1.3.RELEASE]
        at

org.springframework.context.event.ApplicationListenerMethodAdapter.processEvent(ApplicationListenerMethodAdapter.java:179)~[spring-context-5.1.3.RELEASE.jar:5.1.3.RELEASE]
        at

org.springframework.context.event.ApplicationListenerMethodAdapter.onApplicationEvent(ApplicationListenerMethodAdapter.java:142)~[spring-context-5.1.3.RELEASE.jar:5.1.3.RELEASE]
        at

org.springframework.context.event.SimpleApplicationEventMulticaster.doInvokeListener(SimpleApplicationEventMulticaster.java:172)~[spring-context-5.1.3.RELEASE.jar:5.1.3.RELEASE]
        at

org.springframework.context.event.SimpleApplicationEventMulticaster.invokeListener(SimpleApplicationEventMulticaster.java:165)~[spring-context-5.1.3.RELEASE.jar:5.1.3.RELEASE]
        at

org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:139)~[spring-context-5.1.

[cas-user] Re: cas-management 6.0 + MongoDB

[Mathias Rosenberg]

I'm also facing the same problem, did you find some solution for it?

Mathias.

El miércoles, 27 de marzo de 2019, 6:56:34 (UTC-3), Taupasse escribió:
>
> Hello,
>
> I'm currently trying to set up the cas management webapp 6.0 against a 
> working Cas 6.0 with a ticket registry in a replicated MongoDB.
>
> When I try to build the cas-management.war from the 
> cas-management-overlay, I add the following line to the build.gradle :
>
> compile "org.apereo.cas:cas-server-support-mongo-service-registry:6.0.2"
>
> I build it with 
>
> ./build.sh package
>
> Everything seems to be fine, but when i'm publishing the war file in my 
> tomcat, it crashes with some "pretty" java errors :
>
> ERROR [org.apereo.cas.CasEmbeddedContainerUtils] -  CasEmbeddedContainerUtils cannot access a member of class org.apereo.cas.
> mgmt.CasManagementEmbeddedContainerUtils$1 with modifiers "">
> java.lang.IllegalAccessException: class org.apereo.cas.
> CasEmbeddedContainerUtils cannot access a member of class org.apereo.cas.
> mgmt.CasManagementEmbeddedContainerUtils$1 with modifiers ""
> at jdk.internal.reflect.Reflection.newIllegalAccessException(
> Reflection.java:361) ~[?:?]
> at java.lang.reflect.AccessibleObject.checkAccess(AccessibleObject
> .java:591) ~[?:?]
> at java.lang.reflect.Constructor.newInstance(Constructor.java:481) 
> ~[?:?]
> at org.apereo.cas.CasEmbeddedContainerUtils.getCasBannerInstance(
> CasEmbeddedContainerUtils.java:65) ~[cas-server-webapp-init-6.0.2-SNAPSHOT
> .jar:6.0.2-SNAPSHOT]
> at org.apereo.cas.web.CasWebApplicationServletInitializer.
> configure(CasWebApplicationServletInitializer.java:23) ~[cas-server-webapp
> -init-6.0.2-SNAPSHOT.jar:6.0.2-SNAPSHOT]
> at org.springframework.boot.web.servlet.support.
> SpringBootServletInitializer.createRootApplicationContext(
> SpringBootServletInitializer.java:122) ~[spring-boot-2.1.1.RELEASE.jar:2.1
> .1.RELEASE]
> at org.springframework.boot.web.servlet.support.
> SpringBootServletInitializer.onStartup(SpringBootServletInitializer.java:
> 91) ~[spring-boot-2.1.1.RELEASE.jar:2.1.1.RELEASE]
> at org.springframework.web.SpringServletContainerInitializer.
> onStartup(SpringServletContainerInitializer.java:171) ~[spring-web-5.1.
> 3.RELEASE.jar:5.1.3.RELEASE]
>
>
>
>
> And 
>
>  ERROR [org.springframework.boot.SpringApplication] -  failed>
> java.lang.IllegalStateException: No Scope registered for scope name 
> 'refresh'
> at org.springframework.beans.factory.support.AbstractBeanFactory.
> doGetBean(AbstractBeanFactory.java:350) ~[spring-beans-5.1.3.RELEASE.jar:
> 5.1.3.RELEASE]
> at org.springframework.beans.factory.support.AbstractBeanFactory.
> getBean(AbstractBeanFactory.java:199) ~[spring-beans-5.1.3.RELEASE.jar:5.1
> .3.RELEASE]
> at org.springframework.aop.target.SimpleBeanTargetSource.getTarget
> (SimpleBeanTargetSource.java:35) ~[spring-aop-5.1.4.RELEASE.jar:5.1.
> 4.RELEASE]
> at org.springframework.aop.framework.
> CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:672) 
> ~[spring-aop-5.1.4.RELEASE.jar:5.1.4.RELEASE]
> at org.apereo.cas.mgmt.web.
> DefaultCasManagementEventListener$$EnhancerBySpringCGLIB$$5744b79f.
> handleApplicationReadyEvent() ~[cas-mgmt-webapp-init-6.0.2-
> SNAPSHOT.jar:6.0.2-SNAPSHOT]
> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native 
> Method) ~[?:?]
> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(
> NativeMethodAccessorImpl.java:62) ~[?:?]
> at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(
> DelegatingMethodAccessorImpl.java:43) ~[?:?]
> at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?]
> at org.springframework.context.event.
> ApplicationListenerMethodAdapter.doInvoke(ApplicationListenerMethodAdapter
> .java:259) ~[spring-context-5.1.3.RELEASE.jar:5.1.3.RELEASE]
> at org.springframework.context.event.
> ApplicationListenerMethodAdapter.processEvent(
> ApplicationListenerMethodAdapter.java:179) ~[spring-context-5.1.3.RELEASE.
> jar:5.1.3.RELEASE]
> at org.springframework.context.event.
> ApplicationListenerMethodAdapter.onApplicationEvent(
> ApplicationListenerMethodAdapter.java:142) ~[spring-context-5.1.3.RELEASE.
> jar:5.1.3.RELEASE]
> at org.springframework.context.event.
> SimpleApplicationEventMulticaster.doInvokeListener(
> SimpleApplicationEventMulticaster.java:172) ~[spring-context-5.1.3.RELEASE
> .jar:5.1.3.RELEASE]
> at org.springframework.context.event.
> SimpleApplicationEventMulticaster.invokeListener(
> SimpleApplicationEventMulticaster.java:165) ~[spring-context-5.1.3.RELEASE
> .jar:5.1.3.RELEASE]
> at org.springframework.context.event.
> SimpleApplicationEventMulticaster.multicastEvent(
> SimpleApplicationEventMulticaster.java:139) ~[spring-context-5.1.3.RELEASE
> .jar:5.1.3.RELEASE]
> at org.springframework.context.support.AbstractApplicationContext.
> publishE

[cas-user] Re: CAS Management - Collection of Attributes in Attribute Release Policy

[Fahmi L. Ramdhani]

I hope CAS Management can take attributes based on existing attributes 
(*attribute 
key*).
Thank David!

Pada Jumat, 05 April 2019 15.01.42 UTC+7, Fahmi L. Ramdhani menulis:
>
> Hello,
>
> How to configure the attribute list in the Attribute Release Policy 
> (Return Allowed) in CAS Management? There only displays *uid, eppn *and 
> *givenName*. While the attributes available in the database are *uid, 
> email, username, nip, phone *and others. I want to display the array list 
> based on the available attributes.
>
> Thank you.
> Fahmi
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/978b15ff-3321-49e1-a2c1-5c01727e7ca7%40apereo.org.

Re: [cas-user] Re: CAS Management Services JPA Registry (Success, but Unable to Save to MySQL Database)

[Fahmi L. Ramdhani]

*This problem has been Solved.*
I am forget to insert dependency to *pom.xml* in  *management project*.


 org.apereo.cas
 cas-server-support-jdbc-drivers
 ${cas.version}


 org.apereo.cas
 cas-server-support-jpa-service-registry
 ${cas.version}



Thank you all.

Pada Kamis, 21 Maret 2019 23.12.56 UTC+7, rbon menulis:
>
> Fahmi,
>
> create-drop is used during initial development of a jpa project when 
> database design might change regularly. Once database is set, then it gets 
> changed to update. There is a create option but it will result in errors if 
> the database already exists. create can be used once and then changed to 
> update.
>
> Check catalina.out for logs.
>
> CAS is picking up one entry from the database. It reloads every 2 minutes. 
> Does it show 2 entries when you add one manually?
>
> Are the null values in the workbench image from the cas-management created 
> entry?
>
> Ray
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/788b65ed-9de4-4fd9-bea1-e6d9562de429%40apereo.org.

Re: [cas-user] Re: CAS Management Services JPA Registry (Success, but Unable to Save to MySQL Database)

[Ray Bon]

Fahmi,

create-drop is used during initial development of a jpa project when database 
design might change regularly. Once database is set, then it gets changed to 
update. There is a create option but it will result in errors if the database 
already exists. create can be used once and then changed to update.

Check catalina.out for logs.

CAS is picking up one entry from the database. It reloads every 2 minutes. Does 
it show 2 entries when you add one manually?

Are the null values in the workbench image from the cas-management created 
entry?

Ray

On Wed, 2019-03-20 at 20:17 -0700, Fahmi L. Ramdhani wrote:
Hello Ray, thank for your reply.
I changed the configuration:

- Adding cas.jdbc.showSql=true to cas.properties and management.properties
- Adding healthQuery to cas.properties and management.properties
- Change ddlAuto to update
- Rebuilding project cas and management


Log showing (cas.log)


2019-03-20 22:51:33,260 INFO [org.apereo.cas.services.AbstractServicesManager] 
- 
2019-03-20 22:51:43,276 DEBUG 
[org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - 
2019-03-20 22:51:43,314 DEBUG 
[org.apereo.cas.ticket.registry.support.JpaLockingStrategy] - 
2019-03-20 22:51:43,364 DEBUG 
[org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - 
2019-03-20 22:51:43,378 DEBUG [org.apereo.cas.ticket.DefaultTicketCatalog] - 


1. Adding 2 initial service registry using MySQL Workbench
2. I am login successfully to Services Management (screen shoot in attachment).
3. I am try to add an service registry, then save it.
4. Successfully added an service registry, but it is not stored in the database.
5. The table still displays 2 rows (not 3 rows, 1 added in service management)

Log show (cas-management.log, not showing SQL QUERIES)

= WHO: superadmin 
WHAT: 
AbstractRegisteredService(serviceId=^https:\/\/portal.example.com(\\z|\/.*), 
name=Asia, theme=null, informationU... ACTION: SAVE_SERVICE_SUCCESS 
APPLICATION: CAS_Management WHEN: Wed Mar 20 23:03:24 EDT 2019 CLIENT IP 
ADDRESS: 103.xxx.1x8.xxx SERVER IP ADDRESS: 172.16.2.53 
=


2019-03-20 23:04:04,149 ERROR [org.apereo.cas.mgmt.GitUtil] - Git repository 
not found/initialized at [/etc/cas/services-repo/.git]
2019-03-20 23:04:04,149 ERROR 
[org.apereo.cas.mgmt.services.web.ServiceRepositoryController] - repository not 
found: /etc/cas/services-repo/.git
java.lang.RuntimeException: repository not found: /etc/cas/services-repo/.git
at org.apereo.cas.mgmt.GitUtil.initializeGitRepository(GitUtil.java:1225) 
~[cas-management-webapp-support-5.3.6.jar:5.3.6]
at org.apereo.cas.mgmt.GitUtil.(GitUtil.java:100) 
~[cas-management-webapp-support-5.3.6.jar:5.3.6]
at 
org.apereo.cas.mgmt.services.web.factory.RepositoryFactory.buildGitUtil(RepositoryFactory.java:81)
 ~[cas-management-webapp-support-5.3.6.jar:5.3.6]
at 
org.apereo.cas.mgmt.services.web.factory.RepositoryFactory.masterRepository(RepositoryFactory.java:70)
 ~[cas-management-webapp-support-5.3.6.jar:5.3.6]
at 
org.apereo.cas.mgmt.services.web.factory.RepositoryFactory.from(RepositoryFactory.java:53)
 ~[cas-management-webapp-support-5.3.6.jar:5.3.6]
at 
org.apereo.cas.mgmt.services.web.factory.RepositoryFactory.from(RepositoryFactory.java:40)
 ~[cas-management-webapp-support-5.3.6.jar:5.3.6]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_191]
at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) 
~[?:1.8.0_191]
at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
 ~[?:1.8.0_191]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_191]
at 
org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:216) 
~[spring-core-4.3.17.RELEASE.jar:4.3.17.RELEASE]
at 
org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:470)
 ~[spring-cloud-context-1.3.0.RELEASE.jar:1.3.0.RELEASE]
at 
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
 ~[spring-aop-4.3.18.RELEASE.jar:4.3.18.RELEASE]
at 
org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:671)
 ~[spring-aop-4.3.18.RELEASE.jar:4.3.18.RELEASE]
at 
org.apereo.cas.mgmt.services.web.factory.RepositoryFactory$$EnhancerBySpringCGLIB$$892cee48.from()
 ~[cas-management-webapp-support-5.3.6.jar:5.3.6]
at 
org.apereo.cas.mgmt.services.web.ServiceRepositoryController.gitStatus(ServiceRepositoryController.java:322)
 [cas-management-webapp-support-5.3.6.jar:5.3.6]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_191]
at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) 
~[?:1.8.0_191]
at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
 ~[?:1.8.0_191]
at java.lang.reflect.Method.invoke(Method.

[cas-user] Re: CAS Management Services JPA Registry (Success, but Unable to Save to MySQL Database)

[Fahmi L. Ramdhani]

Sorry, i am forget attachment.
Strange, I added a service in service management, saved. But there is no 
database. But in service management appear. Where is the new service stored?

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/ce343483-e4ab-4bb6-93f3-245d716b2bcd%40apereo.org.

Re: [cas-user] Re: CAS Management Services JPA Registry (Success, but Unable to Save to MySQL Database)

[Fahmi L. Ramdhani]

Hello Ray, thank for your reply.
I changed the configuration:

- Adding cas.jdbc.showSql=true to cas.properties and management.properties
- Adding healthQuery to cas.properties and management.properties
- Change ddlAuto to update
- Rebuilding project cas and management


Log showing (*cas.log*)

2019-03-20 22:51:33,260 INFO [org.apereo.cas.services.AbstractServicesManager] 
- 
2019-03-20 22:51:43,276 DEBUG 
[org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - 
2019-03-20 22:51:43,314 DEBUG 
[org.apereo.cas.ticket.registry.support.JpaLockingStrategy] - 
2019-03-20 22:51:43,364 DEBUG 
[org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - 
2019-03-20 22:51:43,378 DEBUG [org.apereo.cas.ticket.DefaultTicketCatalog] - 



1. Adding 2 initial service registry using MySQL Workbench
2. I am login successfully to Services Management (screen shoot in 
attachment).
3. I am try to add an service registry, then save it.
4. Successfully added an service registry, but it is not stored in the 
database.
5. The table still displays 2 rows (not 3 rows, 1 added in service 
management)

Log show (*cas-management.log*, not showing SQL QUERIES)

= WHO: 
superadmin WHAT: AbstractRegisteredService(serviceId=^https:\/\/portal.
example.com(\\z|\/.*), name=Asia, theme=null, informationU... ACTION: 
SAVE_SERVICE_SUCCESS APPLICATION: CAS_Management WHEN: Wed Mar 20 23:03:24 
EDT 2019 CLIENT IP ADDRESS: 103.xxx.1x8.xxx SERVER IP ADDRESS: 172.16.2.53 
=


2019-03-20 23:04:04,149 ERROR [org.apereo.cas.mgmt.GitUtil] - Git 
repository not found/initialized at [/etc/cas/services-repo/.git]
2019-03-20 23:04:04,149 ERROR [org.apereo.cas.mgmt.services.web.
ServiceRepositoryController] - repository not found: /etc/cas/services-repo
/.git
java.lang.RuntimeException: repository not found: /etc/cas/services-repo/.
git
at org.apereo.cas.mgmt.GitUtil.initializeGitRepository(GitUtil.java:1225) ~[
cas-management-webapp-support-5.3.6.jar:5.3.6]
at org.apereo.cas.mgmt.GitUtil.(GitUtil.java:100) ~[cas-management-
webapp-support-5.3.6.jar:5.3.6]
at org.apereo.cas.mgmt.services.web.factory.RepositoryFactory.buildGitUtil(
RepositoryFactory.java:81) ~[cas-management-webapp-support-5.3.6.jar:5.3.6]
at org.apereo.cas.mgmt.services.web.factory.RepositoryFactory.
masterRepository(RepositoryFactory.java:70) ~[cas-management-webapp-support-
5.3.6.jar:5.3.6]
at org.apereo.cas.mgmt.services.web.factory.RepositoryFactory.from(
RepositoryFactory.java:53) ~[cas-management-webapp-support-5.3.6.jar:5.3.6]
at org.apereo.cas.mgmt.services.web.factory.RepositoryFactory.from(
RepositoryFactory.java:40) ~[cas-management-webapp-support-5.3.6.jar:5.3.6]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_191
]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java
:62) ~[?:1.8.0_191]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(
DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_191]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_191]
at org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.
java:216) ~[spring-core-4.3.17.RELEASE.jar:4.3.17.RELEASE]
at org.springframework.cloud.context.scope.
GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:470) ~[
spring-cloud-context-1.3.0.RELEASE.jar:1.3.0.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(
ReflectiveMethodInvocation.java:179) ~[spring-aop-4.3.18.RELEASE.jar:4.3.
18.RELEASE]
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor
.intercept(CglibAopProxy.java:671) ~[spring-aop-4.3.18.RELEASE.jar:4.3.
18.RELEASE]
at org.apereo.cas.mgmt.services.web.factory.
RepositoryFactory$$EnhancerBySpringCGLIB$$892cee48.from() ~[cas-
management-webapp-support-5.3.6.jar:5.3.6]
at org.apereo.cas.mgmt.services.web.ServiceRepositoryController.gitStatus(
ServiceRepositoryController.java:322) [cas-management-webapp-support-5.3.
6.jar:5.3.6]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_191
]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java
:62) ~[?:1.8.0_191]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(
DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_191]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_191]
at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(
InvocableHandlerMethod.java:205) [spring-web-4.3.18.RELEASE.jar:4.3.
18.RELEASE]
at org.springframework.web.method.support.InvocableHandlerMethod.
invokeForRequest(InvocableHandlerMethod.java:133) [spring-web-4.3.18.RELEASE
.jar:4.3.18.RELEASE]
at org.springframework.web.servlet.mvc.method.annotation.
ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.
java:97) [spring-webmvc-4.3.17.RELEASE.jar:4.3.17.RELEASE]
at org.springframework.web.servlet.mvc.method.annotation.
RequestMappingHandler

Re: [cas-user] Re: CAS Management Services JPA Registry (Success, but Unable to Save to MySQL Database)

[Ray Bon]

Fahmi,

ddlAuto should be set to 'none' or 'update'.
You can also set cas.jdbc.showSql=true to see queries in the logs.
There is also a health query healthQuery='select ...'

Are you running CAS and management server on the same tomcat at the same time 
or do you shut one down and start the other?
The create-drop will drop the database during tomcat shutdown.

After you create a service, check to see that it is there with mysql command 
line tool.

This might give some info in the logs:




Ray


On Wed, 2019-03-20 at 14:33 -0700, Fahmi L. Ramdhani wrote:
Thanks for your replies.

I added the service via CAS Service Manangement 
(https://sso.example.com/cas-management/manage.html), but it was not saved in 
the database. Please help review my CAS configuration (in attachment).

Can you help me please. Thank you.

Pada Rabu, 20 Maret 2019 23.01.06 UTC+7, Facundo Mateo menulis:
I am assuming you don't have version control enabled.

After you add the service through console, is your service shown in Management 
console list? If so it should be in your service registry database.
I have the same exception you describe if version control is not enabled but I 
am still able to save the registry to database.

May be you could increase console  log level to debug and set 
"cas.jdbc.showSql=true"  to see whats really happening.



--
Ray Bon
Programmer analyst
Development Services, University Systems
2507218831 | CLE 019 | r...@uvic.ca

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/1553127119.3399.68.camel%40uvic.ca.

[cas-user] Re: CAS Management Services JPA Registry (Success, but Unable to Save to MySQL Database)

[Fahmi L. Ramdhani]

Thanks for your replies.

I added the service via CAS Service Manangement 
(https://sso.example.com/cas-management/manage.html), but it was not saved 
in the database. Please help review my CAS configuration (in attachment).

Can you help me please. Thank you.

Pada Rabu, 20 Maret 2019 23.01.06 UTC+7, Facundo Mateo menulis:
>
> I am assuming you don't have version control enabled.
>
> After you add the service through console, is your service shown in 
> Management console list? If so it should be in your service registry 
> database.
> I have the same exception you describe if version control is not enabled 
> but I am still able to save the registry to database. 
>
> May be you could increase console  log level to debug and set 
> "cas.jdbc.showSql=true"  to see whats really happening.
>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/dcd0aa1d-c671-4f4c-9a8f-bd790a17e1bb%40apereo.org.


cas.properties
Description: Binary data


management.properties
Description: Binary data

[cas-user] Re: CAS Management Services JPA Registry (Success, but Unable to Save to MySQL Database)

[Facundo Mateo]

I am assuming you don't have version control enabled.

After you add the service through console, is your service shown in 
Management console list? If so it should be in your service registry 
database.
I have the same exception you describe if version control is not enabled 
but I am still able to save the registry to database. 

May be you could increase console  log level to debug and set 
"cas.jdbc.showSql=true"  to see whats really happening.


-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/b43cb882-86ad-4f7c-af07-9e654137dcb5%40apereo.org.

Re: [cas-user] Re: CAS Management Services JPA Registry (Success, but Unable to Save to MySQL Database)

[Ray Bon]

Fahmi,

It sounds like the management server is saving the service to another location, 
most likely file system since that is default.
Also, make sure that CAS and management server are pointing to the exact same 
service registry. Check spelling of your properties.

Ray

On Wed, 2019-03-20 at 08:16 -0700, Fahmi L. Ramdhani wrote:
Thanks Facundo for your reply. Regarding "cas.serviceRegistry.jpa.ddlAuto = 
create-drop" is only temporary, next time, I will change it to none or update.

So, when I go to https://sso.example.com/cas-management (successfully), then I 
make 1 new registry service. I think it will save new data to the MySQL 
registryDb.RegexRegisteredService table, but the registry service does not add 
to the table.

The thing that makes me confused is that the registry service that was added 
was still stored after I closed the browser (private mode). I don't know where 
the new registry service was stored. Then after I tried accessing the registry 
service (https://portal.example.com/dashboard redirected to CAS Login), the CAS 
refused "Application Not Authorized to Use CAS", even though the registry 
service was added and stored (it doesn't know where it was stored).
 Is there a solution for this problem? Please help. Thank you.

Pada Rabu, 20 Maret 2019 21.10.18 UTC+7, Facundo Mateo menulis:
Hi Fahmi,
  We faced the same issue with managment console.  In our case, that error is 
not related to the database configuration or the saving action itself but the 
GIT versioning functionalitiy of management console 
(https://apereo.github.io/cas-management/5.3.x/installation/Installing-ServicesMgmt-Webapp.html#version-control).

  I noticed you have "cas.serviceRegistry.jpa.ddlAuto = create-drop"

  Using that configuration every time the server is stopped your DB schema is 
dropped and of course your services.
  Could this be your real issue?

Regards, Facundo


--
Ray Bon
Programmer analyst
Development Services, University Systems
2507218831 | CLE 019 | r...@uvic.ca

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/1553097475.3399.39.camel%40uvic.ca.

[cas-user] Re: CAS Management Services JPA Registry (Success, but Unable to Save to MySQL Database)

[Fahmi L. Ramdhani]

Thanks Facundo for your reply. Regarding "cas.serviceRegistry.jpa.ddlAuto =
 create-drop" is only temporary, next time, I will change it to *none *or 
*update*.

So, when I go to *https://sso.example.com/cas-management* (*successfully*), 
*then 
I make 1 new registry service*. *I think it will save new data to the MySQL 
registryDb.RegexRegisteredService table*, but the registry service does not 
add to the table.

The thing that makes me confused is that the registry service that was 
added was still stored after I closed the browser (private mode). I don't 
know where the new registry service was stored. Then *after I tried 
accessing the registry service (https://portal.example.com/dashboard 
redirected to CAS Login), the CAS refused "Application Not Authorized to 
Use CAS"*, even though the registry service was added and stored (it 
doesn't know where it was stored).
 Is there a solution for this problem? *Please help*. Thank you.

Pada Rabu, 20 Maret 2019 21.10.18 UTC+7, Facundo Mateo menulis:
>
> Hi Fahmi, 
>   We faced the same issue with managment console.  In our case, that error 
> is not related to the database configuration or the saving action itself 
> but the GIT versioning functionalitiy of management console (
> https://apereo.github.io/cas-management/5.3.x/installation/Installing-ServicesMgmt-Webapp.html#version-control
> ).
>
>   I noticed you have "cas.serviceRegistry.jpa.ddlAuto = create-drop"
>
>   Using that configuration every time the server is stopped your DB schema 
> is dropped and of course your services. 
>   Could this be your real issue?
>
> Regards, Facundo
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/cf224dea-a70d-4a83-8b86-64b3482fc242%40apereo.org.

[cas-user] Re: CAS Management Services JPA Registry (Success, but Unable to Save to MySQL Database)

[Facundo Mateo]

Hi Fahmi, 
  We faced the same issue with managment console.  In our case, that error 
is not related to the database configuration or the saving action itself 
but the GIT versioning functionalitiy of management console 
(https://apereo.github.io/cas-management/5.3.x/installation/Installing-ServicesMgmt-Webapp.html#version-control).

  I noticed you have "cas.serviceRegistry.jpa.ddlAuto = create-drop"

  Using that configuration every time the server is stopped your DB schema 
is dropped and of course your services. 
  Could this be your real issue?

Regards, Facundo
  

El miércoles, 20 de marzo de 2019, 9:09:59 (UTC-3), Fahmi L. Ramdhani 
escribió:
>
> Hello,
>
> I am running CAS 5.3.6 and Management Webapp 5.3.6. The point of the 
> problem is not saving to the MySQL Database. This is based on the settings 
> below.
>
> *pom.xml (CAS)*
>
> 
>  
>  org.apereo.cas
>  cas-server-webapp${app.server}
>  ${cas.version}
>  war
>  runtime
>  
>  
>  org.apereo.cas
>  cas-server-support-jdbc
>  ${cas.version}
>  
>  
>  org.apereo.cas
>  cas-server-support-jdbc-drivers
>  ${cas.version}
>  
>  
>  org.apereo.cas
>  cas-server-support-jpa-service-registry
>  ${cas.version}
>  
>  
>  org.apereo.cas
>  cas-server-support-jpa-ticket-registry
>  ${cas.version}
>  
>  
>  
>  org.springframework.security
>  spring-security-core
>  5.1.1.RELEASE
>  
>  
>  org.springframework.security
>  spring-security-crypto
>  5.1.1.RELEASE
>  
>  
>  org.apereo.cas
>  cas-server-support-oauth-webflow
>  ${cas.version}
>  
> 
>
> *pom.xml (CAS Management)*
>
> 
>  
>  org.apereo.cas
>  cas-management-webapp
>  ${cas-mgmt.version}
>  war
>  
> 
>
> *cas.properties (json registry has disabled)*
>
> ## JSON Service Registry
> ## 
> ## cas.serviceRegistry.json.location = file:/etc/cas/services
>
>
> ## JPA Service Registry
> ## 
> cas.serviceRegistry.jpa.url = jdbc:mysql:
> //localhost:3306/registry?useLegacyDatetimeCode=false&serverTimezone=UTC
> cas.serviceRegistry.jpa.user = root
> cas.serviceRegistry.jpa.password = secret
> cas.serviceRegistry.jpa.ddlAuto = create-drop
> cas.serviceRegistry.jpa.driverClass = com.mysql.cj.jdbc.Driver
> cas.serviceRegistry.jpa.dialect = org.hibernate.dialect.MySQL5Dialect
>
> *management.properties (CAS Management)*
>
> cas.server.name = https://sso.example.com
> cas.server.prefix = ${cas.server.name}/cas
>
>
> mgmt.adminRoles[0] = ROLE_ADMIN
> mgmt.userPropertiesFile = file:/etc/cas/config/admusers-management.
> properties
> mgmt.serverName = https://sso.example.com:8443
>
>
> server.context-path=/cas-management
> server.port=8443
>
>
> cas.serviceRegistry.jpa.url = jdbc:mysql://localhost:3306/registry?
> useLegacyDatetimeCode=false&serverTimezone=UTC
> cas.serviceRegistry.jpa.user = root
> cas.serviceRegistry.jpa.password = secret
> cas.serviceRegistry.jpa.ddlAuto = create-drop
> cas.serviceRegistry.jpa.driverClass = com.mysql.cj.jdbc.Driver
> cas.serviceRegistry.jpa.dialect = org.hibernate.dialect.MySQL5Dialect
>
>
> *ERROR LOG (CAS-MANAGEMENT.LOG)*
>
> INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - 
> Audit trail record BEGIN
> =
> WHO: superadmin
> WHAT: AbstractRegisteredService(serviceId=^https:\/\/portal.example.com(\\
> z|\/.*), name=Portal Example, theme=null, infor...
> ACTION: SAVE_SERVICE_SUCCESS
> APPLICATION: CAS_Management
> WHEN: Wed Mar 20 07:51:01 EDT 2019
> CLIENT IP ADDRESS: 107.121.112.220
> SERVER IP ADDRESS: 172.16.2.53
> =
>
>
> 2019-03-20 07:51:23,411 ERROR [org.apereo.cas.mgmt.services.web.
> ServiceRepositoryController] - null
> java.lang.NullPointerException: null
> at org.apereo.cas.mgmt.services.web.ServiceRepositoryController.
> isPublishedBehind(ServiceRepositoryController.java:259) ~[cas-management-
> webapp-support-5.3.6.jar:5.3.6]
> at org.apereo.cas.mgmt.services.web.ServiceRepositoryController.gitStatus(
> ServiceRepositoryController.java:331) [cas-management-webapp-support-5.3.
> 6.jar:5.3.6]
> at sun.reflect.GeneratedMethodAccessor368.invoke(Unknown Source) ~[?:?]
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(
> DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_191]
> at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_191]
> at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(
> InvocableHandlerMethod.java:205) [spring-web-4.3.17.RELEASE.jar:4.3.
> 17.RELEASE]
> at org.springframework.web.method.support.InvocableHandlerMethod.
> invokeForRequest(InvocableHandlerMethod.java:133) [spring-web-4.3.
> 17.RELEASE.jar:4.3.17.RELEASE]
> at org.springframework.web.servlet.mvc.method.annotation.
> ServletInvocableHandlerMethod.invokeAndHandle(
> ServletInvocableHandlerMethod.java:97) [spring-webmvc-4.3.17.RELEASE.jar:
> 4.3.17.RELEASE]
> at org.springframework.web

[cas-user] Re: CAS Management v5.3.5 Released

[fazlarabby043264]

link of the Maven war Overlay points to cas 6 gradle overlay for both cas 
and cas-management app. Can you please provide the Maven war overlay links?

On Friday, November 2, 2018 at 5:51:00 AM UTC+8, Travis Schmidt wrote:
>
> CAS Management version 5.3.5 has been released:
> https://github.com/apereo/cas-management/releases/tag/v5.3.5
>
> This release contains a a new Search screen that provides full text search 
> of Services in  a sortable table.
>
> Travis
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/6dd39f1e-b139-4d43-8a3c-f04465d15b73%40apereo.org.

RE: [cas-user] Re: CAS Management v5.3.6 Release

[Cutting, Shawn]

Ok.  It does seem odd that to search “Trav**” is needed, but at least it is 
something. Thanks for your reply.

From: cas-user@apereo.org  On Behalf Of Travis Schmidt
Sent: Wednesday, November 07, 2018 11:00 AM
To: cas-user@apereo.org
Subject: Re: [cas-user] Re: CAS Management v5.3.6 Release

Wildcard searches are what you want:

http://lucene.apache.org/core/7_5_0/queryparser/org/apache/lucene/queryparser/classic/package-summary.html#package.description

Doing a quick test against our registry for my first name, Tra?is works, Tra*is 
works.  For some reason though to make Trav* work somewhat as expected it needs 
to be Trav**

There is also some support for Regular Expressions(See link above), but seems 
finicky when I try and use it.  Usually works searching fields directly that do 
not contain without whitespace.

On Wed, Nov 7, 2018 at 7:17 AM Shawn Cutting 
mailto:scutt...@messiah.edu>> wrote:
Is the search functionality limited to "whole word" searches?  It would be nice 
if the search can find partial words as well.

On Friday, November 2, 2018 at 1:57:01 PM UTC-4, Travis Schmidt wrote:
CAS Management v5.3.6 has been released:
https://github.com/apereo/cas-management/releases/tag/v5.3.6

This release corrects an error that was found in the new Search functionality 
released in 5.3.5.

Deployers that use the war overlay, take note that the pom.xml has been updated 
to include a separate  property.   is still 
present and can be used for any CAS modules that you add to the overlay.

Thanks
Travis
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org<mailto:cas-user+unsubscr...@apereo.org>.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/8d3c6ad8-4a84-4aac-983e-e7a9c7a1f92e%40apereo.org<https://groups.google.com/a/apereo.org/d/msgid/cas-user/8d3c6ad8-4a84-4aac-983e-e7a9c7a1f92e%40apereo.org?utm_medium=email&utm_source=footer>.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to a topic in the Google 
Groups "CAS Community" group.
To unsubscribe from this topic, visit 
https://groups.google.com/a/apereo.org/d/topic/cas-user/bSjkychcCyc/unsubscribe.
To unsubscribe from this group and all its topics, send an email to 
cas-user+unsubscr...@apereo.org<mailto:cas-user+unsubscr...@apereo.org>.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAC_RtEbX4_%2B_-Xdn6EfYP1g6wE5Eu4H-nuoHTD_QZ0ud8X%2B4zA%40mail.gmail.com<https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAC_RtEbX4_%2B_-Xdn6EfYP1g6wE5Eu4H-nuoHTD_QZ0ud8X%2B4zA%40mail.gmail.com?utm_medium=email&utm_source=footer>.

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/BL0PR02MB45005843A8B2750EBFDFE649CDC40%40BL0PR02MB4500.namprd02.prod.outlook.com.

Re: [cas-user] Re: CAS Management v5.3.6 Release

[Travis Schmidt]

Wildcard searches are what you want:

http://lucene.apache.org/core/7_5_0/queryparser/org/apache/lucene/queryparser/classic/package-summary.html#package.description

Doing a quick test against our registry for my first name, Tra?is works,
Tra*is works.  For some reason though to make Trav* work somewhat as
expected it needs to be Trav**

There is also some support for Regular Expressions(See link above), but
seems finicky when I try and use it.  Usually works searching fields
directly that do not contain without whitespace.

On Wed, Nov 7, 2018 at 7:17 AM Shawn Cutting  wrote:

> Is the search functionality limited to "whole word" searches?  It would be
> nice if the search can find partial words as well.
>
> On Friday, November 2, 2018 at 1:57:01 PM UTC-4, Travis Schmidt wrote:
>>
>> CAS Management v5.3.6 has been released:
>> https://github.com/apereo/cas-management/releases/tag/v5.3.6
>>
>> This release corrects an error that was found in the new Search
>> functionality released in 5.3.5.
>>
>> Deployers that use the war overlay, take note that the pom.xml has been
>> updated to include a separate  property.  
>> is still present and can be used for any CAS modules that you add to the
>> overlay.
>>
>> Thanks
>> Travis
>>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/8d3c6ad8-4a84-4aac-983e-e7a9c7a1f92e%40apereo.org
> 
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAC_RtEbX4_%2B_-Xdn6EfYP1g6wE5Eu4H-nuoHTD_QZ0ud8X%2B4zA%40mail.gmail.com.

[cas-user] Re: CAS Management v5.3.6 Release

[Shawn Cutting]

Is the search functionality limited to "whole word" searches?  It would be 
nice if the search can find partial words as well.

On Friday, November 2, 2018 at 1:57:01 PM UTC-4, Travis Schmidt wrote:
>
> CAS Management v5.3.6 has been released:
> https://github.com/apereo/cas-management/releases/tag/v5.3.6
>
> This release corrects an error that was found in the new Search 
> functionality released in 5.3.5.
>
> Deployers that use the war overlay, take note that the pom.xml has been 
> updated to include a separate  property.   
> is still present and can be used for any CAS modules that you add to the 
> overlay.
>
> Thanks
> Travis 
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/8d3c6ad8-4a84-4aac-983e-e7a9c7a1f92e%40apereo.org.

AW: [cas-user] Re: cas-management 5.3 from maven overlay

[Bergner, Arnold]

https://apereo.github.io/cas-management/5.3.x/installation/Configuration-Properties.html

 

https://apereo.github.io/cas/5.2.x/installation/Configuration-Properties.html#management-webapp

 

It seems that the prefix „cas“ has disappeared.

 

Von: cas-user@apereo.org [mailto:cas-user@apereo.org] Im Auftrag von vu phung
Gesendet: Mittwoch, 1. August 2018 09:56
An: CAS Community 
Betreff: [cas-user] Re: cas-management 5.3 from maven overlay

 

Me too. Pls help me. thanks

Vào 04:47:01 UTC+7 Thứ Sáu, ngày 06 tháng 7 năm 2018, William E. đã viết:

We've been using cas-management 5.2.x for a while now, really like it.  Trying 
to run cas-management 5.3 fresh built from maven overlay but have below error.  
I assume because of config property changes between 5.2 and 5.3.  Anyone know 
what the new property is??  Or where to dig to find out?

 

ERROR [org.springframework.boot.SpringApplication] -  
org.springframework.beans.factory.BeanCreationException: Error creating bean 
with name 'cas-org.apereo.cas.configuration.CasConfigurationProperties': Could 
not bind properties to CasConfigurationProperties (prefix=cas, 
ignoreInvalidFields=false, ignoreUnknownFields=false, 
ignoreNestedProperties=false); nested exception is 
org.springframework.beans.NotWritablePropertyException: Invalid property 
'mgmt[adminRoles]' of bean class 

 

Thanks,

William

 

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org <mailto:cas-user+unsubscr...@apereo.org> .
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/a597dbf8-62bf-4a7e-a94a-e1bab1fa17f0%40apereo.org
 
<https://groups.google.com/a/apereo.org/d/msgid/cas-user/a597dbf8-62bf-4a7e-a94a-e1bab1fa17f0%40apereo.org?utm_medium=email&utm_source=footer>
 .

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/78357d42fb9a4a0b9da80cbdb387dcc7%40hrz.tu-darmstadt.de.


smime.p7s
Description: S/MIME cryptographic signature

[cas-user] Re: cas-management question

[Jennifer LaVoie]

ANd it works!  You guys are awesome... Pizza all round!

On Thursday, May 17, 2018 at 3:18:42 PM UTC-4, Jennifer LaVoie wrote:
>
> So I have followed all the steps here
>
>
> https://dacurry-tns.github.io/deploying-apereo-cas/building_svcmgmt_configure-webapp-properties.html
>
> (awesome site)
>
> And when I try to go to 
>
> https://cashost:8443/cas-management
>
> I am redirected to here
>
>
> https://casserver.herokuapp.com/cas/login?service=https%3A%2F%2Fcashost%3A8443%2Fcas-management%2Fmanage.html
>
> I have already logged into my cas.
>
> What config file have I forgotten to change?
>
> Jen
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/71d6bb00-d03d-411a-bcb7-7c4d20cd9705%40apereo.org.

Re: [cas-user] Re: cas-management question

[Jennifer LaVoie]

I UNDERSTAND.  Ok...trying that now...thanks!

Jen

On Fri, May 18, 2018 at 11:48 AM, Ray Bon  wrote:

> Jen,
>
> You will need to install custom certs on both sides (CAS and
> cas-management). The jvm is responsible for certificate processing, tomcat
> only needs to know where it is to send it to the browser.
>
> sudo keytool -import -file ${certName} -alias ${aliasName} -keystore
> $JAVA_HOME/jre/lib/security/cacerts
>
> https://apereo.github.io/cas/developer/Build-Process-5X.html#configure-ssl
>
> Ray
>
> On Fri, 2018-05-18 at 08:20 -0700, Jennifer LaVoie wrote:
>
> Yes.  I understand the distinction...I was typing quickly :)
>
> I do get an error in my cas-management log about ssl  - but my regular
> /cas/login link loads just fine (self signed cert on this particular server)
>
> Caused by: sun.security.validator.ValidatorException: PKIX path building
> failed: sun.security.provider.certpath.SunCertPathBuilderException:
> unable to find valid certification path to requested target
> at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:397)
> ~[?:1.8.0_171]
> at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302)
> ~[?:1.8.0_171]
> at sun.security.validator.Validator.validate(Validator.java:260)
> ~[?:1.8.0_171]
> at 
> sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
> ~[?:1.8.0_171]
> at 
> sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
> ~[?:1.8.0_171]
> at 
> sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
> ~[?:1.8.0_171]
> at 
> sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1596)
> ~[?:1.8.0_171]
> at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
> ~[?:1.8.0_171]
> at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052)
> ~[?:1.8.0_171]
> at sun.security.ssl.Handshaker.process_record(Handshaker.java:987)
> ~[?:1.8.0_171]
> at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1072)
> ~[?:1.8.0_171]
> at 
> sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385)
> ~[?:1.8.0_171]
> at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413)
> ~[?:1.8.0_171]
> at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397)
> ~[?:1.8.0_171]
> at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
> ~[?:1.8.0_171]
> at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(
> AbstractDelegateHttpsURLConnection.java:185) ~[?:1.8.0_171]
> at 
> sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1564)
> ~[?:1.8.0_171]
> at 
> sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1492)
> ~[?:1.8.0_171]
> at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(
> HttpsURLConnectionImpl.java:263) ~[?:1.8.0_171]
> at 
> org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:431)
> ~[cas-client-core-3.4.1.jar:3.4.1]
> at org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTic
> ketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:41)
> ~[cas-client-core-3.4.1.jar:3.4.1]
> at org.jasig.cas.client.validation.AbstractUrlBasedTicketValidato
> r.validate(AbstractUrlBasedTicketValidator.java:193)
> ~[cas-client-core-3.4.1.jar:3.4.1]
> at 
> org.pac4j.cas.credentials.authenticator.CasAuthenticator.validate(CasAuthenticator.java:61)
> ~[pac4j-cas-2.2.0.jar:?]
> at 
> org.pac4j.cas.client.direct.DirectCasClient.retrieveCredentials(DirectCasClient.java:68)
> ~[pac4j-cas-2.2.0.jar:?]
> at 
> org.pac4j.cas.client.direct.DirectCasClient.retrieveCredentials(DirectCasClient.java:37)
> ~[pac4j-cas-2.2.0.jar:?]
> at org.pac4j.core.client.DirectClient.getCredentials(DirectClient.java:44)
> ~[pac4j-core-2.2.0.jar:?]
> at 
> org.pac4j.core.engine.DefaultSecurityLogic.perform(DefaultSecurityLogic.java:113)
> ~[pac4j-core-2.2.0.jar:?]
> ... 72 more
> Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
> unable to find valid certification path to requested target
> at sun.security.provider.certpath.SunCertPathBuilder.
> build(SunCertPathBuilder.java:141) ~[?:1.8.0_171]
> at 
> sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
> ~[?:1.8.0_171]
> at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
> ~[?:1.8.0_171]
> at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:392)
> ~[?:1.8.0_171]
> at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302)
> ~[?:1.8.0_171]
> at sun.security.validator.Validator.validate(Validator.java:260)
> ~[?:1.8.0_171]
> at 
> sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
> ~[?:1.8.0_171]
> at 
> sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
> ~[?:1.8.0_171]
> at 
> sun.security.ssl.X509TrustManag

Re: [cas-user] Re: cas-management question

[Ray Bon]

Jen,

You will need to install custom certs on both sides (CAS and cas-management). 
The jvm is responsible for certificate processing, tomcat only needs to know 
where it is to send it to the browser.

sudo keytool -import -file ${certName} -alias ${aliasName} -keystore 
$JAVA_HOME/jre/lib/security/cacerts

https://apereo.github.io/cas/developer/Build-Process-5X.html#configure-ssl

Ray

On Fri, 2018-05-18 at 08:20 -0700, Jennifer LaVoie wrote:
Yes.  I understand the distinction...I was typing quickly :)

I do get an error in my cas-management log about ssl  - but my regular 
/cas/login link loads just fine (self signed cert on this particular server)

Caused by: sun.security.validator.ValidatorException: PKIX path building 
failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to 
find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:397) 
~[?:1.8.0_171]
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302) 
~[?:1.8.0_171]
at sun.security.validator.Validator.validate(Validator.java:260) ~[?:1.8.0_171]
at 
sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) 
~[?:1.8.0_171]
at 
sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
 ~[?:1.8.0_171]
at 
sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
 ~[?:1.8.0_171]
at 
sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1596) 
~[?:1.8.0_171]
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) 
~[?:1.8.0_171]
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052) ~[?:1.8.0_171]
at sun.security.ssl.Handshaker.process_record(Handshaker.java:987) 
~[?:1.8.0_171]
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1072) 
~[?:1.8.0_171]
at 
sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385) 
~[?:1.8.0_171]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413) 
~[?:1.8.0_171]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397) 
~[?:1.8.0_171]
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559) 
~[?:1.8.0_171]
at 
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
 ~[?:1.8.0_171]
at 
sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1564)
 ~[?:1.8.0_171]
at 
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1492)
 ~[?:1.8.0_171]
at 
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:263)
 ~[?:1.8.0_171]
at 
org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:431)
 ~[cas-client-core-3.4.1.jar:3.4.1]
at 
org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:41)
 ~[cas-client-core-3.4.1.jar:3.4.1]
at 
org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:193)
 ~[cas-client-core-3.4.1.jar:3.4.1]
at 
org.pac4j.cas.credentials.authenticator.CasAuthenticator.validate(CasAuthenticator.java:61)
 ~[pac4j-cas-2.2.0.jar:?]
at 
org.pac4j.cas.client.direct.DirectCasClient.retrieveCredentials(DirectCasClient.java:68)
 ~[pac4j-cas-2.2.0.jar:?]
at 
org.pac4j.cas.client.direct.DirectCasClient.retrieveCredentials(DirectCasClient.java:37)
 ~[pac4j-cas-2.2.0.jar:?]
at org.pac4j.core.client.DirectClient.getCredentials(DirectClient.java:44) 
~[pac4j-core-2.2.0.jar:?]
at 
org.pac4j.core.engine.DefaultSecurityLogic.perform(DefaultSecurityLogic.java:113)
 ~[pac4j-core-2.2.0.jar:?]
... 72 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable 
to find valid certification path to requested target
at 
sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
 ~[?:1.8.0_171]
at 
sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
 ~[?:1.8.0_171]
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280) 
~[?:1.8.0_171]
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:392) 
~[?:1.8.0_171]
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302) 
~[?:1.8.0_171]
at sun.security.validator.Validator.validate(Validator.java:260) ~[?:1.8.0_171]
at 
sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) 
~[?:1.8.0_171]
at 
sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
 ~[?:1.8.0_171]
at 
sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
 ~[?:1.8.0_171]
at 
sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1596) 
~[?:1.8.0_171]
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) 
~[?:1.8.0_171]
at sun.security.ssl

Re: [cas-user] Re: cas-management question

[Jennifer LaVoie]

Yes.  I understand the distinction...I was typing quickly :)

I do get an error in my cas-management log about ssl  - but my regular 
/cas/login link loads just fine (self signed cert on this particular server)

Caused by: sun.security.validator.ValidatorException: PKIX path building 
failed: sun.security.provider.certpath.SunCertPathBuilderException: unable 
to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:397) 
~[?:1.8.0_171]
at 
sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302) 
~[?:1.8.0_171]
at sun.security.validator.Validator.validate(Validator.java:260) 
~[?:1.8.0_171]
at 
sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) 
~[?:1.8.0_171]
at 
sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
 
~[?:1.8.0_171]
at 
sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
 
~[?:1.8.0_171]
at 
sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1596) 
~[?:1.8.0_171]
at 
sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) 
~[?:1.8.0_171]
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052) 
~[?:1.8.0_171]
at sun.security.ssl.Handshaker.process_record(Handshaker.java:987) 
~[?:1.8.0_171]
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1072) 
~[?:1.8.0_171]
at 
sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385) 
~[?:1.8.0_171]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413) 
~[?:1.8.0_171]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397) 
~[?:1.8.0_171]
at 
sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559) 
~[?:1.8.0_171]
at 
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
 
~[?:1.8.0_171]
at 
sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1564)
 
~[?:1.8.0_171]
at 
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1492)
 
~[?:1.8.0_171]
at 
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:263)
 
~[?:1.8.0_171]
at 
org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:431)
 
~[cas-client-core-3.4.1.jar:3.4.1]
at 
org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:41)
 
~[cas-client-core-3.4.1.jar:3.4.1]
at 
org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:193)
 
~[cas-client-core-3.4.1.jar:3.4.1]
at 
org.pac4j.cas.credentials.authenticator.CasAuthenticator.validate(CasAuthenticator.java:61)
 
~[pac4j-cas-2.2.0.jar:?]
at 
org.pac4j.cas.client.direct.DirectCasClient.retrieveCredentials(DirectCasClient.java:68)
 
~[pac4j-cas-2.2.0.jar:?]
at 
org.pac4j.cas.client.direct.DirectCasClient.retrieveCredentials(DirectCasClient.java:37)
 
~[pac4j-cas-2.2.0.jar:?]
at org.pac4j.core.client.DirectClient.getCredentials(DirectClient.java:44) 
~[pac4j-core-2.2.0.jar:?]
at 
org.pac4j.core.engine.DefaultSecurityLogic.perform(DefaultSecurityLogic.java:113)
 
~[pac4j-core-2.2.0.jar:?]
... 72 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: 
unable to find valid certification path to requested target
at 
sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
 
~[?:1.8.0_171]
at 
sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
 
~[?:1.8.0_171]
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280) 
~[?:1.8.0_171]
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:392) 
~[?:1.8.0_171]
at 
sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302) 
~[?:1.8.0_171]
at sun.security.validator.Validator.validate(Validator.java:260) 
~[?:1.8.0_171]
at 
sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) 
~[?:1.8.0_171]
at 
sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
 
~[?:1.8.0_171]
at 
sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
 
~[?:1.8.0_171]
at 
sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1596) 
~[?:1.8.0_171]
at 
sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) 
~[?:1.8.0_171]
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052) 
~[?:1.8.0_171]
at sun.security.ssl.Handshaker.process_record(Handshaker.java:987) 
~[?:1.8.0_171]
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1072) 
~[?:1.8.0_171]
at 
sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385) 
~[?:1.8.0_171]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413) 
~[?:1.8.0_171]
at 

Re: [cas-user] Re: cas-management question

[Ray Bon]

Jen,

I think you mean a cas-management error and not 'CAS error'.
Are CAS and cas-management running on the same tomcat?
Logging config for cas-management is in log4j2-management.xml which also 
introduces cas-management.log.

Ray

On Thu, 2018-05-17 at 12:55 -0700, Jennifer LaVoie wrote:

nothing helpful in cas.log or catalina.out that I can see

it seems to be CAS error because the leaf is on the tab and above the error 
that I posted it says

Cas Service Management

Jen

On Thursday, May 17, 2018 at 3:44:27 PM UTC-4, David Curry wrote:
Haven't seen that one, that I can recall.

Is that a CAS error (shows in a CAS-branded web page) or a Tomcat error?

Do the logs (cas.log and/or catalina.out) say anything helpful?




--

DAVID A. CURRY, CISSP
DIRECTOR OF INFORMATION SECURITY
INFORMATION TECHNOLOGY

71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 212 229-5300 x4728 • david.cu...@newschool.edu

[The New School]

On Thu, May 17, 2018 at 3:40 PM, Jennifer LaVoie 
> wrote:
I updated the management.properties file with some ports specifically defined.  
And that is now working as expected...

However, I get this

The CAS management webapp is unavailable.

There was an error trying to complete your request. Please notify your support 
desk or try again.




On Thursday, May 17, 2018 at 3:18:42 PM UTC-4, Jennifer LaVoie wrote:
So I have followed all the steps here

https://dacurry-tns.github.io/deploying-apereo-cas/building_svcmgmt_configure-webapp-properties.html

(awesome site)

And when I try to go to

https://cashost:8443/cas-management

I am redirected to here

https://casserver.herokuapp.com/cas/login?service=https%3A%2F%2Fcashost%3A8443%2Fcas-management%2Fmanage.html

I have already logged into my cas.

What config file have I forgotten to change?

Jen


--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+u...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/53c3f120-14ec-41af-8447-1db0e370795e%40apereo.org.




--
Ray Bon
Programmer analyst
Development Services, University Systems
2507218831 | CLE 019 | r...@uvic.ca

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/1526588156.1817.81.camel%40uvic.ca.

Re: [cas-user] Re: cas-management question

[David Curry]

Sorry, not cas.log cas-management.log.

If still nothing, try setting   cas.log.level   to debug in
log4j2-management.xml.




--

DAVID A. CURRY, CISSP
*DIRECTOR OF INFORMATION SECURITY*
INFORMATION TECHNOLOGY

71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 212 229-5300 x4728 • david.cu...@newschool.edu

[image: The New School]

On Thu, May 17, 2018 at 3:23 PM, Jennifer LaVoie 
wrote:

> Here is my management.properties file
>
> # CAS server that management app will authenticate with
> # This server will authenticate for any app (service) and you can login as
> casuser/Mellon
>
> server.name: https://cashost
> cas.server.prefix: ${cas.server.name}/cas
>
> cas.mgmt.adminRoles[0]=ROLE_ADMIN
> cas.mgmt.userPropertiesFile=file:/etc/cas/config/admusers.properties
>
>
> # Update this URL to point at server running this management app
> cas.mgmt.serverName=${cas.server.name}:8443
>
> #server.context-path=/cas-management
> #server.port=8443
>
> cas.serviceRegistry.json.location: file:/etc/cas/services
>
> logging.config=file:/etc/cas/config/log4j2-management.xml
>
>
> On Thursday, May 17, 2018 at 3:18:42 PM UTC-4, Jennifer LaVoie wrote:
>>
>> So I have followed all the steps here
>>
>> https://dacurry-tns.github.io/deploying-apereo-cas/building_
>> svcmgmt_configure-webapp-properties.html
>>
>> (awesome site)
>>
>> And when I try to go to
>>
>> https://cashost:8443/cas-management
>>
>> I am redirected to here
>>
>> https://casserver.herokuapp.com/cas/login?service=https%3A%
>> 2F%2Fcashost%3A8443%2Fcas-management%2Fmanage.html
>>
>> I have already logged into my cas.
>>
>> What config file have I forgotten to change?
>>
>> Jen
>>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/00b98d20-6f6d-4af3-8b74-
> cef6a55fcaef%40apereo.org
> 
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XAMNMTd0GyFTydBj8yw%2BKgMvK-M-NdYTy7j2Xe4niSzy_w%40mail.gmail.com.

Re: [cas-user] Re: cas-management question

[Jennifer LaVoie]

nothing helpful in cas.log or catalina.out that I can see

it seems to be CAS error because the leaf is on the tab and above the error 
that I posted it says

Cas Service Management

Jen

On Thursday, May 17, 2018 at 3:44:27 PM UTC-4, David Curry wrote:
>
> Haven't seen that one, that I can recall.
>
> Is that a CAS error (shows in a CAS-branded web page) or a Tomcat error?
>
> Do the logs (cas.log and/or catalina.out) say anything helpful?
>
>
>
> --
>
> DAVID A. CURRY, CISSP
> *DIRECTOR OF INFORMATION SECURITY*
> INFORMATION TECHNOLOGY
>
> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
> +1 212 229-5300 x4728 • david.cu...@newschool.edu 
>
> [image: The New School]
>
> On Thu, May 17, 2018 at 3:40 PM, Jennifer LaVoie  > wrote:
>
>> I updated the management.properties file with some ports specifically 
>> defined.  And that is now working as expected...
>>
>> However, I get this
>>
>> The CAS management webapp is unavailable.
>>
>> There was an error trying to complete your request. Please notify your 
>> support desk or try again.
>>
>>
>>
>>
>>
>> On Thursday, May 17, 2018 at 3:18:42 PM UTC-4, Jennifer LaVoie wrote:
>>>
>>> So I have followed all the steps here
>>>
>>>
>>> https://dacurry-tns.github.io/deploying-apereo-cas/building_svcmgmt_configure-webapp-properties.html
>>>
>>> (awesome site)
>>>
>>> And when I try to go to 
>>>
>>> https://cashost:8443/cas-management
>>>
>>> I am redirected to here
>>>
>>>
>>> https://casserver.herokuapp.com/cas/login?service=https%3A%2F%2Fcashost%3A8443%2Fcas-management%2Fmanage.html
>>>
>>> I have already logged into my cas.
>>>
>>> What config file have I forgotten to change?
>>>
>>> Jen
>>>
>> -- 
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> --- 
>> You received this message because you are subscribed to the Google Groups 
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to cas-user+u...@apereo.org .
>> To view this discussion on the web visit 
>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/53c3f120-14ec-41af-8447-1db0e370795e%40apereo.org
>>  
>> 
>> .
>>
>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/72a4a823-1223-4685-bd63-8d1a587e12cf%40apereo.org.

Re: [cas-user] Re: cas-management question

[David Curry]

Haven't seen that one, that I can recall.

Is that a CAS error (shows in a CAS-branded web page) or a Tomcat error?

Do the logs (cas.log and/or catalina.out) say anything helpful?



--

DAVID A. CURRY, CISSP
*DIRECTOR OF INFORMATION SECURITY*
INFORMATION TECHNOLOGY

71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 212 229-5300 x4728 • david.cu...@newschool.edu

[image: The New School]

On Thu, May 17, 2018 at 3:40 PM, Jennifer LaVoie 
wrote:

> I updated the management.properties file with some ports specifically
> defined.  And that is now working as expected...
>
> However, I get this
>
> The CAS management webapp is unavailable.
>
> There was an error trying to complete your request. Please notify your
> support desk or try again.
>
>
>
>
>
> On Thursday, May 17, 2018 at 3:18:42 PM UTC-4, Jennifer LaVoie wrote:
>>
>> So I have followed all the steps here
>>
>> https://dacurry-tns.github.io/deploying-apereo-cas/building_
>> svcmgmt_configure-webapp-properties.html
>>
>> (awesome site)
>>
>> And when I try to go to
>>
>> https://cashost:8443/cas-management
>>
>> I am redirected to here
>>
>> https://casserver.herokuapp.com/cas/login?service=https%3A%
>> 2F%2Fcashost%3A8443%2Fcas-management%2Fmanage.html
>>
>> I have already logged into my cas.
>>
>> What config file have I forgotten to change?
>>
>> Jen
>>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/53c3f120-14ec-41af-8447-
> 1db0e370795e%40apereo.org
> 
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XANk_3FiWjgUPHTf6dP3CbNtbCoN2dBsWOmT3hDTjG0_xw%40mail.gmail.com.

[cas-user] Re: cas-management question

[Jennifer LaVoie]

I updated the management.properties file with some ports specifically 
defined.  And that is now working as expected...

However, I get this

The CAS management webapp is unavailable.

There was an error trying to complete your request. Please notify your 
support desk or try again.





On Thursday, May 17, 2018 at 3:18:42 PM UTC-4, Jennifer LaVoie wrote:
>
> So I have followed all the steps here
>
>
> https://dacurry-tns.github.io/deploying-apereo-cas/building_svcmgmt_configure-webapp-properties.html
>
> (awesome site)
>
> And when I try to go to 
>
> https://cashost:8443/cas-management
>
> I am redirected to here
>
>
> https://casserver.herokuapp.com/cas/login?service=https%3A%2F%2Fcashost%3A8443%2Fcas-management%2Fmanage.html
>
> I have already logged into my cas.
>
> What config file have I forgotten to change?
>
> Jen
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/53c3f120-14ec-41af-8447-1db0e370795e%40apereo.org.

Re: [cas-user] Re: cas-management question

[David Curry]

You have "server.name" instead of "cas.server.name" (oops)




--

DAVID A. CURRY, CISSP
*DIRECTOR OF INFORMATION SECURITY*
INFORMATION TECHNOLOGY

71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 212 229-5300 x4728 • david.cu...@newschool.edu

[image: The New School]

On Thu, May 17, 2018 at 3:23 PM, Jennifer LaVoie 
wrote:

> Here is my management.properties file
>
> # CAS server that management app will authenticate with
> # This server will authenticate for any app (service) and you can login as
> casuser/Mellon
>
> server.name: https://cashost
> cas.server.prefix: ${cas.server.name}/cas
>
> cas.mgmt.adminRoles[0]=ROLE_ADMIN
> cas.mgmt.userPropertiesFile=file:/etc/cas/config/admusers.properties
>
>
> # Update this URL to point at server running this management app
> cas.mgmt.serverName=${cas.server.name}:8443
>
> #server.context-path=/cas-management
> #server.port=8443
>
> cas.serviceRegistry.json.location: file:/etc/cas/services
>
> logging.config=file:/etc/cas/config/log4j2-management.xml
>
>
> On Thursday, May 17, 2018 at 3:18:42 PM UTC-4, Jennifer LaVoie wrote:
>>
>> So I have followed all the steps here
>>
>> https://dacurry-tns.github.io/deploying-apereo-cas/building_
>> svcmgmt_configure-webapp-properties.html
>>
>> (awesome site)
>>
>> And when I try to go to
>>
>> https://cashost:8443/cas-management
>>
>> I am redirected to here
>>
>> https://casserver.herokuapp.com/cas/login?service=https%3A%
>> 2F%2Fcashost%3A8443%2Fcas-management%2Fmanage.html
>>
>> I have already logged into my cas.
>>
>> What config file have I forgotten to change?
>>
>> Jen
>>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/00b98d20-6f6d-4af3-8b74-
> cef6a55fcaef%40apereo.org
> 
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XANgQUGB41MpLrk_%3DjOpTdh%3DkC0MTMvidJoFm-s1FR%2B%3D7Q%40mail.gmail.com.

[cas-user] Re: cas-management question

[Jennifer LaVoie]

Here is my management.properties file

# CAS server that management app will authenticate with
# This server will authenticate for any app (service) and you can login as 
casuser/Mellon 

server.name: https://cashost
cas.server.prefix: ${cas.server.name}/cas

cas.mgmt.adminRoles[0]=ROLE_ADMIN
cas.mgmt.userPropertiesFile=file:/etc/cas/config/admusers.properties


# Update this URL to point at server running this management app
cas.mgmt.serverName=${cas.server.name}:8443

#server.context-path=/cas-management
#server.port=8443

cas.serviceRegistry.json.location: file:/etc/cas/services

logging.config=file:/etc/cas/config/log4j2-management.xml


On Thursday, May 17, 2018 at 3:18:42 PM UTC-4, Jennifer LaVoie wrote:
>
> So I have followed all the steps here
>
>
> https://dacurry-tns.github.io/deploying-apereo-cas/building_svcmgmt_configure-webapp-properties.html
>
> (awesome site)
>
> And when I try to go to 
>
> https://cashost:8443/cas-management
>
> I am redirected to here
>
>
> https://casserver.herokuapp.com/cas/login?service=https%3A%2F%2Fcashost%3A8443%2Fcas-management%2Fmanage.html
>
> I have already logged into my cas.
>
> What config file have I forgotten to change?
>
> Jen
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/00b98d20-6f6d-4af3-8b74-cef6a55fcaef%40apereo.org.