Re: [cas-user] Re: cas-management error creating service

[Ray Bon]

lanf,

Apologies, that is the the location of the local git repo; and the 6.6.x 
property is:
mgmt.version-control.services-repo

If you are using json service registry:
cas.serviceRegistry.json.location=file:/etc/cas/services

Had to go through the source docs to find it.
https://github.com/apereo/cas-management/blob/6.6.x/docs/cas-mgmt-documentation/installation/Installing-ServicesMgmt-Webapp.md
 under the Sync Script section.

The cas doc page for json services is 
https://apereo.github.io/cas/6.6.x/services/JSON-Service-Management.html.

Ray

On Wed, 2022-11-09 at 23:00 -0800, lanf detroy wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

it does not work. the application no longer launches. Here is the error:

[2022-11-10 07:55:15] [info] 2022-11-10 07:55:15,391 WARN 
[org.springframework.boot.web.servlet.context.AnnotationConfigServletWebServerApplicationContext]
 - 
[2022-11-10 07:55:15] [info] 2022-11-10 07:55:15,456 ERROR 
[org.springframework.boot.diagnostics.LoggingFailureAnalysisReporter] - <
[2022-11-10 07:55:15] [info] ***
[2022-11-10 07:55:15] [info] APPLICATION FAILED TO START
[2022-11-10 07:55:15] [info] ***
[2022-11-10 07:55:15] [info] Description:
[2022-11-10 07:55:15] [info] Binding to target [Bindable@669aa5d3 type = 
org.apereo.cas.configuration.CasManagementConfigurationProperties, value = 
'provided', annotations = 
array[@org.springframework.boot.context.properties.ConfigurationProperties(ignoreInvalidFields=false,
 ignoreUnknownFields=false, prefix="mgmt", value="mgmt")]] failed:
[2022-11-10 07:55:15] [info] Property: mgmt.services-repo
[2022-11-10 07:55:15] [info] Value: "/etc/cas/services-repo"
[2022-11-10 07:55:15] [info] Origin: "mgmt.services-repo" from property 
source "bootstrapProperties-casCompositePropertySource"
[2022-11-10 07:55:15] [info] Reason: The elements [mgmt.services-repo] were 
left unbound.
[2022-11-10 07:55:15] [info] Action:
[2022-11-10 07:55:15] [info] Update your application's configuration
[2022-11-10 07:55:15] [info] >


 I am in version 6.6.0 for the case-management, the properties have not changed?


Le mercredi 9 novembre 2022 à 22:03:06 UTC+1, lanf detroy a écrit :
I changed the permissions but it didn't change anything. Is there anything else 
to do?


Le lundi 7 novembre 2022 à 19:09:52 UTC+1, Ray Bon a écrit :
lanf,

You can change the group for the services directory and give it write 
permissions.

sudo chgrp --recursive tomcat /etc/cas/services
sudo chmod g+w --recursive /etc/cas/services/

Ray

On Sun, 2022-11-06 at 22:46 -0800, lanf detroy wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

hello, the directory user is root and the CAS user is tomcat. Do you have to 
give CAS directory rights to tomcat?

ls -l /etc/cas/
drwxr-xr-x 2 root root 4096 27 oct.  16:07 config
drwxr-xr-x 2 root root 4096 28 oct.  09:56 services

ps aux | grep tomcat
tomcat 35266  1.8 16.3 5092560 128 ? Ssl  oct.27 278:49 
/usr/lib/jvm/java-11-openjdk-amd64/bin/java 
-Djava.util.logging.config.file=/var/lib/tomcat9/conf/logging.properties 
-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 
-Dlog4j2.formatMsgNoLookups=True -Djdk.tls.ephemeralDHKeySize=2048 
-Djava.protocol.handler.pkgs=org.apache.catalina.webresources 
-Dorg.apache.catalina.security.SecurityListener.UMASK=0027 
-Dignore.endorsed.dirs= -classpath 
/usr/share/tomcat9/bin/bootstrap.jar:/usr/share/tomcat9/bin/tomcat-juli.jar 
-Dcatalina.base=/var/lib/tomcat9 -Dcatalina.home=/usr/share/tomcat9 
-Djava.io.tmpdir=/tmp org.apache.catalina.startup.Bootstrap start



Le vendredi 28 octobre 2022 à 20:15:35 UTC+2, Ray Bon a écrit :
lanf,

If you are on linux you can use this command to see access and ownership of the 
services directory (on my laptop):
ls -l /etc/cas/
total 4
drwxrwxr-x 3 rbon rbon 4096 Jun 16 18:36 services

To see the process owner for the container running cas (this is for tomcat 
running, substitute your app server)
ps aux | grep tomcat

rbon 336911 338 7.0 11769108 2314612 pts/10 SNl 11:12 1:17 /usr/bin/java 
-Djava.util.logging.config.file=/home/rbon/Applications/mgmt/conf/logging.properties
 -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 
-Djdk.tls.ephemeralDHKeySize=2048 
-Djava.protocol.handler.pkgs=org.apache.catalina.webresources 
-Dorg.apache.catalina.security.SecurityListener.UMASK=0027 
-Djava.awt.headless=true -XX:+UseG1GC -Xms1024m -Xmx2048m 
-Dcas.standalone.configurationDirectory=/home/uvtomcat/cas-management_config 
-Dignore.endorsed.dirs= -classpath 
/home/rbon/Applications/mgmt/bin/bootstrap.jar:/home/rbon/Applications/mgmt/bin/tomcat-juli.jar
 -Dcatalina.base=/home/rbon/Applications/mgmt 
-Dcatalina.

Re: [cas-user] Re: cas-management error creating service

[lanf detroy]

 it does not work. the application no longer launches. Here is the error:

[2022-11-10 07:55:15] [info] 2022-11-10 07:55:15,391 WARN 
[org.springframework.boot.web.servlet.context.AnnotationConfigServletWebServerApplicationContext]
 
- 
[2022-11-10 07:55:15] [info] 2022-11-10 07:55:15,456 ERROR 
[org.springframework.boot.diagnostics.LoggingFailureAnalysisReporter] - <
[2022-11-10 07:55:15] [info] ***
[2022-11-10 07:55:15] [info] APPLICATION FAILED TO START
[2022-11-10 07:55:15] [info] ***
[2022-11-10 07:55:15] [info] Description:
[2022-11-10 07:55:15] [info] Binding to target [Bindable@669aa5d3 type = 
org.apereo.cas.configuration.CasManagementConfigurationProperties, value = 
'provided', annotations = 
array[@org.springframework.boot.context.properties.ConfigurationProperties(ignoreInvalidFields=false,
 
ignoreUnknownFields=false, prefix="mgmt", value="mgmt")]] failed:
[2022-11-10 07:55:15] [info] Property: mgmt.services-repo
[2022-11-10 07:55:15] [info] Value: "/etc/cas/services-repo"
[2022-11-10 07:55:15] [info] Origin: "mgmt.services-repo" from property 
source "bootstrapProperties-casCompositePropertySource"
[2022-11-10 07:55:15] [info] Reason: The elements [mgmt.services-repo] 
were left unbound.
[2022-11-10 07:55:15] [info] Action:
[2022-11-10 07:55:15] [info] Update your application's configuration
[2022-11-10 07:55:15] [info] >


 I am in version 6.6.0 for the case-management, the properties have not 
changed?


Le mercredi 9 novembre 2022 à 22:03:06 UTC+1, lanf detroy a écrit :

> I changed the permissions but it didn't change anything. Is there anything 
> else to do? 
>
> Le lundi 7 novembre 2022 à 19:09:52 UTC+1, Ray Bon a écrit :
>
>> lanf,
>>
>> You can change the group for the services directory and give it write 
>> permissions.
>>
>> sudo chgrp --recursive tomcat /etc/cas/services
>> sudo chmod g+w --recursive /etc/cas/services/
>>
>> Ray
>>
>> On Sun, 2022-11-06 at 22:46 -0800, lanf detroy wrote:
>>
>> Notice: This message was sent from outside the University of Victoria 
>> email system. Please be cautious with links and sensitive information.
>>
>> hello, the directory user is root and the CAS user is tomcat. Do you have 
>> to give CAS directory rights to tomcat?
>>
>> ls -l /etc/cas/
>> drwxr-xr-x 2 root root 4096 27 oct.  16:07 config
>> drwxr-xr-x 2 root root 4096 28 oct.  09:56 services
>>
>> ps aux | grep tomcat
>> tomcat 35266  1.8 16.3 5092560 128 ? Ssl  oct.27 278:49 
>> /usr/lib/jvm/java-11-openjdk-amd64/bin/java 
>> -Djava.util.logging.config.file=/var/lib/tomcat9/conf/logging.properties 
>> -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 
>> -Dlog4j2.formatMsgNoLookups=True -Djdk.tls.ephemeralDHKeySize=2048 
>> -Djava.protocol.handler.pkgs=org.apache.catalina.webresources 
>> -Dorg.apache.catalina.security.SecurityListener.UMASK=0027 
>> -Dignore.endorsed.dirs= -classpath 
>> /usr/share/tomcat9/bin/bootstrap.jar:/usr/share/tomcat9/bin/tomcat-juli.jar 
>> -Dcatalina.base=/var/lib/tomcat9 -Dcatalina.home=/usr/share/tomcat9 
>> -Djava.io.tmpdir=/tmp org.apache.catalina.startup.Bootstrap start
>>
>>
>>
>> Le vendredi 28 octobre 2022 à 20:15:35 UTC+2, Ray Bon a écrit :
>>
>> lanf,
>>
>> If you are on linux you can use this command to see access and ownership 
>> of the services directory (on my laptop):
>> ls -l /etc/cas/
>> total 4
>> drwxrwxr-x 3 rbon rbon 4096 Jun 16 18:36 services
>>
>> To see the process owner for the container running cas (this is for 
>> tomcat running, substitute your app server)
>> ps aux | grep tomcat
>> rbon 336911 338 7.0 11769108 2314612 pts/10 SNl 11:12 1:17 /usr/bin/java 
>> -Djava.util.logging.config.file=/home/rbon/Applications/mgmt/conf/logging.properties
>>  
>> -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 
>> -Djdk.tls.ephemeralDHKeySize=2048 
>> -Djava.protocol.handler.pkgs=org.apache.catalina.webresources 
>> -Dorg.apache.catalina.security.SecurityListener.UMASK=0027 
>> -Djava.awt.headless=true -XX:+UseG1GC -Xms1024m -Xmx2048m 
>> -Dcas.standalone.configurationDirectory=/home/uvtomcat/cas-management_config 
>> -Dignore.endorsed.dirs= -classpath 
>> /home/rbon/Applications/mgmt/bin/bootstrap.jar:/home/rbon/Applications/mgmt/bin/tomcat-juli.jar
>>  
>> -Dcatalina.base=/home/rbon/Applications/mgmt 
>> -Dcatalina.home=/home/rbon/Applications/mgmt 
>> -Djava.io.tmpdir=/home/rbon/Applications/mgmt/temp 
>> org.apache.catalina.startup.Bootstrap start
>>
>> If you need more info, provide more details about your configuration.
>>
>> Ray
>>
>> On Thu, 2022-10-27 at 22:46 -0700, lanf detroy wrote:
>>
>> Notice: This message was sent from outside the University of Victoria 
>> email system. Please be cautious with links and sensitive information.
>>
>> I don't know where to look for this? What parameter to put?
>>
>> Le jeudi 27 octobre 2022 à 18:37:46 UTC+2, Ray Bon a écrit :
>>
>> lanf,
>>
>> Check that the process that is running cas m

Re: [cas-user] Re: cas-management error creating service

[lanf detroy]

 I changed the permissions but it didn't change anything. Is there anything 
else to do? 

Le lundi 7 novembre 2022 à 19:09:52 UTC+1, Ray Bon a écrit :

> lanf,
>
> You can change the group for the services directory and give it write 
> permissions.
>
> sudo chgrp --recursive tomcat /etc/cas/services
> sudo chmod g+w --recursive /etc/cas/services/
>
> Ray
>
> On Sun, 2022-11-06 at 22:46 -0800, lanf detroy wrote:
>
> Notice: This message was sent from outside the University of Victoria 
> email system. Please be cautious with links and sensitive information.
>
> hello, the directory user is root and the CAS user is tomcat. Do you have 
> to give CAS directory rights to tomcat?
>
> ls -l /etc/cas/
> drwxr-xr-x 2 root root 4096 27 oct.  16:07 config
> drwxr-xr-x 2 root root 4096 28 oct.  09:56 services
>
> ps aux | grep tomcat
> tomcat 35266  1.8 16.3 5092560 128 ? Ssl  oct.27 278:49 
> /usr/lib/jvm/java-11-openjdk-amd64/bin/java 
> -Djava.util.logging.config.file=/var/lib/tomcat9/conf/logging.properties 
> -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 
> -Dlog4j2.formatMsgNoLookups=True -Djdk.tls.ephemeralDHKeySize=2048 
> -Djava.protocol.handler.pkgs=org.apache.catalina.webresources 
> -Dorg.apache.catalina.security.SecurityListener.UMASK=0027 
> -Dignore.endorsed.dirs= -classpath 
> /usr/share/tomcat9/bin/bootstrap.jar:/usr/share/tomcat9/bin/tomcat-juli.jar 
> -Dcatalina.base=/var/lib/tomcat9 -Dcatalina.home=/usr/share/tomcat9 
> -Djava.io.tmpdir=/tmp org.apache.catalina.startup.Bootstrap start
>
>
>
> Le vendredi 28 octobre 2022 à 20:15:35 UTC+2, Ray Bon a écrit :
>
> lanf,
>
> If you are on linux you can use this command to see access and ownership 
> of the services directory (on my laptop):
> ls -l /etc/cas/
> total 4
> drwxrwxr-x 3 rbon rbon 4096 Jun 16 18:36 services
>
> To see the process owner for the container running cas (this is for tomcat 
> running, substitute your app server)
> ps aux | grep tomcat
> rbon 336911 338 7.0 11769108 2314612 pts/10 SNl 11:12 1:17 /usr/bin/java 
> -Djava.util.logging.config.file=/home/rbon/Applications/mgmt/conf/logging.properties
>  
> -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 
> -Djdk.tls.ephemeralDHKeySize=2048 
> -Djava.protocol.handler.pkgs=org.apache.catalina.webresources 
> -Dorg.apache.catalina.security.SecurityListener.UMASK=0027 
> -Djava.awt.headless=true -XX:+UseG1GC -Xms1024m -Xmx2048m 
> -Dcas.standalone.configurationDirectory=/home/uvtomcat/cas-management_config 
> -Dignore.endorsed.dirs= -classpath 
> /home/rbon/Applications/mgmt/bin/bootstrap.jar:/home/rbon/Applications/mgmt/bin/tomcat-juli.jar
>  
> -Dcatalina.base=/home/rbon/Applications/mgmt 
> -Dcatalina.home=/home/rbon/Applications/mgmt 
> -Djava.io.tmpdir=/home/rbon/Applications/mgmt/temp 
> org.apache.catalina.startup.Bootstrap start
>
> If you need more info, provide more details about your configuration.
>
> Ray
>
> On Thu, 2022-10-27 at 22:46 -0700, lanf detroy wrote:
>
> Notice: This message was sent from outside the University of Victoria 
> email system. Please be cautious with links and sensitive information.
>
> I don't know where to look for this? What parameter to put?
>
> Le jeudi 27 octobre 2022 à 18:37:46 UTC+2, Ray Bon a écrit :
>
> lanf,
>
> Check that the process that is running cas management has write access to 
> the directory in the config.
>
> Ray
>
> On Thu, 2022-10-27 at 07:42 -0700, lanf detroy wrote:
>
> Notice: This message was sent from outside the University of Victoria 
> email system. Please be cautious with links and sensitive information.
>
>
> [2022-10-27 16:40:14] [info] 
> =
> [2022-10-27 16:40:14] [info] WHO: me
> [2022-10-27 16:40:14] [info] WHAT: IO error opening file stream.
> [2022-10-27 16:40:14] [info] ACTION: SAVE_SERVICE_FAILED
> [2022-10-27 16:40:14] [info] APPLICATION: CAS_Management
> [2022-10-27 16:40:14] [info] WHEN: Thu Oct 27 16:40:14 CEST 2022
> [2022-10-27 16:40:14] [info] CLIENT IP ADDRESS: 192.168.1.254
> [2022-10-27 16:40:14] [info] SERVER IP ADDRESS: 192.168.1.14
> [2022-10-27 16:40:14] [info] 
> =
> [2022-10-27 16:40:14] [info] >
> [2022-10-27 16:40:14] [info] 2022-10-27 16:40:14,159 ERROR 
> [org.springframework.boot.web.servlet.support.ErrorPageFilter] - 
>  [org.springframework.web.util.NestedServletException: Request processing 
> failed; nested exception is java.lang.IllegalArgumentException: IO error 
> opening file stream.]>
> [2022-10-27 16:40:14] [info] java.lang.RuntimeException: 
> org.springframework.web.util.NestedServletException: Request processing 
> failed; nested exception is java.lang.IllegalArgumentException: IO error 
> opening file stream
>
> Le jeudi 27 octobre 2022 à 15:45:52 UTC+2, lanf detroy a écrit :
>
>
> Hello,
>  I installed cas-management in version 6.6.0, and when I create a service 
> and I want to register it I have the follow

Re: [cas-user] Re: cas-management error creating service

[Ray Bon]

lanf,

This looks to be the default directory

# mgmt.services-repo=/etc/cas/services-repo

https://apereo.github.io/cas-management/6.3.x/installation/Configuration-Properties.html#properties

Have you changed it in your management.properties?

Ray

On Wed, 2022-11-09 at 02:28 -0800, lanf detroy wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

I changed the permissions but it didn't change anything. Is there anything else 
to do?

Le lundi 7 novembre 2022 à 19:09:52 UTC+1, Ray Bon a écrit :
lanf,

You can change the group for the services directory and give it write 
permissions.

sudo chgrp --recursive tomcat /etc/cas/services
sudo chmod g+w --recursive /etc/cas/services/

Ray

On Sun, 2022-11-06 at 22:46 -0800, lanf detroy wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

hello, the directory user is root and the CAS user is tomcat. Do you have to 
give CAS directory rights to tomcat?

ls -l /etc/cas/
drwxr-xr-x 2 root root 4096 27 oct.  16:07 config
drwxr-xr-x 2 root root 4096 28 oct.  09:56 services

ps aux | grep tomcat
tomcat 35266  1.8 16.3 5092560 128 ? Ssl  oct.27 278:49 
/usr/lib/jvm/java-11-openjdk-amd64/bin/java 
-Djava.util.logging.config.file=/var/lib/tomcat9/conf/logging.properties 
-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 
-Dlog4j2.formatMsgNoLookups=True -Djdk.tls.ephemeralDHKeySize=2048 
-Djava.protocol.handler.pkgs=org.apache.catalina.webresources 
-Dorg.apache.catalina.security.SecurityListener.UMASK=0027 
-Dignore.endorsed.dirs= -classpath 
/usr/share/tomcat9/bin/bootstrap.jar:/usr/share/tomcat9/bin/tomcat-juli.jar 
-Dcatalina.base=/var/lib/tomcat9 -Dcatalina.home=/usr/share/tomcat9 
-Djava.io.tmpdir=/tmp org.apache.catalina.startup.Bootstrap start



Le vendredi 28 octobre 2022 à 20:15:35 UTC+2, Ray Bon a écrit :
lanf,

If you are on linux you can use this command to see access and ownership of the 
services directory (on my laptop):
ls -l /etc/cas/
total 4
drwxrwxr-x 3 rbon rbon 4096 Jun 16 18:36 services

To see the process owner for the container running cas (this is for tomcat 
running, substitute your app server)
ps aux | grep tomcat

rbon 336911 338 7.0 11769108 2314612 pts/10 SNl 11:12 1:17 /usr/bin/java 
-Djava.util.logging.config.file=/home/rbon/Applications/mgmt/conf/logging.properties
 -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 
-Djdk.tls.ephemeralDHKeySize=2048 
-Djava.protocol.handler.pkgs=org.apache.catalina.webresources 
-Dorg.apache.catalina.security.SecurityListener.UMASK=0027 
-Djava.awt.headless=true -XX:+UseG1GC -Xms1024m -Xmx2048m 
-Dcas.standalone.configurationDirectory=/home/uvtomcat/cas-management_config 
-Dignore.endorsed.dirs= -classpath 
/home/rbon/Applications/mgmt/bin/bootstrap.jar:/home/rbon/Applications/mgmt/bin/tomcat-juli.jar
 -Dcatalina.base=/home/rbon/Applications/mgmt 
-Dcatalina.home=/home/rbon/Applications/mgmt 
-Djava.io.tmpdir=/home/rbon/Applications/mgmt/temp 
org.apache.catalina.startup.Bootstrap start

If you need more info, provide more details about your configuration.

Ray

On Thu, 2022-10-27 at 22:46 -0700, lanf detroy wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

I don't know where to look for this? What parameter to put?

Le jeudi 27 octobre 2022 à 18:37:46 UTC+2, Ray Bon a écrit :
lanf,

Check that the process that is running cas management has write access to the 
directory in the config.

Ray

On Thu, 2022-10-27 at 07:42 -0700, lanf detroy wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

[2022-10-27 16:40:14] [info] 
=
[2022-10-27 16:40:14] [info] WHO: me
[2022-10-27 16:40:14] [info] WHAT: IO error opening file stream.
[2022-10-27 16:40:14] [info] ACTION: SAVE_SERVICE_FAILED
[2022-10-27 16:40:14] [info] APPLICATION: CAS_Management
[2022-10-27 16:40:14] [info] WHEN: Thu Oct 27 16:40:14 CEST 2022
[2022-10-27 16:40:14] [info] CLIENT IP ADDRESS: 192.168.1.254
[2022-10-27 16:40:14] [info] SERVER IP ADDRESS: 192.168.1.14
[2022-10-27 16:40:14] [info] 
=
[2022-10-27 16:40:14] [info] >
[2022-10-27 16:40:14] [info] 2022-10-27 16:40:14,159 ERROR 
[org.springframework.boot.web.servlet.support.ErrorPageFilter] - 
[2022-10-27 16:40:14] [info] java.lang.RuntimeException: 
org.springframework.web.util.NestedServletException: Request processing failed; 
nested exception is java.lang.IllegalArgumentException: IO error opening file 
stream

Le jeudi 27 octobre 2022 à 15:45:52 UTC+2, lanf detroy a écrit :

Hello,
 I installed cas-management in version 6.6.0, and when I create a 

Re: [cas-user] Re: cas-management error creating service

[Ray Bon]

lanf,

You can change the group for the services directory and give it write 
permissions.

sudo chgrp --recursive tomcat /etc/cas/services
sudo chmod g+w --recursive /etc/cas/services/

Ray

On Sun, 2022-11-06 at 22:46 -0800, lanf detroy wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

hello, the directory user is root and the CAS user is tomcat. Do you have to 
give CAS directory rights to tomcat?

ls -l /etc/cas/
drwxr-xr-x 2 root root 4096 27 oct.  16:07 config
drwxr-xr-x 2 root root 4096 28 oct.  09:56 services

ps aux | grep tomcat
tomcat 35266  1.8 16.3 5092560 128 ? Ssl  oct.27 278:49 
/usr/lib/jvm/java-11-openjdk-amd64/bin/java 
-Djava.util.logging.config.file=/var/lib/tomcat9/conf/logging.properties 
-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 
-Dlog4j2.formatMsgNoLookups=True -Djdk.tls.ephemeralDHKeySize=2048 
-Djava.protocol.handler.pkgs=org.apache.catalina.webresources 
-Dorg.apache.catalina.security.SecurityListener.UMASK=0027 
-Dignore.endorsed.dirs= -classpath 
/usr/share/tomcat9/bin/bootstrap.jar:/usr/share/tomcat9/bin/tomcat-juli.jar 
-Dcatalina.base=/var/lib/tomcat9 -Dcatalina.home=/usr/share/tomcat9 
-Djava.io.tmpdir=/tmp org.apache.catalina.startup.Bootstrap start



Le vendredi 28 octobre 2022 à 20:15:35 UTC+2, Ray Bon a écrit :
lanf,

If you are on linux you can use this command to see access and ownership of the 
services directory (on my laptop):
ls -l /etc/cas/
total 4
drwxrwxr-x 3 rbon rbon 4096 Jun 16 18:36 services

To see the process owner for the container running cas (this is for tomcat 
running, substitute your app server)
ps aux | grep tomcat
rbon 336911 338 7.0 11769108 2314612 pts/10 SNl 11:12 1:17 /usr/bin/java 
-Djava.util.logging.config.file=/home/rbon/Applications/mgmt/conf/logging.properties
 -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 
-Djdk.tls.ephemeralDHKeySize=2048 
-Djava.protocol.handler.pkgs=org.apache.catalina.webresources 
-Dorg.apache.catalina.security.SecurityListener.UMASK=0027 
-Djava.awt.headless=true -XX:+UseG1GC -Xms1024m -Xmx2048m 
-Dcas.standalone.configurationDirectory=/home/uvtomcat/cas-management_config 
-Dignore.endorsed.dirs= -classpath 
/home/rbon/Applications/mgmt/bin/bootstrap.jar:/home/rbon/Applications/mgmt/bin/tomcat-juli.jar
 -Dcatalina.base=/home/rbon/Applications/mgmt 
-Dcatalina.home=/home/rbon/Applications/mgmt 
-Djava.io.tmpdir=/home/rbon/Applications/mgmt/temp 
org.apache.catalina.startup.Bootstrap start

If you need more info, provide more details about your configuration.

Ray

On Thu, 2022-10-27 at 22:46 -0700, lanf detroy wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

I don't know where to look for this? What parameter to put?

Le jeudi 27 octobre 2022 à 18:37:46 UTC+2, Ray Bon a écrit :
lanf,

Check that the process that is running cas management has write access to the 
directory in the config.

Ray

On Thu, 2022-10-27 at 07:42 -0700, lanf detroy wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

[2022-10-27 16:40:14] [info] 
=
[2022-10-27 16:40:14] [info] WHO: me
[2022-10-27 16:40:14] [info] WHAT: IO error opening file stream.
[2022-10-27 16:40:14] [info] ACTION: SAVE_SERVICE_FAILED
[2022-10-27 16:40:14] [info] APPLICATION: CAS_Management
[2022-10-27 16:40:14] [info] WHEN: Thu Oct 27 16:40:14 CEST 2022
[2022-10-27 16:40:14] [info] CLIENT IP ADDRESS: 192.168.1.254
[2022-10-27 16:40:14] [info] SERVER IP ADDRESS: 192.168.1.14
[2022-10-27 16:40:14] [info] 
=
[2022-10-27 16:40:14] [info] >
[2022-10-27 16:40:14] [info] 2022-10-27 16:40:14,159 ERROR 
[org.springframework.boot.web.servlet.support.ErrorPageFilter] - 
[2022-10-27 16:40:14] [info] java.lang.RuntimeException: 
org.springframework.web.util.NestedServletException: Request processing failed; 
nested exception is java.lang.IllegalArgumentException: IO error opening file 
stream

Le jeudi 27 octobre 2022 à 15:45:52 UTC+2, lanf detroy a écrit :

Hello,
 I installed cas-management in version 6.6.0, and when I create a service and I 
want to register it I have the following error:
An error has occurred while attempting to save the service. Please try again 
later.

I see the services that I created by hand in the directory /etc/cas/services

Can you help me?





-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an 

Re: [cas-user] Re: cas-management error creating service

[lanf detroy]

 hello, the directory user is root and the CAS user is tomcat. Do you have 
to give CAS directory rights to tomcat?

ls -l /etc/cas/
drwxr-xr-x 2 root root 4096 27 oct.  16:07 config
drwxr-xr-x 2 root root 4096 28 oct.  09:56 services

ps aux | grep tomcat
tomcat 35266  1.8 16.3 5092560 128 ? Ssl  oct.27 278:49 
/usr/lib/jvm/java-11-openjdk-amd64/bin/java 
-Djava.util.logging.config.file=/var/lib/tomcat9/conf/logging.properties 
-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 
-Dlog4j2.formatMsgNoLookups=True -Djdk.tls.ephemeralDHKeySize=2048 
-Djava.protocol.handler.pkgs=org.apache.catalina.webresources 
-Dorg.apache.catalina.security.SecurityListener.UMASK=0027 
-Dignore.endorsed.dirs= -classpath 
/usr/share/tomcat9/bin/bootstrap.jar:/usr/share/tomcat9/bin/tomcat-juli.jar 
-Dcatalina.base=/var/lib/tomcat9 -Dcatalina.home=/usr/share/tomcat9 
-Djava.io.tmpdir=/tmp org.apache.catalina.startup.Bootstrap start



Le vendredi 28 octobre 2022 à 20:15:35 UTC+2, Ray Bon a écrit :

> lanf,
>
> If you are on linux you can use this command to see access and ownership 
> of the services directory (on my laptop):
> ls -l /etc/cas/
> total 4
> drwxrwxr-x 3 rbon rbon 4096 Jun 16 18:36 services
>
> To see the process owner for the container running cas (this is for tomcat 
> running, substitute your app server)
> ps aux | grep tomcat
> rbon 336911 338 7.0 11769108 2314612 pts/10 SNl 11:12 1:17 /usr/bin/java 
> -Djava.util.logging.config.file=/home/rbon/Applications/mgmt/conf/logging.properties
>  
> -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 
> -Djdk.tls.ephemeralDHKeySize=2048 
> -Djava.protocol.handler.pkgs=org.apache.catalina.webresources 
> -Dorg.apache.catalina.security.SecurityListener.UMASK=0027 
> -Djava.awt.headless=true -XX:+UseG1GC -Xms1024m -Xmx2048m 
> -Dcas.standalone.configurationDirectory=/home/uvtomcat/cas-management_config 
> -Dignore.endorsed.dirs= -classpath 
> /home/rbon/Applications/mgmt/bin/bootstrap.jar:/home/rbon/Applications/mgmt/bin/tomcat-juli.jar
>  
> -Dcatalina.base=/home/rbon/Applications/mgmt 
> -Dcatalina.home=/home/rbon/Applications/mgmt 
> -Djava.io.tmpdir=/home/rbon/Applications/mgmt/temp 
> org.apache.catalina.startup.Bootstrap start
>
> If you need more info, provide more details about your configuration.
>
> Ray
>
> On Thu, 2022-10-27 at 22:46 -0700, lanf detroy wrote:
>
> Notice: This message was sent from outside the University of Victoria 
> email system. Please be cautious with links and sensitive information.
>
> I don't know where to look for this? What parameter to put?
>
> Le jeudi 27 octobre 2022 à 18:37:46 UTC+2, Ray Bon a écrit :
>
> lanf,
>
> Check that the process that is running cas management has write access to 
> the directory in the config.
>
> Ray
>
> On Thu, 2022-10-27 at 07:42 -0700, lanf detroy wrote:
>
> Notice: This message was sent from outside the University of Victoria 
> email system. Please be cautious with links and sensitive information.
>
>
> [2022-10-27 16:40:14] [info] 
> =
> [2022-10-27 16:40:14] [info] WHO: me
> [2022-10-27 16:40:14] [info] WHAT: IO error opening file stream.
> [2022-10-27 16:40:14] [info] ACTION: SAVE_SERVICE_FAILED
> [2022-10-27 16:40:14] [info] APPLICATION: CAS_Management
> [2022-10-27 16:40:14] [info] WHEN: Thu Oct 27 16:40:14 CEST 2022
> [2022-10-27 16:40:14] [info] CLIENT IP ADDRESS: 192.168.1.254
> [2022-10-27 16:40:14] [info] SERVER IP ADDRESS: 192.168.1.14
> [2022-10-27 16:40:14] [info] 
> =
> [2022-10-27 16:40:14] [info] >
> [2022-10-27 16:40:14] [info] 2022-10-27 16:40:14,159 ERROR 
> [org.springframework.boot.web.servlet.support.ErrorPageFilter] - 
>  [org.springframework.web.util.NestedServletException: Request processing 
> failed; nested exception is java.lang.IllegalArgumentException: IO error 
> opening file stream.]>
> [2022-10-27 16:40:14] [info] java.lang.RuntimeException: 
> org.springframework.web.util.NestedServletException: Request processing 
> failed; nested exception is java.lang.IllegalArgumentException: IO error 
> opening file stream
>
> Le jeudi 27 octobre 2022 à 15:45:52 UTC+2, lanf detroy a écrit :
>
>
> Hello,
>  I installed cas-management in version 6.6.0, and when I create a service 
> and I want to register it I have the following error:
> An error has occurred while attempting to save the service. Please try 
> again later.
>
> I see the services that I created by hand in the directory 
> /etc/cas/services
>
> Can you help me?
>
>
>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To

Re: [cas-user] Re: cas-management error creating service

[Ray Bon]

lanf,

If you are on linux you can use this command to see access and ownership of the 
services directory (on my laptop):
ls -l /etc/cas/
total 4
drwxrwxr-x 3 rbon rbon 4096 Jun 16 18:36 services

To see the process owner for the container running cas (this is for tomcat 
running, substitute your app server)
ps aux | grep tomcat
rbon 336911 338 7.0 11769108 2314612 pts/10 SNl 11:12 1:17 /usr/bin/java 
-Djava.util.logging.config.file=/home/rbon/Applications/mgmt/conf/logging.properties
 -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 
-Djdk.tls.ephemeralDHKeySize=2048 
-Djava.protocol.handler.pkgs=org.apache.catalina.webresources 
-Dorg.apache.catalina.security.SecurityListener.UMASK=0027 
-Djava.awt.headless=true -XX:+UseG1GC -Xms1024m -Xmx2048m 
-Dcas.standalone.configurationDirectory=/home/uvtomcat/cas-management_config 
-Dignore.endorsed.dirs= -classpath 
/home/rbon/Applications/mgmt/bin/bootstrap.jar:/home/rbon/Applications/mgmt/bin/tomcat-juli.jar
 -Dcatalina.base=/home/rbon/Applications/mgmt 
-Dcatalina.home=/home/rbon/Applications/mgmt 
-Djava.io.tmpdir=/home/rbon/Applications/mgmt/temp 
org.apache.catalina.startup.Bootstrap start

If you need more info, provide more details about your configuration.

Ray

On Thu, 2022-10-27 at 22:46 -0700, lanf detroy wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

I don't know where to look for this? What parameter to put?

Le jeudi 27 octobre 2022 à 18:37:46 UTC+2, Ray Bon a écrit :
lanf,

Check that the process that is running cas management has write access to the 
directory in the config.

Ray

On Thu, 2022-10-27 at 07:42 -0700, lanf detroy wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

[2022-10-27 16:40:14] [info] 
=
[2022-10-27 16:40:14] [info] WHO: me
[2022-10-27 16:40:14] [info] WHAT: IO error opening file stream.
[2022-10-27 16:40:14] [info] ACTION: SAVE_SERVICE_FAILED
[2022-10-27 16:40:14] [info] APPLICATION: CAS_Management
[2022-10-27 16:40:14] [info] WHEN: Thu Oct 27 16:40:14 CEST 2022
[2022-10-27 16:40:14] [info] CLIENT IP ADDRESS: 192.168.1.254
[2022-10-27 16:40:14] [info] SERVER IP ADDRESS: 192.168.1.14
[2022-10-27 16:40:14] [info] 
=
[2022-10-27 16:40:14] [info] >
[2022-10-27 16:40:14] [info] 2022-10-27 16:40:14,159 ERROR 
[org.springframework.boot.web.servlet.support.ErrorPageFilter] - 
[2022-10-27 16:40:14] [info] java.lang.RuntimeException: 
org.springframework.web.util.NestedServletException: Request processing failed; 
nested exception is java.lang.IllegalArgumentException: IO error opening file 
stream

Le jeudi 27 octobre 2022 à 15:45:52 UTC+2, lanf detroy a écrit :

Hello,
 I installed cas-management in version 6.6.0, and when I create a service and I 
want to register it I have the following error:
An error has occurred while attempting to save the service. Please try again 
later.

I see the services that I created by hand in the directory /etc/cas/services

Can you help me?



-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/56c885094d1507ff4f989971e887390cb7da4737.camel%40uvic.ca.

Re: [cas-user] Re: cas-management error creating service

[lanf detroy]

 I don't know where to look for this? What parameter to put? 

Le jeudi 27 octobre 2022 à 18:37:46 UTC+2, Ray Bon a écrit :

> lanf,
>
> Check that the process that is running cas management has write access to 
> the directory in the config.
>
> Ray
>
> On Thu, 2022-10-27 at 07:42 -0700, lanf detroy wrote:
>
> Notice: This message was sent from outside the University of Victoria 
> email system. Please be cautious with links and sensitive information.
>
>
> [2022-10-27 16:40:14] [info] 
> =
> [2022-10-27 16:40:14] [info] WHO: me
> [2022-10-27 16:40:14] [info] WHAT: IO error opening file stream.
> [2022-10-27 16:40:14] [info] ACTION: SAVE_SERVICE_FAILED
> [2022-10-27 16:40:14] [info] APPLICATION: CAS_Management
> [2022-10-27 16:40:14] [info] WHEN: Thu Oct 27 16:40:14 CEST 2022
> [2022-10-27 16:40:14] [info] CLIENT IP ADDRESS: 192.168.1.254
> [2022-10-27 16:40:14] [info] SERVER IP ADDRESS: 192.168.1.14
> [2022-10-27 16:40:14] [info] 
> =
> [2022-10-27 16:40:14] [info] >
> [2022-10-27 16:40:14] [info] 2022-10-27 16:40:14,159 ERROR 
> [org.springframework.boot.web.servlet.support.ErrorPageFilter] - 
>  [org.springframework.web.util.NestedServletException: Request processing 
> failed; nested exception is java.lang.IllegalArgumentException: IO error 
> opening file stream.]>
> [2022-10-27 16:40:14] [info] java.lang.RuntimeException: 
> org.springframework.web.util.NestedServletException: Request processing 
> failed; nested exception is java.lang.IllegalArgumentException: IO error 
> opening file stream
>
> Le jeudi 27 octobre 2022 à 15:45:52 UTC+2, lanf detroy a écrit :
>
>
> Hello,
>  I installed cas-management in version 6.6.0, and when I create a service 
> and I want to register it I have the following error:
> An error has occurred while attempting to save the service. Please try 
> again later.
>
> I see the services that I created by hand in the directory 
> /etc/cas/services
>
> Can you help me?
>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/97240d83-5246-4088-9144-f89222f3ab33n%40apereo.org.

Re: [cas-user] Re: cas-management error creating service

[Ray Bon]

lanf,

Check that the process that is running cas management has write access to the 
directory in the config.

Ray

On Thu, 2022-10-27 at 07:42 -0700, lanf detroy wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

[2022-10-27 16:40:14] [info] 
=
[2022-10-27 16:40:14] [info] WHO: me
[2022-10-27 16:40:14] [info] WHAT: IO error opening file stream.
[2022-10-27 16:40:14] [info] ACTION: SAVE_SERVICE_FAILED
[2022-10-27 16:40:14] [info] APPLICATION: CAS_Management
[2022-10-27 16:40:14] [info] WHEN: Thu Oct 27 16:40:14 CEST 2022
[2022-10-27 16:40:14] [info] CLIENT IP ADDRESS: 192.168.1.254
[2022-10-27 16:40:14] [info] SERVER IP ADDRESS: 192.168.1.14
[2022-10-27 16:40:14] [info] 
=
[2022-10-27 16:40:14] [info] >
[2022-10-27 16:40:14] [info] 2022-10-27 16:40:14,159 ERROR 
[org.springframework.boot.web.servlet.support.ErrorPageFilter] - 
[2022-10-27 16:40:14] [info] java.lang.RuntimeException: 
org.springframework.web.util.NestedServletException: Request processing failed; 
nested exception is java.lang.IllegalArgumentException: IO error opening file 
stream

Le jeudi 27 octobre 2022 à 15:45:52 UTC+2, lanf detroy a écrit :

Hello,
 I installed cas-management in version 6.6.0, and when I create a service and I 
want to register it I have the following error:
An error has occurred while attempting to save the service. Please try again 
later.

I see the services that I created by hand in the directory /etc/cas/services

Can you help me?


-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/72dcd5f119bf26f3949bd3e5f5dcd6408c87fbb8.camel%40uvic.ca.

Re: [cas-user] Re: CAS Management Overlay 6.5 LDAP Issues?

[Ray Bon]

I was not quite done the previous email.

cas.authn.ldap[0]...
cas.authn.ldap[1]...
etc.


Ray

On Tue, 2022-02-08 at 10:13 -0800, Michael Santangelo wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

I changed my config to:

cas.authn.ldap[0].order=0
cas.authn.ldap[0].name=Tech Active Directory
cas.authn.ldap[0].type=AD
cas.authn.ldap[0].ldapUrl=ldap://:389
cas.authn.ldap[0].validatePeriod=270
cas.authn.ldap[0].poolPassivator=NONE
cas.authn.ldap[0].searchFilter=sAMAccountName={user}
cas.authn.ldap[0].baseDn=OU=Technology,OU=Staff,DC=CHS,DC=...
cas.authn.ldap[0].dnFormat=CN=%s,OU=Technology,OU=Staff,DC=...
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].bindDn=CN=casbind,CN=Users,DC=...
cas.authn.ldap[0].bindCredential=

And now it's working for people in that OU... Time to see if I can expand it to 
the entire Staff OU...

On Tuesday, February 8, 2022 at 11:03:31 AM UTC-5 Michael Santangelo wrote:
Hello all,

Forgive me for this, I'm brand new to CAS and I'm trying to get LDAP working.

I built an Ubuntu VM and did initial setup by doing:

  1.  git clone https://github.com/apereo/cas-overlay-template
  2.  I did some initial config changes in the cas.properties to get SSL up and 
running
  3.  Ran sudo ./gradlew clean copyCasConfiguration build run
  4.  I can login using the casuser and the default password as expected.  This 
part is all working fine.

So I tried adding LDAP support by:

  1.  Modify build.gradle by adding
implementation 
"org.apereo.cas:cas-server-support-ldap:${project.'cas.version'}"
to the dependencies section.
  2.  Modify cas.properties by adding:
# Disable casuser
cas.authn.accept.users=
# LDAP Servers Authenticated
cas.authn.ldap[0].ldapUrl=ldap://:389
#cas.authn.ldap[0].usessl=false
cas.authn.ldap[0].useStartTls=false
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].bindDn=cn=cas bind,CN=Users,DC=...
cas.authn.ldap[0].bindCredential=
# LDAP Servers Authenticated

# Search For CAS User
cas.authn.ldap[0].baseDn=OU=Technology,OU=Staff,DC=CHS,DC=...
cas.authn.ldap[0].subtreeSearch=true
#cas.authn.ldap[0].searchFilter=(&(objectClass=person)(uid={user}))
#cas.authn.ldap[0].searchFilter=uid={user}
cas.authn.ldap[0].searchFilter=sAMAaccountName={user}
#cas.authn.ldap[0].principalAttributeList=cn,givenName,mail,sn
# Search for CAS User
  3.  Ran sudo ./gradlew clean copyCasConfiguration build run

The page loads as usual.  I am unable to login as casuser, which is expected.  
I cannot login with any domain credentials.

In the log I get an error:
2022-02-08 15:43:49,567 INFO 
[org.apereo.cas.authentication.DefaultAuthenticationManager] - 
<[LdapAuthenticationHandler] exception details: [Unable to resolve user dn for 
].>

So I tried to verify that the server can connect via LDAP:

ldapsearch -H ldap://:389 -D "CN=cas bind,CN=Users,DC=..." -W 
samaccountname= -b "OU=Technology,OU=Staff,DC=..." -v

And I receive a valid result.

I'm not sure where the disconnect is, or what else I should search for.  Any 
tips or suggestions that you could provide would be helpful.

I'm attaching the output of Task :run.


--

Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE 019 | r...@uvic.ca

I acknowledge and respect the lək̓ʷəŋən peoples on whose traditional territory 
the university stands, and the Songhees, Esquimalt and WSÁNEĆ peoples whose 
historical relationships with the land continue to this day.

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/f58a9f3248ab49ae7a9afaddfa43d671f86b18d8.camel%40uvic.ca.

Re: [cas-user] Re: CAS Management Overlay 6.5 LDAP Issues?

[Michael Santangelo]

The finalized working bit for Active Directory LDAP was:

# Working LDAP Auth
cas.authn.ldap[0].order=0
cas.authn.ldap[0].name=Active Directory
cas.authn.ldap[0].type=AD
cas.authn.ldap[0].ldapUrl=ldap://:389
cas.authn.ldap[0].validatePeriod=270
cas.authn.ldap[0].poolPassivator=NONE
cas.authn.ldap[0].searchFilter=sAMAccountName={user}
cas.authn.ldap[0].baseDn=OU=Staff,DC=...
cas.authn.ldap[0].subtreeSearch=true
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].bindDn=CN=casbind,CN=Users,DC=...
cas.authn.ldap[0].bindCredential=
# Working LDAP Auth

:D

I even got Duo MFA working today. Thanks all!


On Tuesday, February 8, 2022 at 3:55:18 PM UTC-5 Felix Schumacher wrote:

> Are you sure, that you need to set dnFormat? If you have users in 
> different ou's, it will be difficult to use with a template as cn=%s,ou=... 
> and should not the dn be found by the searchFilter?
>
> Felix
> Am 08.02.22 um 19:13 schrieb Michael Santangelo:
>
> I changed my config to: 
>
> cas.authn.ldap[0].order=0
> cas.authn.ldap[0].name=Tech Active Directory
> cas.authn.ldap[0].type=AD
> cas.authn.ldap[0].ldapUrl=ldap://:389
> cas.authn.ldap[0].validatePeriod=270
> cas.authn.ldap[0].poolPassivator=NONE
> cas.authn.ldap[0].searchFilter=sAMAccountName={user}
> cas.authn.ldap[0].baseDn=OU=Technology,OU=Staff,DC=CHS,DC=...
> cas.authn.ldap[0].dnFormat=CN=%s,OU=Technology,OU=Staff,DC=...
> cas.authn.ldap[0].type=AUTHENTICATED
> cas.authn.ldap[0].bindDn=CN=casbind,CN=Users,DC=...
> cas.authn.ldap[0].bindCredential=
>
> And now it's working for people in that OU... Time to see if I can expand 
> it to the entire Staff OU... 
>
> On Tuesday, February 8, 2022 at 11:03:31 AM UTC-5 Michael Santangelo wrote:
>
>> Hello all, 
>>
>> Forgive me for this, I'm brand new to CAS and I'm trying to get LDAP 
>> working.
>>
>> I built an Ubuntu VM and did initial setup by doing:
>>
>>1. git clone https://github.com/apereo/cas-overlay-template
>>2. I did some initial config changes in the cas.properties to get SSL 
>>up and running 
>>3. Ran sudo ./gradlew clean copyCasConfiguration build run 
>>4. I can login using the casuser and the default password as 
>>expected.  This part is all working fine. 
>>
>> So I tried adding LDAP support by:
>>
>>1. Modify build.gradle by adding 
>>implementation 
>>"org.apereo.cas:cas-server-support-ldap:${project.'cas.version'}"
>>to the dependencies section. 
>>2. Modify cas.properties by adding:
>># Disable casuser
>>cas.authn.accept.users=
>># LDAP Servers Authenticated
>>cas.authn.ldap[0].ldapUrl=ldap://:389
>>#cas.authn.ldap[0].usessl=false
>>cas.authn.ldap[0].useStartTls=false
>>cas.authn.ldap[0].type=AUTHENTICATED
>>cas.authn.ldap[0].bindDn=cn=cas bind,CN=Users,DC=...
>>cas.authn.ldap[0].bindCredential=
>># LDAP Servers Authenticated
>>
>># Search For CAS User
>>cas.authn.ldap[0].baseDn=OU=Technology,OU=Staff,DC=CHS,DC=...
>>cas.authn.ldap[0].subtreeSearch=true
>>#cas.authn.ldap[0].searchFilter=(&(objectClass=person)(uid={user}))
>>#cas.authn.ldap[0].searchFilter=uid={user}
>>cas.authn.ldap[0].searchFilter=sAMAaccountName={user}
>>#cas.authn.ldap[0].principalAttributeList=cn,givenName,mail,sn
>># Search for CAS User 
>>3. Ran sudo ./gradlew clean copyCasConfiguration build run 
>>
>> The page loads as usual.  I am unable to login as casuser, which is 
>> expected.  I cannot login with any domain credentials.
>>
>> In the log I get an error:
>> 2022-02-08 15:43:49,567 INFO 
>> [org.apereo.cas.authentication.DefaultAuthenticationManager] - 
>> <[LdapAuthenticationHandler] exception details: [Unable to resolve user dn 
>> for ].>
>>
>> So I tried to verify that the server can connect via LDAP:
>>
>> ldapsearch -H ldap://:389 -D "CN=cas 
>> bind,CN=Users,DC=..." -W samaccountname= -b 
>> "OU=Technology,OU=Staff,DC=..." -v
>>
>> And I receive a valid result.
>>
>> I'm not sure where the disconnect is, or what else I should search for.  
>> Any tips or suggestions that you could provide would be helpful.
>>
>> I'm attaching the output of Task :run.
>>
> -- 
>
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> --- 
> You received this message because you are subscribed to the Google Groups 
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to cas-user+u...@apereo.org.
>
> To view this discussion on the web visit 
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/bff98751-3a50-4786-81a9-cc38a6228cc4n%40apereo.org
>  
> 
> .
>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7

Re: [cas-user] Re: CAS Management Overlay 6.5 LDAP Issues?

[Ray Bon]

Michael,

To follow up on Felix's post.
You can create multiple ldap (ldap entries, one for each ou. cas will search 
them the order they are in your properties file.

Ray

On Tue, 2022-02-08 at 10:13 -0800, Michael Santangelo wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

I changed my config to:

cas.authn.ldap[0].order=0
cas.authn.ldap[0].name=Tech Active Directory
cas.authn.ldap[0].type=AD
cas.authn.ldap[0].ldapUrl=ldap://:389
cas.authn.ldap[0].validatePeriod=270
cas.authn.ldap[0].poolPassivator=NONE
cas.authn.ldap[0].searchFilter=sAMAccountName={user}
cas.authn.ldap[0].baseDn=OU=Technology,OU=Staff,DC=CHS,DC=...
cas.authn.ldap[0].dnFormat=CN=%s,OU=Technology,OU=Staff,DC=...
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].bindDn=CN=casbind,CN=Users,DC=...
cas.authn.ldap[0].bindCredential=

And now it's working for people in that OU... Time to see if I can expand it to 
the entire Staff OU...

On Tuesday, February 8, 2022 at 11:03:31 AM UTC-5 Michael Santangelo wrote:
Hello all,

Forgive me for this, I'm brand new to CAS and I'm trying to get LDAP working.

I built an Ubuntu VM and did initial setup by doing:

  1.  git clone https://github.com/apereo/cas-overlay-template
  2.  I did some initial config changes in the cas.properties to get SSL up and 
running
  3.  Ran sudo ./gradlew clean copyCasConfiguration build run
  4.  I can login using the casuser and the default password as expected.  This 
part is all working fine.

So I tried adding LDAP support by:

  1.  Modify build.gradle by adding
implementation 
"org.apereo.cas:cas-server-support-ldap:${project.'cas.version'}"
to the dependencies section.
  2.  Modify cas.properties by adding:
# Disable casuser
cas.authn.accept.users=
# LDAP Servers Authenticated
cas.authn.ldap[0].ldapUrl=ldap://:389
#cas.authn.ldap[0].usessl=false
cas.authn.ldap[0].useStartTls=false
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].bindDn=cn=cas bind,CN=Users,DC=...
cas.authn.ldap[0].bindCredential=
# LDAP Servers Authenticated

# Search For CAS User
cas.authn.ldap[0].baseDn=OU=Technology,OU=Staff,DC=CHS,DC=...
cas.authn.ldap[0].subtreeSearch=true
#cas.authn.ldap[0].searchFilter=(&(objectClass=person)(uid={user}))
#cas.authn.ldap[0].searchFilter=uid={user}
cas.authn.ldap[0].searchFilter=sAMAaccountName={user}
#cas.authn.ldap[0].principalAttributeList=cn,givenName,mail,sn
# Search for CAS User
  3.  Ran sudo ./gradlew clean copyCasConfiguration build run

The page loads as usual.  I am unable to login as casuser, which is expected.  
I cannot login with any domain credentials.

In the log I get an error:
2022-02-08 15:43:49,567 INFO 
[org.apereo.cas.authentication.DefaultAuthenticationManager] - 
<[LdapAuthenticationHandler] exception details: [Unable to resolve user dn for 
].>

So I tried to verify that the server can connect via LDAP:

ldapsearch -H ldap://:389 -D "CN=cas bind,CN=Users,DC=..." -W 
samaccountname= -b "OU=Technology,OU=Staff,DC=..." -v

And I receive a valid result.

I'm not sure where the disconnect is, or what else I should search for.  Any 
tips or suggestions that you could provide would be helpful.

I'm attaching the output of Task :run.


--

Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE 019 | r...@uvic.ca

I acknowledge and respect the lək̓ʷəŋən peoples on whose traditional territory 
the university stands, and the Songhees, Esquimalt and WSÁNEĆ peoples whose 
historical relationships with the land continue to this day.

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/e35a3b68aac5bc9c6a3684e36340bd5e69460ae4.camel%40uvic.ca.

Re: [cas-user] Re: CAS Management Overlay 6.5 LDAP Issues?

[Felix Schumacher]

I think you should use only one entry for "type". (Currently you will 
probably use AUTHENTICATED)


Felix

Am 08.02.22 um 22:07 schrieb Michael Santangelo:

The finalized working bit for Active Directory LDAP was:

# Working LDAP Auth
cas.authn.ldap[0].order=0
cas.authn.ldap[0].name=Active Directory
cas.authn.ldap[0].type=AD
cas.authn.ldap[0].ldapUrl=ldap://:389
cas.authn.ldap[0].validatePeriod=270
cas.authn.ldap[0].poolPassivator=NONE
cas.authn.ldap[0].searchFilter=sAMAccountName={user}
cas.authn.ldap[0].baseDn=OU=Staff,DC=...
cas.authn.ldap[0].subtreeSearch=true
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].bindDn=CN=casbind,CN=Users,DC=...
cas.authn.ldap[0].bindCredential=
# Working LDAP Auth

:D

I even got Duo MFA working today. Thanks all!


On Tuesday, February 8, 2022 at 3:55:18 PM UTC-5 Felix Schumacher wrote:

Are you sure, that you need to set dnFormat? If you have users in
different ou's, it will be difficult to use with a template as
cn=%s,ou=... and should not the dn be found by the searchFilter?

Felix

Am 08.02.22 um 19:13 schrieb Michael Santangelo:

I changed my config to:

cas.authn.ldap[0].order=0
cas.authn.ldap[0].name=Tech Active Directory
cas.authn.ldap[0].type=AD
cas.authn.ldap[0].ldapUrl=ldap://:389
cas.authn.ldap[0].validatePeriod=270
cas.authn.ldap[0].poolPassivator=NONE
cas.authn.ldap[0].searchFilter=sAMAccountName={user}
cas.authn.ldap[0].baseDn=OU=Technology,OU=Staff,DC=CHS,DC=...
cas.authn.ldap[0].dnFormat=CN=%s,OU=Technology,OU=Staff,DC=...
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].bindDn=CN=casbind,CN=Users,DC=...
cas.authn.ldap[0].bindCredential=

And now it's working for people in that OU... Time to see if I
can expand it to the entire Staff OU...

On Tuesday, February 8, 2022 at 11:03:31 AM UTC-5 Michael
Santangelo wrote:

Hello all,

Forgive me for this, I'm brand new to CAS and I'm trying to
get LDAP working.

I built an Ubuntu VM and did initial setup by doing:

 1. git clone https://github.com/apereo/cas-overlay-template
 2. I did some initial config changes in the cas.properties
to get SSL up and running
 3. Ran sudo ./gradlew clean copyCasConfiguration build run
 4. I can login using the casuser and the default password as
expected.  This part is all working fine.

So I tried adding LDAP support by:

 1. Modify build.gradle by adding
    implementation
"org.apereo.cas:cas-server-support-ldap:${project.'cas.version'}"
to the dependencies section.
 2. Modify cas.properties by adding:
# Disable casuser
cas.authn.accept.users=
# LDAP Servers Authenticated
cas.authn.ldap[0].ldapUrl=ldap://:389
#cas.authn.ldap[0].usessl=false
cas.authn.ldap[0].useStartTls=false
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].bindDn=cn=cas bind,CN=Users,DC=...
cas.authn.ldap[0].bindCredential=
# LDAP Servers Authenticated

# Search For CAS User
cas.authn.ldap[0].baseDn=OU=Technology,OU=Staff,DC=CHS,DC=...
cas.authn.ldap[0].subtreeSearch=true
#cas.authn.ldap[0].searchFilter=(&(objectClass=person)(uid={user}))
#cas.authn.ldap[0].searchFilter=uid={user}
cas.authn.ldap[0].searchFilter=sAMAaccountName={user}
#cas.authn.ldap[0].principalAttributeList=cn,givenName,mail,sn
# Search for CAS User
 3. Ran sudo ./gradlew clean copyCasConfiguration build run

The page loads as usual.  I am unable to login as casuser,
which is expected.  I cannot login with any domain credentials.

In the log I get an error:
2022-02-08 15:43:49,567 INFO
[org.apereo.cas.authentication.DefaultAuthenticationManager]
- <[LdapAuthenticationHandler] exception details: [Unable to
resolve user dn for ].>

So I tried to verify that the server can connect via LDAP:

ldapsearch -H ldap://:389 -D "CN=cas
bind,CN=Users,DC=..." -W samaccountname= -b
"OU=Technology,OU=Staff,DC=..." -v

And I receive a valid result.

I'm not sure where the disconnect is, or what else I should
search for.  Any tips or suggestions that you could provide
would be helpful.

I'm attaching the output of Task :run.

-- 
- Website: https://apereo.github.io/cas

- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the
Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it,
send an email to cas-user+u...@apereo.org.
To view this disc

Re: [cas-user] Re: CAS Management Overlay 6.5 LDAP Issues?

[Felix Schumacher]

Are you sure, that you need to set dnFormat? If you have users in 
different ou's, it will be difficult to use with a template as 
cn=%s,ou=... and should not the dn be found by the searchFilter?


Felix

Am 08.02.22 um 19:13 schrieb Michael Santangelo:

I changed my config to:

cas.authn.ldap[0].order=0
cas.authn.ldap[0].name=Tech Active Directory
cas.authn.ldap[0].type=AD
cas.authn.ldap[0].ldapUrl=ldap://:389
cas.authn.ldap[0].validatePeriod=270
cas.authn.ldap[0].poolPassivator=NONE
cas.authn.ldap[0].searchFilter=sAMAccountName={user}
cas.authn.ldap[0].baseDn=OU=Technology,OU=Staff,DC=CHS,DC=...
cas.authn.ldap[0].dnFormat=CN=%s,OU=Technology,OU=Staff,DC=...
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].bindDn=CN=casbind,CN=Users,DC=...
cas.authn.ldap[0].bindCredential=

And now it's working for people in that OU... Time to see if I can 
expand it to the entire Staff OU...


On Tuesday, February 8, 2022 at 11:03:31 AM UTC-5 Michael Santangelo 
wrote:


Hello all,

Forgive me for this, I'm brand new to CAS and I'm trying to get
LDAP working.

I built an Ubuntu VM and did initial setup by doing:

 1. git clone https://github.com/apereo/cas-overlay-template
 2. I did some initial config changes in the cas.properties to get
SSL up and running
 3. Ran sudo ./gradlew clean copyCasConfiguration build run
 4. I can login using the casuser and the default password as
expected.  This part is all working fine.

So I tried adding LDAP support by:

 1. Modify build.gradle by adding
    implementation
"org.apereo.cas:cas-server-support-ldap:${project.'cas.version'}"
to the dependencies section.
 2. Modify cas.properties by adding:
# Disable casuser
cas.authn.accept.users=
# LDAP Servers Authenticated
cas.authn.ldap[0].ldapUrl=ldap://:389
#cas.authn.ldap[0].usessl=false
cas.authn.ldap[0].useStartTls=false
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].bindDn=cn=cas bind,CN=Users,DC=...
cas.authn.ldap[0].bindCredential=
# LDAP Servers Authenticated

# Search For CAS User
cas.authn.ldap[0].baseDn=OU=Technology,OU=Staff,DC=CHS,DC=...
cas.authn.ldap[0].subtreeSearch=true
#cas.authn.ldap[0].searchFilter=(&(objectClass=person)(uid={user}))
#cas.authn.ldap[0].searchFilter=uid={user}
cas.authn.ldap[0].searchFilter=sAMAaccountName={user}
#cas.authn.ldap[0].principalAttributeList=cn,givenName,mail,sn
# Search for CAS User
 3. Ran sudo ./gradlew clean copyCasConfiguration build run

The page loads as usual.  I am unable to login as casuser, which
is expected.  I cannot login with any domain credentials.

In the log I get an error:
2022-02-08 15:43:49,567 INFO
[org.apereo.cas.authentication.DefaultAuthenticationManager] -
<[LdapAuthenticationHandler] exception details: [Unable to resolve
user dn for ].>

So I tried to verify that the server can connect via LDAP:

ldapsearch -H ldap://:389 -D "CN=cas
bind,CN=Users,DC=..." -W samaccountname= -b
"OU=Technology,OU=Staff,DC=..." -v

And I receive a valid result.

I'm not sure where the disconnect is, or what else I should search
for.  Any tips or suggestions that you could provide would be helpful.

I'm attaching the output of Task :run.

--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google 
Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send 
an email to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/bff98751-3a50-4786-81a9-cc38a6228cc4n%40apereo.org 
.


--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS Community" group.

To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/dad9c50c-89b1-bb0a-acb4-40fda83823c1%40internetallee.de.


OpenPGP_0xEA6C3728EA91C4AF.asc
Description: OpenPGP public key


OpenPGP_signature
Description: OpenPGP digital signature

Re: [cas-user] Re: Cas-management-Overlay archived

[Mickaël]

Thanks for your intervention.

Sincerely,

Le jeudi 10 septembre 2020 à 16:38:45 UTC+2, Misagh Moayyed a écrit :

> This was an obvious mistake; sorry about that. The repo status is restored.
>
> On Thu, Sep 10, 2020 at 6:31 PM randomuser878  wrote:
> >
> > Greetings
> >
> > Can not add anything concrete to your observation.
> > This looks promising 
> https://apereo.github.io/cas/development/release_notes/RC2.html#dynamic-jpa-service-management
>  
> in terms of future of the component but totally unclear how does it fit 
> with your observation of archived repo.
> >
> > Can anyone in cas development community shed some light on 
> cas-management direction per 6.3.x.
> >
> > Thanks.
> >
> >
> >
> > On Monday, September 7, 2020 at 6:33:22 AM UTC-4 Mickaël wrote:
> >>
> >>
> >> Hello all,
> >>
> >> The repo https://github.com/apereo/cas-management-overlay has been 
> archived.
> >> It will not have news overlay repo for the CAS-Manager in the future or 
> I have missed something about manegement of CAS server ?
> >>
> >> Sincerely,
> >>
> >> Mickaël
> >
> > --
> > - Website: https://apereo.github.io/cas
> > - Gitter Chatroom: https://gitter.im/apereo/cas
> > - List Guidelines: https://goo.gl/1VRrw7
> > - Contributions: https://goo.gl/mh7qDG
> > ---
> > You received this message because you are subscribed to the Google 
> Groups "CAS Community" group.
> > To unsubscribe from this group and stop receiving emails from it, send 
> an email to cas-user+u...@apereo.org.
> > To view this discussion on the web visit 
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/dcbecc23-5ba5-46eb-97e1-4c24a241322bn%40apereo.org
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/47ee4643-f388-44c0-8750-4a5e400fb429n%40apereo.org.

Re: [cas-user] Re: Cas-management-Overlay archived

[Misagh]

This was an obvious mistake; sorry about that. The repo status is restored.

On Thu, Sep 10, 2020 at 6:31 PM randomuser878  wrote:
>
> Greetings
>
> Can not add anything concrete to your observation.
> This looks promising 
> https://apereo.github.io/cas/development/release_notes/RC2.html#dynamic-jpa-service-management
>  in terms of future of the component but totally unclear how does it fit with 
> your observation of archived repo.
>
>  Can anyone in cas development community shed some light on 
> cas-management direction per 6.3.x.
>
> Thanks.
>
>
>
> On Monday, September 7, 2020 at 6:33:22 AM UTC-4 Mickaël wrote:
>>
>>
>> Hello all,
>>
>> The repo https://github.com/apereo/cas-management-overlay has been archived.
>> It will not have news overlay repo for the CAS-Manager in the future or I 
>> have missed something about manegement of CAS server ?
>>
>> Sincerely,
>>
>> Mickaël
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups 
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit 
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/dcbecc23-5ba5-46eb-97e1-4c24a241322bn%40apereo.org.

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAGSBKkeqROm8jfY5qTaOV%3DnqG2BBQbD4Q01_HP5cLvW2rrttEA%40mail.gmail.com.

Re: [cas-user] Re: CAS Management Web App 6.1.4-RC error

[Ray Bon]

Thanh,

I ran in to the same problem and could find no way to turn off git requirement. 
As such, we are still using 5.2 version.

Ray

On Mon, 2020-03-09 at 16:52 +0700, Nguyen Tran Thanh Lam wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

Dear Mr B Ran,
I don't use git and don't enable any dependencies relevant git.

Thank you. Regards

Vào Th 2, 9 thg 3, 2020 vào lúc 16:49 B Ran 
mailto:rb149...@gmail.com>> đã viết:
I remember having an issue on that one.
Can you try this configuration ?

mgmt.versionControl.servicesRepo=//etc/cas/services-repo


Make sure whatever runs cas-management has read/write access to 
/etc/cas/services-repo and on the git

--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/1d34c4ca-4f14-4f8a-ab94-2f8cd83864f6%40apereo.org.


--

Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE 019 | r...@uvic.ca

I respectfully acknowledge that my place of work is located within the 
ancestral, traditional and unceded territory of the Songhees, Esquimalt and 
WSÁNEĆ Nations.

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/32c18b3e444cf68dfe3f043efd245c38b2664d0f.camel%40uvic.ca.

Re: [cas-user] Re: CAS Management Web App 6.1.4-RC error

[Nguyen Tran Thanh Lam]

Dear Mr B Ran,
I don't use git and don't enable any dependencies relevant git.

Thank you. Regards

Vào Th 2, 9 thg 3, 2020 vào lúc 16:49 B Ran  đã viết:

> I remember having an issue on that one.
> Can you try this configuration ?
>
> mgmt.versionControl.servicesRepo=//etc/cas/services-repo
>
>
> Make sure whatever runs cas-management has read/write access to
> /etc/cas/services-repo and on the git
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/1d34c4ca-4f14-4f8a-ab94-2f8cd83864f6%40apereo.org
> 
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAEjUsAghwpb8OgMi%2B0HZVLVduL6Wc%3DdDJCkXY%3D_OCKdm6h5GYQ%40mail.gmail.com.

Re: [cas-user] Re: CAS Management Web App 6.1.4-RC error

[B Ran]

I remember having an issue on that one.
Can you try this configuration ?

mgmt.versionControl.servicesRepo=//etc/cas/services-repo


Make sure whatever runs cas-management has read/write access to 
/etc/cas/services-repo and on the git

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/1d34c4ca-4f14-4f8a-ab94-2f8cd83864f6%40apereo.org.

Re: [cas-user] Re: CAS Management Web App 6.1.4-RC error

[B Ran]

I remember having an issue on that one.
Can you try this configuration ?

mgmt.versionControl.servicesRepo=//etc/cas/services-repo


Make sure whatever runs cas-management has read/write access to 
/etc/cas/services-repo and on the git
Once the git repo is initialized, make sure to configure the default git 
user (name+email)

Le samedi 7 mars 2020 04:25:46 UTC+1, Napoleon Ponaparte a écrit :
>
> Sorry,
> I have put this config to my management.properties
> mgmt.versionControl.servicesRepo=/etc/cas/services-repo
> But it still error.
> I have test with CAS Management 6.0 but it has error too, when I save 
> registry service.
> [image: image.png]
> ERROR 
> [org.apache.catalina.core.ContainerBase.[Tomcat].[localhost].[/cas-management].[dispatcherServlet]]
>  
> -  [/cas-management] threw exception>
> org.eclipse.jgit.errors.RepositoryNotFoundException: repository not found: 
> /etc/cas/services-repo/.git
> [image: image.png]
> Please help me. Thanks
>
>
> Vào Th 6, 6 thg 3, 2020 vào lúc 20:14 B Ran  > đã viết:
>
>> cas-management usually creates a git repository and then offers to push 
>> commits made through the UI to service registries.
>>
>> You can configure the location of the git repo with the property 
>> mgmt.versionControl.servicesRepo
>>
>> Assuming both CAS and cas-management are running on the same machine 
>> you'd have to define 'cas.serviceRegistry.json.location' in the management 
>> properties as well
>>
>> However I don't think setting both properties with the same folder is a 
>> good practice (since changes made through the UI would be reflected in CAS 
>> before you decide to publish)
>>
>> Le vendredi 6 mars 2020 09:13:59 UTC+1, Napoleon Ponaparte a écrit :
>>>
>>> Hi,
>>> I have a trouble with CAS Management Web App (version 6.1.0-RC and 
>>> version 6.0.x) , while I save new registry to CAS.
>>>  Here is my error:
>>> *Error 1:*
>>>
>>> ERROR 
>>> [org.apache.catalina.core.ContainerBase.[Tomcat].[localhost].[/cas-management].[dispatcherServlet]]
>>>  
>>> - >> [/cas-management] threw exception>
>>>
>>> org.eclipse.jgit.errors.RepositoryNotFoundException: repository not 
>>> found: /etc/cas/services-repo/.git
>>>
>>> Here is my config:
>>> *1. CAS config*
>>> cas.server.name=https://ssostandalone.vdc2.com.vn:8443
>>> cas.server.prefix=${cas.server.name}/cas
>>>
>>> logging.config: file:/etc/cas/config/log4j2.xml
>>> server.port=8443
>>> server.ssl.enabled=true
>>>
>>> cas.serviceRegistry.initFromJson=false
>>> #cas.serviceRegistry.json.location=file:/etc/cas/services-repo
>>> cas.serviceRegistry.json.location=file:/etc/cas/vnpt-service-repo
>>> cas.authn.oauth.grants.resourceOwner.requireServiceHeader=true
>>> cas.authn.oauth.userProfileViewType=NESTED
>>>
>>> cas.authn.policy.requiredHandlerAuthenticationPolicyEnabled=false
>>>
>>> cas.authn.attributeRepository.stub.attributes.email=cas...@example.org
>>> #REST API JSON
>>> cas.rest.attributeName=email
>>> cas.rest.attributeValue=.+example.*
>>> *2. CAS Management Config*
>>> cas.server.name=https://ssostandalone.vdc2.com.vn:8443
>>> cas.server.prefix=${cas.server.name}/cas
>>> mgmt.serverName=https://ssostandalone.vdc2.com.vn:8088
>>> mgmt.adminRoles[0]=ROLE_ADMIN
>>> mgmt.userPropertiesFile=file:/etc/cas/config/users.json
>>> mgmt.userRoles[0]=ROLE_USER
>>> spring.thymeleaf.mode=HTML
>>> server.port=8088
>>> server.ssl.enabled=true
>>> server.ssl.keyStore=file:/etc/cas/thekeystore
>>> server.ssl.keyStorePassword=changeit
>>> server.ssl.keyPassword=changeit
>>> logging.config=file:/etc/cas/config/log4j2-management.xml
>>> *3. Service registry (in /etc/cas/vnpt-service-repo)*
>>> root@ssostandalone:/etc/cas/vnpt-service-repo# cat casManagement-4.json 
>>> {
>>>   "@class" : "org.apereo.cas.services.RegexRegisteredService",
>>>   "serviceId":"^https://ssostandalone.vdc2.com.vn:8088/.+";,
>>>   "name" : "casManagement",
>>>   "id" : 4,
>>>   "evaluationOrder" : 10,
>>>   "allowedAttributes":["cn","mail"]
>>> }
>>>
>>> Please help me. 
>>> Thank you.
>>>
>>>
>>> -- 
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> --- 
>> You received this message because you are subscribed to the Google Groups 
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to cas-...@apereo.org .
>> To view this discussion on the web visit 
>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/b60a72a7-389d-4465-9cc4-0bfd6c5ff2b5%40apereo.org
>>  
>> 
>> .
>>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community"

Re: [cas-user] Re: cas-management 6.1 RC4 turn off version control

[Ray Bon]

I tried building from source to add more debugging, but was unable to build 
without error. If I fixed one error, then another popped up. I do not have time 
to chase them down.
I will come back to it, perhaps in the new year. Until then we will use an 
older version.

Ray

On Fri, 2019-10-25 at 06:55 -0700, randomuser878 wrote:
Hello

  Thanks for the hint per 
CasManagementConfigurationProperties.java
  Have been really struggling with this one as well.  Really feel 
cas-management is behind cas and sure hope the recent indicators of moving 
dashboards from cas to cas-management means better product eventually.

  Ranting aside, cas-management 6.1 RC4, these two flags end up as non-bound 
and service will fail/crash to restart.
   mgmt.enableVersionControl=false
   mgmt.enableDelegatedMgmt=false

  Overlaying this file 
src/main/java/org/apereo/cas/configuration/CasManagementConfigurationProperties.java
 by setting the two references you alluded to false it will compile but then on 
restart it will throw tons of errors about ALL mgmt parameters being unbound.  
If you can figure out what I could have missed by just modifying that code 
directly that would be great.
  Added this to build.gradle
compile "org.apereo.cas:cas-mgmt-api-core:${project.'casmgmt.version'}"
compile "org.projectlombok:lombok:1.18.8"

  Then tried the 6.1. RC5 snapshot, maybe those two parameters that are in 
documentation would work but nope, it would crash per  some collusion about 
groovy libraries and such, anyway gave up on that front, it is snapshot after 
all.

  HERE is what currently WORKS for me (not sure if it breaks anything else but 
I am past the point of desperation)
  1) deploy cas-management.war and explode into webapps (remove war afterwards)
  rm -v 
$CATALINA_BASE/webapps/cas-management/WEB-INF/lib/cas-mgmt-config-version-control-6.1.0-RC4.jar
  rm -v 
$CATALINA_BASE/webapps/cas-management/WEB-INF/lib/cas-mgmt-config-delegated-6.1.0-RC4.jar


  Now here are other gems
  1) using JPA so would really like to tell JSON to take a back-seat.
 cas.serviceRegistry.initFromJson=false
   YET it loads from services default or whatever you specify including 
commenting out or leaving default or whatever:  
cas.serviceRegistry.json.location=classpath:/services
   Implicit PROBLEM for me: when you create new service you see double entries. 
One for JPA, the other one for json. Which is which?
   Workaround:
1) do not specify at all cas.serviceRegistry.json.location in config (not 
sure it matters)
2) same as above post explode cas-management.war (not sure how can I remove 
them from overlay, I could just try empty files in overlay but removing is 
cleaner)
   rm -v 
$CATALINA_BASE/webapps/cas-management/WEB-INF/classes/services/*.json

   Another headache: I want to have search work for me. Why can't I change the 
path of luceneIndexDir. (no parameter, nor can change and compile above without 
other failures)
   So must create folder /etc/cas/lucene even though for this scenario it is 
just a placeholder, so I can get search working. I never see anything get 
stored there?

   And finally,  really no idea why but if you logout the manager with a 
success message at /cas-management/logout.html,
  throws an exception 500 in access logs like "GET 
/cas-management/error?ticket=ST-XYZ...  but you click on "Services Management" 
link to get you back to /cas-management/manage.html and then cas-management is 
unavailable.
 WORKAROUND: just change URL to /cas-management/ and voila you are back to 
admin

  Stuff like this, I really really hope cas-management gets its love back.  Not 
gonna bother with discoveryEndpointPath = "/actuator/discoveryProfile" and how 
to actually properly securely setup magical setting in CAS separate service 
itself to that cas-management can get info. Tried but at this point I am happy 
to just use the web app.

  All the best.




On Tuesday, September 17, 2019 at 12:43:03 PM UTC-4, rbon wrote:
How do I turn off version control in cas-management 6.1 RC4.

In 5.3.x branch there was a config setting: mgmt.enableVersionControl=true, but 
this has been replaced by the following code (line 155 in 
https://github.com/apereo/cas-management/blob/master/api/cas-mgmt-api-configuration/src/main/java/org/apereo/cas/configuration/CasManagementConfigurationProperties.java):
private boolean enabled = 
ClassUtils.isPresent("org.ape

Re: [cas-user] Re: cas-management 6.1 RC4 turn off version control

[Travis Schmidt]

Admittedly the CAS Mgmt documentation is lagging some of the latest
refactors in the snapshots.  I usually try and make an effort when GA rolls
around to try and make sure at least config properties are updated.  You
can look here directly at the source of truth:

https://github.com/apereo/cas-management/blob/master/api/cas-mgmt-api-configuration/src/main/java/org/apereo/cas/configuration/CasManagementConfigurationProperties.java

The property name would just follow object "." notation starting with
"mgmt."

You can specify a luceneIndexDir and I think it only uses this directory as
temp storage when executing queries, so I think it is always cleaned up.
Anyways Lucene needed some file system dir configured.

If you are using version control then you will always see a
JSONServiceRegistry popup in the logs, since JSON files in a Git repository
is how that is implemented, regardless of the persistence you use for your
configured service registry.

Not sure what the logout thing is.

For the /dashboard and discovery endpoint, I have it configured and about
the only way I know it would work is to open up the admin endpoints by IP
address to the IP of your running CAS Management webapp.  Documentation can
be found here:

https://apereo.github.io/cas/development/monitoring/Monitoring-Statistics.html

I do not personally use the gradle overlays or even do any real testing
with them.  It has turned out in the past that the overlay was picking up
conflicting config from cas in the overlay that wasn't realized when just
building and deploying from source.

Lastly, I do believe some resources may be picking up the cause of CAS
Mgmt, and I may have some more time for the OS version freeing up soon, at
least will try and smooth out some rough edges for GA.  As always pull
requests are welcomed and encouraged.

Travis






On Fri, Oct 25, 2019 at 6:55 AM randomuser878  wrote:

> Hello
>
>   Thanks for the hint per CasManagementConfigurationProperties.java
> 
>   Have been really struggling with this one as well.  Really feel
> cas-management is behind cas and sure hope the recent indicators of moving
> dashboards from cas to cas-management means better product eventually.
>
>   Ranting aside, cas-management 6.1 RC4, these two flags end up as
> non-bound and service will fail/crash to restart.
>mgmt.enableVersionControl=false
>mgmt.enableDelegatedMgmt=false
>
>   Overlaying this
> file 
> src/main/java/org/apereo/cas/configuration/CasManagementConfigurationProperties.java
> by setting the two references you alluded to false it will compile but then
> on restart it will throw tons of errors about ALL mgmt parameters being
> unbound.  If you can figure out what I could have missed by just modifying
> that code directly that would be great.
>   Added this to build.gradle
> compile "org.apereo.cas:cas-mgmt-api-core:${project.'casmgmt.version'}"
> compile "org.projectlombok:lombok:1.18.8"
>
>   Then tried the 6.1. RC5 snapshot, maybe those two parameters that are in
> documentation would work but nope, it would crash per  some collusion about
> groovy libraries and such, anyway gave up on that front, it is snapshot
> after all.
>
>   HERE is what currently WORKS for me (not sure if it breaks anything else
> but I am past the point of desperation)
>   1) deploy cas-management.war and explode into webapps (remove war
> afterwards)
>   rm -v
> $CATALINA_BASE/webapps/cas-management/WEB-INF/lib/cas-mgmt-config-version-control-6.1.0-RC4.jar
>   rm -v
> $CATALINA_BASE/webapps/cas-management/WEB-INF/lib/cas-mgmt-config-delegated-6.1.0-RC4.jar
>
>
>   Now here are other gems
>   1) using JPA so would really like to tell JSON to take a back-seat.
>  cas.serviceRegistry.initFromJson=false
>YET it loads from services default or whatever you specify including
> commenting out or leaving default or whatever:
> cas.serviceRegistry.json.location=classpath:/services
>Implicit PROBLEM for me: when you create new service you see double
> entries. One for JPA, the other one for json. Which is which?
>Workaround:
> 1) do not specify at all cas.serviceRegistry.json.location in config
> (not sure it matters)
> 2) same as above post explode cas-management.war (not sure how can I
> remove them from overlay, I could just try empty files in overlay but
> removing is cleaner)
>rm -v
> $CATALINA_BASE/webapps/cas-management/WEB-INF/classes/services/*.json
>
>Another headache: I want to have search work for me. Why can't I change
> the path of luceneIndexDir. (no parameter, nor can change and compile above
> without other failures)
>So must create folder /etc/cas/lucene even though for this scenario it
> is just a placeho

Re: [cas-user] Re: CAS management

[alain ubfc]

Hello Matthew,

I just looked in /etc/cas/config ans i have the file you asked me to check.

I removed the excess line line in /etc/cas/config/management.properties

For the user casermgnt i saw that he has no right to launch tomcat when i 
make the following command :

systemctl restart tomcat9.service

I have do a sudo to throw it.

Do you have any idea ?

Thank you

Le mercredi 24 juillet 2019 18:51:27 UTC+2, Matthew Uribe a écrit :
>
> Thank you for confirming that your /var mount point is rw. Also, since you 
> are running tomcat as root (definitely not recommended for PROD), 
> permissions should not be an issue. It sounds like you need to make sure 
> your configurations are all uniform. Specifically, that 
> your /etc/cas/config/log4j2-management.xml file exists, and contains the 
> correct path to /var/log/cas-management 
>
> Also, I noticed that your cas-management.properties file contains this 
> line twice (I don't know if that causes problems or not):
>
> logging.config=file:/etc/cas/config/log4j2-management.xml
>
>
> On Wednesday, July 24, 2019 at 8:53:07 AM UTC-6, alain ubfc wrote:
>>
>> Matthew,
>>
>> I relanched tomcat each time as root.
>> So i addes the user toto in the casermgnt group.
>> I cheched the mounting of the partitions :
>>
>> casermgnt@casermgnt:~$ cat /proc/mounts
>> sysfs /sys sysfs rw,nosuid,nodev,noexec,relatime 0 0
>> proc /proc proc rw,nosuid,nodev,noexec,relatime 0 0
>> udev /dev devtmpfs rw,nosuid,relatime,size=1005320k,nr_inodes=251330,mode
>> =755 0 0
>> devpts /dev/pts devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=
>> 000 0 0
>> tmpfs /run tmpfs rw,nosuid,noexec,relatime,size=204244k,mode=755 0 0
>> /dev/mapper/casermgnt--vg-root / ext4 rw,relatime,errors=remount-ro 0 0
>> securityfs /sys/kernel/security securityfs rw,nosuid,nodev,noexec,relatime 
>> 0 0
>> tmpfs /dev/shm tmpfs rw,nosuid,nodev 0 0
>> tmpfs /run/lock tmpfs rw,nosuid,nodev,noexec,relatime,size=5120k 0 0
>> tmpfs /sys/fs/cgroup tmpfs ro,nosuid,nodev,noexec,mode=755 0 0
>> cgroup2 /sys/fs/cgroup/unified cgroup2 
>> rw,nosuid,nodev,noexec,relatime,nsdelegate 
>> 0 0
>> cgroup /sys/fs/cgroup/systemd cgroup rw,nosuid,nodev,noexec,relatime,
>> xattr,name=systemd 0 0
>> pstore /sys/fs/pstore pstore rw,nosuid,nodev,noexec,relatime 0 0
>> bpf /sys/fs/bpf bpf rw,nosuid,nodev,noexec,relatime,mode=700 0 0
>> cgroup /sys/fs/cgroup/net_cls,net_prio cgroup rw,nosuid,nodev,noexec,
>> relatime,net_cls,net_prio 0 0
>> cgroup /sys/fs/cgroup/cpu,cpuacct cgroup rw,nosuid,nodev,noexec,relatime,
>> cpu,cpuacct 0 0
>> cgroup /sys/fs/cgroup/devices cgroup rw,nosuid,nodev,noexec,relatime,devices 
>> 0 0
>> cgroup /sys/fs/cgroup/perf_event cgroup 
>> rw,nosuid,nodev,noexec,relatime,perf_event 
>> 0 0
>> cgroup /sys/fs/cgroup/blkio cgroup rw,nosuid,nodev,noexec,relatime,blkio 
>> 0 0
>> cgroup /sys/fs/cgroup/pids cgroup rw,nosuid,nodev,noexec,relatime,pids 0 
>> 0
>> cgroup /sys/fs/cgroup/cpuset cgroup rw,nosuid,nodev,noexec,relatime,cpuset 
>> 0 0
>> cgroup /sys/fs/cgroup/memory cgroup rw,nosuid,nodev,noexec,relatime,memory 
>> 0 0
>> cgroup /sys/fs/cgroup/rdma cgroup rw,nosuid,nodev,noexec,relatime,rdma 0 
>> 0
>> cgroup /sys/fs/cgroup/freezer cgroup rw,nosuid,nodev,noexec,relatime,freezer 
>> 0 0
>> systemd-1 /proc/sys/fs/binfmt_misc autofs rw,relatime,fd=28,pgrp=1,
>> timeout=0,minproto=5,maxproto=5,direct,pipe_ino=10494 0 0
>> hugetlbfs /dev/hugepages hugetlbfs rw,relatime,pagesize=2M 0 0
>> debugfs /sys/kernel/debug debugfs rw,relatime 0 0
>> mqueue /dev/mqueue mqueue rw,relatime 0 0
>> /dev/sda1 /boot ext2 rw,relatime,block_validity,barrier,user_xattr,acl 0 
>> 0
>> /dev/mapper/casermgnt--vg-home /home ext4 rw,relatime 0 0
>> /dev/mapper/casermgnt--vg-tmp /tmp ext4 rw,relatime 0 0
>> /dev/mapper/casermgnt--vg-var /var ext4 rw,relatime 0 0
>> tmpfs /run/user/1000 tmpfs rw,nosuid,nodev,relatime,size=204240k,mode=700
>> ,uid=1000,gid=1000 0 0
>>
>> We can see that the /var is in rw.
>>
>> Is that why the server doesn't start ?
>>
>> Or it has nothing to do with.
>>
>> Thank you
>>
>> Le mercredi 24 juillet 2019 15:32:44 UTC+2, Matthew Uribe a écrit :
>>>
>>> Alain,
>>>
>>> Your fstab file shows that /var should be mounting correctly, but a file 
>>> system can become read-only for any number of reasons. If it is in fact 
>>> read only, then any user, even root, would not be able to write to it. You 
>>> could try the following command from the directory /var/log/cas-management 
>>> : touch testfile
>>>
>>> If it creates testfile, then the file system is not read only. If it is 
>>> read only, you may need to un/remount /var, or simply reboot. If the file 
>>> system encountered some kind of error, a reboot should hopefully correct it.
>>>
>>> That's a good start, just to reduce the problem down to either something 
>>> wrong at the OS level, or otherwise, something wrong in the configuration 
>>> of your application. If the file system is not read only, then, as David 
>>> said, check everything detail by det

Re: [cas-user] Re: CAS management

[Matthew Uribe]

Thank you for confirming that your /var mount point is rw. Also, since you 
are running tomcat as root (definitely not recommended for PROD), 
permissions should not be an issue. It sounds like you need to make sure 
your configurations are all uniform. Specifically, that 
your /etc/cas/config/log4j2-management.xml file exists, and contains the 
correct path to /var/log/cas-management 

Also, I noticed that your cas-management.properties file contains this line 
twice (I don't know if that causes problems or not):

logging.config=file:/etc/cas/config/log4j2-management.xml


On Wednesday, July 24, 2019 at 8:53:07 AM UTC-6, alain ubfc wrote:
>
> Matthew,
>
> I relanched tomcat each time as root.
> So i addes the user toto in the casermgnt group.
> I cheched the mounting of the partitions :
>
> casermgnt@casermgnt:~$ cat /proc/mounts
> sysfs /sys sysfs rw,nosuid,nodev,noexec,relatime 0 0
> proc /proc proc rw,nosuid,nodev,noexec,relatime 0 0
> udev /dev devtmpfs rw,nosuid,relatime,size=1005320k,nr_inodes=251330,mode=
> 755 0 0
> devpts /dev/pts devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=
> 000 0 0
> tmpfs /run tmpfs rw,nosuid,noexec,relatime,size=204244k,mode=755 0 0
> /dev/mapper/casermgnt--vg-root / ext4 rw,relatime,errors=remount-ro 0 0
> securityfs /sys/kernel/security securityfs rw,nosuid,nodev,noexec,relatime 
> 0 0
> tmpfs /dev/shm tmpfs rw,nosuid,nodev 0 0
> tmpfs /run/lock tmpfs rw,nosuid,nodev,noexec,relatime,size=5120k 0 0
> tmpfs /sys/fs/cgroup tmpfs ro,nosuid,nodev,noexec,mode=755 0 0
> cgroup2 /sys/fs/cgroup/unified cgroup2 
> rw,nosuid,nodev,noexec,relatime,nsdelegate 
> 0 0
> cgroup /sys/fs/cgroup/systemd cgroup rw,nosuid,nodev,noexec,relatime,xattr
> ,name=systemd 0 0
> pstore /sys/fs/pstore pstore rw,nosuid,nodev,noexec,relatime 0 0
> bpf /sys/fs/bpf bpf rw,nosuid,nodev,noexec,relatime,mode=700 0 0
> cgroup /sys/fs/cgroup/net_cls,net_prio cgroup rw,nosuid,nodev,noexec,
> relatime,net_cls,net_prio 0 0
> cgroup /sys/fs/cgroup/cpu,cpuacct cgroup rw,nosuid,nodev,noexec,relatime,
> cpu,cpuacct 0 0
> cgroup /sys/fs/cgroup/devices cgroup rw,nosuid,nodev,noexec,relatime,devices 
> 0 0
> cgroup /sys/fs/cgroup/perf_event cgroup 
> rw,nosuid,nodev,noexec,relatime,perf_event 
> 0 0
> cgroup /sys/fs/cgroup/blkio cgroup rw,nosuid,nodev,noexec,relatime,blkio 0 
> 0
> cgroup /sys/fs/cgroup/pids cgroup rw,nosuid,nodev,noexec,relatime,pids 0 0
> cgroup /sys/fs/cgroup/cpuset cgroup rw,nosuid,nodev,noexec,relatime,cpuset 
> 0 0
> cgroup /sys/fs/cgroup/memory cgroup rw,nosuid,nodev,noexec,relatime,memory 
> 0 0
> cgroup /sys/fs/cgroup/rdma cgroup rw,nosuid,nodev,noexec,relatime,rdma 0 0
> cgroup /sys/fs/cgroup/freezer cgroup rw,nosuid,nodev,noexec,relatime,freezer 
> 0 0
> systemd-1 /proc/sys/fs/binfmt_misc autofs rw,relatime,fd=28,pgrp=1,timeout
> =0,minproto=5,maxproto=5,direct,pipe_ino=10494 0 0
> hugetlbfs /dev/hugepages hugetlbfs rw,relatime,pagesize=2M 0 0
> debugfs /sys/kernel/debug debugfs rw,relatime 0 0
> mqueue /dev/mqueue mqueue rw,relatime 0 0
> /dev/sda1 /boot ext2 rw,relatime,block_validity,barrier,user_xattr,acl 0 0
> /dev/mapper/casermgnt--vg-home /home ext4 rw,relatime 0 0
> /dev/mapper/casermgnt--vg-tmp /tmp ext4 rw,relatime 0 0
> /dev/mapper/casermgnt--vg-var /var ext4 rw,relatime 0 0
> tmpfs /run/user/1000 tmpfs rw,nosuid,nodev,relatime,size=204240k,mode=700,
> uid=1000,gid=1000 0 0
>
> We can see that the /var is in rw.
>
> Is that why the server doesn't start ?
>
> Or it has nothing to do with.
>
> Thank you
>
> Le mercredi 24 juillet 2019 15:32:44 UTC+2, Matthew Uribe a écrit :
>>
>> Alain,
>>
>> Your fstab file shows that /var should be mounting correctly, but a file 
>> system can become read-only for any number of reasons. If it is in fact 
>> read only, then any user, even root, would not be able to write to it. You 
>> could try the following command from the directory /var/log/cas-management 
>> : touch testfile
>>
>> If it creates testfile, then the file system is not read only. If it is 
>> read only, you may need to un/remount /var, or simply reboot. If the file 
>> system encountered some kind of error, a reboot should hopefully correct it.
>>
>> That's a good start, just to reduce the problem down to either something 
>> wrong at the OS level, or otherwise, something wrong in the configuration 
>> of your application. If the file system is not read only, then, as David 
>> said, check everything detail by detail. Also to one of David's points, 
>> start up Tomcat and look at ps or top to see which uid the is running the 
>> Tomcat process. If it's not tomcat or root (please don't run tomcat as 
>> root!), then it won't be able to write to /var/log/cas-management
>>
>> Matt
>>
>> On Wednesday, July 24, 2019 at 7:13:02 AM UTC-6, alain ubfc wrote:
>>>
>>> David,
>>>
>>> I have the log of tomcat /var/log/tomcat/catalina.ou. And it works.
>>>
>>> Here is my file /etc/fstab
>>>
>>> # /etc/fstab: static file system information.
>>> #
>>> # Use 'blkid' to print the uni

Re: [cas-user] Re: CAS management

[alain ubfc]

Matthew,

I relanched tomcat each time as root.
So i addes the user toto in the casermgnt group.
I cheched the mounting of the partitions :

casermgnt@casermgnt:~$ cat /proc/mounts
sysfs /sys sysfs rw,nosuid,nodev,noexec,relatime 0 0
proc /proc proc rw,nosuid,nodev,noexec,relatime 0 0
udev /dev devtmpfs rw,nosuid,relatime,size=1005320k,nr_inodes=251330,mode=
755 0 0
devpts /dev/pts devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000 
0 0
tmpfs /run tmpfs rw,nosuid,noexec,relatime,size=204244k,mode=755 0 0
/dev/mapper/casermgnt--vg-root / ext4 rw,relatime,errors=remount-ro 0 0
securityfs /sys/kernel/security securityfs rw,nosuid,nodev,noexec,relatime 0 
0
tmpfs /dev/shm tmpfs rw,nosuid,nodev 0 0
tmpfs /run/lock tmpfs rw,nosuid,nodev,noexec,relatime,size=5120k 0 0
tmpfs /sys/fs/cgroup tmpfs ro,nosuid,nodev,noexec,mode=755 0 0
cgroup2 /sys/fs/cgroup/unified cgroup2 
rw,nosuid,nodev,noexec,relatime,nsdelegate 
0 0
cgroup /sys/fs/cgroup/systemd cgroup rw,nosuid,nodev,noexec,relatime,xattr,
name=systemd 0 0
pstore /sys/fs/pstore pstore rw,nosuid,nodev,noexec,relatime 0 0
bpf /sys/fs/bpf bpf rw,nosuid,nodev,noexec,relatime,mode=700 0 0
cgroup /sys/fs/cgroup/net_cls,net_prio cgroup rw,nosuid,nodev,noexec,
relatime,net_cls,net_prio 0 0
cgroup /sys/fs/cgroup/cpu,cpuacct cgroup rw,nosuid,nodev,noexec,relatime,cpu
,cpuacct 0 0
cgroup /sys/fs/cgroup/devices cgroup rw,nosuid,nodev,noexec,relatime,devices 
0 0
cgroup /sys/fs/cgroup/perf_event cgroup 
rw,nosuid,nodev,noexec,relatime,perf_event 
0 0
cgroup /sys/fs/cgroup/blkio cgroup rw,nosuid,nodev,noexec,relatime,blkio 0 0
cgroup /sys/fs/cgroup/pids cgroup rw,nosuid,nodev,noexec,relatime,pids 0 0
cgroup /sys/fs/cgroup/cpuset cgroup rw,nosuid,nodev,noexec,relatime,cpuset 0 
0
cgroup /sys/fs/cgroup/memory cgroup rw,nosuid,nodev,noexec,relatime,memory 0 
0
cgroup /sys/fs/cgroup/rdma cgroup rw,nosuid,nodev,noexec,relatime,rdma 0 0
cgroup /sys/fs/cgroup/freezer cgroup rw,nosuid,nodev,noexec,relatime,freezer 
0 0
systemd-1 /proc/sys/fs/binfmt_misc autofs rw,relatime,fd=28,pgrp=1,timeout=0
,minproto=5,maxproto=5,direct,pipe_ino=10494 0 0
hugetlbfs /dev/hugepages hugetlbfs rw,relatime,pagesize=2M 0 0
debugfs /sys/kernel/debug debugfs rw,relatime 0 0
mqueue /dev/mqueue mqueue rw,relatime 0 0
/dev/sda1 /boot ext2 rw,relatime,block_validity,barrier,user_xattr,acl 0 0
/dev/mapper/casermgnt--vg-home /home ext4 rw,relatime 0 0
/dev/mapper/casermgnt--vg-tmp /tmp ext4 rw,relatime 0 0
/dev/mapper/casermgnt--vg-var /var ext4 rw,relatime 0 0
tmpfs /run/user/1000 tmpfs rw,nosuid,nodev,relatime,size=204240k,mode=700,
uid=1000,gid=1000 0 0

We can see that the /var is in rw.

Is that why the server doesn't start ?

Or it has nothing to do with.

Thank you

Le mercredi 24 juillet 2019 15:32:44 UTC+2, Matthew Uribe a écrit :
>
> Alain,
>
> Your fstab file shows that /var should be mounting correctly, but a file 
> system can become read-only for any number of reasons. If it is in fact 
> read only, then any user, even root, would not be able to write to it. You 
> could try the following command from the directory /var/log/cas-management 
> : touch testfile
>
> If it creates testfile, then the file system is not read only. If it is 
> read only, you may need to un/remount /var, or simply reboot. If the file 
> system encountered some kind of error, a reboot should hopefully correct it.
>
> That's a good start, just to reduce the problem down to either something 
> wrong at the OS level, or otherwise, something wrong in the configuration 
> of your application. If the file system is not read only, then, as David 
> said, check everything detail by detail. Also to one of David's points, 
> start up Tomcat and look at ps or top to see which uid the is running the 
> Tomcat process. If it's not tomcat or root (please don't run tomcat as 
> root!), then it won't be able to write to /var/log/cas-management
>
> Matt
>
> On Wednesday, July 24, 2019 at 7:13:02 AM UTC-6, alain ubfc wrote:
>>
>> David,
>>
>> I have the log of tomcat /var/log/tomcat/catalina.ou. And it works.
>>
>> Here is my file /etc/fstab
>>
>> # /etc/fstab: static file system information.
>> #
>> # Use 'blkid' to print the universally unique identifier for a
>> # device; this may be used with UUID= as a more robust way to name devices
>> # that works even if disks are added and removed. See fstab(5).
>> #
>> #
>> /dev/mapper/casermgnt--vg-root /   ext4errors=remount-ro 
>> 0   1
>> # /boot was on /dev/sda1 during installation
>> UUID=af1e7cbd-4161-4099-9000-a7ebbb14c336 /boot   ext2   
>>  defaults0   2
>> /dev/mapper/casermgnt--vg-home /home   ext4defaults0 
>>   2
>> /dev/mapper/casermgnt--vg-tmp /tmpext4defaults0 
>>   2
>> /dev/mapper/casermgnt--vg-var /varext4defaults0 
>>   2
>> /dev/mapper/casermgnt--vg-swap_1 noneswapsw  
>> 0   0
>> /dev/sr0

Re: [cas-user] Re: CAS management

[Matthew Uribe]

Alain,

Your fstab file shows that /var should be mounting correctly, but a file 
system can become read-only for any number of reasons. If it is in fact 
read only, then any user, even root, would not be able to write to it. You 
could try the following command from the directory /var/log/cas-management 
: touch testfile

If it creates testfile, then the file system is not read only. If it is 
read only, you may need to un/remount /var, or simply reboot. If the file 
system encountered some kind of error, a reboot should hopefully correct it.

That's a good start, just to reduce the problem down to either something 
wrong at the OS level, or otherwise, something wrong in the configuration 
of your application. If the file system is not read only, then, as David 
said, check everything detail by detail. Also to one of David's points, 
start up Tomcat and look at ps or top to see which uid the is running the 
Tomcat process. If it's not tomcat or root (please don't run tomcat as 
root!), then it won't be able to write to /var/log/cas-management

Matt

On Wednesday, July 24, 2019 at 7:13:02 AM UTC-6, alain ubfc wrote:
>
> David,
>
> I have the log of tomcat /var/log/tomcat/catalina.ou. And it works.
>
> Here is my file /etc/fstab
>
> # /etc/fstab: static file system information.
> #
> # Use 'blkid' to print the universally unique identifier for a
> # device; this may be used with UUID= as a more robust way to name devices
> # that works even if disks are added and removed. See fstab(5).
> #
> #
> /dev/mapper/casermgnt--vg-root /   ext4errors=remount-ro 0 
>   1
> # /boot was on /dev/sda1 during installation
> UUID=af1e7cbd-4161-4099-9000-a7ebbb14c336 /boot   ext2   
>  defaults0   2
> /dev/mapper/casermgnt--vg-home /home   ext4defaults0 
>   2
> /dev/mapper/casermgnt--vg-tmp /tmpext4defaults0   
> 2
> /dev/mapper/casermgnt--vg-var /varext4defaults0   
> 2
> /dev/mapper/casermgnt--vg-swap_1 noneswapsw  0 
>   0
> /dev/sr0/media/cdrom0   udf,iso9660 user,noauto 0   0
>
> I don't see it.
>
>
> Le mercredi 24 juillet 2019 13:30:30 UTC+2, David Curry a écrit :
>>
>> [2019-07-22 08:57:45] [info] 2019-07-22 08:57:45,023 main ERROR 
>> RollingFileManager (/var/log/cas-management/cas-management.log) 
>> java.io.FileNotFoundException: /var/log/cas-management/cas-management.log 
>> (Read-only 
>> file system)
>>
>> Is your file system mounted read-only? Is the directory writable by the 
>> tomcat user (or whatever user is running the tomcat process)? 
>> RollingFileAppenders need write permission to the directory the log files 
>> are in, not just the log files themselves.
>>
>> --
>>
>> DAVID A. CURRY, CISSP
>> *DIRECTOR • INFORMATION SECURITY & PRIVACY*
>> THE NEW SCHOOL • INFORMATION TECHNOLOGY
>>
>> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
>> +1 646 909-4728 • david...@newschool.edu
>>
>>
>> On Wed, Jul 24, 2019 at 2:14 AM alain ubfc  wrote:
>>
>>> Hello,
>>>
>>> In fact I noticed that the/var/log/case-management file has nothing in 
>>> it.
>>>
>>> Yet I set the rights for the file cas-management.log with the chown -R 
>>> tomcat:tomcat/var/log/cas-management command.
>>>
>>> [2019-07-22 08:57:43] [info] 2019-07-22 08:57:43,429 main ERROR Could 
>>> not create plugin of type class org.apache.logging.log4j.core.appender.
>>> RollingFileAppender for element RollingFile: java.lang.
>>> IllegalStateException: ManagerFactory [org.apache.logging.log4j.core.
>>> appender.rolling.RollingFileManager$RollingFileManagerFactory@6ea59bb2] 
>>> unable to create manager for [/var/log/cas-management/cas-management.log
>>> ] with data [org.apache.logging.log4j.core.appender.rolling.
>>> RollingFileManager$FactoryData@506344b1[pattern=/var/log/cas-management/
>>> cas-%d{-MM-dd-HH}-%i.log, append=true, bufferedIO=true, bufferSize=
>>> 8192, policy=CompositeTriggeringPolicy(policies=[
>>> OnStartupTriggeringPolicy, SizeBasedTriggeringPolicy(size=10485760), 
>>> TimeBasedTriggeringPolicy(nextRolloverMillis=0, interval=1, modulate=
>>> false)]), strategy=DefaultRolloverStrategy(min=1, max=5, useMax=true), 
>>> advertiseURI=null, layout=%highlight{%d %p [%c] - <%m>%n}, 
>>> filePermissions=null, fileOwner=null]] java.lang.IllegalStateException: 
>>> ManagerFactory [org.apache.logging.log4j.core.appender.rolling.
>>> RollingFileManager$RollingFileManagerFactory@6ea59bb2] unable to create 
>>> manager for [/var/log/cas-management/cas-management.log] with data [org.
>>> apache.logging.log4j.core.appender.rolling.
>>> RollingFileManager$FactoryData@506344b1[pattern=/var/log/cas-management/
>>> cas-%d{-MM-dd-HH}-%i.log, append=true, bufferedIO=true, bufferSize=
>>> 8192, policy=CompositeTriggeringPolicy(policies=[
>>> OnStartupTriggeringPolicy, SizeBasedTriggeringPolicy(size=10485760), 
>>> TimeBasedTriggeringPolicy(nextRolloverMillis=0, interval=

Re: [cas-user] Re: CAS management

[David Curry]

Check that the process is actually running as tomcat. Turn on debug logging
and see what's happening. Compare the owners and modes of the working logs
(cas) to the non-working ones (cas-management).

There's a permission that's wrong, or it's running as the wrong user, or
there's a typo in a path name, or something. It's really just a matter of
meticulously checking everything. Don't assume anything, check everything.

--

DAVID A. CURRY, CISSP
*DIRECTOR • INFORMATION SECURITY & PRIVACY*
THE NEW SCHOOL • INFORMATION TECHNOLOGY

71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 646 909-4728 • david.cu...@newschool.edu


On Wed, Jul 24, 2019 at 9:13 AM alain ubfc  wrote:

> David,
>
> I have the log of tomcat /var/log/tomcat/catalina.ou. And it works.
>
> Here is my file /etc/fstab
>
> # /etc/fstab: static file system information.
> #
> # Use 'blkid' to print the universally unique identifier for a
> # device; this may be used with UUID= as a more robust way to name devices
> # that works even if disks are added and removed. See fstab(5).
> #
> #
> /dev/mapper/casermgnt--vg-root /   ext4errors=remount-ro 0
>   1
> # /boot was on /dev/sda1 during installation
> UUID=af1e7cbd-4161-4099-9000-a7ebbb14c336 /boot   ext2
>  defaults0   2
> /dev/mapper/casermgnt--vg-home /home   ext4defaults0
>   2
> /dev/mapper/casermgnt--vg-tmp /tmpext4defaults0
> 2
> /dev/mapper/casermgnt--vg-var /varext4defaults0
> 2
> /dev/mapper/casermgnt--vg-swap_1 noneswapsw  0
>   0
> /dev/sr0/media/cdrom0   udf,iso9660 user,noauto 0   0
>
> I don't see it.
>
>
> Le mercredi 24 juillet 2019 13:30:30 UTC+2, David Curry a écrit :
>>
>> [2019-07-22 08:57:45] [info] 2019-07-22 08:57:45,023 main ERROR
>> RollingFileManager (/var/log/cas-management/cas-management.log)
>> java.io.FileNotFoundException: /var/log/cas-management/cas-management.log 
>> (Read-only
>> file system)
>>
>> Is your file system mounted read-only? Is the directory writable by the
>> tomcat user (or whatever user is running the tomcat process)?
>> RollingFileAppenders need write permission to the directory the log files
>> are in, not just the log files themselves.
>>
>> --
>>
>> DAVID A. CURRY, CISSP
>> *DIRECTOR • INFORMATION SECURITY & PRIVACY*
>> THE NEW SCHOOL • INFORMATION TECHNOLOGY
>>
>> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
>> +1 646 909-4728 • david...@newschool.edu
>>
>>
>> On Wed, Jul 24, 2019 at 2:14 AM alain ubfc  wrote:
>>
>>> Hello,
>>>
>>> In fact I noticed that the/var/log/case-management file has nothing in
>>> it.
>>>
>>> Yet I set the rights for the file cas-management.log with the chown -R
>>> tomcat:tomcat/var/log/cas-management command.
>>>
>>> [2019-07-22 08:57:43] [info] 2019-07-22 08:57:43,429 main ERROR Could
>>> not create plugin of type class org.apache.logging.log4j.core.appender.
>>> RollingFileAppender for element RollingFile: java.lang.
>>> IllegalStateException: ManagerFactory [org.apache.logging.log4j.core.
>>> appender.rolling.RollingFileManager$RollingFileManagerFactory@6ea59bb2]
>>> unable to create manager for [/var/log/cas-management/cas-management.log
>>> ] with data [org.apache.logging.log4j.core.appender.rolling.
>>> RollingFileManager$FactoryData@506344b1[pattern=/var/log/cas-management/
>>> cas-%d{-MM-dd-HH}-%i.log, append=true, bufferedIO=true, bufferSize=
>>> 8192, policy=CompositeTriggeringPolicy(policies=[
>>> OnStartupTriggeringPolicy, SizeBasedTriggeringPolicy(size=10485760),
>>> TimeBasedTriggeringPolicy(nextRolloverMillis=0, interval=1, modulate=
>>> false)]), strategy=DefaultRolloverStrategy(min=1, max=5, useMax=true),
>>> advertiseURI=null, layout=%highlight{%d %p [%c] - <%m>%n},
>>> filePermissions=null, fileOwner=null]] java.lang.IllegalStateException:
>>> ManagerFactory [org.apache.logging.log4j.core.appender.rolling.
>>> RollingFileManager$RollingFileManagerFactory@6ea59bb2] unable to create
>>> manager for [/var/log/cas-management/cas-management.log] with data [org.
>>> apache.logging.log4j.core.appender.rolling.
>>> RollingFileManager$FactoryData@506344b1[pattern=/var/log/cas-management/
>>> cas-%d{-MM-dd-HH}-%i.log, append=true, bufferedIO=true, bufferSize=
>>> 8192, policy=CompositeTriggeringPolicy(policies=[
>>> OnStartupTriggeringPolicy, SizeBasedTriggeringPolicy(size=10485760),
>>> TimeBasedTriggeringPolicy(nextRolloverMillis=0, interval=1, modulate=
>>> false)]), strategy=DefaultRolloverStrategy(min=1, max=5, useMax=true>> style="color:rgb(102,102,0
>>>
>> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email t

Re: [cas-user] Re: CAS management

[alain ubfc]

David,

I have the log of tomcat /var/log/tomcat/catalina.ou. And it works.

Here is my file /etc/fstab

# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab(5).
#
#
/dev/mapper/casermgnt--vg-root /   ext4errors=remount-ro 0 
  1
# /boot was on /dev/sda1 during installation
UUID=af1e7cbd-4161-4099-9000-a7ebbb14c336 /boot   ext2defaults 
   0   2
/dev/mapper/casermgnt--vg-home /home   ext4defaults0   
2
/dev/mapper/casermgnt--vg-tmp /tmpext4defaults0 
  2
/dev/mapper/casermgnt--vg-var /varext4defaults0 
  2
/dev/mapper/casermgnt--vg-swap_1 noneswapsw  0 
  0
/dev/sr0/media/cdrom0   udf,iso9660 user,noauto 0   0

I don't see it.


Le mercredi 24 juillet 2019 13:30:30 UTC+2, David Curry a écrit :
>
> [2019-07-22 08:57:45] [info] 2019-07-22 08:57:45,023 main ERROR 
> RollingFileManager (/var/log/cas-management/cas-management.log) 
> java.io.FileNotFoundException: /var/log/cas-management/cas-management.log 
> (Read-only 
> file system)
>
> Is your file system mounted read-only? Is the directory writable by the 
> tomcat user (or whatever user is running the tomcat process)? 
> RollingFileAppenders need write permission to the directory the log files 
> are in, not just the log files themselves.
>
> --
>
> DAVID A. CURRY, CISSP
> *DIRECTOR • INFORMATION SECURITY & PRIVACY*
> THE NEW SCHOOL • INFORMATION TECHNOLOGY
>
> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
> +1 646 909-4728 • david...@newschool.edu 
>
>
> On Wed, Jul 24, 2019 at 2:14 AM alain ubfc  > wrote:
>
>> Hello,
>>
>> In fact I noticed that the/var/log/case-management file has nothing in it.
>>
>> Yet I set the rights for the file cas-management.log with the chown -R 
>> tomcat:tomcat/var/log/cas-management command.
>>
>> [2019-07-22 08:57:43] [info] 2019-07-22 08:57:43,429 main ERROR Could not 
>> create plugin of type class org.apache.logging.log4j.core.appender.
>> RollingFileAppender for element RollingFile: java.lang.
>> IllegalStateException: ManagerFactory [org.apache.logging.log4j.core.
>> appender.rolling.RollingFileManager$RollingFileManagerFactory@6ea59bb2] 
>> unable to create manager for [/var/log/cas-management/cas-management.log] 
>> with data [org.apache.logging.log4j.core.appender.rolling.
>> RollingFileManager$FactoryData@506344b1[pattern=/var/log/cas-management/
>> cas-%d{-MM-dd-HH}-%i.log, append=true, bufferedIO=true, bufferSize=
>> 8192, policy=CompositeTriggeringPolicy(policies=[
>> OnStartupTriggeringPolicy, SizeBasedTriggeringPolicy(size=10485760), 
>> TimeBasedTriggeringPolicy(nextRolloverMillis=0, interval=1, modulate=
>> false)]), strategy=DefaultRolloverStrategy(min=1, max=5, useMax=true), 
>> advertiseURI=null, layout=%highlight{%d %p [%c] - <%m>%n}, 
>> filePermissions=null, fileOwner=null]] java.lang.IllegalStateException: 
>> ManagerFactory [org.apache.logging.log4j.core.appender.rolling.
>> RollingFileManager$RollingFileManagerFactory@6ea59bb2] unable to create 
>> manager for [/var/log/cas-management/cas-management.log] with data [org.
>> apache.logging.log4j.core.appender.rolling.
>> RollingFileManager$FactoryData@506344b1[pattern=/var/log/cas-management/
>> cas-%d{-MM-dd-HH}-%i.log, append=true, bufferedIO=true, bufferSize=
>> 8192, policy=CompositeTriggeringPolicy(policies=[
>> OnStartupTriggeringPolicy, SizeBasedTriggeringPolicy(size=10485760), 
>> TimeBasedTriggeringPolicy(nextRolloverMillis=0, interval=1, modulate=
>> false)]), strategy=DefaultRolloverStrategy(min=1, max=5, useMax=true> style="color:rgb(102,102,0
>>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/cd674a0f-844e-4397-a374-fbbe0b7d1219%40apereo.org.

Re: [cas-user] Re: CAS management

[David Curry]

Are you positive that the tomcat process is actually running as the tomcat
user?

The error message says read-only file system. Are you sure the file system
is mounted read-write? Can you create files in it?

Have you turned on debug-level logging to get a more granular idea of
what's going on?

Are all the file and directory names spelled correctly everywhere?

Is the regular cas log file (not the management server) in /var/log/cas? Is
it being successfully written to?

Beyond "check everything" I'm not sure what advice to give you; it could be
a dozen different things.


--

DAVID A. CURRY, CISSP
*DIRECTOR • INFORMATION SECURITY & PRIVACY*
THE NEW SCHOOL • INFORMATION TECHNOLOGY

71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 646 909-4728 • david.cu...@newschool.edu


On Wed, Jul 24, 2019 at 8:49 AM alain ubfc  wrote:

> Hello David,
>
> Thank you for your answer.
>
> The directory /var/log/cas-management has the following rights :
>
> drwxr-x---  2 tomcat adm  4096 juil. 22 09:23 cas-management
>
> And for the filecas-management.log
>
> -rw-r-  1 tomcat tomcat0 juil. 19 14:39 cas-management.log
>
> That's what i did. And i doesn't work.
>
> How to do this ?
>
> Best regard
>
> Le mercredi 24 juillet 2019 13:30:30 UTC+2, David Curry a écrit :
>>
>> [2019-07-22 08:57:45] [info] 2019-07-22 08:57:45,023 main ERROR
>> RollingFileManager (/var/log/cas-management/cas-management.log)
>> java.io.FileNotFoundException: /var/log/cas-management/cas-management.log 
>> (Read-only
>> file system)
>>
>> Is your file system mounted read-only? Is the directory writable by the
>> tomcat user (or whatever user is running the tomcat process)?
>> RollingFileAppenders need write permission to the directory the log files
>> are in, not just the log files themselves.
>>
>> --
>>
>> DAVID A. CURRY, CISSP
>> *DIRECTOR • INFORMATION SECURITY & PRIVACY*
>> THE NEW SCHOOL • INFORMATION TECHNOLOGY
>>
>> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
>> +1 646 909-4728 • david...@newschool.edu
>>
>>
>> On Wed, Jul 24, 2019 at 2:14 AM alain ubfc  wrote:
>>
>>> Hello,
>>>
>>> In fact I noticed that the/var/log/case-management file has nothing in
>>> it.
>>>
>>> Yet I set the rights for the file cas-management.log with the chown -R
>>> tomcat:tomcat/var/log/cas-management command.
>>>
>>> [2019-07-22 08:57:43] [info] 2019-07-22 08:57:43,429 main ERROR Could
>>> not create plugin of type class org.apache.logging.log4j.core.appender.
>>> RollingFileAppender for element RollingFile: java.lang.
>>> IllegalStateException: ManagerFactory [org.apache.logging.log4j.core.
>>> appender.rolling.RollingFileManager$RollingFileManagerFactory@6ea59bb2]
>>> unable to create manager for [/var/log/cas-management/cas-management.log
>>> ] with data [org.apache.logging.log4j.core.appender.rolling.
>>> RollingFileManager$FactoryData@506344b1[pattern=/var/log/cas-management/
>>> cas-%d{-MM-dd-HH}-%i.log, append=true, bufferedIO=true, bufferSize=
>>> 8192, policy=CompositeTriggeringPolicy(policies=[
>>> OnStartupTriggeringPolicy, SizeBasedTriggeringPolicy(size=10485760),
>>> TimeBasedTriggeringPolicy(nextRolloverMillis=0, interval=1, modulate=
>>> false)]), strategy=DefaultRolloverStrategy(min=1, max=5, useMax=true),
>>> advertiseURI=null, layout=%highlight{%d %p [%c] - <%m>%n},
>>> filePermissions=null, fileOwner=null]] java.lang.IllegalStateException:
>>> ManagerFactory [org.apache.logging.log4j.core.appender.rolling.
>>> RollingFileManager$RollingFileManagerFactory@6ea59bb2] unable to create
>>> manager for [/var/log/cas-management/cas-management.log] with data [org.
>>> apache.logging.log4j.core.appender.rolling.
>>> RollingFileManager$FactoryData@506344b1[pattern=/var/log/cas-management/
>>> cas-%d{-MM-dd-HH}-%i.log, append=true, bufferedIO=true, bufferSize=
>>> 8192, policy=CompositeTriggeringPolicy(policies=[
>>> OnStartupTriggeringPolicy, SizeBasedTriggeringPolicy(size=10485760),
>>> TimeBasedTriggeringPolicy(nextRolloverMillis=0, interval=1, modulate=
>>> false)]), strategy=DefaultRolloverStrategy(min=1, max=5, useMax=true>> style="color:rgb(102,102,0
>>>
>> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/5e999c26-0b23-4cc9-a521-cbdfa36fa1a1%40apereo.org
> 
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You receiv

Re: [cas-user] Re: CAS management

[alain ubfc]

Hello David,

Thank you for your answer.

The directory /var/log/cas-management has the following rights :

drwxr-x---  2 tomcat adm  4096 juil. 22 09:23 cas-management

And for the filecas-management.log

-rw-r-  1 tomcat tomcat0 juil. 19 14:39 cas-management.log

That's what i did. And i doesn't work.

How to do this ?

Best regard

Le mercredi 24 juillet 2019 13:30:30 UTC+2, David Curry a écrit :
>
> [2019-07-22 08:57:45] [info] 2019-07-22 08:57:45,023 main ERROR 
> RollingFileManager (/var/log/cas-management/cas-management.log) 
> java.io.FileNotFoundException: /var/log/cas-management/cas-management.log 
> (Read-only 
> file system)
>
> Is your file system mounted read-only? Is the directory writable by the 
> tomcat user (or whatever user is running the tomcat process)? 
> RollingFileAppenders need write permission to the directory the log files 
> are in, not just the log files themselves.
>
> --
>
> DAVID A. CURRY, CISSP
> *DIRECTOR • INFORMATION SECURITY & PRIVACY*
> THE NEW SCHOOL • INFORMATION TECHNOLOGY
>
> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
> +1 646 909-4728 • david...@newschool.edu 
>
>
> On Wed, Jul 24, 2019 at 2:14 AM alain ubfc  > wrote:
>
>> Hello,
>>
>> In fact I noticed that the/var/log/case-management file has nothing in it.
>>
>> Yet I set the rights for the file cas-management.log with the chown -R 
>> tomcat:tomcat/var/log/cas-management command.
>>
>> [2019-07-22 08:57:43] [info] 2019-07-22 08:57:43,429 main ERROR Could not 
>> create plugin of type class org.apache.logging.log4j.core.appender.
>> RollingFileAppender for element RollingFile: java.lang.
>> IllegalStateException: ManagerFactory [org.apache.logging.log4j.core.
>> appender.rolling.RollingFileManager$RollingFileManagerFactory@6ea59bb2] 
>> unable to create manager for [/var/log/cas-management/cas-management.log] 
>> with data [org.apache.logging.log4j.core.appender.rolling.
>> RollingFileManager$FactoryData@506344b1[pattern=/var/log/cas-management/
>> cas-%d{-MM-dd-HH}-%i.log, append=true, bufferedIO=true, bufferSize=
>> 8192, policy=CompositeTriggeringPolicy(policies=[
>> OnStartupTriggeringPolicy, SizeBasedTriggeringPolicy(size=10485760), 
>> TimeBasedTriggeringPolicy(nextRolloverMillis=0, interval=1, modulate=
>> false)]), strategy=DefaultRolloverStrategy(min=1, max=5, useMax=true), 
>> advertiseURI=null, layout=%highlight{%d %p [%c] - <%m>%n}, 
>> filePermissions=null, fileOwner=null]] java.lang.IllegalStateException: 
>> ManagerFactory [org.apache.logging.log4j.core.appender.rolling.
>> RollingFileManager$RollingFileManagerFactory@6ea59bb2] unable to create 
>> manager for [/var/log/cas-management/cas-management.log] with data [org.
>> apache.logging.log4j.core.appender.rolling.
>> RollingFileManager$FactoryData@506344b1[pattern=/var/log/cas-management/
>> cas-%d{-MM-dd-HH}-%i.log, append=true, bufferedIO=true, bufferSize=
>> 8192, policy=CompositeTriggeringPolicy(policies=[
>> OnStartupTriggeringPolicy, SizeBasedTriggeringPolicy(size=10485760), 
>> TimeBasedTriggeringPolicy(nextRolloverMillis=0, interval=1, modulate=
>> false)]), strategy=DefaultRolloverStrategy(min=1, max=5, useMax=true> style="color:rgb(102,102,0
>>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/5e999c26-0b23-4cc9-a521-cbdfa36fa1a1%40apereo.org.

Re: [cas-user] Re: CAS management

[David Curry]

[2019-07-22 08:57:45] [info] 2019-07-22 08:57:45,023 main ERROR
RollingFileManager (/var/log/cas-management/cas-management.log)
java.io.FileNotFoundException:
/var/log/cas-management/cas-management.log (Read-only
file system)

Is your file system mounted read-only? Is the directory writable by the
tomcat user (or whatever user is running the tomcat process)?
RollingFileAppenders need write permission to the directory the log files
are in, not just the log files themselves.

--

DAVID A. CURRY, CISSP
*DIRECTOR • INFORMATION SECURITY & PRIVACY*
THE NEW SCHOOL • INFORMATION TECHNOLOGY

71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 646 909-4728 • david.cu...@newschool.edu


On Wed, Jul 24, 2019 at 2:14 AM alain ubfc  wrote:

> Hello,
>
> In fact I noticed that the/var/log/case-management file has nothing in it.
>
> Yet I set the rights for the file cas-management.log with the chown -R
> tomcat:tomcat/var/log/cas-management command.
>
> [2019-07-22 08:57:43] [info] 2019-07-22 08:57:43,429 main ERROR Could not
> create plugin of type class org.apache.logging.log4j.core.appender.
> RollingFileAppender for element RollingFile: java.lang.
> IllegalStateException: ManagerFactory [org.apache.logging.log4j.core.
> appender.rolling.RollingFileManager$RollingFileManagerFactory@6ea59bb2]
> unable to create manager for [/var/log/cas-management/cas-management.log]
> with data [org.apache.logging.log4j.core.appender.rolling.
> RollingFileManager$FactoryData@506344b1[pattern=/var/log/cas-management/
> cas-%d{-MM-dd-HH}-%i.log, append=true, bufferedIO=true, bufferSize=
> 8192, policy=CompositeTriggeringPolicy(policies=[OnStartupTriggeringPolicy
> , SizeBasedTriggeringPolicy(size=10485760), TimeBasedTriggeringPolicy(
> nextRolloverMillis=0, interval=1, modulate=false)]), strategy=
> DefaultRolloverStrategy(min=1, max=5, useMax=true), advertiseURI=null,
> layout=%highlight{%d %p [%c] - <%m>%n}, filePermissions=null, fileOwner=
> null]] java.lang.IllegalStateException: ManagerFactory [org.apache.logging
> .log4j.core.appender.rolling.
> RollingFileManager$RollingFileManagerFactory@6ea59bb2] unable to create
> manager for [/var/log/cas-management/cas-management.log] with data [org.
> apache.logging.log4j.core.appender.rolling.
> RollingFileManager$FactoryData@506344b1[pattern=/var/log/cas-management/
> cas-%d{-MM-dd-HH}-%i.log, append=true, bufferedIO=true, bufferSize=
> 8192, policy=CompositeTriggeringPolicy(policies=[OnStartupTriggeringPolicy
> , SizeBasedTriggeringPolicy(size=10485760), TimeBasedTriggeringPolicy(
> nextRolloverMillis=0, interval=1, modulate=false)]), strategy=
> DefaultRolloverStrategy(min=1, max=5, useMax=true), advertiseURI=null,
> layout=%highlight{%d %p [%c] - <%m>%n}, filePermissions=null, fileOwner=
> null]]
>
>
> [2019-07-22 08:57:43] [info] 2019-07-22 08:57:43,442 main ERROR Null
> object returned for RollingFile in Appenders.
> [2019-07-22 08:57:45] [info] 2019-07-22 08:57:45,023 main ERROR
> RollingFileManager (/var/log/cas-management/cas-management.log) java.io.
> FileNotFoundException: /var/log/cas-management/cas-management.log (Read-only
> file system) java.io.FileNotFoundException: /var/log/cas-management/cas-
> management.log (Read-only file system)
>
>
> Do you have any idea?
>
> Thank you
>
> Best regard
>
> Le lundi 22 juillet 2019 12:04:48 UTC+2, alain ubfc a écrit :
>>
>> Hello,
>>
>> I’ve been stuck on cas-management for several weeks now.
>>
>> I followed the Dacurry documentation
>> https://dacurry-tns.github.io/deploying-apereo-cas/building_svcmgmt_overview.html
>> but nothing works.
>>
>> Here is my configuration of my cas-management.properties file
>>
>> # Adresse du Serveur CAS
>> cas.server.name=https://cas.osnetworking.com:8443
>> cas.server.prefix=https://cas.osnetworking.com:8443/cas
>> #cas.server.prefix=${cas.server.name}/cas
>>
>> logging.config=file:/etc/cas/config/log4j2-management.xml
>>
>> ##
>> # Update this URL to point at server running this management app #
>> ##
>>
>> #cas.mgmt.serverName: ${cas.server.name}
>> mgmt.serverName=https://casmanagement.osnetworking.com:8443
>> server.context-path=/cas-management
>> #server.port=8443
>>
>> spring.thymeleaf.mode = HTML
>>
>> mgmt.adminRoles[0]=ROLE_ADMIN
>> mgmt.userRoles[0]=ROLE_USER
>>
>> mgmt.userPropertiesFile=file:/etc/cas/config/users.json
>>
>> ##
>> # Gestion des Logs de cas-management #
>> ##
>>
>> logging.config=file:/etc/cas/config/log4j2-management.xml
>>
>> 
>> # Gestion des services en JSON #
>> 
>>
>> cas.serviceRegistry.json.location=file:/etc/cas/services
>> cas.serviceRegistry.initFromJson = true
>>
>> 
>> # Liste des attributs sélectionables depuis le CAS-Manager #
>> ###

Re: [cas-user] Re: cas-management 6.0 + MongoDB

[Chad Merritt]

Same issue here.  It crashes/locks up Tomcat .

r/Chad

On Friday, May 10, 2019 at 10:15:05 AM UTC-4, Alexi Pascual wrote:
>
> hi,
>
> Has anyone managed to install without problems the ca-management- 6.0 ?. I 
> have the same error, without the mongoDB configuration.
>
> Alexi.
> El 07-05-19 a las 13:07, Mathias Rosenberg escribió:
>
> I'm also facing the same problem, did you find some solution for it?
>
> Mathias.
>
> El miércoles, 27 de marzo de 2019, 6:56:34 (UTC-3), Taupasse escribió: 
>>
>> Hello,
>>
>> I'm currently trying to set up the cas management webapp 6.0 against a 
>> working Cas 6.0 with a ticket registry in a replicated MongoDB.
>>
>> When I try to build the cas-management.war from the 
>> cas-management-overlay, I add the following line to the build.gradle :
>>
>> compile "org.apereo.cas:cas-server-support-mongo-service-registry:6.0.2"
>>
>> I build it with 
>>
>> ./build.sh package
>>
>> Everything seems to be fine, but when i'm publishing the war file in my 
>> tomcat, it crashes with some "pretty" java errors :
>>
>> ERROR [org.apereo.cas.CasEmbeddedContainerUtils] - > CasEmbeddedContainerUtils cannot access a member of class org.apereo.cas.
>> mgmt.CasManagementEmbeddedContainerUtils$1 with modifiers "">
>> java.lang.IllegalAccessException: class org.apereo.cas.
>> CasEmbeddedContainerUtils cannot access a member of class org.apereo.cas.
>> mgmt.CasManagementEmbeddedContainerUtils$1 with modifiers ""
>> at jdk.internal.reflect.Reflection.newIllegalAccessException(
>> Reflection.java:361) ~[?:?]
>> at java.lang.reflect.AccessibleObject.checkAccess(
>> AccessibleObject.java:591) ~[?:?]
>> at java.lang.reflect.Constructor.newInstance(Constructor.java:481
>> ) ~[?:?]
>> at org.apereo.cas.CasEmbeddedContainerUtils.getCasBannerInstance(
>> CasEmbeddedContainerUtils.java:65) ~[cas-server-webapp-init-6.0.2-
>> SNAPSHOT.jar:6.0.2-SNAPSHOT]
>> at org.apereo.cas.web.CasWebApplicationServletInitializer.
>> configure(CasWebApplicationServletInitializer.java:23) ~[cas-server-
>> webapp-init-6.0.2-SNAPSHOT.jar:6.0.2-SNAPSHOT]
>> at org.springframework.boot.web.servlet.support.
>> SpringBootServletInitializer.createRootApplicationContext(
>> SpringBootServletInitializer.java:122) ~[spring-boot-2.1.1.RELEASE.jar:
>> 2.1.1.RELEASE]
>> at org.springframework.boot.web.servlet.support.
>> SpringBootServletInitializer.onStartup(SpringBootServletInitializer.java:
>> 91) ~[spring-boot-2.1.1.RELEASE.jar:2.1.1.RELEASE]
>> at org.springframework.web.SpringServletContainerInitializer.
>> onStartup(SpringServletContainerInitializer.java:171) ~[spring-web-5.1.
>> 3.RELEASE.jar:5.1.3.RELEASE]
>>
>>
>>
>>
>> And 
>>
>>  ERROR [org.springframework.boot.SpringApplication] - > failed>
>> java.lang.IllegalStateException: No Scope registered for scope name 
>> 'refresh'
>> at org.springframework.beans.factory.support.AbstractBeanFactory.
>> doGetBean(AbstractBeanFactory.java:350) ~[spring-beans-5.1.3.RELEASE.jar:
>> 5.1.3.RELEASE]
>> at org.springframework.beans.factory.support.AbstractBeanFactory.
>> getBean(AbstractBeanFactory.java:199) ~[spring-beans-5.1.3.RELEASE.jar:
>> 5.1.3.RELEASE]
>> at org.springframework.aop.target.SimpleBeanTargetSource.
>> getTarget(SimpleBeanTargetSource.java:35) ~[spring-aop-5.1.4.RELEASE.jar:
>> 5.1.4.RELEASE]
>> at org.springframework.aop.framework.
>> CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:672) 
>> ~[spring-aop-5.1.4.RELEASE.jar:5.1.4.RELEASE]
>> at org.apereo.cas.mgmt.web.
>> DefaultCasManagementEventListener$$EnhancerBySpringCGLIB$$5744b79f.
>> handleApplicationReadyEvent() ~[cas-mgmt-webapp-init-6.0.2-
>> SNAPSHOT.jar:6.0.2-SNAPSHOT]
>> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native 
>> Method) ~[?:?]
>> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(
>> NativeMethodAccessorImpl.java:62) ~[?:?]
>> at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(
>> DelegatingMethodAccessorImpl.java:43) ~[?:?]
>> at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?]
>> at org.springframework.context.event.
>> ApplicationListenerMethodAdapter.doInvoke(
>> ApplicationListenerMethodAdapter.java:259) ~[spring-context-5.1.3.RELEASE
>> .jar:5.1.3.RELEASE]
>> at org.springframework.context.event.
>> ApplicationListenerMethodAdapter.processEvent(
>> ApplicationListenerMethodAdapter.java:179) ~[spring-context-5.1.3.RELEASE
>> .jar:5.1.3.RELEASE]
>> at org.springframework.context.event.
>> ApplicationListenerMethodAdapter.onApplicationEvent(
>> ApplicationListenerMethodAdapter.java:142) ~[spring-context-5.1.3.RELEASE
>> .jar:5.1.3.RELEASE]
>> at org.springframework.context.event.
>> SimpleApplicationEventMulticaster.doInvokeListener(
>> SimpleApplicationEventMulticaster.java:172) ~[spring-context-5.1.
>> 3.RELEASE.jar:5.1.3.RELEASE]
>> at org.springframework.context

Re: [cas-user] Re: cas-management 6.0 + MongoDB

[Alexi Pascual]

hi,

Has anyone managed to install without problems the ca-management- 6.0 ?. 
I have the same error, without the mongoDB configuration.


Alexi.

El 07-05-19 a las 13:07, Mathias Rosenberg escribió:

I'm also facing the same problem, did you find some solution for it?

Mathias.

El miércoles, 27 de marzo de 2019, 6:56:34 (UTC-3), Taupasse escribió:

Hello,

I'm currently trying to set up the cas management webapp 6.0
against a working Cas 6.0 with a ticket registry in a replicated
MongoDB.

When I try to build the cas-management.war from the
cas-management-overlay, I add the following line to the build.gradle :

|
compile
"org.apereo.cas:cas-server-support-mongo-service-registry:6.0.2"
|

I build it with

|
./build.sh package
|

Everything seems to be fine, but when i'm publishing the war file
in my tomcat, it crashes with some "pretty" java errors :

|
ERROR

[org.apereo.cas.CasEmbeddedContainerUtils]-

java.lang.IllegalAccessException:classorg.apereo.cas.CasEmbeddedContainerUtilscannot
access a member of
classorg.apereo.cas.mgmt.CasManagementEmbeddedContainerUtils$1withmodifiers
""
        at

jdk.internal.reflect.Reflection.newIllegalAccessException(Reflection.java:361)~[?:?]
        at

java.lang.reflect.AccessibleObject.checkAccess(AccessibleObject.java:591)~[?:?]
        at
java.lang.reflect.Constructor.newInstance(Constructor.java:481)~[?:?]
        at

org.apereo.cas.CasEmbeddedContainerUtils.getCasBannerInstance(CasEmbeddedContainerUtils.java:65)~[cas-server-webapp-init-6.0.2-SNAPSHOT.jar:6.0.2-SNAPSHOT]
        at

org.apereo.cas.web.CasWebApplicationServletInitializer.configure(CasWebApplicationServletInitializer.java:23)~[cas-server-webapp-init-6.0.2-SNAPSHOT.jar:6.0.2-SNAPSHOT]
        at

org.springframework.boot.web.servlet.support.SpringBootServletInitializer.createRootApplicationContext(SpringBootServletInitializer.java:122)~[spring-boot-2.1.1.RELEASE.jar:2.1.1.RELEASE]
        at

org.springframework.boot.web.servlet.support.SpringBootServletInitializer.onStartup(SpringBootServletInitializer.java:91)~[spring-boot-2.1.1.RELEASE.jar:2.1.1.RELEASE]
        at

org.springframework.web.SpringServletContainerInitializer.onStartup(SpringServletContainerInitializer.java:171)~[spring-web-5.1.3.RELEASE.jar:5.1.3.RELEASE]
|




And

|
 ERROR
[org.springframework.boot.SpringApplication]-
java.lang.IllegalStateException:NoScoperegistered forscope name
'refresh'
        at

org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:350)~[spring-beans-5.1.3.RELEASE.jar:5.1.3.RELEASE]
        at

org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:199)~[spring-beans-5.1.3.RELEASE.jar:5.1.3.RELEASE]
        at

org.springframework.aop.target.SimpleBeanTargetSource.getTarget(SimpleBeanTargetSource.java:35)~[spring-aop-5.1.4.RELEASE.jar:5.1.4.RELEASE]
        at

org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:672)~[spring-aop-5.1.4.RELEASE.jar:5.1.4.RELEASE]
        at

org.apereo.cas.mgmt.web.DefaultCasManagementEventListener$$EnhancerBySpringCGLIB$$5744b79f.handleApplicationReadyEvent()~[cas-mgmt-webapp-init-6.0.2-SNAPSHOT.jar:6.0.2-SNAPSHOT]
        at
jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(NativeMethod)~[?:?]
        at

jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)~[?:?]
        at

jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)~[?:?]
        at java.lang.reflect.Method.invoke(Method.java:566)~[?:?]
        at

org.springframework.context.event.ApplicationListenerMethodAdapter.doInvoke(ApplicationListenerMethodAdapter.java:259)~[spring-context-5.1.3.RELEASE.jar:5.1.3.RELEASE]
        at

org.springframework.context.event.ApplicationListenerMethodAdapter.processEvent(ApplicationListenerMethodAdapter.java:179)~[spring-context-5.1.3.RELEASE.jar:5.1.3.RELEASE]
        at

org.springframework.context.event.ApplicationListenerMethodAdapter.onApplicationEvent(ApplicationListenerMethodAdapter.java:142)~[spring-context-5.1.3.RELEASE.jar:5.1.3.RELEASE]
        at

org.springframework.context.event.SimpleApplicationEventMulticaster.doInvokeListener(SimpleApplicationEventMulticaster.java:172)~[spring-context-5.1.3.RELEASE.jar:5.1.3.RELEASE]
        at

org.springframework.context.event.SimpleApplicationEventMulticaster.invokeListener(SimpleApplicationEventMulticaster.java:165)~[spring-context-5.1.3.RELEASE.jar:5.1.3.RELEASE]
        at

org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:139)~[spring-context-5.1.

Re: [cas-user] Re: CAS Management Services JPA Registry (Success, but Unable to Save to MySQL Database)

[Fahmi L. Ramdhani]

*This problem has been Solved.*
I am forget to insert dependency to *pom.xml* in  *management project*.


 org.apereo.cas
 cas-server-support-jdbc-drivers
 ${cas.version}


 org.apereo.cas
 cas-server-support-jpa-service-registry
 ${cas.version}



Thank you all.

Pada Kamis, 21 Maret 2019 23.12.56 UTC+7, rbon menulis:
>
> Fahmi,
>
> create-drop is used during initial development of a jpa project when 
> database design might change regularly. Once database is set, then it gets 
> changed to update. There is a create option but it will result in errors if 
> the database already exists. create can be used once and then changed to 
> update.
>
> Check catalina.out for logs.
>
> CAS is picking up one entry from the database. It reloads every 2 minutes. 
> Does it show 2 entries when you add one manually?
>
> Are the null values in the workbench image from the cas-management created 
> entry?
>
> Ray
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/788b65ed-9de4-4fd9-bea1-e6d9562de429%40apereo.org.

Re: [cas-user] Re: CAS Management Services JPA Registry (Success, but Unable to Save to MySQL Database)

[Ray Bon]

Fahmi,

create-drop is used during initial development of a jpa project when database 
design might change regularly. Once database is set, then it gets changed to 
update. There is a create option but it will result in errors if the database 
already exists. create can be used once and then changed to update.

Check catalina.out for logs.

CAS is picking up one entry from the database. It reloads every 2 minutes. Does 
it show 2 entries when you add one manually?

Are the null values in the workbench image from the cas-management created 
entry?

Ray

On Wed, 2019-03-20 at 20:17 -0700, Fahmi L. Ramdhani wrote:
Hello Ray, thank for your reply.
I changed the configuration:

- Adding cas.jdbc.showSql=true to cas.properties and management.properties
- Adding healthQuery to cas.properties and management.properties
- Change ddlAuto to update
- Rebuilding project cas and management


Log showing (cas.log)


2019-03-20 22:51:33,260 INFO [org.apereo.cas.services.AbstractServicesManager] 
- 
2019-03-20 22:51:43,276 DEBUG 
[org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - 
2019-03-20 22:51:43,314 DEBUG 
[org.apereo.cas.ticket.registry.support.JpaLockingStrategy] - 
2019-03-20 22:51:43,364 DEBUG 
[org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - 
2019-03-20 22:51:43,378 DEBUG [org.apereo.cas.ticket.DefaultTicketCatalog] - 


1. Adding 2 initial service registry using MySQL Workbench
2. I am login successfully to Services Management (screen shoot in attachment).
3. I am try to add an service registry, then save it.
4. Successfully added an service registry, but it is not stored in the database.
5. The table still displays 2 rows (not 3 rows, 1 added in service management)

Log show (cas-management.log, not showing SQL QUERIES)

= WHO: superadmin 
WHAT: 
AbstractRegisteredService(serviceId=^https:\/\/portal.example.com(\\z|\/.*), 
name=Asia, theme=null, informationU... ACTION: SAVE_SERVICE_SUCCESS 
APPLICATION: CAS_Management WHEN: Wed Mar 20 23:03:24 EDT 2019 CLIENT IP 
ADDRESS: 103.xxx.1x8.xxx SERVER IP ADDRESS: 172.16.2.53 
=


2019-03-20 23:04:04,149 ERROR [org.apereo.cas.mgmt.GitUtil] - Git repository 
not found/initialized at [/etc/cas/services-repo/.git]
2019-03-20 23:04:04,149 ERROR 
[org.apereo.cas.mgmt.services.web.ServiceRepositoryController] - repository not 
found: /etc/cas/services-repo/.git
java.lang.RuntimeException: repository not found: /etc/cas/services-repo/.git
at org.apereo.cas.mgmt.GitUtil.initializeGitRepository(GitUtil.java:1225) 
~[cas-management-webapp-support-5.3.6.jar:5.3.6]
at org.apereo.cas.mgmt.GitUtil.(GitUtil.java:100) 
~[cas-management-webapp-support-5.3.6.jar:5.3.6]
at 
org.apereo.cas.mgmt.services.web.factory.RepositoryFactory.buildGitUtil(RepositoryFactory.java:81)
 ~[cas-management-webapp-support-5.3.6.jar:5.3.6]
at 
org.apereo.cas.mgmt.services.web.factory.RepositoryFactory.masterRepository(RepositoryFactory.java:70)
 ~[cas-management-webapp-support-5.3.6.jar:5.3.6]
at 
org.apereo.cas.mgmt.services.web.factory.RepositoryFactory.from(RepositoryFactory.java:53)
 ~[cas-management-webapp-support-5.3.6.jar:5.3.6]
at 
org.apereo.cas.mgmt.services.web.factory.RepositoryFactory.from(RepositoryFactory.java:40)
 ~[cas-management-webapp-support-5.3.6.jar:5.3.6]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_191]
at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) 
~[?:1.8.0_191]
at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
 ~[?:1.8.0_191]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_191]
at 
org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:216) 
~[spring-core-4.3.17.RELEASE.jar:4.3.17.RELEASE]
at 
org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:470)
 ~[spring-cloud-context-1.3.0.RELEASE.jar:1.3.0.RELEASE]
at 
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
 ~[spring-aop-4.3.18.RELEASE.jar:4.3.18.RELEASE]
at 
org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:671)
 ~[spring-aop-4.3.18.RELEASE.jar:4.3.18.RELEASE]
at 
org.apereo.cas.mgmt.services.web.factory.RepositoryFactory$$EnhancerBySpringCGLIB$$892cee48.from()
 ~[cas-management-webapp-support-5.3.6.jar:5.3.6]
at 
org.apereo.cas.mgmt.services.web.ServiceRepositoryController.gitStatus(ServiceRepositoryController.java:322)
 [cas-management-webapp-support-5.3.6.jar:5.3.6]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_191]
at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) 
~[?:1.8.0_191]
at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
 ~[?:1.8.0_191]
at java.lang.reflect.Method.invoke(Method.

Re: [cas-user] Re: CAS Management Services JPA Registry (Success, but Unable to Save to MySQL Database)

[Fahmi L. Ramdhani]

Hello Ray, thank for your reply.
I changed the configuration:

- Adding cas.jdbc.showSql=true to cas.properties and management.properties
- Adding healthQuery to cas.properties and management.properties
- Change ddlAuto to update
- Rebuilding project cas and management


Log showing (*cas.log*)

2019-03-20 22:51:33,260 INFO [org.apereo.cas.services.AbstractServicesManager] 
- 
2019-03-20 22:51:43,276 DEBUG 
[org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - 
2019-03-20 22:51:43,314 DEBUG 
[org.apereo.cas.ticket.registry.support.JpaLockingStrategy] - 
2019-03-20 22:51:43,364 DEBUG 
[org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - 
2019-03-20 22:51:43,378 DEBUG [org.apereo.cas.ticket.DefaultTicketCatalog] - 



1. Adding 2 initial service registry using MySQL Workbench
2. I am login successfully to Services Management (screen shoot in 
attachment).
3. I am try to add an service registry, then save it.
4. Successfully added an service registry, but it is not stored in the 
database.
5. The table still displays 2 rows (not 3 rows, 1 added in service 
management)

Log show (*cas-management.log*, not showing SQL QUERIES)

= WHO: 
superadmin WHAT: AbstractRegisteredService(serviceId=^https:\/\/portal.
example.com(\\z|\/.*), name=Asia, theme=null, informationU... ACTION: 
SAVE_SERVICE_SUCCESS APPLICATION: CAS_Management WHEN: Wed Mar 20 23:03:24 
EDT 2019 CLIENT IP ADDRESS: 103.xxx.1x8.xxx SERVER IP ADDRESS: 172.16.2.53 
=


2019-03-20 23:04:04,149 ERROR [org.apereo.cas.mgmt.GitUtil] - Git 
repository not found/initialized at [/etc/cas/services-repo/.git]
2019-03-20 23:04:04,149 ERROR [org.apereo.cas.mgmt.services.web.
ServiceRepositoryController] - repository not found: /etc/cas/services-repo
/.git
java.lang.RuntimeException: repository not found: /etc/cas/services-repo/.
git
at org.apereo.cas.mgmt.GitUtil.initializeGitRepository(GitUtil.java:1225) ~[
cas-management-webapp-support-5.3.6.jar:5.3.6]
at org.apereo.cas.mgmt.GitUtil.(GitUtil.java:100) ~[cas-management-
webapp-support-5.3.6.jar:5.3.6]
at org.apereo.cas.mgmt.services.web.factory.RepositoryFactory.buildGitUtil(
RepositoryFactory.java:81) ~[cas-management-webapp-support-5.3.6.jar:5.3.6]
at org.apereo.cas.mgmt.services.web.factory.RepositoryFactory.
masterRepository(RepositoryFactory.java:70) ~[cas-management-webapp-support-
5.3.6.jar:5.3.6]
at org.apereo.cas.mgmt.services.web.factory.RepositoryFactory.from(
RepositoryFactory.java:53) ~[cas-management-webapp-support-5.3.6.jar:5.3.6]
at org.apereo.cas.mgmt.services.web.factory.RepositoryFactory.from(
RepositoryFactory.java:40) ~[cas-management-webapp-support-5.3.6.jar:5.3.6]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_191
]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java
:62) ~[?:1.8.0_191]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(
DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_191]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_191]
at org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.
java:216) ~[spring-core-4.3.17.RELEASE.jar:4.3.17.RELEASE]
at org.springframework.cloud.context.scope.
GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:470) ~[
spring-cloud-context-1.3.0.RELEASE.jar:1.3.0.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(
ReflectiveMethodInvocation.java:179) ~[spring-aop-4.3.18.RELEASE.jar:4.3.
18.RELEASE]
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor
.intercept(CglibAopProxy.java:671) ~[spring-aop-4.3.18.RELEASE.jar:4.3.
18.RELEASE]
at org.apereo.cas.mgmt.services.web.factory.
RepositoryFactory$$EnhancerBySpringCGLIB$$892cee48.from() ~[cas-
management-webapp-support-5.3.6.jar:5.3.6]
at org.apereo.cas.mgmt.services.web.ServiceRepositoryController.gitStatus(
ServiceRepositoryController.java:322) [cas-management-webapp-support-5.3.
6.jar:5.3.6]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_191
]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java
:62) ~[?:1.8.0_191]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(
DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_191]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_191]
at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(
InvocableHandlerMethod.java:205) [spring-web-4.3.18.RELEASE.jar:4.3.
18.RELEASE]
at org.springframework.web.method.support.InvocableHandlerMethod.
invokeForRequest(InvocableHandlerMethod.java:133) [spring-web-4.3.18.RELEASE
.jar:4.3.18.RELEASE]
at org.springframework.web.servlet.mvc.method.annotation.
ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.
java:97) [spring-webmvc-4.3.17.RELEASE.jar:4.3.17.RELEASE]
at org.springframework.web.servlet.mvc.method.annotation.
RequestMappingHandler

Re: [cas-user] Re: CAS Management Services JPA Registry (Success, but Unable to Save to MySQL Database)

[Ray Bon]

Fahmi,

ddlAuto should be set to 'none' or 'update'.
You can also set cas.jdbc.showSql=true to see queries in the logs.
There is also a health query healthQuery='select ...'

Are you running CAS and management server on the same tomcat at the same time 
or do you shut one down and start the other?
The create-drop will drop the database during tomcat shutdown.

After you create a service, check to see that it is there with mysql command 
line tool.

This might give some info in the logs:




Ray


On Wed, 2019-03-20 at 14:33 -0700, Fahmi L. Ramdhani wrote:
Thanks for your replies.

I added the service via CAS Service Manangement 
(https://sso.example.com/cas-management/manage.html), but it was not saved in 
the database. Please help review my CAS configuration (in attachment).

Can you help me please. Thank you.

Pada Rabu, 20 Maret 2019 23.01.06 UTC+7, Facundo Mateo menulis:
I am assuming you don't have version control enabled.

After you add the service through console, is your service shown in Management 
console list? If so it should be in your service registry database.
I have the same exception you describe if version control is not enabled but I 
am still able to save the registry to database.

May be you could increase console  log level to debug and set 
"cas.jdbc.showSql=true"  to see whats really happening.



--
Ray Bon
Programmer analyst
Development Services, University Systems
2507218831 | CLE 019 | r...@uvic.ca

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/1553127119.3399.68.camel%40uvic.ca.

Re: [cas-user] Re: CAS Management Services JPA Registry (Success, but Unable to Save to MySQL Database)

[Ray Bon]

Fahmi,

It sounds like the management server is saving the service to another location, 
most likely file system since that is default.
Also, make sure that CAS and management server are pointing to the exact same 
service registry. Check spelling of your properties.

Ray

On Wed, 2019-03-20 at 08:16 -0700, Fahmi L. Ramdhani wrote:
Thanks Facundo for your reply. Regarding "cas.serviceRegistry.jpa.ddlAuto = 
create-drop" is only temporary, next time, I will change it to none or update.

So, when I go to https://sso.example.com/cas-management (successfully), then I 
make 1 new registry service. I think it will save new data to the MySQL 
registryDb.RegexRegisteredService table, but the registry service does not add 
to the table.

The thing that makes me confused is that the registry service that was added 
was still stored after I closed the browser (private mode). I don't know where 
the new registry service was stored. Then after I tried accessing the registry 
service (https://portal.example.com/dashboard redirected to CAS Login), the CAS 
refused "Application Not Authorized to Use CAS", even though the registry 
service was added and stored (it doesn't know where it was stored).
 Is there a solution for this problem? Please help. Thank you.

Pada Rabu, 20 Maret 2019 21.10.18 UTC+7, Facundo Mateo menulis:
Hi Fahmi,
  We faced the same issue with managment console.  In our case, that error is 
not related to the database configuration or the saving action itself but the 
GIT versioning functionalitiy of management console 
(https://apereo.github.io/cas-management/5.3.x/installation/Installing-ServicesMgmt-Webapp.html#version-control).

  I noticed you have "cas.serviceRegistry.jpa.ddlAuto = create-drop"

  Using that configuration every time the server is stopped your DB schema is 
dropped and of course your services.
  Could this be your real issue?

Regards, Facundo


--
Ray Bon
Programmer analyst
Development Services, University Systems
2507218831 | CLE 019 | r...@uvic.ca

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/1553097475.3399.39.camel%40uvic.ca.

RE: [cas-user] Re: CAS Management v5.3.6 Release

[Cutting, Shawn]

Ok.  It does seem odd that to search “Trav**” is needed, but at least it is 
something. Thanks for your reply.

From: cas-user@apereo.org  On Behalf Of Travis Schmidt
Sent: Wednesday, November 07, 2018 11:00 AM
To: cas-user@apereo.org
Subject: Re: [cas-user] Re: CAS Management v5.3.6 Release

Wildcard searches are what you want:

http://lucene.apache.org/core/7_5_0/queryparser/org/apache/lucene/queryparser/classic/package-summary.html#package.description

Doing a quick test against our registry for my first name, Tra?is works, Tra*is 
works.  For some reason though to make Trav* work somewhat as expected it needs 
to be Trav**

There is also some support for Regular Expressions(See link above), but seems 
finicky when I try and use it.  Usually works searching fields directly that do 
not contain without whitespace.

On Wed, Nov 7, 2018 at 7:17 AM Shawn Cutting 
mailto:scutt...@messiah.edu>> wrote:
Is the search functionality limited to "whole word" searches?  It would be nice 
if the search can find partial words as well.

On Friday, November 2, 2018 at 1:57:01 PM UTC-4, Travis Schmidt wrote:
CAS Management v5.3.6 has been released:
https://github.com/apereo/cas-management/releases/tag/v5.3.6

This release corrects an error that was found in the new Search functionality 
released in 5.3.5.

Deployers that use the war overlay, take note that the pom.xml has been updated 
to include a separate  property.   is still 
present and can be used for any CAS modules that you add to the overlay.

Thanks
Travis
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org<mailto:cas-user+unsubscr...@apereo.org>.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/8d3c6ad8-4a84-4aac-983e-e7a9c7a1f92e%40apereo.org<https://groups.google.com/a/apereo.org/d/msgid/cas-user/8d3c6ad8-4a84-4aac-983e-e7a9c7a1f92e%40apereo.org?utm_medium=email&utm_source=footer>.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to a topic in the Google 
Groups "CAS Community" group.
To unsubscribe from this topic, visit 
https://groups.google.com/a/apereo.org/d/topic/cas-user/bSjkychcCyc/unsubscribe.
To unsubscribe from this group and all its topics, send an email to 
cas-user+unsubscr...@apereo.org<mailto:cas-user+unsubscr...@apereo.org>.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAC_RtEbX4_%2B_-Xdn6EfYP1g6wE5Eu4H-nuoHTD_QZ0ud8X%2B4zA%40mail.gmail.com<https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAC_RtEbX4_%2B_-Xdn6EfYP1g6wE5Eu4H-nuoHTD_QZ0ud8X%2B4zA%40mail.gmail.com?utm_medium=email&utm_source=footer>.

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/BL0PR02MB45005843A8B2750EBFDFE649CDC40%40BL0PR02MB4500.namprd02.prod.outlook.com.

Re: [cas-user] Re: CAS Management v5.3.6 Release

[Travis Schmidt]

Wildcard searches are what you want:

http://lucene.apache.org/core/7_5_0/queryparser/org/apache/lucene/queryparser/classic/package-summary.html#package.description

Doing a quick test against our registry for my first name, Tra?is works,
Tra*is works.  For some reason though to make Trav* work somewhat as
expected it needs to be Trav**

There is also some support for Regular Expressions(See link above), but
seems finicky when I try and use it.  Usually works searching fields
directly that do not contain without whitespace.

On Wed, Nov 7, 2018 at 7:17 AM Shawn Cutting  wrote:

> Is the search functionality limited to "whole word" searches?  It would be
> nice if the search can find partial words as well.
>
> On Friday, November 2, 2018 at 1:57:01 PM UTC-4, Travis Schmidt wrote:
>>
>> CAS Management v5.3.6 has been released:
>> https://github.com/apereo/cas-management/releases/tag/v5.3.6
>>
>> This release corrects an error that was found in the new Search
>> functionality released in 5.3.5.
>>
>> Deployers that use the war overlay, take note that the pom.xml has been
>> updated to include a separate  property.  
>> is still present and can be used for any CAS modules that you add to the
>> overlay.
>>
>> Thanks
>> Travis
>>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/8d3c6ad8-4a84-4aac-983e-e7a9c7a1f92e%40apereo.org
> 
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAC_RtEbX4_%2B_-Xdn6EfYP1g6wE5Eu4H-nuoHTD_QZ0ud8X%2B4zA%40mail.gmail.com.

Re: [cas-user] Re: cas-management question

[Jennifer LaVoie]

I UNDERSTAND.  Ok...trying that now...thanks!

Jen

On Fri, May 18, 2018 at 11:48 AM, Ray Bon  wrote:

> Jen,
>
> You will need to install custom certs on both sides (CAS and
> cas-management). The jvm is responsible for certificate processing, tomcat
> only needs to know where it is to send it to the browser.
>
> sudo keytool -import -file ${certName} -alias ${aliasName} -keystore
> $JAVA_HOME/jre/lib/security/cacerts
>
> https://apereo.github.io/cas/developer/Build-Process-5X.html#configure-ssl
>
> Ray
>
> On Fri, 2018-05-18 at 08:20 -0700, Jennifer LaVoie wrote:
>
> Yes.  I understand the distinction...I was typing quickly :)
>
> I do get an error in my cas-management log about ssl  - but my regular
> /cas/login link loads just fine (self signed cert on this particular server)
>
> Caused by: sun.security.validator.ValidatorException: PKIX path building
> failed: sun.security.provider.certpath.SunCertPathBuilderException:
> unable to find valid certification path to requested target
> at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:397)
> ~[?:1.8.0_171]
> at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302)
> ~[?:1.8.0_171]
> at sun.security.validator.Validator.validate(Validator.java:260)
> ~[?:1.8.0_171]
> at 
> sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
> ~[?:1.8.0_171]
> at 
> sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
> ~[?:1.8.0_171]
> at 
> sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
> ~[?:1.8.0_171]
> at 
> sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1596)
> ~[?:1.8.0_171]
> at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
> ~[?:1.8.0_171]
> at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052)
> ~[?:1.8.0_171]
> at sun.security.ssl.Handshaker.process_record(Handshaker.java:987)
> ~[?:1.8.0_171]
> at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1072)
> ~[?:1.8.0_171]
> at 
> sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385)
> ~[?:1.8.0_171]
> at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413)
> ~[?:1.8.0_171]
> at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397)
> ~[?:1.8.0_171]
> at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
> ~[?:1.8.0_171]
> at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(
> AbstractDelegateHttpsURLConnection.java:185) ~[?:1.8.0_171]
> at 
> sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1564)
> ~[?:1.8.0_171]
> at 
> sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1492)
> ~[?:1.8.0_171]
> at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(
> HttpsURLConnectionImpl.java:263) ~[?:1.8.0_171]
> at 
> org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:431)
> ~[cas-client-core-3.4.1.jar:3.4.1]
> at org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTic
> ketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:41)
> ~[cas-client-core-3.4.1.jar:3.4.1]
> at org.jasig.cas.client.validation.AbstractUrlBasedTicketValidato
> r.validate(AbstractUrlBasedTicketValidator.java:193)
> ~[cas-client-core-3.4.1.jar:3.4.1]
> at 
> org.pac4j.cas.credentials.authenticator.CasAuthenticator.validate(CasAuthenticator.java:61)
> ~[pac4j-cas-2.2.0.jar:?]
> at 
> org.pac4j.cas.client.direct.DirectCasClient.retrieveCredentials(DirectCasClient.java:68)
> ~[pac4j-cas-2.2.0.jar:?]
> at 
> org.pac4j.cas.client.direct.DirectCasClient.retrieveCredentials(DirectCasClient.java:37)
> ~[pac4j-cas-2.2.0.jar:?]
> at org.pac4j.core.client.DirectClient.getCredentials(DirectClient.java:44)
> ~[pac4j-core-2.2.0.jar:?]
> at 
> org.pac4j.core.engine.DefaultSecurityLogic.perform(DefaultSecurityLogic.java:113)
> ~[pac4j-core-2.2.0.jar:?]
> ... 72 more
> Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
> unable to find valid certification path to requested target
> at sun.security.provider.certpath.SunCertPathBuilder.
> build(SunCertPathBuilder.java:141) ~[?:1.8.0_171]
> at 
> sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
> ~[?:1.8.0_171]
> at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
> ~[?:1.8.0_171]
> at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:392)
> ~[?:1.8.0_171]
> at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302)
> ~[?:1.8.0_171]
> at sun.security.validator.Validator.validate(Validator.java:260)
> ~[?:1.8.0_171]
> at 
> sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
> ~[?:1.8.0_171]
> at 
> sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
> ~[?:1.8.0_171]
> at 
> sun.security.ssl.X509TrustManag

Re: [cas-user] Re: cas-management question

[Ray Bon]

Jen,

You will need to install custom certs on both sides (CAS and cas-management). 
The jvm is responsible for certificate processing, tomcat only needs to know 
where it is to send it to the browser.

sudo keytool -import -file ${certName} -alias ${aliasName} -keystore 
$JAVA_HOME/jre/lib/security/cacerts

https://apereo.github.io/cas/developer/Build-Process-5X.html#configure-ssl

Ray

On Fri, 2018-05-18 at 08:20 -0700, Jennifer LaVoie wrote:
Yes.  I understand the distinction...I was typing quickly :)

I do get an error in my cas-management log about ssl  - but my regular 
/cas/login link loads just fine (self signed cert on this particular server)

Caused by: sun.security.validator.ValidatorException: PKIX path building 
failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to 
find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:397) 
~[?:1.8.0_171]
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302) 
~[?:1.8.0_171]
at sun.security.validator.Validator.validate(Validator.java:260) ~[?:1.8.0_171]
at 
sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) 
~[?:1.8.0_171]
at 
sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
 ~[?:1.8.0_171]
at 
sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
 ~[?:1.8.0_171]
at 
sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1596) 
~[?:1.8.0_171]
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) 
~[?:1.8.0_171]
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052) ~[?:1.8.0_171]
at sun.security.ssl.Handshaker.process_record(Handshaker.java:987) 
~[?:1.8.0_171]
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1072) 
~[?:1.8.0_171]
at 
sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385) 
~[?:1.8.0_171]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413) 
~[?:1.8.0_171]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397) 
~[?:1.8.0_171]
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559) 
~[?:1.8.0_171]
at 
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
 ~[?:1.8.0_171]
at 
sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1564)
 ~[?:1.8.0_171]
at 
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1492)
 ~[?:1.8.0_171]
at 
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:263)
 ~[?:1.8.0_171]
at 
org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:431)
 ~[cas-client-core-3.4.1.jar:3.4.1]
at 
org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:41)
 ~[cas-client-core-3.4.1.jar:3.4.1]
at 
org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:193)
 ~[cas-client-core-3.4.1.jar:3.4.1]
at 
org.pac4j.cas.credentials.authenticator.CasAuthenticator.validate(CasAuthenticator.java:61)
 ~[pac4j-cas-2.2.0.jar:?]
at 
org.pac4j.cas.client.direct.DirectCasClient.retrieveCredentials(DirectCasClient.java:68)
 ~[pac4j-cas-2.2.0.jar:?]
at 
org.pac4j.cas.client.direct.DirectCasClient.retrieveCredentials(DirectCasClient.java:37)
 ~[pac4j-cas-2.2.0.jar:?]
at org.pac4j.core.client.DirectClient.getCredentials(DirectClient.java:44) 
~[pac4j-core-2.2.0.jar:?]
at 
org.pac4j.core.engine.DefaultSecurityLogic.perform(DefaultSecurityLogic.java:113)
 ~[pac4j-core-2.2.0.jar:?]
... 72 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable 
to find valid certification path to requested target
at 
sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
 ~[?:1.8.0_171]
at 
sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
 ~[?:1.8.0_171]
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280) 
~[?:1.8.0_171]
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:392) 
~[?:1.8.0_171]
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302) 
~[?:1.8.0_171]
at sun.security.validator.Validator.validate(Validator.java:260) ~[?:1.8.0_171]
at 
sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) 
~[?:1.8.0_171]
at 
sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
 ~[?:1.8.0_171]
at 
sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
 ~[?:1.8.0_171]
at 
sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1596) 
~[?:1.8.0_171]
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) 
~[?:1.8.0_171]
at sun.security.ssl

Re: [cas-user] Re: cas-management question

[Jennifer LaVoie]

Yes.  I understand the distinction...I was typing quickly :)

I do get an error in my cas-management log about ssl  - but my regular 
/cas/login link loads just fine (self signed cert on this particular server)

Caused by: sun.security.validator.ValidatorException: PKIX path building 
failed: sun.security.provider.certpath.SunCertPathBuilderException: unable 
to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:397) 
~[?:1.8.0_171]
at 
sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302) 
~[?:1.8.0_171]
at sun.security.validator.Validator.validate(Validator.java:260) 
~[?:1.8.0_171]
at 
sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) 
~[?:1.8.0_171]
at 
sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
 
~[?:1.8.0_171]
at 
sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
 
~[?:1.8.0_171]
at 
sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1596) 
~[?:1.8.0_171]
at 
sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) 
~[?:1.8.0_171]
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052) 
~[?:1.8.0_171]
at sun.security.ssl.Handshaker.process_record(Handshaker.java:987) 
~[?:1.8.0_171]
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1072) 
~[?:1.8.0_171]
at 
sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385) 
~[?:1.8.0_171]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413) 
~[?:1.8.0_171]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397) 
~[?:1.8.0_171]
at 
sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559) 
~[?:1.8.0_171]
at 
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
 
~[?:1.8.0_171]
at 
sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1564)
 
~[?:1.8.0_171]
at 
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1492)
 
~[?:1.8.0_171]
at 
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:263)
 
~[?:1.8.0_171]
at 
org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:431)
 
~[cas-client-core-3.4.1.jar:3.4.1]
at 
org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:41)
 
~[cas-client-core-3.4.1.jar:3.4.1]
at 
org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:193)
 
~[cas-client-core-3.4.1.jar:3.4.1]
at 
org.pac4j.cas.credentials.authenticator.CasAuthenticator.validate(CasAuthenticator.java:61)
 
~[pac4j-cas-2.2.0.jar:?]
at 
org.pac4j.cas.client.direct.DirectCasClient.retrieveCredentials(DirectCasClient.java:68)
 
~[pac4j-cas-2.2.0.jar:?]
at 
org.pac4j.cas.client.direct.DirectCasClient.retrieveCredentials(DirectCasClient.java:37)
 
~[pac4j-cas-2.2.0.jar:?]
at org.pac4j.core.client.DirectClient.getCredentials(DirectClient.java:44) 
~[pac4j-core-2.2.0.jar:?]
at 
org.pac4j.core.engine.DefaultSecurityLogic.perform(DefaultSecurityLogic.java:113)
 
~[pac4j-core-2.2.0.jar:?]
... 72 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: 
unable to find valid certification path to requested target
at 
sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
 
~[?:1.8.0_171]
at 
sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
 
~[?:1.8.0_171]
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280) 
~[?:1.8.0_171]
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:392) 
~[?:1.8.0_171]
at 
sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302) 
~[?:1.8.0_171]
at sun.security.validator.Validator.validate(Validator.java:260) 
~[?:1.8.0_171]
at 
sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) 
~[?:1.8.0_171]
at 
sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
 
~[?:1.8.0_171]
at 
sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
 
~[?:1.8.0_171]
at 
sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1596) 
~[?:1.8.0_171]
at 
sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) 
~[?:1.8.0_171]
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052) 
~[?:1.8.0_171]
at sun.security.ssl.Handshaker.process_record(Handshaker.java:987) 
~[?:1.8.0_171]
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1072) 
~[?:1.8.0_171]
at 
sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385) 
~[?:1.8.0_171]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413) 
~[?:1.8.0_171]
at 

Re: [cas-user] Re: cas-management question

[Ray Bon]

Jen,

I think you mean a cas-management error and not 'CAS error'.
Are CAS and cas-management running on the same tomcat?
Logging config for cas-management is in log4j2-management.xml which also 
introduces cas-management.log.

Ray

On Thu, 2018-05-17 at 12:55 -0700, Jennifer LaVoie wrote:

nothing helpful in cas.log or catalina.out that I can see

it seems to be CAS error because the leaf is on the tab and above the error 
that I posted it says

Cas Service Management

Jen

On Thursday, May 17, 2018 at 3:44:27 PM UTC-4, David Curry wrote:
Haven't seen that one, that I can recall.

Is that a CAS error (shows in a CAS-branded web page) or a Tomcat error?

Do the logs (cas.log and/or catalina.out) say anything helpful?




--

DAVID A. CURRY, CISSP
DIRECTOR OF INFORMATION SECURITY
INFORMATION TECHNOLOGY

71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 212 229-5300 x4728 • david.cu...@newschool.edu

[The New School]

On Thu, May 17, 2018 at 3:40 PM, Jennifer LaVoie 
> wrote:
I updated the management.properties file with some ports specifically defined.  
And that is now working as expected...

However, I get this

The CAS management webapp is unavailable.

There was an error trying to complete your request. Please notify your support 
desk or try again.




On Thursday, May 17, 2018 at 3:18:42 PM UTC-4, Jennifer LaVoie wrote:
So I have followed all the steps here

https://dacurry-tns.github.io/deploying-apereo-cas/building_svcmgmt_configure-webapp-properties.html

(awesome site)

And when I try to go to

https://cashost:8443/cas-management

I am redirected to here

https://casserver.herokuapp.com/cas/login?service=https%3A%2F%2Fcashost%3A8443%2Fcas-management%2Fmanage.html

I have already logged into my cas.

What config file have I forgotten to change?

Jen


--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+u...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/53c3f120-14ec-41af-8447-1db0e370795e%40apereo.org.




--
Ray Bon
Programmer analyst
Development Services, University Systems
2507218831 | CLE 019 | r...@uvic.ca

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/1526588156.1817.81.camel%40uvic.ca.

Re: [cas-user] Re: cas-management question

[David Curry]

Sorry, not cas.log cas-management.log.

If still nothing, try setting   cas.log.level   to debug in
log4j2-management.xml.




--

DAVID A. CURRY, CISSP
*DIRECTOR OF INFORMATION SECURITY*
INFORMATION TECHNOLOGY

71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 212 229-5300 x4728 • david.cu...@newschool.edu

[image: The New School]

On Thu, May 17, 2018 at 3:23 PM, Jennifer LaVoie 
wrote:

> Here is my management.properties file
>
> # CAS server that management app will authenticate with
> # This server will authenticate for any app (service) and you can login as
> casuser/Mellon
>
> server.name: https://cashost
> cas.server.prefix: ${cas.server.name}/cas
>
> cas.mgmt.adminRoles[0]=ROLE_ADMIN
> cas.mgmt.userPropertiesFile=file:/etc/cas/config/admusers.properties
>
>
> # Update this URL to point at server running this management app
> cas.mgmt.serverName=${cas.server.name}:8443
>
> #server.context-path=/cas-management
> #server.port=8443
>
> cas.serviceRegistry.json.location: file:/etc/cas/services
>
> logging.config=file:/etc/cas/config/log4j2-management.xml
>
>
> On Thursday, May 17, 2018 at 3:18:42 PM UTC-4, Jennifer LaVoie wrote:
>>
>> So I have followed all the steps here
>>
>> https://dacurry-tns.github.io/deploying-apereo-cas/building_
>> svcmgmt_configure-webapp-properties.html
>>
>> (awesome site)
>>
>> And when I try to go to
>>
>> https://cashost:8443/cas-management
>>
>> I am redirected to here
>>
>> https://casserver.herokuapp.com/cas/login?service=https%3A%
>> 2F%2Fcashost%3A8443%2Fcas-management%2Fmanage.html
>>
>> I have already logged into my cas.
>>
>> What config file have I forgotten to change?
>>
>> Jen
>>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/00b98d20-6f6d-4af3-8b74-
> cef6a55fcaef%40apereo.org
> 
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XAMNMTd0GyFTydBj8yw%2BKgMvK-M-NdYTy7j2Xe4niSzy_w%40mail.gmail.com.

Re: [cas-user] Re: cas-management question

[Jennifer LaVoie]

nothing helpful in cas.log or catalina.out that I can see

it seems to be CAS error because the leaf is on the tab and above the error 
that I posted it says

Cas Service Management

Jen

On Thursday, May 17, 2018 at 3:44:27 PM UTC-4, David Curry wrote:
>
> Haven't seen that one, that I can recall.
>
> Is that a CAS error (shows in a CAS-branded web page) or a Tomcat error?
>
> Do the logs (cas.log and/or catalina.out) say anything helpful?
>
>
>
> --
>
> DAVID A. CURRY, CISSP
> *DIRECTOR OF INFORMATION SECURITY*
> INFORMATION TECHNOLOGY
>
> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
> +1 212 229-5300 x4728 • david.cu...@newschool.edu 
>
> [image: The New School]
>
> On Thu, May 17, 2018 at 3:40 PM, Jennifer LaVoie  > wrote:
>
>> I updated the management.properties file with some ports specifically 
>> defined.  And that is now working as expected...
>>
>> However, I get this
>>
>> The CAS management webapp is unavailable.
>>
>> There was an error trying to complete your request. Please notify your 
>> support desk or try again.
>>
>>
>>
>>
>>
>> On Thursday, May 17, 2018 at 3:18:42 PM UTC-4, Jennifer LaVoie wrote:
>>>
>>> So I have followed all the steps here
>>>
>>>
>>> https://dacurry-tns.github.io/deploying-apereo-cas/building_svcmgmt_configure-webapp-properties.html
>>>
>>> (awesome site)
>>>
>>> And when I try to go to 
>>>
>>> https://cashost:8443/cas-management
>>>
>>> I am redirected to here
>>>
>>>
>>> https://casserver.herokuapp.com/cas/login?service=https%3A%2F%2Fcashost%3A8443%2Fcas-management%2Fmanage.html
>>>
>>> I have already logged into my cas.
>>>
>>> What config file have I forgotten to change?
>>>
>>> Jen
>>>
>> -- 
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> --- 
>> You received this message because you are subscribed to the Google Groups 
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to cas-user+u...@apereo.org .
>> To view this discussion on the web visit 
>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/53c3f120-14ec-41af-8447-1db0e370795e%40apereo.org
>>  
>> 
>> .
>>
>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/72a4a823-1223-4685-bd63-8d1a587e12cf%40apereo.org.

Re: [cas-user] Re: cas-management question

[David Curry]

Haven't seen that one, that I can recall.

Is that a CAS error (shows in a CAS-branded web page) or a Tomcat error?

Do the logs (cas.log and/or catalina.out) say anything helpful?



--

DAVID A. CURRY, CISSP
*DIRECTOR OF INFORMATION SECURITY*
INFORMATION TECHNOLOGY

71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 212 229-5300 x4728 • david.cu...@newschool.edu

[image: The New School]

On Thu, May 17, 2018 at 3:40 PM, Jennifer LaVoie 
wrote:

> I updated the management.properties file with some ports specifically
> defined.  And that is now working as expected...
>
> However, I get this
>
> The CAS management webapp is unavailable.
>
> There was an error trying to complete your request. Please notify your
> support desk or try again.
>
>
>
>
>
> On Thursday, May 17, 2018 at 3:18:42 PM UTC-4, Jennifer LaVoie wrote:
>>
>> So I have followed all the steps here
>>
>> https://dacurry-tns.github.io/deploying-apereo-cas/building_
>> svcmgmt_configure-webapp-properties.html
>>
>> (awesome site)
>>
>> And when I try to go to
>>
>> https://cashost:8443/cas-management
>>
>> I am redirected to here
>>
>> https://casserver.herokuapp.com/cas/login?service=https%3A%
>> 2F%2Fcashost%3A8443%2Fcas-management%2Fmanage.html
>>
>> I have already logged into my cas.
>>
>> What config file have I forgotten to change?
>>
>> Jen
>>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/53c3f120-14ec-41af-8447-
> 1db0e370795e%40apereo.org
> 
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XANk_3FiWjgUPHTf6dP3CbNtbCoN2dBsWOmT3hDTjG0_xw%40mail.gmail.com.

Re: [cas-user] Re: cas-management question

[David Curry]

You have "server.name" instead of "cas.server.name" (oops)




--

DAVID A. CURRY, CISSP
*DIRECTOR OF INFORMATION SECURITY*
INFORMATION TECHNOLOGY

71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 212 229-5300 x4728 • david.cu...@newschool.edu

[image: The New School]

On Thu, May 17, 2018 at 3:23 PM, Jennifer LaVoie 
wrote:

> Here is my management.properties file
>
> # CAS server that management app will authenticate with
> # This server will authenticate for any app (service) and you can login as
> casuser/Mellon
>
> server.name: https://cashost
> cas.server.prefix: ${cas.server.name}/cas
>
> cas.mgmt.adminRoles[0]=ROLE_ADMIN
> cas.mgmt.userPropertiesFile=file:/etc/cas/config/admusers.properties
>
>
> # Update this URL to point at server running this management app
> cas.mgmt.serverName=${cas.server.name}:8443
>
> #server.context-path=/cas-management
> #server.port=8443
>
> cas.serviceRegistry.json.location: file:/etc/cas/services
>
> logging.config=file:/etc/cas/config/log4j2-management.xml
>
>
> On Thursday, May 17, 2018 at 3:18:42 PM UTC-4, Jennifer LaVoie wrote:
>>
>> So I have followed all the steps here
>>
>> https://dacurry-tns.github.io/deploying-apereo-cas/building_
>> svcmgmt_configure-webapp-properties.html
>>
>> (awesome site)
>>
>> And when I try to go to
>>
>> https://cashost:8443/cas-management
>>
>> I am redirected to here
>>
>> https://casserver.herokuapp.com/cas/login?service=https%3A%
>> 2F%2Fcashost%3A8443%2Fcas-management%2Fmanage.html
>>
>> I have already logged into my cas.
>>
>> What config file have I forgotten to change?
>>
>> Jen
>>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/00b98d20-6f6d-4af3-8b74-
> cef6a55fcaef%40apereo.org
> 
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XANgQUGB41MpLrk_%3DjOpTdh%3DkC0MTMvidJoFm-s1FR%2B%3D7Q%40mail.gmail.com.

Re: [cas-user] Re: CAS Management Webapp v5 + LDAP Authorization

[Ludovic Senecaux]

It is OK in CAS version 5.1

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/bfbc76e8-497d-4807-a3a2-0c91e64d8890%40googlegroups.com.

Re: [cas-user] Re: cas-management 5.0.x jpa service registry ORA-00972: identifier is too long

[Rob]

Hi Olivier,

Thanks for the reply.  I'm building from the maven overlays, so I don't
have the class files to modify. I can download the source and give it a
shot, but I was hoping there would be a more elegant solution.

We can live without SAML for now, but we'll need it in the future.

Thanks,
/rob


On Wed, Apr 26, 2017 at 11:14 AM, Olivier Lamarche 
wrote:

> Hi Rob,
> I got the same error last week.
>
> I dont know if you use SAML authentification, but I ended up by overriding
> SamlRegisteredService.java
>
>
> 
>
>
>
> After, rename your @Column by using the *name *attribute :
>
>  @Column(updatable = true, insertable = true)
> private long metadataMaxValidity;
>
> @Column(updatable = true, insertable = true, name= "racc")
> private String requiredAuthenticationContextClass;
>
> @Column(updatable = true, insertable = true)
> private String metadataCriteriaDirection;
>
> @Column(updatable = true, insertable = true, name= "mcp")
> private String metadataCriteriaPattern;
>
> @Column(updatable = true, insertable = true)
> private String requiredNameIdFormat;
>
> @Column(updatable = true, insertable = true, name= "msl")
> private String metadataSignatureLocation;
>
> @Column(updatable = true, insertable = true)
> private boolean signAssertions;
>
> @Column(updatable = true, insertable = true)
> private boolean signResponses = true;
>
> @Column(updatable = true, insertable = true)
> private boolean encryptAssertions;
>
> @Column(updatable = true, insertable = true)
> private String metadataCriteriaRoles = "SPSSODescriptor";
>
> @Column(updatable = true, insertable = true, name= "mcreed")
> private boolean metadataCriteriaRemoveEmptyEntitiesDescriptors = true;
>
> @Column(updatable = true, insertable = true, name= "mcrred")
> private boolean metadataCriteriaRemoveRolelessEntityDescriptors =
> true;
>
> Don't forget to this override in both cas webapp and management console
> webapp
>
>
> Le mercredi 26 avril 2017 09:12:20 UTC-4, Rob Blais a écrit :
>>
>> I've got CAS 5.0.5 up and running with an Oracle 12c DB for the service
>> and ticket registries.  CAS was able to init the service registry from the
>> default json files and I can see that it reads them back.
>>
>> INFO [org.apereo.cas.services.DefaultServicesManagerImpl] - > services from JpaServiceRegistryDaoImpl.>
>>
>> When I try to launch the cas-management webapp, it throws an "ORA-00972:
>> identifier is too long" too long error.
>>
>> Hibernate: select abstractre0_.id as id2_0_, abstractre0_.access_strategy
>> as access_strategy3_0_, abstractre0_.attribute_release as
>> attribute_release4_0_, abstractre0_.description as description5_0_,
>> abstractre0_.evaluation_order as evaluation_order6_0_, abstractre0_.logo as
>> logo7_0_, abstractre0_.logout_type as logout_type8_0_,
>> abstractre0_.logout_url as logout_url9_0_, abstractre0_.mfa_policy as
>> mfa_policy10_0_, abstractre0_.name as name11_0_, abstractre0_.proxy_policy
>> as proxy_policy12_0_, abstractre0_.public_key as public_key13_0_,
>> abstractre0_.required_handlers as required_handlers14_0_,
>> abstractre0_.serviceId as serviceId15_0_, abstractre0_.theme as theme16_0_,
>> abstractre0_.username_attr as username_attr17_0_,
>> abstractre0_.bypassApprovalPrompt as bypassApprovalPro18_0_,
>> abstractre0_.clientId as clientId19_0_, abstractre0_.clientSecret as
>> clientSecret20_0_, abstractre0_.generateRefreshToken as
>> generateRefreshTo21_0_, abstractre0_.jsonFormat as jsonFormat22_0_,
>> abstractre0_.jwks as jwks23_0_, abstractre0_.signIdToken as
>> signIdToken24_0_, abstractre0_.encryptAssertions as encryptAssertions25_0_,
>> abstractre0_.metadataCriteriaDirection as metadataCriteriaD26_0_,
>> abstractre0_.metadataCriteriaPattern as metadataCriteriaP27_0_,
>> abstractre0_.metadataCriteriaRemoveEmptyEntitiesDescriptors as
>> metadataCriteriaR28_0_, 
>> abstractre0_.metadataCriteriaRemoveRolelessEntityDescriptors
>> as metadataCriteriaR29_0_, abstractre0_.metadataCriteriaRoles as
>> metadataCriteriaR30_0_, abstractre0_.metadataLocation as
>> metadataLocation31_0_, abstractre0_.metadataMaxValidity as
>> metadataMaxValidi32_0_, abstractre0_.metadataSignatureLocation as
>> metadataSignature33_0_, abstractre0_.requiredAuthenticationContextClass
>> as requiredAuthentic34_0_, abstractre0_.requiredNameIdFormat as
>> requiredNameIdFor35_0_, abstractre0_.signAssertions as signAssertions36_0_,
>> abstractre0_.signResponses as signResponses37_0_,
>> abstractre0_.expression_type as expression_type1_0_ from
>> RegexRegisteredService abstractre0_
>> 2017-04-26 07:50:10,955 ERROR 
>> [org.hibernate.engine.jdbc.spi.SqlExceptionHelper]
>> - >
>> Logs and configs are attached.  Any help would be greatly appreciated.
>>
>> /rob
>>
>>
>> --
> - CAS gitter chatroom: https://gitter.im/apereo/cas
>

RE: [cas-user] Re: CAS Management App 5.0.0.RC2-SNAPSHOT

[Misagh Moayyed]

You’re perfectly right. Created 
https://github.com/apereo/cas-services-management-overlay/issues/4



From: Jeffrey Ramsay [mailto:jeffrey.ram...@gmail.com]
Sent: Wednesday, September 21, 2016 9:28 PM
To: Misagh Moayyed 
Cc: CAS Community 
Subject: Re: [cas-user] Re: CAS Management App 5.0.0.RC2-SNAPSHOT



It's hard to tell what will or will not work. The definition I shared before 
was directly from the cas-management.properties file. Those lines should 
probably be removed to avoid confusion.




# User details file location that contains list of users


# who are allowed access to the management webapp:


#


# user.details.file.location = classpath:user-details.properties





##


# JSON Service Registry


#


# Directory location where JSON service files may be found.


# service.registry.config.location=classpath:services





Thanks,

-Jeff



On Wed, Sep 21, 2016 at 1:36 PM, Misagh Moayyed mailto:mmoay...@unicon.net> > wrote:

It most definitely won’t work, given that’s an invalid property. See:

https://apereo.github.io/cas/development/installation/Configuration-Properties.html#management-webapp



From: cas-user@apereo.org <mailto:cas-user@apereo.org> 
[mailto:cas-user@apereo.org <mailto:cas-user@apereo.org> ] On Behalf Of 
Jeffrey Ramsay
Sent: Tuesday, September 20, 2016 11:28 PM
To: CAS Community mailto:cas-user@apereo.org> >
Subject: [cas-user] Re: CAS Management App 5.0.0.RC2-SNAPSHOT



I found the problem and I'm able to access the console.



I tried to override the user-details.properties location by setting the 
following but it's clearly not working.

# user.details.file.location = classpath:user-details.properties
user.details.file.location=file:/etc/cas/5/dev/user-details.properties

-Jeff

On Sunday, September 18, 2016 at 7:51:13 PM UTC-4, Jeffrey Ramsay wrote:

I'm receiving this message "You are not authorized to access this resource. 
Contact your CAS administrator for more info." while trying to access the 
CAS management interface. I have tried using the "casuser" account along 
with my LDAP credentials but both accounts have failed. I tried adding my 
LDAP userid to the user-details.properties file but that too has been 
unsuccessful.

Has anyone been able to authenticate using LDAP as user store and the 
user-default.properties file to limit admin access? I tried the "cas.mgmt" 
options but that too has not been successful.


-Jeff

-- 
You received this message because you are subscribed to the Google Groups 
"CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an 
email to cas-user+unsubscr...@apereo.org 
<mailto:cas-user+unsubscr...@apereo.org> .
To post to this group, send email to cas-user@apereo.org 
<mailto:cas-user@apereo.org> .
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/bb241356-f071-492e-a274-281f149c3629%40apereo.org
 
<https://groups.google.com/a/apereo.org/d/msgid/cas-user/bb241356-f071-492e-a274-281f149c3629%40apereo.org?utm_medium=email&utm_source=footer>
 
.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an 
email to cas-user+unsubscr...@apereo.org 
<mailto:cas-user+unsubscr...@apereo.org> .
To post to this group, send email to cas-user@apereo.org 
<mailto:cas-user@apereo.org> .
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.

To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/00b501d2142e%24a4741d90%24ed5c58b0%24%40unicon.net
 
<https://groups.google.com/a/apereo.org/d/msgid/cas-user/00b501d2142e%24a4741d90%24ed5c58b0%24%40unicon.net?utm_medium=email&utm_source=footer>
 
.


For more options, visit https://groups.google.com/a/apereo.org/d/optout.



-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/01d21433%2449282120%24db786360%24%40unicon.net.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

Re: [cas-user] Re: CAS Management App 5.0.0.RC2-SNAPSHOT

[Jeffrey Ramsay]

It's hard to tell what will or will not work. The definition I shared
before was directly from the cas-management.properties file. Those lines
should probably be removed to avoid confusion.

# User details file location that contains list of users
# who are allowed access to the management webapp:
#
# user.details.file.location = classpath:user-details.properties
##
# JSON Service Registry
#
# Directory location where JSON service files may be found.
# service.registry.config.location=classpath:services

Thanks,
-Jeff

On Wed, Sep 21, 2016 at 1:36 PM, Misagh Moayyed  wrote:

> It most definitely won’t work, given that’s an invalid property. See:
>
> https://apereo.github.io/cas/development/installation/
> Configuration-Properties.html#management-webapp
>
>
>
> *From:* cas-user@apereo.org [mailto:cas-user@apereo.org] *On Behalf Of 
> *Jeffrey
> Ramsay
> *Sent:* Tuesday, September 20, 2016 11:28 PM
> *To:* CAS Community 
> *Subject:* [cas-user] Re: CAS Management App 5.0.0.RC2-SNAPSHOT
>
>
>
> I found the problem and I'm able to access the console.
>
>
> I tried to override the user-details.properties location by setting the
> following but it's clearly not working.
>
> # user.details.file.location = classpath:user-details.properties
> user.details.file.location=file:/etc/cas/5/dev/user-details.properties
>
> -Jeff
>
> On Sunday, September 18, 2016 at 7:51:13 PM UTC-4, Jeffrey Ramsay wrote:
>
> I'm receiving this message "You are not authorized to access this
> resource. Contact your CAS administrator for more info." while trying to
> access the CAS management interface. I have tried using the "casuser"
> account along with my LDAP credentials but both accounts have failed. I
> tried adding my LDAP userid to the user-details.properties file but that
> too has been unsuccessful.
>
> Has anyone been able to authenticate using LDAP as user store and the
> user-default.properties file to limit admin access? I tried the "cas.mgmt"
> options but that too has not been successful.
>
>
> -Jeff
>
> --
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To post to this group, send email to cas-user@apereo.org.
> Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/
> .
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/bb241356-f071-492e-a274-
> 281f149c3629%40apereo.org
> 
> .
> For more options, visit https://groups.google.com/a/apereo.org/d/optout.
>
> --
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To post to this group, send email to cas-user@apereo.org.
> Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/
> .
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/00b501d2142e%24a4741d90%
> 24ed5c58b0%24%40unicon.net
> 
> .
>
> For more options, visit https://groups.google.com/a/apereo.org/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYORnHKeQ%3Dd54_jcDR%2B8hgre4TbV%3D8iztdzHYeRELDU9E2g%40mail.gmail.com.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

RE: [cas-user] Re: CAS Management App 5.0.0.RC2-SNAPSHOT

[Misagh Moayyed]

It most definitely won’t work, given that’s an invalid property. See:

https://apereo.github.io/cas/development/installation/Configuration-Properties.html#management-webapp



From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of Jeffrey 
Ramsay
Sent: Tuesday, September 20, 2016 11:28 PM
To: CAS Community 
Subject: [cas-user] Re: CAS Management App 5.0.0.RC2-SNAPSHOT



I found the problem and I'm able to access the console.

I tried to override the user-details.properties location by setting the 
following but it's clearly not working.

# user.details.file.location = classpath:user-details.properties
user.details.file.location=file:/etc/cas/5/dev/user-details.properties

-Jeff

On Sunday, September 18, 2016 at 7:51:13 PM UTC-4, Jeffrey Ramsay wrote:

I'm receiving this message "You are not authorized to access this resource. 
Contact your CAS administrator for more info." while trying to access the 
CAS management interface. I have tried using the "casuser" account along 
with my LDAP credentials but both accounts have failed. I tried adding my 
LDAP userid to the user-details.properties file but that too has been 
unsuccessful.

Has anyone been able to authenticate using LDAP as user store and the 
user-default.properties file to limit admin access? I tried the "cas.mgmt" 
options but that too has not been successful.


-Jeff

-- 
You received this message because you are subscribed to the Google Groups 
"CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an 
email to cas-user+unsubscr...@apereo.org 
 .
To post to this group, send email to cas-user@apereo.org 
 .
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/bb241356-f071-492e-a274-281f149c3629%40apereo.org
 

 
.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/00b501d2142e%24a4741d90%24ed5c58b0%24%40unicon.net.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

Re: [cas-user] Re: CAS Management App 5.0.0.RC2-SNAPSHOT

[Jeffrey Ramsay]

Ok, how do I accomplish this? I have tried adding my userid 
to user-details.properties but do not want to have my password in clear 
text. So, what's the recipe to make this work?

jramsay=notused,ROLE_ADMIN

-Jeff


On Tuesday, September 20, 2016 at 11:04:30 AM UTC-4, Misagh Moayyed wrote:
>
> Yes, and yes. 
>
> --
> *From: *"Jeffrey Ramsay" >
> *To: *"CAS Community" >
> *Sent: *Tuesday, September 20, 2016 7:30:42 PM
> *Subject: *[cas-user] Re: CAS Management App 5.0.0.RC2-SNAPSHOT
>
> Is it possible to access the CAS 5 management console using an account 
> other than "casuser"? Is so, can the admin users be placed in a static file 
> and have their primary authentication source be LDAP? In CAS 3.4.x we only 
> had to add the matching userid to deployerConfigContext.xml -> 
> userDetailService block.
>
> -Jeff
>
> On Sunday, September 18, 2016 at 7:51:13 PM UTC-4, Jeffrey Ramsay wrote:
>>
>> I'm receiving this message "You are not authorized to access this 
>> resource. Contact your CAS administrator for more info." while trying to 
>> access the CAS management interface. I have tried using the "casuser" 
>> account along with my LDAP credentials but both accounts have failed. I 
>> tried adding my LDAP userid to the user-details.properties file but that 
>> too has been unsuccessful.
>>
>> Has anyone been able to authenticate using LDAP as user store and the 
>> user-default.properties file to limit admin access? I tried the "cas.mgmt" 
>> options but that too has not been successful.
>>
>>
>> -Jeff
>>
>
> -- 
> You received this message because you are subscribed to the Google Groups 
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to cas-user+u...@apereo.org .
> To post to this group, send email to cas-...@apereo.org .
> Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/
> .
> To view this discussion on the web visit 
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/00a20f52-eb8a-4dc3-a689-6f0ff15e44f5%40apereo.org
>  
> 
> .
> For more options, visit https://groups.google.com/a/apereo.org/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/2881588b-511c-4e5a-96da-472907ddcf9c%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

Re: [cas-user] Re: CAS Management App 5.0.0.RC2-SNAPSHOT

[Misagh Moayyed]

Yes, and yes. 


From: "Jeffrey Ramsay"  
To: "CAS Community"  
Sent: Tuesday, September 20, 2016 7:30:42 PM 
Subject: [cas-user] Re: CAS Management App 5.0.0.RC2-SNAPSHOT 

Is it possible to access the CAS 5 management console using an account other 
than "casuser"? Is so, can the admin users be placed in a static file and have 
their primary authentication source be LDAP? In CAS 3.4.x we only had to add 
the matching userid to deployerConfigContext.xml -> userDetailService block. 

-Jeff 

On Sunday, September 18, 2016 at 7:51:13 PM UTC-4, Jeffrey Ramsay wrote: 


I'm receiving this message "You are not authorized to access this resource. 
Contact your CAS administrator for more info." while trying to access the CAS 
management interface. I have tried using the "casuser" account along with my 
LDAP credentials but both accounts have failed. I tried adding my LDAP userid 
to the user-details.properties file but that too has been unsuccessful. 

Has anyone been able to authenticate using LDAP as user store and the 
user-default.properties file to limit admin access? I tried the "cas.mgmt" 
options but that too has not been successful. 


-Jeff 






-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group. 
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org . 
To post to this group, send email to cas-user@apereo.org . 
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/ . 
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/00a20f52-eb8a-4dc3-a689-6f0ff15e44f5%40apereo.org
 . 
For more options, visit https://groups.google.com/a/apereo.org/d/optout . 

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/390721844.1596956.1474383859707.JavaMail.zimbra%40unicon.net.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.