RE: [cas-user] Issues with deploying LDAP-based Service Registry (4.0.0)
Your ldap DAO is missing both the search filter and the load filter and they
should be automatically set by the code.
Try adding:
context:component-scan base-package=org.jasig.cas /
To your configuration.
From: David A. Kovacic [mailto:d...@case.edu]
Sent: Monday, August 4, 2014 10:32 AM
To: cas-user@lists.jasig.org
Subject: [cas-user] Issues with deploying LDAP-based Service Registry
(4.0.0)
We have been trying to get the LDAP service registry running on CAS 4.0.0 by
fleshing out the beans given in the 4.0.0 documentation. Essentially what
we've done is create the pooledLdapConnectionFactory and searchRequest
properties using our LDAP authentication setup as a template. The
ldapServiceMapper property does not appear to require more configuration (at
least when using the default LDAP attribute names) than is given in the
documentation (note that I've only pulled the pertinent pieces of the
deployerConfigContext.xml file below to help keep the size of this down to
something reasonable). The abstractConnectionPool stuff is shared between
the service registry and the authentication pieces. This is what our
deployerConfigContext.xml file looks like:
bean id=serviceRegistryDao
class=org.jasig.cas.adaptors.ldap.services.LdapServiceRegistryDao
p:connectionFactory-ref=servicePooledLdapConnectionFactory
p:searchRequest-ref=searchRequest
p:ldapServiceMapper-ref=ldapMapper /
bean id=servicePooledLdapConnectionFactory
class=org.ldaptive.pool.PooledConnectionFactory
p:connectionPool-ref=serviceConnectionPool /
bean id=serviceConnectionPool parent=abstractConnectionPool
p:connectionFactory-ref=serviceConnectionFactory /
bean id=abstractConnectionPool abstract=true
class=org.ldaptive.pool.BlockingConnectionPool
init-method=initialize
p:poolConfig-ref=ldapPoolConfig
p:blockWaitTime=${ldap.pool.blockWaitTime}
p:validator-ref=searchValidator
p:pruneStrategy-ref=pruneStrategy /
bean id=abstractConnectionConfig abstract=true
class=org.ldaptive.ConnectionConfig
p:ldapUrl=${ldap.url}
p:connectTimeout=${ldap.connectTimeout}
p:useStartTLS=${ldap.useStartTLS}
p:sslConfig-ref=sslConfig /
bean id=ldapPoolConfig class=org.ldaptive.pool.PoolConfig
p:minPoolSize=${ldap.pool.minSize}
p:maxPoolSize=${ldap.pool.maxSize}
p:validateOnCheckOut=${ldap.pool.validateOnCheckout}
p:validatePeriodically=${ldap.pool.validatePeriodically}
p:validatePeriod=${ldap.pool.validatePeriod} /
bean id=sslConfig class=org.ldaptive.ssl.SslConfig
property name=credentialConfig
bean class=org.ldaptive.ssl.X509CredentialConfig
p:trustCertificates=${ldap.trustedCert} /
/property
/bean
bean id=pruneStrategy class=org.ldaptive.pool.IdlePruneStrategy
p:prunePeriod=${ldap.pool.prunePeriod}
p:idleTime=${ldap.pool.idleTime} /
bean id=searchValidator class=org.ldaptive.pool.SearchValidator /
bean id=serviceConnectionFactory
class=org.ldaptive.DefaultConnectionFactory
p:connectionConfig-ref=serviceConnectionConfig /
bean id=serviceConnectionConfig parent=svcAbstractConnectionConfig
p:connectionInitializer-ref=serviceConnectionInitializer /
bean id=svcAbstractConnectionConfig abstract=true
class=org.ldaptive.ConnectionConfig
p:ldapUrl=${ldap.service.url}
p:connectTimeout=${ldap.connectTimeout}
p:useStartTLS=${ldap.useStartTLS}
p:sslConfig-ref=sslConfig /
bean id=serviceConnectionInitializer
class=org.ldaptive.BindConnectionInitializer
p:bindDn=${ldap.service.managerDn}
property name=bindCredential
bean class=org.ldaptive.Credential
c:password=${ldap.service.managerPassword} /
/property
/bean
bean id=searchRequest
class=org.ldaptive.SearchRequest
p:baseDn=${ldap.service.baseDn}
p:searchFilter=${ldap.service.searchFilter} /
bean id=ldapMapper
class=org.jasig.cas.adaptors.ldap.services.DefaultLdapServiceMapper/
Maven builds the package with no errors, but when we go to start up Tomcat
this is what we see:
INFO: Starting Servlet Engine: Apache Tomcat/7.0.54
Aug 04, 2014 1:06:50 PM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive
/opt/apache-tomcat-7.0.54/webapps/cas.war
2014-08-04 13:06:57,222 ERROR
[org.springframework.web.context.ContextLoader] - Context initialization
failed
org.springframework.beans.factory.BeanCreationException: Error creating bean
with name 'servicesManager' defined in ServletContext resource
[/WEB-INF/spring-configuration/applicationContext.xml]: Cannot resolve
reference to bean 'serviceRegistryDao' while setting
[cas-user] CAS 4.1 - Any release date planned?
Dear CAS users/developers, I'd like to ask whether there is any planned release date of CAS 4.1. We plan to upgrade our company CAS server and there are some new features in 4.1 we'd like to use, namely the integration with PAC4J. Unfortunately I was not able to find anything about 4.1 at the Roadmap page (https://wiki.jasig.org/display/CAS/CAS+Roadmap). Thank you in advance for your answer! Best Regards, -- Jaroslav Kačer IDC | Application Developer Phone: +420723914123 Mail: jka...@idc.com -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
[cas-user] Apereo Stack Exchange community
CAS Community, The Apereo foundation is discussing a better way of capturing technical documentation in QA form. We have a lot of technical information buried in the various mailing lists going back close to a decade. It was mentioned that this can be difficult to find amidst all of the other traffic, and finding the most current post about the topic. One of the options discussed was setting up a Stack Exchange community where technical (or other) questions can be posed and answered by members of the community, much like what is done now in the mailing list. The difference being it can be edited and tailored to be on point, and tagged appropriately. A big benefit to this approach is increasing visibility of the information and of the projects overall. The Apereo Community is at: http://area51.stackexchange.com/proposals/71959/apereo-projects Before a Stack Exchange community can be fully realized, it must receive some traction in forms of numbers of contributors, visits, reputation of contributors, number of answers etc. For those reasons, we'd encourage you to try out this community, submit posts and answer others. Regards, Misagh -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
Re: [cas-user] CAS 4.1 - Any release date planned?
Hi, I like people needing the new pac4j version ;-) So far, we haven't said anything about the release date. 4.0 was released in May so I personaly would not expect anything before the end of the year... Best regards, Jérôme LELEU Founder of CAS in the cloud: www.casinthecloud.com | Twitter: @leleuj Chairman of CAS: www.jasig.org/cas | Creator of pac4j: www.pac4j.org 2014-08-05 10:58 GMT+02:00 Jaroslav Kacer jka...@idc.com: Dear CAS users/developers, I’d like to ask whether there is any planned release date of CAS 4.1. We plan to upgrade our company CAS server and there are some new features in 4.1 we’d like to use, namely the integration with PAC4J. Unfortunately I was not able to find anything about 4.1 at the Roadmap page ( https://wiki.jasig.org/display/CAS/CAS+Roadmap). Thank you in advance for your answer! Best Regards, -- Jaroslav Kačer IDC | Application Developer Phone: +420723914123 Mail: jka...@idc.com -- You are currently subscribed to cas-user@lists.jasig.org as: lel...@gmail.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
Re: [cas-user] Issues with deploying LDAP-based Service Registry (4.0.0)
That goes into the deployerConfigContext.xml file right after the beans element like so, correct: beans xmlns=http://www.springframework.org/schema/beans; xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; xmlns:p=http://www.springframework.org/schema/p; xmlns:c=http://www.springframework.org/schema/c; xmlns:tx=http://www.springframework.org/schema/tx; xmlns:util=http://www.springframework.org/schema/util; xmlns:sec=http://www.springframework.org/schema/security; xsi:schemaLocation=http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.2.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd; *context:component-scan base-package=org.jasig.cas /* When I do that, I get the following error on startup: 2014-08-05 10:02:59,392 ERROR [org.jasig.cas.web.init.SafeContextLoaderListener] - SafeContextLoaderListener: The Spring ContextLoaderListener we wrap threw on contextInitialized. But for our having caught this error, the web application context would not have initialized. org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException: Line 47 in XML document from ServletContext resource [/WEB-INF/deployerConfigContext.xml] is invalid; nested exception is org.xml.sax.SAXParseException; lineNumber: 47; columnNumber: 86; The prefix context for element context:component-scan is not bound. at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:396) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:334) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:302) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:174) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:209) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:180) at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:125) at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:94) at org.springframework.context.support.AbstractRefreshableApplicationContext.refreshBeanFactory(AbstractRefreshableApplicationContext.java:130) at org.springframework.context.support.AbstractApplicationContext.obtainFreshBeanFactory(AbstractApplicationContext.java:537) at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:451) at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:389) at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:294) at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:112) at org.jasig.cas.web.init.SafeContextLoaderListener.contextInitialized(SafeContextLoaderListener.java:75) at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4973) at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5467) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:901) at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:877) at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:632) at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:1083) at org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1880) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) On 8/5/14 3:02 AM, Misagh Moayyed wrote: Your ldap DAO is missing both the search filter and the load filter and they should be automatically set by the code. Try adding: context:component-scan base-package=org.jasig.cas / To your configuration. *From:*David A. Kovacic [mailto:d...@case.edu] *Sent:* Monday, August 4, 2014 10:32 AM *To:* cas-user@lists.jasig.org *Subject:*
Re: [cas-user] Issues with deploying LDAP-based Service Registry (4.0.0)
Here you go:
#
# Licensed to Jasig under one or more contributor license
# agreements. See the NOTICE file distributed with this work
# for additional information regarding copyright ownership.
# Jasig licenses this file to you under the Apache License,
# Version 2.0 (the License); you may not use this file
# except in compliance with the License. You may obtain a
# copy of the License at the following location:
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# AS IS BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
#
server.name=http://localhost:8080
server.prefix=${server.name}/cas
# IP address or CIDR subnet allowed to access the /status URI of CAS
that exposes health check information
#cas.securityContext.status.allowedSubnet=127.0.0.1
cas.securityContext.status.allowedSubnet=129.22.114.201
cas.themeResolver.defaultThemeName=cas-theme-default
cas.viewResolver.basename=default_views
##
# Unique CAS node name
# host.name is used to generate unique Service Ticket IDs and
SAMLArtifacts. This is usually set to the specific
# hostname of the machine running the CAS node, but it could be any
label so long as it is unique in the cluster.
host.name=tapioca-dev.cwru.edu
##
# Database flavors for Hibernate
#
# One of these is needed if you are storing Services or Tickets in an
RDBMS via JPA.
#
# database.hibernate.dialect=org.hibernate.dialect.OracleDialect
# database.hibernate.dialect=org.hibernate.dialect.MySQLInnoDBDialect
# database.hibernate.dialect=org.hibernate.dialect.HSQLDialect
##
# CAS Logout Behavior
# WEB-INF/cas-servlet.xml
#
# Specify whether CAS should redirect to the specified service parameter
on /logout requests
# cas.logout.followServiceRedirects=false
##
# Single Sign-On Session Timeouts
# Defaults sourced from
WEB-INF/spring-configuration/ticketExpirationPolices.xml
#
# Maximum session timeout - TGT will expire in maxTimeToLiveInSeconds
regardless of usage
tgt.maxTimeToLiveInSeconds=86400
#
# Idle session timeout - TGT will expire sooner than
maxTimeToLiveInSeconds if no further requests
# for STs occur within timeToKillInSeconds
tgt.timeToKillInSeconds=21600
##
# Service Ticket Timeout
# Default sourced from
WEB-INF/spring-configuration/ticketExpirationPolices.xml
#
# Service Ticket timeout - typically kept short as a control against
replay attacks, default is 10s. You'll want to
# increase this timeout if you are manually testing service ticket
creation/validation via tamperdata or similar tools
st.timeToKillInSeconds=10
##
# Single Logout Out Callbacks
# Default sourced from
WEB-INF/spring-configuration/argumentExtractorsConfiguration.xml
#
# To turn off all back channel SLO requests set slo.disabled to true
# slo.callbacks.disabled=false
##
# Service Registry Periodic Reloading Scheduler
# Default sourced from WEB-INF/spring-configuration/applicationContext.xml
#
# Force a startup delay of 2 minutes.
service.registry.quartz.reloader.startDelay=12
#
# Reload services every 2 minutes
service.registry.quartz.reloader.repeatInterval=12
## Log4J
#log4j.config.location=/etc/cas/log4j.xml
#log4j.refresh.interval=6
##
# Password Policy
#
# Warn all users of expiration date regardless of warningDays value.
password.policy.warnAll=false
# Threshold number of days to begin displaying password expiration warnings.
password.policy.warningDays=30
# URL to which the user will be redirected to change the passsword.
password.policy.url=https://its-services.case.edu/my-case-identity/password/change
##
# LDAP Authentication properties
#
# General properties
#
ldap.url=ldap://ldap-test.cwru.edu
ldap.service.url=ldap://ldap-test.cwru.edu
# LDAP connection timeout in milliseconds
ldap.connectTimeout=3000
# Whether to use StartTLS (probably needed if not SSL connection)
ldap.useStartTLS=true
ldap.trustedCert=file:/etc/cas/ldap-certs
#
# LDAP connection pool configuration
#
ldap.pool.minSize=3
ldap.pool.maxSize=10
ldap.pool.validateOnCheckout=false
ldap.pool.validatePeriodically=true
# Amount of time in milliseconds to block on pool exhausted condition
# before giving up.
ldap.pool.blockWaitTime=3000
# Frequency of connection validation in seconds
# Only applies if validatePeriodically=true
ldap.pool.validatePeriod=300
# Attempt to prune connections every N seconds
ldap.pool.prunePeriod=300
# Maximum amount of time an idle connection is allowed to be in
# pool before it is liable to be removed/destroyed
ldap.pool.idleTime=600
#
# Service Ticket Registry
#
# Base DN of users to
Re: [cas-user] Issues with deploying LDAP-based Service Registry (4.0.0)
Hi David, You need to add the context namespace and schema to the beans definition: Before the schemaLocation add: xmlns:context=http://www.springframework.org/schema/context; in schemaLocation attribute add: http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd On 8/5/14, 7:11 AM, David A. Kovacic wrote: That goes into the deployerConfigContext.xml file right after the beans element like so, correct: beans xmlns=http://www.springframework.org/schema/beans; xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; xmlns:p=http://www.springframework.org/schema/p; xmlns:c=http://www.springframework.org/schema/c; xmlns:tx=http://www.springframework.org/schema/tx; xmlns:util=http://www.springframework.org/schema/util; xmlns:sec=http://www.springframework.org/schema/security; xsi:schemaLocation=http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.2.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd; *context:component-scan base-package=org.jasig.cas /* When I do that, I get the following error on startup: 2014-08-05 10:02:59,392 ERROR [org.jasig.cas.web.init.SafeContextLoaderListener] - SafeContextLoaderListener: The Spring ContextLoaderListener we wrap threw on contextInitialized. But for our having caught this error, the web application context would not have initialized. org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException: Line 47 in XML document from ServletContext resource [/WEB-INF/deployerConfigContext.xml] is invalid; nested exception is org.xml.sax.SAXParseException; lineNumber: 47; columnNumber: 86; The prefix context for element context:component-scan is not bound. at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:396) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:334) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:302) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:174) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:209) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:180) at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:125) at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:94) at org.springframework.context.support.AbstractRefreshableApplicationContext.refreshBeanFactory(AbstractRefreshableApplicationContext.java:130) at org.springframework.context.support.AbstractApplicationContext.obtainFreshBeanFactory(AbstractApplicationContext.java:537) at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:451) at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:389) at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:294) at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:112) at org.jasig.cas.web.init.SafeContextLoaderListener.contextInitialized(SafeContextLoaderListener.java:75) at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4973) at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5467) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:901) at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:877) at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:632) at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:1083) at org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1880) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at
RE: [cas-user] Java-sourced custom attributes not being released
You'll need to configure what the allowed attributes are. By default nothing is released...and you likely don’t need the attributeFilter because that only operates on attributes values, and not the names itself. http://jasig.github.io/cas/4.0.0/integration/Attribute-Release.html 4.1 cleans up some of this. -Original Message- From: Richard Wiseman [mailto:richard.wise...@bt.com] Sent: Tuesday, August 5, 2014 6:43 AM To: cas-user@lists.jasig.org Subject: [cas-user] Java-sourced custom attributes not being released This is probably a simple configuration problem, but I have been searching around for ages and can't find out what I've done wrong! I've got some Java that checks user credentials in a custom way (they're stored in a database but I don't think that's relevant). My class extends AbstractJdbcUsernamePasswordAuthenticationHandler and the authenticateUsernamePasswordInternal method ends with: return createHandlerResult(credential, new SimplePrincipal(username, attributes), null); The attributes variable is a HashMapString,Object that I populate just beforehand. This class works (in that it correctly allows/denies access), but doesn't return any of my custom attributes. I've got the following inside the deployerConfigContext.xml's default RegexRegisteredService bean: bean class=org.jasig.cas.services.RegexRegisteredService property name=id value=1 / property name=name value=Allow HTTP(S) / property name=description value=Allows HTTP(S) / property name=serviceId value=^https?://.* / property name=evaluationOrder value=0 / property name=attributeFilter bean class=org.jasig.cas.services.support.RegisteredServiceRegexAttributeFilter c:regex=^\w+$ / /property /bean (I'm confident that this bean is being used because I initially had the serviceId attribute's value without the question mark and so my non-HTTPS service wasn't allowed to use CAS.) So in summary, I was expecting some cas:attribute name=... elements to appear in the cas:serviceResponse ... element, but they aren't for some reason. What have I missed, misunderstood or messed up? Thanks, Richard -- You are currently subscribed to cas-user@lists.jasig.org as: mmoay...@unicon.net To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
Re: [cas-user] Issues with deploying LDAP-based Service Registry (4.0.0)
Wow! That last looks to have done it. This time when Tomcat started up it started with the log entry loading 0 service and access to the pages was denied with service not registered errors (correct behavior). When I hand-entered the stub HTTP and IMAP service into the correct location in our LDAP server, the logs show a load of 1 service and access to the login page is restored (again correct behavior). Now I just need to get the cas-management webapp up and running and we can move on to the next step of our deployment. Thanks to all who offered assistance getting us over this hurdle. Dave On 8/5/14 11:48 AM, John Gasper wrote: Hi David, You need to add the context namespace and schema to the beans definition: Before the schemaLocation add: xmlns:context=http://www.springframework.org/schema/context; in schemaLocation attribute add: http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd On 8/5/14, 7:11 AM, David A. Kovacic wrote: That goes into the deployerConfigContext.xml file right after the beans element like so, correct: beans xmlns=http://www.springframework.org/schema/beans; xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; xmlns:p=http://www.springframework.org/schema/p; xmlns:c=http://www.springframework.org/schema/c; xmlns:tx=http://www.springframework.org/schema/tx; xmlns:util=http://www.springframework.org/schema/util; xmlns:sec=http://www.springframework.org/schema/security; xsi:schemaLocation=http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.2.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd; *context:component-scan base-package=org.jasig.cas /* When I do that, I get the following error on startup: 2014-08-05 10:02:59,392 ERROR [org.jasig.cas.web.init.SafeContextLoaderListener] - SafeContextLoaderListener: The Spring ContextLoaderListener we wrap threw on contextInitialized. But for our having caught this error, the web application context would not have initialized. org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException: Line 47 in XML document from ServletContext resource [/WEB-INF/deployerConfigContext.xml] is invalid; nested exception is org.xml.sax.SAXParseException; lineNumber: 47; columnNumber: 86; The prefix context for element context:component-scan is not bound. at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:396) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:334) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:302) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:174) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:209) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:180) at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:125) at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:94) at org.springframework.context.support.AbstractRefreshableApplicationContext.refreshBeanFactory(AbstractRefreshableApplicationContext.java:130) at org.springframework.context.support.AbstractApplicationContext.obtainFreshBeanFactory(AbstractApplicationContext.java:537) at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:451) at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:389) at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:294) at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:112) at org.jasig.cas.web.init.SafeContextLoaderListener.contextInitialized(SafeContextLoaderListener.java:75) at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4973) at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5467) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) at
[cas-user] Manually writing CASTGC cookie CAS4
Hi , I have a scenario where I am authenticating a user by using CAS's REST api and writing the returned cookie to response The thought was when a secured page is encountered and user goes to CAS's login page, he will get logged in using the CASTGC cookie. But this doesn't work correctly as CASTGC cookie is not read by the page. The question here is: 1. Is this the correct way of doing programmatic log in.? ( As in this scenario I can't show cas's login page, user logs In using a separate form) 2. I see a CASPRIVACY cookie also coming up now, what is the use of this cookie and do I need to write this as well to response? Regards Puneet Goyal -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
Re: [cas-user] Manually writing CASTGC cookie CAS4
Only the CAS server can set the CASTGC cookie and it can only do that when being directly interacted with via the web browser. If you need the cookie set in the web browser, there must be some interaction with the CAS server. On Tue, Aug 5, 2014 at 9:23 PM, Puneet Goyal pgo...@qasource.com wrote: Hi , I have a scenario where I am authenticating a user by using CAS’s REST api and writing the returned cookie to response The thought was when a secured page is encountered and user goes to CAS’s login page, he will get logged in using the CASTGC cookie. But this doesn’t work correctly as CASTGC cookie is not read by the page. *The question here is:* *1. **Is this the correct way of doing programmatic log in.? ( As in this scenario I can’t show cas’s login page, user logs In using a separate form)* *2. **I see a CASPRIVACY cookie also coming up now, what is the use of this cookie and do I need to write this as well to response?* Regards Puneet Goyal -- You are currently subscribed to cas-user@lists.jasig.org as: scott.battag...@gmail.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
