RE: [cas-user] Issues with deploying LDAP-based Service Registry (4.0.0)
Your ldap DAO is missing both the search filter and the load filter and they should be automatically set by the code. Try adding: context:component-scan base-package=org.jasig.cas / To your configuration. From: David A. Kovacic [mailto:d...@case.edu] Sent: Monday, August 4, 2014 10:32 AM To: cas-user@lists.jasig.org Subject: [cas-user] Issues with deploying LDAP-based Service Registry (4.0.0) We have been trying to get the LDAP service registry running on CAS 4.0.0 by fleshing out the beans given in the 4.0.0 documentation. Essentially what we've done is create the pooledLdapConnectionFactory and searchRequest properties using our LDAP authentication setup as a template. The ldapServiceMapper property does not appear to require more configuration (at least when using the default LDAP attribute names) than is given in the documentation (note that I've only pulled the pertinent pieces of the deployerConfigContext.xml file below to help keep the size of this down to something reasonable). The abstractConnectionPool stuff is shared between the service registry and the authentication pieces. This is what our deployerConfigContext.xml file looks like: bean id=serviceRegistryDao class=org.jasig.cas.adaptors.ldap.services.LdapServiceRegistryDao p:connectionFactory-ref=servicePooledLdapConnectionFactory p:searchRequest-ref=searchRequest p:ldapServiceMapper-ref=ldapMapper / bean id=servicePooledLdapConnectionFactory class=org.ldaptive.pool.PooledConnectionFactory p:connectionPool-ref=serviceConnectionPool / bean id=serviceConnectionPool parent=abstractConnectionPool p:connectionFactory-ref=serviceConnectionFactory / bean id=abstractConnectionPool abstract=true class=org.ldaptive.pool.BlockingConnectionPool init-method=initialize p:poolConfig-ref=ldapPoolConfig p:blockWaitTime=${ldap.pool.blockWaitTime} p:validator-ref=searchValidator p:pruneStrategy-ref=pruneStrategy / bean id=abstractConnectionConfig abstract=true class=org.ldaptive.ConnectionConfig p:ldapUrl=${ldap.url} p:connectTimeout=${ldap.connectTimeout} p:useStartTLS=${ldap.useStartTLS} p:sslConfig-ref=sslConfig / bean id=ldapPoolConfig class=org.ldaptive.pool.PoolConfig p:minPoolSize=${ldap.pool.minSize} p:maxPoolSize=${ldap.pool.maxSize} p:validateOnCheckOut=${ldap.pool.validateOnCheckout} p:validatePeriodically=${ldap.pool.validatePeriodically} p:validatePeriod=${ldap.pool.validatePeriod} / bean id=sslConfig class=org.ldaptive.ssl.SslConfig property name=credentialConfig bean class=org.ldaptive.ssl.X509CredentialConfig p:trustCertificates=${ldap.trustedCert} / /property /bean bean id=pruneStrategy class=org.ldaptive.pool.IdlePruneStrategy p:prunePeriod=${ldap.pool.prunePeriod} p:idleTime=${ldap.pool.idleTime} / bean id=searchValidator class=org.ldaptive.pool.SearchValidator / bean id=serviceConnectionFactory class=org.ldaptive.DefaultConnectionFactory p:connectionConfig-ref=serviceConnectionConfig / bean id=serviceConnectionConfig parent=svcAbstractConnectionConfig p:connectionInitializer-ref=serviceConnectionInitializer / bean id=svcAbstractConnectionConfig abstract=true class=org.ldaptive.ConnectionConfig p:ldapUrl=${ldap.service.url} p:connectTimeout=${ldap.connectTimeout} p:useStartTLS=${ldap.useStartTLS} p:sslConfig-ref=sslConfig / bean id=serviceConnectionInitializer class=org.ldaptive.BindConnectionInitializer p:bindDn=${ldap.service.managerDn} property name=bindCredential bean class=org.ldaptive.Credential c:password=${ldap.service.managerPassword} / /property /bean bean id=searchRequest class=org.ldaptive.SearchRequest p:baseDn=${ldap.service.baseDn} p:searchFilter=${ldap.service.searchFilter} / bean id=ldapMapper class=org.jasig.cas.adaptors.ldap.services.DefaultLdapServiceMapper/ Maven builds the package with no errors, but when we go to start up Tomcat this is what we see: INFO: Starting Servlet Engine: Apache Tomcat/7.0.54 Aug 04, 2014 1:06:50 PM org.apache.catalina.startup.HostConfig deployWAR INFO: Deploying web application archive /opt/apache-tomcat-7.0.54/webapps/cas.war 2014-08-04 13:06:57,222 ERROR [org.springframework.web.context.ContextLoader] - Context initialization failed org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'servicesManager' defined in ServletContext resource [/WEB-INF/spring-configuration/applicationContext.xml]: Cannot resolve reference to bean 'serviceRegistryDao' while setting
Re: [cas-user] Issues with deploying LDAP-based Service Registry (4.0.0)
:* [cas-user] Issues with deploying LDAP-based Service Registry (4.0.0) We have been trying to get the LDAP service registry running on CAS 4.0.0 by fleshing out the beans given in the 4.0.0 documentation. Essentially what we've done is create the pooledLdapConnectionFactory and searchRequest properties using our LDAP authentication setup as a template. The ldapServiceMapper property does not appear to require more configuration (at least when using the default LDAP attribute names) than is given in the documentation (note that I've only pulled the pertinent pieces of the deployerConfigContext.xml file below to help keep the size of this down to something reasonable). The abstractConnectionPool stuff is shared between the service registry and the authentication pieces. This is what our deployerConfigContext.xml file looks like: bean id=serviceRegistryDao class=org.jasig.cas.adaptors.ldap.services.LdapServiceRegistryDao p:connectionFactory-ref=servicePooledLdapConnectionFactory p:searchRequest-ref=searchRequest p:ldapServiceMapper-ref=ldapMapper / bean id=servicePooledLdapConnectionFactory class=org.ldaptive.pool.PooledConnectionFactory p:connectionPool-ref=serviceConnectionPool / bean id=serviceConnectionPool parent=abstractConnectionPool p:connectionFactory-ref=serviceConnectionFactory / bean id=abstractConnectionPool abstract=true class=org.ldaptive.pool.BlockingConnectionPool init-method=initialize p:poolConfig-ref=ldapPoolConfig p:blockWaitTime=${ldap.pool.blockWaitTime} p:validator-ref=searchValidator p:pruneStrategy-ref=pruneStrategy / bean id=abstractConnectionConfig abstract=true class=org.ldaptive.ConnectionConfig p:ldapUrl=${ldap.url} p:connectTimeout=${ldap.connectTimeout} p:useStartTLS=${ldap.useStartTLS} p:sslConfig-ref=sslConfig / bean id=ldapPoolConfig class=org.ldaptive.pool.PoolConfig p:minPoolSize=${ldap.pool.minSize} p:maxPoolSize=${ldap.pool.maxSize} p:validateOnCheckOut=${ldap.pool.validateOnCheckout} p:validatePeriodically=${ldap.pool.validatePeriodically} p:validatePeriod=${ldap.pool.validatePeriod} / bean id=sslConfig class=org.ldaptive.ssl.SslConfig property name=credentialConfig bean class=org.ldaptive.ssl.X509CredentialConfig p:trustCertificates=${ldap.trustedCert} / /property /bean bean id=pruneStrategy class=org.ldaptive.pool.IdlePruneStrategy p:prunePeriod=${ldap.pool.prunePeriod} p:idleTime=${ldap.pool.idleTime} / bean id=searchValidator class=org.ldaptive.pool.SearchValidator / bean id=serviceConnectionFactory class=org.ldaptive.DefaultConnectionFactory p:connectionConfig-ref=serviceConnectionConfig / bean id=serviceConnectionConfig parent=svcAbstractConnectionConfig p:connectionInitializer-ref=serviceConnectionInitializer / bean id=svcAbstractConnectionConfig abstract=true class=org.ldaptive.ConnectionConfig p:ldapUrl=${ldap.service.url} p:connectTimeout=${ldap.connectTimeout} p:useStartTLS=${ldap.useStartTLS} p:sslConfig-ref=sslConfig / bean id=serviceConnectionInitializer class=org.ldaptive.BindConnectionInitializer p:bindDn=${ldap.service.managerDn} property name=bindCredential bean class=org.ldaptive.Credential c:password=${ldap.service.managerPassword} / /property /bean bean id=searchRequest class=org.ldaptive.SearchRequest p:baseDn=${ldap.service.baseDn} p:searchFilter=${ldap.service.searchFilter} / bean id=ldapMapper class=org.jasig.cas.adaptors.ldap.services.DefaultLdapServiceMapper/ Maven builds the package with no errors, but when we go to start up Tomcat this is what we see: INFO: Starting Servlet Engine: Apache Tomcat/7.0.54 Aug 04, 2014 1:06:50 PM org.apache.catalina.startup.HostConfig deployWAR INFO: Deploying web application archive /opt/apache-tomcat-7.0.54/webapps/cas.war 2014-08-04 13:06:57,222 ERROR [org.springframework.web.context.ContextLoader] - Context initialization failed org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'servicesManager' defined in ServletContext resource [/WEB-INF/spring-configuration/applicationContext.xml]: Cannot resolve reference to bean 'serviceRegistryDao' while setting constructor argument; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'serviceRegistryDao' defined in ServletContext resource [/WEB-INF/deployerConfigContext.xml]: Initialization of bean failed
Re: [cas-user] Issues with deploying LDAP-based Service Registry (4.0.0)
Here you go: # # Licensed to Jasig under one or more contributor license # agreements. See the NOTICE file distributed with this work # for additional information regarding copyright ownership. # Jasig licenses this file to you under the Apache License, # Version 2.0 (the License); you may not use this file # except in compliance with the License. You may obtain a # copy of the License at the following location: # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, # software distributed under the License is distributed on an # AS IS BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY # KIND, either express or implied. See the License for the # specific language governing permissions and limitations # under the License. # server.name=http://localhost:8080 server.prefix=${server.name}/cas # IP address or CIDR subnet allowed to access the /status URI of CAS that exposes health check information #cas.securityContext.status.allowedSubnet=127.0.0.1 cas.securityContext.status.allowedSubnet=129.22.114.201 cas.themeResolver.defaultThemeName=cas-theme-default cas.viewResolver.basename=default_views ## # Unique CAS node name # host.name is used to generate unique Service Ticket IDs and SAMLArtifacts. This is usually set to the specific # hostname of the machine running the CAS node, but it could be any label so long as it is unique in the cluster. host.name=tapioca-dev.cwru.edu ## # Database flavors for Hibernate # # One of these is needed if you are storing Services or Tickets in an RDBMS via JPA. # # database.hibernate.dialect=org.hibernate.dialect.OracleDialect # database.hibernate.dialect=org.hibernate.dialect.MySQLInnoDBDialect # database.hibernate.dialect=org.hibernate.dialect.HSQLDialect ## # CAS Logout Behavior # WEB-INF/cas-servlet.xml # # Specify whether CAS should redirect to the specified service parameter on /logout requests # cas.logout.followServiceRedirects=false ## # Single Sign-On Session Timeouts # Defaults sourced from WEB-INF/spring-configuration/ticketExpirationPolices.xml # # Maximum session timeout - TGT will expire in maxTimeToLiveInSeconds regardless of usage tgt.maxTimeToLiveInSeconds=86400 # # Idle session timeout - TGT will expire sooner than maxTimeToLiveInSeconds if no further requests # for STs occur within timeToKillInSeconds tgt.timeToKillInSeconds=21600 ## # Service Ticket Timeout # Default sourced from WEB-INF/spring-configuration/ticketExpirationPolices.xml # # Service Ticket timeout - typically kept short as a control against replay attacks, default is 10s. You'll want to # increase this timeout if you are manually testing service ticket creation/validation via tamperdata or similar tools st.timeToKillInSeconds=10 ## # Single Logout Out Callbacks # Default sourced from WEB-INF/spring-configuration/argumentExtractorsConfiguration.xml # # To turn off all back channel SLO requests set slo.disabled to true # slo.callbacks.disabled=false ## # Service Registry Periodic Reloading Scheduler # Default sourced from WEB-INF/spring-configuration/applicationContext.xml # # Force a startup delay of 2 minutes. service.registry.quartz.reloader.startDelay=12 # # Reload services every 2 minutes service.registry.quartz.reloader.repeatInterval=12 ## Log4J #log4j.config.location=/etc/cas/log4j.xml #log4j.refresh.interval=6 ## # Password Policy # # Warn all users of expiration date regardless of warningDays value. password.policy.warnAll=false # Threshold number of days to begin displaying password expiration warnings. password.policy.warningDays=30 # URL to which the user will be redirected to change the passsword. password.policy.url=https://its-services.case.edu/my-case-identity/password/change ## # LDAP Authentication properties # # General properties # ldap.url=ldap://ldap-test.cwru.edu ldap.service.url=ldap://ldap-test.cwru.edu # LDAP connection timeout in milliseconds ldap.connectTimeout=3000 # Whether to use StartTLS (probably needed if not SSL connection) ldap.useStartTLS=true ldap.trustedCert=file:/etc/cas/ldap-certs # # LDAP connection pool configuration # ldap.pool.minSize=3 ldap.pool.maxSize=10 ldap.pool.validateOnCheckout=false ldap.pool.validatePeriodically=true # Amount of time in milliseconds to block on pool exhausted condition # before giving up. ldap.pool.blockWaitTime=3000 # Frequency of connection validation in seconds # Only applies if validatePeriodically=true ldap.pool.validatePeriod=300 # Attempt to prune connections every N seconds ldap.pool.prunePeriod=300 # Maximum amount of time an idle connection is allowed to be in # pool before it is liable to be removed/destroyed ldap.pool.idleTime=600 # # Service Ticket Registry # # Base DN of users to
Re: [cas-user] Issues with deploying LDAP-based Service Registry (4.0.0)
(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) On 8/5/14 3:02 AM, Misagh Moayyed wrote: Your ldap DAO is missing both the search filter and the load filter and they should be automatically set by the code. Try adding: context:component-scan base-package=org.jasig.cas / To your configuration. *From:*David A. Kovacic [mailto:d...@case.edu] *Sent:* Monday, August 4, 2014 10:32 AM *To:* cas-user@lists.jasig.org *Subject:* [cas-user] Issues with deploying LDAP-based Service Registry (4.0.0) We have been trying to get the LDAP service registry running on CAS 4.0.0 by fleshing out the beans given in the 4.0.0 documentation. Essentially what we've done is create the pooledLdapConnectionFactory and searchRequest properties using our LDAP authentication setup as a template. The ldapServiceMapper property does not appear to require more configuration (at least when using the default LDAP attribute names) than is given in the documentation (note that I've only pulled the pertinent pieces of the deployerConfigContext.xml file below to help keep the size of this down to something reasonable). The abstractConnectionPool stuff is shared between the service registry and the authentication pieces. This is what our deployerConfigContext.xml file looks like: bean id=serviceRegistryDao class=org.jasig.cas.adaptors.ldap.services.LdapServiceRegistryDao p:connectionFactory-ref=servicePooledLdapConnectionFactory p:searchRequest-ref=searchRequest p:ldapServiceMapper-ref=ldapMapper / bean id=servicePooledLdapConnectionFactory class=org.ldaptive.pool.PooledConnectionFactory p:connectionPool-ref=serviceConnectionPool / bean id=serviceConnectionPool parent=abstractConnectionPool p:connectionFactory-ref=serviceConnectionFactory / bean id=abstractConnectionPool abstract=true class=org.ldaptive.pool.BlockingConnectionPool init-method=initialize p:poolConfig-ref=ldapPoolConfig p:blockWaitTime=${ldap.pool.blockWaitTime} p:validator-ref=searchValidator p:pruneStrategy-ref=pruneStrategy / bean id=abstractConnectionConfig abstract=true class=org.ldaptive.ConnectionConfig p:ldapUrl=${ldap.url} p:connectTimeout=${ldap.connectTimeout} p:useStartTLS=${ldap.useStartTLS} p:sslConfig-ref=sslConfig / bean id=ldapPoolConfig class=org.ldaptive.pool.PoolConfig p:minPoolSize=${ldap.pool.minSize} p:maxPoolSize=${ldap.pool.maxSize} p:validateOnCheckOut=${ldap.pool.validateOnCheckout} p:validatePeriodically=${ldap.pool.validatePeriodically} p:validatePeriod=${ldap.pool.validatePeriod} / bean id=sslConfig class=org.ldaptive.ssl.SslConfig property name=credentialConfig bean class=org.ldaptive.ssl.X509CredentialConfig p:trustCertificates=${ldap.trustedCert} / /property /bean bean id=pruneStrategy class=org.ldaptive.pool.IdlePruneStrategy p:prunePeriod=${ldap.pool.prunePeriod} p:idleTime=${ldap.pool.idleTime} / bean id=searchValidator class=org.ldaptive.pool.SearchValidator / bean id=serviceConnectionFactory class=org.ldaptive.DefaultConnectionFactory p:connectionConfig-ref=serviceConnectionConfig / bean id=serviceConnectionConfig parent=svcAbstractConnectionConfig p:connectionInitializer-ref=serviceConnectionInitializer / bean id=svcAbstractConnectionConfig abstract=true class=org.ldaptive.ConnectionConfig p:ldapUrl=${ldap.service.url} p:connectTimeout=${ldap.connectTimeout} p:useStartTLS=${ldap.useStartTLS} p:sslConfig-ref=sslConfig / bean id=serviceConnectionInitializer class=org.ldaptive.BindConnectionInitializer p:bindDn=${ldap.service.managerDn} property name=bindCredential bean class=org.ldaptive.Credential c:password=${ldap.service.managerPassword} / /property /bean bean id=searchRequest class=org.ldaptive.SearchRequest p:baseDn=${ldap.service.baseDn} p:searchFilter=${ldap.service.searchFilter} / bean id=ldapMapper class=org.jasig.cas.adaptors.ldap.services.DefaultLdapServiceMapper/ Maven builds the package with no errors, but when we go to start up Tomcat this is what we see: INFO: Starting Servlet Engine: Apache Tomcat/7.0.54 Aug 04, 2014 1:06:50 PM org.apache.catalina.startup.HostConfig deployWAR INFO: Deploying web application archive /opt/apache-tomcat-7.0.54/webapps/cas.war 2014-08-04 13:06:57,222 ERROR [org.springframework.web.context.ContextLoader] - Context initialization failed org.springframework.beans.factory.BeanCreationException: Error
Re: [cas-user] Issues with deploying LDAP-based Service Registry (4.0.0)
(ContainerBase.java:901) at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:877) at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:632) at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:1083) at org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1880) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) On 8/5/14 3:02 AM, Misagh Moayyed wrote: Your ldap DAO is missing both the search filter and the load filter and they should be automatically set by the code. Try adding: context:component-scan base-package=org.jasig.cas / To your configuration. *From:*David A. Kovacic [mailto:d...@case.edu] *Sent:* Monday, August 4, 2014 10:32 AM *To:* cas-user@lists.jasig.org *Subject:* [cas-user] Issues with deploying LDAP-based Service Registry (4.0.0) We have been trying to get the LDAP service registry running on CAS 4.0.0 by fleshing out the beans given in the 4.0.0 documentation. Essentially what we've done is create the pooledLdapConnectionFactory and searchRequest properties using our LDAP authentication setup as a template. The ldapServiceMapper property does not appear to require more configuration (at least when using the default LDAP attribute names) than is given in the documentation (note that I've only pulled the pertinent pieces of the deployerConfigContext.xml file below to help keep the size of this down to something reasonable). The abstractConnectionPool stuff is shared between the service registry and the authentication pieces. This is what our deployerConfigContext.xml file looks like: bean id=serviceRegistryDao class=org.jasig.cas.adaptors.ldap.services.LdapServiceRegistryDao p:connectionFactory-ref=servicePooledLdapConnectionFactory p:searchRequest-ref=searchRequest p:ldapServiceMapper-ref=ldapMapper / bean id=servicePooledLdapConnectionFactory class=org.ldaptive.pool.PooledConnectionFactory p:connectionPool-ref=serviceConnectionPool / bean id=serviceConnectionPool parent=abstractConnectionPool p:connectionFactory-ref=serviceConnectionFactory / bean id=abstractConnectionPool abstract=true class=org.ldaptive.pool.BlockingConnectionPool init-method=initialize p:poolConfig-ref=ldapPoolConfig p:blockWaitTime=${ldap.pool.blockWaitTime} p:validator-ref=searchValidator p:pruneStrategy-ref=pruneStrategy / bean id=abstractConnectionConfig abstract=true class=org.ldaptive.ConnectionConfig p:ldapUrl=${ldap.url} p:connectTimeout=${ldap.connectTimeout} p:useStartTLS=${ldap.useStartTLS} p:sslConfig-ref=sslConfig / bean id=ldapPoolConfig class=org.ldaptive.pool.PoolConfig p:minPoolSize=${ldap.pool.minSize} p:maxPoolSize=${ldap.pool.maxSize} p:validateOnCheckOut=${ldap.pool.validateOnCheckout} p:validatePeriodically=${ldap.pool.validatePeriodically} p:validatePeriod=${ldap.pool.validatePeriod} / bean id=sslConfig class=org.ldaptive.ssl.SslConfig property name=credentialConfig bean class=org.ldaptive.ssl.X509CredentialConfig p:trustCertificates=${ldap.trustedCert} / /property /bean bean id=pruneStrategy class=org.ldaptive.pool.IdlePruneStrategy p:prunePeriod=${ldap.pool.prunePeriod} p:idleTime=${ldap.pool.idleTime} / bean id=searchValidator class=org.ldaptive.pool.SearchValidator / bean id=serviceConnectionFactory class=org.ldaptive.DefaultConnectionFactory p:connectionConfig-ref=serviceConnectionConfig / bean id=serviceConnectionConfig parent=svcAbstractConnectionConfig p:connectionInitializer-ref=serviceConnectionInitializer / bean id=svcAbstractConnectionConfig abstract=true class=org.ldaptive.ConnectionConfig p:ldapUrl=${ldap.service.url} p:connectTimeout=${ldap.connectTimeout} p:useStartTLS=${ldap.useStartTLS} p:sslConfig-ref=sslConfig / bean id=serviceConnectionInitializer class=org.ldaptive.BindConnectionInitializer p:bindDn=${ldap.service.managerDn} property name=bindCredential bean class=org.ldaptive.Credential c:password=${ldap.service.managerPassword} / /property /bean bean id=searchRequest class=org.ldaptive.SearchRequest p:baseDn=${ldap.service.baseDn
[cas-user] Issues with deploying LDAP-based Service Registry (4.0.0)
We have been trying to get the LDAP service registry running on CAS 4.0.0 by fleshing out the beans given in the 4.0.0 documentation. Essentially what we've done is create the pooledLdapConnectionFactory and searchRequest properties using our LDAP authentication setup as a template. The ldapServiceMapper property does not appear to require more configuration (at least when using the default LDAP attribute names) than is given in the documentation (note that I've only pulled the pertinent pieces of the deployerConfigContext.xml file below to help keep the size of this down to something reasonable). The abstractConnectionPool stuff is shared between the service registry and the authentication pieces. This is what our deployerConfigContext.xml file looks like: bean id=serviceRegistryDao class=org.jasig.cas.adaptors.ldap.services.LdapServiceRegistryDao p:connectionFactory-ref=servicePooledLdapConnectionFactory p:searchRequest-ref=searchRequest p:ldapServiceMapper-ref=ldapMapper / bean id=servicePooledLdapConnectionFactory class=org.ldaptive.pool.PooledConnectionFactory p:connectionPool-ref=serviceConnectionPool / bean id=serviceConnectionPool parent=abstractConnectionPool p:connectionFactory-ref=serviceConnectionFactory / bean id=abstractConnectionPool abstract=true class=org.ldaptive.pool.BlockingConnectionPool init-method=initialize p:poolConfig-ref=ldapPoolConfig p:blockWaitTime=${ldap.pool.blockWaitTime} p:validator-ref=searchValidator p:pruneStrategy-ref=pruneStrategy / bean id=abstractConnectionConfig abstract=true class=org.ldaptive.ConnectionConfig p:ldapUrl=${ldap.url} p:connectTimeout=${ldap.connectTimeout} p:useStartTLS=${ldap.useStartTLS} p:sslConfig-ref=sslConfig / bean id=ldapPoolConfig class=org.ldaptive.pool.PoolConfig p:minPoolSize=${ldap.pool.minSize} p:maxPoolSize=${ldap.pool.maxSize} p:validateOnCheckOut=${ldap.pool.validateOnCheckout} p:validatePeriodically=${ldap.pool.validatePeriodically} p:validatePeriod=${ldap.pool.validatePeriod} / bean id=sslConfig class=org.ldaptive.ssl.SslConfig property name=credentialConfig bean class=org.ldaptive.ssl.X509CredentialConfig p:trustCertificates=${ldap.trustedCert} / /property /bean bean id=pruneStrategy class=org.ldaptive.pool.IdlePruneStrategy p:prunePeriod=${ldap.pool.prunePeriod} p:idleTime=${ldap.pool.idleTime} / bean id=searchValidator class=org.ldaptive.pool.SearchValidator / bean id=serviceConnectionFactory class=org.ldaptive.DefaultConnectionFactory p:connectionConfig-ref=serviceConnectionConfig / bean id=serviceConnectionConfig parent=svcAbstractConnectionConfig p:connectionInitializer-ref=serviceConnectionInitializer / bean id=svcAbstractConnectionConfig abstract=true class=org.ldaptive.ConnectionConfig p:ldapUrl=${ldap.service.url} p:connectTimeout=${ldap.connectTimeout} p:useStartTLS=${ldap.useStartTLS} p:sslConfig-ref=sslConfig / bean id=serviceConnectionInitializer class=org.ldaptive.BindConnectionInitializer p:bindDn=${ldap.service.managerDn} property name=bindCredential bean class=org.ldaptive.Credential c:password=${ldap.service.managerPassword} / /property /bean bean id=searchRequest class=org.ldaptive.SearchRequest p:baseDn=${ldap.service.baseDn} p:searchFilter=${ldap.service.searchFilter} / bean id=ldapMapper class=org.jasig.cas.adaptors.ldap.services.DefaultLdapServiceMapper/ Maven builds the package with no errors, but when we go to start up Tomcat this is what we see: INFO: Starting Servlet Engine: Apache Tomcat/7.0.54 Aug 04, 2014 1:06:50 PM org.apache.catalina.startup.HostConfig deployWAR INFO: Deploying web application archive /opt/apache-tomcat-7.0.54/webapps/cas.war 2014-08-04 13:06:57,222 ERROR [org.springframework.web.context.ContextLoader] - Context initialization failed org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'servicesManager' defined in ServletContext resource [/WEB-INF/spring-configuration/applicationContext.xml]: Cannot resolve reference to bean 'serviceRegistryDao' while setting constructor argument; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'serviceRegistryDao' defined in ServletContext resource [/WEB-INF/deployerConfigContext.xml]: Initialization of bean failed; nested exception is org.springframework.beans.factory.BeanInitializationException: Bean state is invalid: searchFilter - may not be null; loadFilter - may not be null at
Re: [cas-user] Issues with deploying LDAP-based Service Registry (4.0.0)
hello, can you show me your cas.properties please ? 2014-08-04 19:32 GMT+02:00 David A. Kovacic d...@case.edu: We have been trying to get the LDAP service registry running on CAS 4.0.0 by fleshing out the beans given in the 4.0.0 documentation. Essentially what we've done is create the pooledLdapConnectionFactory and searchRequest properties using our LDAP authentication setup as a template. The ldapServiceMapper property does not appear to require more configuration (at least when using the default LDAP attribute names) than is given in the documentation (note that I've only pulled the pertinent pieces of the deployerConfigContext.xml file below to help keep the size of this down to something reasonable). The abstractConnectionPool stuff is shared between the service registry and the authentication pieces. This is what our deployerConfigContext.xml file looks like: bean id=serviceRegistryDao class=org.jasig.cas.adaptors.ldap.services.LdapServiceRegistryDao p:connectionFactory-ref=servicePooledLdapConnectionFactory p:searchRequest-ref=searchRequest p:ldapServiceMapper-ref=ldapMapper / bean id=servicePooledLdapConnectionFactory class=org.ldaptive.pool.PooledConnectionFactory p:connectionPool-ref=serviceConnectionPool / bean id=serviceConnectionPool parent=abstractConnectionPool p:connectionFactory-ref=serviceConnectionFactory / bean id=abstractConnectionPool abstract=true class=org.ldaptive.pool.BlockingConnectionPool init-method=initialize p:poolConfig-ref=ldapPoolConfig p:blockWaitTime=${ldap.pool.blockWaitTime} p:validator-ref=searchValidator p:pruneStrategy-ref=pruneStrategy / bean id=abstractConnectionConfig abstract=true class=org.ldaptive.ConnectionConfig p:ldapUrl=${ldap.url} p:connectTimeout=${ldap.connectTimeout} p:useStartTLS=${ldap.useStartTLS} p:sslConfig-ref=sslConfig / bean id=ldapPoolConfig class=org.ldaptive.pool.PoolConfig p:minPoolSize=${ldap.pool.minSize} p:maxPoolSize=${ldap.pool.maxSize} p:validateOnCheckOut=${ldap.pool.validateOnCheckout} p:validatePeriodically=${ldap.pool.validatePeriodically} p:validatePeriod=${ldap.pool.validatePeriod} / bean id=sslConfig class=org.ldaptive.ssl.SslConfig property name=credentialConfig bean class=org.ldaptive.ssl.X509CredentialConfig p:trustCertificates=${ldap.trustedCert} / /property /bean bean id=pruneStrategy class=org.ldaptive.pool.IdlePruneStrategy p:prunePeriod=${ldap.pool.prunePeriod} p:idleTime=${ldap.pool.idleTime} / bean id=searchValidator class=org.ldaptive.pool.SearchValidator / bean id=serviceConnectionFactory class=org.ldaptive.DefaultConnectionFactory p:connectionConfig-ref=serviceConnectionConfig / bean id=serviceConnectionConfig parent=svcAbstractConnectionConfig p:connectionInitializer-ref=serviceConnectionInitializer / bean id=svcAbstractConnectionConfig abstract=true class=org.ldaptive.ConnectionConfig p:ldapUrl=${ldap.service.url} p:connectTimeout=${ldap.connectTimeout} p:useStartTLS=${ldap.useStartTLS} p:sslConfig-ref=sslConfig / bean id=serviceConnectionInitializer class=org.ldaptive.BindConnectionInitializer p:bindDn=${ldap.service.managerDn} property name=bindCredential bean class=org.ldaptive.Credential c:password=${ldap.service.managerPassword} / /property /bean bean id=searchRequest class=org.ldaptive.SearchRequest p:baseDn=${ldap.service.baseDn} p:searchFilter=${ldap.service.searchFilter} / bean id=ldapMapper class=org.jasig.cas.adaptors.ldap.services.DefaultLdapServiceMapper/ Maven builds the package with no errors, but when we go to start up Tomcat this is what we see: INFO: Starting Servlet Engine: Apache Tomcat/7.0.54 Aug 04, 2014 1:06:50 PM org.apache.catalina.startup.HostConfig deployWAR INFO: Deploying web application archive /opt/apache-tomcat-7.0.54/webapps/cas.war 2014-08-04 13:06:57,222 ERROR [org.springframework.web.context.ContextLoader] - Context initialization failed org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'servicesManager' defined in ServletContext resource [/WEB-INF/spring-configuration/applicationContext.xml]: Cannot resolve reference to bean 'serviceRegistryDao' while setting constructor argument; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'serviceRegistryDao' defined in ServletContext resource [/WEB-INF/deployerConfigContext.xml]: Initialization of bean