RE: [cas-user] Issues with deploying LDAP-based Service Registry (4.0.0)
Your ldap DAO is missing both the search filter and the load filter and they
should be automatically set by the code.
Try adding:
context:component-scan base-package=org.jasig.cas /
To your configuration.
From: David A. Kovacic [mailto:d...@case.edu]
Sent: Monday, August 4, 2014 10:32 AM
To: cas-user@lists.jasig.org
Subject: [cas-user] Issues with deploying LDAP-based Service Registry
(4.0.0)
We have been trying to get the LDAP service registry running on CAS 4.0.0 by
fleshing out the beans given in the 4.0.0 documentation. Essentially what
we've done is create the pooledLdapConnectionFactory and searchRequest
properties using our LDAP authentication setup as a template. The
ldapServiceMapper property does not appear to require more configuration (at
least when using the default LDAP attribute names) than is given in the
documentation (note that I've only pulled the pertinent pieces of the
deployerConfigContext.xml file below to help keep the size of this down to
something reasonable). The abstractConnectionPool stuff is shared between
the service registry and the authentication pieces. This is what our
deployerConfigContext.xml file looks like:
bean id=serviceRegistryDao
class=org.jasig.cas.adaptors.ldap.services.LdapServiceRegistryDao
p:connectionFactory-ref=servicePooledLdapConnectionFactory
p:searchRequest-ref=searchRequest
p:ldapServiceMapper-ref=ldapMapper /
bean id=servicePooledLdapConnectionFactory
class=org.ldaptive.pool.PooledConnectionFactory
p:connectionPool-ref=serviceConnectionPool /
bean id=serviceConnectionPool parent=abstractConnectionPool
p:connectionFactory-ref=serviceConnectionFactory /
bean id=abstractConnectionPool abstract=true
class=org.ldaptive.pool.BlockingConnectionPool
init-method=initialize
p:poolConfig-ref=ldapPoolConfig
p:blockWaitTime=${ldap.pool.blockWaitTime}
p:validator-ref=searchValidator
p:pruneStrategy-ref=pruneStrategy /
bean id=abstractConnectionConfig abstract=true
class=org.ldaptive.ConnectionConfig
p:ldapUrl=${ldap.url}
p:connectTimeout=${ldap.connectTimeout}
p:useStartTLS=${ldap.useStartTLS}
p:sslConfig-ref=sslConfig /
bean id=ldapPoolConfig class=org.ldaptive.pool.PoolConfig
p:minPoolSize=${ldap.pool.minSize}
p:maxPoolSize=${ldap.pool.maxSize}
p:validateOnCheckOut=${ldap.pool.validateOnCheckout}
p:validatePeriodically=${ldap.pool.validatePeriodically}
p:validatePeriod=${ldap.pool.validatePeriod} /
bean id=sslConfig class=org.ldaptive.ssl.SslConfig
property name=credentialConfig
bean class=org.ldaptive.ssl.X509CredentialConfig
p:trustCertificates=${ldap.trustedCert} /
/property
/bean
bean id=pruneStrategy class=org.ldaptive.pool.IdlePruneStrategy
p:prunePeriod=${ldap.pool.prunePeriod}
p:idleTime=${ldap.pool.idleTime} /
bean id=searchValidator class=org.ldaptive.pool.SearchValidator /
bean id=serviceConnectionFactory
class=org.ldaptive.DefaultConnectionFactory
p:connectionConfig-ref=serviceConnectionConfig /
bean id=serviceConnectionConfig parent=svcAbstractConnectionConfig
p:connectionInitializer-ref=serviceConnectionInitializer /
bean id=svcAbstractConnectionConfig abstract=true
class=org.ldaptive.ConnectionConfig
p:ldapUrl=${ldap.service.url}
p:connectTimeout=${ldap.connectTimeout}
p:useStartTLS=${ldap.useStartTLS}
p:sslConfig-ref=sslConfig /
bean id=serviceConnectionInitializer
class=org.ldaptive.BindConnectionInitializer
p:bindDn=${ldap.service.managerDn}
property name=bindCredential
bean class=org.ldaptive.Credential
c:password=${ldap.service.managerPassword} /
/property
/bean
bean id=searchRequest
class=org.ldaptive.SearchRequest
p:baseDn=${ldap.service.baseDn}
p:searchFilter=${ldap.service.searchFilter} /
bean id=ldapMapper
class=org.jasig.cas.adaptors.ldap.services.DefaultLdapServiceMapper/
Maven builds the package with no errors, but when we go to start up Tomcat
this is what we see:
INFO: Starting Servlet Engine: Apache Tomcat/7.0.54
Aug 04, 2014 1:06:50 PM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive
/opt/apache-tomcat-7.0.54/webapps/cas.war
2014-08-04 13:06:57,222 ERROR
[org.springframework.web.context.ContextLoader] - Context initialization
failed
org.springframework.beans.factory.BeanCreationException: Error creating bean
with name 'servicesManager' defined in ServletContext resource
[/WEB-INF/spring-configuration/applicationContext.xml]: Cannot resolve
reference to bean 'serviceRegistryDao' while setting
Re: [cas-user] Issues with deploying LDAP-based Service Registry (4.0.0)
That goes into the deployerConfigContext.xml file right after the beans element like so, correct: beans xmlns=http://www.springframework.org/schema/beans; xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; xmlns:p=http://www.springframework.org/schema/p; xmlns:c=http://www.springframework.org/schema/c; xmlns:tx=http://www.springframework.org/schema/tx; xmlns:util=http://www.springframework.org/schema/util; xmlns:sec=http://www.springframework.org/schema/security; xsi:schemaLocation=http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.2.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd; *context:component-scan base-package=org.jasig.cas /* When I do that, I get the following error on startup: 2014-08-05 10:02:59,392 ERROR [org.jasig.cas.web.init.SafeContextLoaderListener] - SafeContextLoaderListener: The Spring ContextLoaderListener we wrap threw on contextInitialized. But for our having caught this error, the web application context would not have initialized. org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException: Line 47 in XML document from ServletContext resource [/WEB-INF/deployerConfigContext.xml] is invalid; nested exception is org.xml.sax.SAXParseException; lineNumber: 47; columnNumber: 86; The prefix context for element context:component-scan is not bound. at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:396) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:334) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:302) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:174) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:209) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:180) at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:125) at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:94) at org.springframework.context.support.AbstractRefreshableApplicationContext.refreshBeanFactory(AbstractRefreshableApplicationContext.java:130) at org.springframework.context.support.AbstractApplicationContext.obtainFreshBeanFactory(AbstractApplicationContext.java:537) at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:451) at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:389) at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:294) at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:112) at org.jasig.cas.web.init.SafeContextLoaderListener.contextInitialized(SafeContextLoaderListener.java:75) at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4973) at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5467) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:901) at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:877) at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:632) at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:1083) at org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1880) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) On 8/5/14 3:02 AM, Misagh Moayyed wrote: Your ldap DAO is missing both the search filter and the load filter and they should be automatically set by the code. Try adding: context:component-scan base-package=org.jasig.cas / To your configuration. *From:*David A. Kovacic [mailto:d...@case.edu] *Sent:* Monday, August 4, 2014 10:32 AM *To:* cas-user@lists.jasig.org *Subject:*
Re: [cas-user] Issues with deploying LDAP-based Service Registry (4.0.0)
Here you go:
#
# Licensed to Jasig under one or more contributor license
# agreements. See the NOTICE file distributed with this work
# for additional information regarding copyright ownership.
# Jasig licenses this file to you under the Apache License,
# Version 2.0 (the License); you may not use this file
# except in compliance with the License. You may obtain a
# copy of the License at the following location:
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# AS IS BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
#
server.name=http://localhost:8080
server.prefix=${server.name}/cas
# IP address or CIDR subnet allowed to access the /status URI of CAS
that exposes health check information
#cas.securityContext.status.allowedSubnet=127.0.0.1
cas.securityContext.status.allowedSubnet=129.22.114.201
cas.themeResolver.defaultThemeName=cas-theme-default
cas.viewResolver.basename=default_views
##
# Unique CAS node name
# host.name is used to generate unique Service Ticket IDs and
SAMLArtifacts. This is usually set to the specific
# hostname of the machine running the CAS node, but it could be any
label so long as it is unique in the cluster.
host.name=tapioca-dev.cwru.edu
##
# Database flavors for Hibernate
#
# One of these is needed if you are storing Services or Tickets in an
RDBMS via JPA.
#
# database.hibernate.dialect=org.hibernate.dialect.OracleDialect
# database.hibernate.dialect=org.hibernate.dialect.MySQLInnoDBDialect
# database.hibernate.dialect=org.hibernate.dialect.HSQLDialect
##
# CAS Logout Behavior
# WEB-INF/cas-servlet.xml
#
# Specify whether CAS should redirect to the specified service parameter
on /logout requests
# cas.logout.followServiceRedirects=false
##
# Single Sign-On Session Timeouts
# Defaults sourced from
WEB-INF/spring-configuration/ticketExpirationPolices.xml
#
# Maximum session timeout - TGT will expire in maxTimeToLiveInSeconds
regardless of usage
tgt.maxTimeToLiveInSeconds=86400
#
# Idle session timeout - TGT will expire sooner than
maxTimeToLiveInSeconds if no further requests
# for STs occur within timeToKillInSeconds
tgt.timeToKillInSeconds=21600
##
# Service Ticket Timeout
# Default sourced from
WEB-INF/spring-configuration/ticketExpirationPolices.xml
#
# Service Ticket timeout - typically kept short as a control against
replay attacks, default is 10s. You'll want to
# increase this timeout if you are manually testing service ticket
creation/validation via tamperdata or similar tools
st.timeToKillInSeconds=10
##
# Single Logout Out Callbacks
# Default sourced from
WEB-INF/spring-configuration/argumentExtractorsConfiguration.xml
#
# To turn off all back channel SLO requests set slo.disabled to true
# slo.callbacks.disabled=false
##
# Service Registry Periodic Reloading Scheduler
# Default sourced from WEB-INF/spring-configuration/applicationContext.xml
#
# Force a startup delay of 2 minutes.
service.registry.quartz.reloader.startDelay=12
#
# Reload services every 2 minutes
service.registry.quartz.reloader.repeatInterval=12
## Log4J
#log4j.config.location=/etc/cas/log4j.xml
#log4j.refresh.interval=6
##
# Password Policy
#
# Warn all users of expiration date regardless of warningDays value.
password.policy.warnAll=false
# Threshold number of days to begin displaying password expiration warnings.
password.policy.warningDays=30
# URL to which the user will be redirected to change the passsword.
password.policy.url=https://its-services.case.edu/my-case-identity/password/change
##
# LDAP Authentication properties
#
# General properties
#
ldap.url=ldap://ldap-test.cwru.edu
ldap.service.url=ldap://ldap-test.cwru.edu
# LDAP connection timeout in milliseconds
ldap.connectTimeout=3000
# Whether to use StartTLS (probably needed if not SSL connection)
ldap.useStartTLS=true
ldap.trustedCert=file:/etc/cas/ldap-certs
#
# LDAP connection pool configuration
#
ldap.pool.minSize=3
ldap.pool.maxSize=10
ldap.pool.validateOnCheckout=false
ldap.pool.validatePeriodically=true
# Amount of time in milliseconds to block on pool exhausted condition
# before giving up.
ldap.pool.blockWaitTime=3000
# Frequency of connection validation in seconds
# Only applies if validatePeriodically=true
ldap.pool.validatePeriod=300
# Attempt to prune connections every N seconds
ldap.pool.prunePeriod=300
# Maximum amount of time an idle connection is allowed to be in
# pool before it is liable to be removed/destroyed
ldap.pool.idleTime=600
#
# Service Ticket Registry
#
# Base DN of users to
Re: [cas-user] Issues with deploying LDAP-based Service Registry (4.0.0)
Hi David, You need to add the context namespace and schema to the beans definition: Before the schemaLocation add: xmlns:context=http://www.springframework.org/schema/context; in schemaLocation attribute add: http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd On 8/5/14, 7:11 AM, David A. Kovacic wrote: That goes into the deployerConfigContext.xml file right after the beans element like so, correct: beans xmlns=http://www.springframework.org/schema/beans; xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; xmlns:p=http://www.springframework.org/schema/p; xmlns:c=http://www.springframework.org/schema/c; xmlns:tx=http://www.springframework.org/schema/tx; xmlns:util=http://www.springframework.org/schema/util; xmlns:sec=http://www.springframework.org/schema/security; xsi:schemaLocation=http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.2.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd; *context:component-scan base-package=org.jasig.cas /* When I do that, I get the following error on startup: 2014-08-05 10:02:59,392 ERROR [org.jasig.cas.web.init.SafeContextLoaderListener] - SafeContextLoaderListener: The Spring ContextLoaderListener we wrap threw on contextInitialized. But for our having caught this error, the web application context would not have initialized. org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException: Line 47 in XML document from ServletContext resource [/WEB-INF/deployerConfigContext.xml] is invalid; nested exception is org.xml.sax.SAXParseException; lineNumber: 47; columnNumber: 86; The prefix context for element context:component-scan is not bound. at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:396) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:334) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:302) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:174) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:209) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:180) at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:125) at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:94) at org.springframework.context.support.AbstractRefreshableApplicationContext.refreshBeanFactory(AbstractRefreshableApplicationContext.java:130) at org.springframework.context.support.AbstractApplicationContext.obtainFreshBeanFactory(AbstractApplicationContext.java:537) at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:451) at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:389) at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:294) at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:112) at org.jasig.cas.web.init.SafeContextLoaderListener.contextInitialized(SafeContextLoaderListener.java:75) at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4973) at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5467) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:901) at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:877) at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:632) at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:1083) at org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1880) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at
Re: [cas-user] Issues with deploying LDAP-based Service Registry (4.0.0)
Wow! That last looks to have done it. This time when Tomcat started up it started with the log entry loading 0 service and access to the pages was denied with service not registered errors (correct behavior). When I hand-entered the stub HTTP and IMAP service into the correct location in our LDAP server, the logs show a load of 1 service and access to the login page is restored (again correct behavior). Now I just need to get the cas-management webapp up and running and we can move on to the next step of our deployment. Thanks to all who offered assistance getting us over this hurdle. Dave On 8/5/14 11:48 AM, John Gasper wrote: Hi David, You need to add the context namespace and schema to the beans definition: Before the schemaLocation add: xmlns:context=http://www.springframework.org/schema/context; in schemaLocation attribute add: http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd On 8/5/14, 7:11 AM, David A. Kovacic wrote: That goes into the deployerConfigContext.xml file right after the beans element like so, correct: beans xmlns=http://www.springframework.org/schema/beans; xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; xmlns:p=http://www.springframework.org/schema/p; xmlns:c=http://www.springframework.org/schema/c; xmlns:tx=http://www.springframework.org/schema/tx; xmlns:util=http://www.springframework.org/schema/util; xmlns:sec=http://www.springframework.org/schema/security; xsi:schemaLocation=http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.2.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd; *context:component-scan base-package=org.jasig.cas /* When I do that, I get the following error on startup: 2014-08-05 10:02:59,392 ERROR [org.jasig.cas.web.init.SafeContextLoaderListener] - SafeContextLoaderListener: The Spring ContextLoaderListener we wrap threw on contextInitialized. But for our having caught this error, the web application context would not have initialized. org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException: Line 47 in XML document from ServletContext resource [/WEB-INF/deployerConfigContext.xml] is invalid; nested exception is org.xml.sax.SAXParseException; lineNumber: 47; columnNumber: 86; The prefix context for element context:component-scan is not bound. at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:396) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:334) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:302) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:174) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:209) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:180) at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:125) at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:94) at org.springframework.context.support.AbstractRefreshableApplicationContext.refreshBeanFactory(AbstractRefreshableApplicationContext.java:130) at org.springframework.context.support.AbstractApplicationContext.obtainFreshBeanFactory(AbstractApplicationContext.java:537) at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:451) at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:389) at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:294) at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:112) at org.jasig.cas.web.init.SafeContextLoaderListener.contextInitialized(SafeContextLoaderListener.java:75) at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4973) at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5467) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) at
Re: [cas-user] Issues with deploying LDAP-based Service Registry (4.0.0)
hello,
can you show me your cas.properties please ?
2014-08-04 19:32 GMT+02:00 David A. Kovacic d...@case.edu:
We have been trying to get the LDAP service registry running on CAS 4.0.0
by fleshing out the beans given in the 4.0.0 documentation. Essentially
what we've done is create the pooledLdapConnectionFactory and searchRequest
properties using our LDAP authentication setup as a template. The
ldapServiceMapper property does not appear to require more configuration
(at least when using the default LDAP attribute names) than is given in the
documentation (note that I've only pulled the pertinent pieces of the
deployerConfigContext.xml file below to help keep the size of this down to
something reasonable). The abstractConnectionPool stuff is shared between
the service registry and the authentication pieces. This is what our
deployerConfigContext.xml file looks like:
bean id=serviceRegistryDao
class=org.jasig.cas.adaptors.ldap.services.LdapServiceRegistryDao
p:connectionFactory-ref=servicePooledLdapConnectionFactory
p:searchRequest-ref=searchRequest
p:ldapServiceMapper-ref=ldapMapper /
bean id=servicePooledLdapConnectionFactory
class=org.ldaptive.pool.PooledConnectionFactory
p:connectionPool-ref=serviceConnectionPool /
bean id=serviceConnectionPool parent=abstractConnectionPool
p:connectionFactory-ref=serviceConnectionFactory /
bean id=abstractConnectionPool abstract=true
class=org.ldaptive.pool.BlockingConnectionPool
init-method=initialize
p:poolConfig-ref=ldapPoolConfig
p:blockWaitTime=${ldap.pool.blockWaitTime}
p:validator-ref=searchValidator
p:pruneStrategy-ref=pruneStrategy /
bean id=abstractConnectionConfig abstract=true
class=org.ldaptive.ConnectionConfig
p:ldapUrl=${ldap.url}
p:connectTimeout=${ldap.connectTimeout}
p:useStartTLS=${ldap.useStartTLS}
p:sslConfig-ref=sslConfig /
bean id=ldapPoolConfig class=org.ldaptive.pool.PoolConfig
p:minPoolSize=${ldap.pool.minSize}
p:maxPoolSize=${ldap.pool.maxSize}
p:validateOnCheckOut=${ldap.pool.validateOnCheckout}
p:validatePeriodically=${ldap.pool.validatePeriodically}
p:validatePeriod=${ldap.pool.validatePeriod} /
bean id=sslConfig class=org.ldaptive.ssl.SslConfig
property name=credentialConfig
bean class=org.ldaptive.ssl.X509CredentialConfig
p:trustCertificates=${ldap.trustedCert} /
/property
/bean
bean id=pruneStrategy class=org.ldaptive.pool.IdlePruneStrategy
p:prunePeriod=${ldap.pool.prunePeriod}
p:idleTime=${ldap.pool.idleTime} /
bean id=searchValidator class=org.ldaptive.pool.SearchValidator /
bean id=serviceConnectionFactory
class=org.ldaptive.DefaultConnectionFactory
p:connectionConfig-ref=serviceConnectionConfig /
bean id=serviceConnectionConfig parent=svcAbstractConnectionConfig
p:connectionInitializer-ref=serviceConnectionInitializer /
bean id=svcAbstractConnectionConfig abstract=true
class=org.ldaptive.ConnectionConfig
p:ldapUrl=${ldap.service.url}
p:connectTimeout=${ldap.connectTimeout}
p:useStartTLS=${ldap.useStartTLS}
p:sslConfig-ref=sslConfig /
bean id=serviceConnectionInitializer
class=org.ldaptive.BindConnectionInitializer
p:bindDn=${ldap.service.managerDn}
property name=bindCredential
bean class=org.ldaptive.Credential
c:password=${ldap.service.managerPassword} /
/property
/bean
bean id=searchRequest
class=org.ldaptive.SearchRequest
p:baseDn=${ldap.service.baseDn}
p:searchFilter=${ldap.service.searchFilter} /
bean id=ldapMapper
class=org.jasig.cas.adaptors.ldap.services.DefaultLdapServiceMapper/
Maven builds the package with no errors, but when we go to start up Tomcat
this is what we see:
INFO: Starting Servlet Engine: Apache Tomcat/7.0.54
Aug 04, 2014 1:06:50 PM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive
/opt/apache-tomcat-7.0.54/webapps/cas.war
2014-08-04 13:06:57,222 ERROR
[org.springframework.web.context.ContextLoader] - Context initialization
failed
org.springframework.beans.factory.BeanCreationException: Error creating
bean with name 'servicesManager' defined in ServletContext resource
[/WEB-INF/spring-configuration/applicationContext.xml]: Cannot resolve
reference to bean 'serviceRegistryDao' while setting constructor argument;
nested exception is
org.springframework.beans.factory.BeanCreationException: Error creating
bean with name 'serviceRegistryDao' defined in ServletContext resource
[/WEB-INF/deployerConfigContext.xml]: Initialization of bean
