RE: [cas-user] Issues with deploying LDAP-based Service Registry (4.0.0)
Your ldap DAO is missing both the search filter and the load filter and they should be automatically set by the code. Try adding: context:component-scan base-package=org.jasig.cas / To your configuration. From: David A. Kovacic [mailto:d...@case.edu] Sent: Monday, August 4, 2014 10:32 AM To: cas-user@lists.jasig.org Subject: [cas-user] Issues with deploying LDAP-based Service Registry (4.0.0) We have been trying to get the LDAP service registry running on CAS 4.0.0 by fleshing out the beans given in the 4.0.0 documentation. Essentially what we've done is create the pooledLdapConnectionFactory and searchRequest properties using our LDAP authentication setup as a template. The ldapServiceMapper property does not appear to require more configuration (at least when using the default LDAP attribute names) than is given in the documentation (note that I've only pulled the pertinent pieces of the deployerConfigContext.xml file below to help keep the size of this down to something reasonable). The abstractConnectionPool stuff is shared between the service registry and the authentication pieces. This is what our deployerConfigContext.xml file looks like: bean id=serviceRegistryDao class=org.jasig.cas.adaptors.ldap.services.LdapServiceRegistryDao p:connectionFactory-ref=servicePooledLdapConnectionFactory p:searchRequest-ref=searchRequest p:ldapServiceMapper-ref=ldapMapper / bean id=servicePooledLdapConnectionFactory class=org.ldaptive.pool.PooledConnectionFactory p:connectionPool-ref=serviceConnectionPool / bean id=serviceConnectionPool parent=abstractConnectionPool p:connectionFactory-ref=serviceConnectionFactory / bean id=abstractConnectionPool abstract=true class=org.ldaptive.pool.BlockingConnectionPool init-method=initialize p:poolConfig-ref=ldapPoolConfig p:blockWaitTime=${ldap.pool.blockWaitTime} p:validator-ref=searchValidator p:pruneStrategy-ref=pruneStrategy / bean id=abstractConnectionConfig abstract=true class=org.ldaptive.ConnectionConfig p:ldapUrl=${ldap.url} p:connectTimeout=${ldap.connectTimeout} p:useStartTLS=${ldap.useStartTLS} p:sslConfig-ref=sslConfig / bean id=ldapPoolConfig class=org.ldaptive.pool.PoolConfig p:minPoolSize=${ldap.pool.minSize} p:maxPoolSize=${ldap.pool.maxSize} p:validateOnCheckOut=${ldap.pool.validateOnCheckout} p:validatePeriodically=${ldap.pool.validatePeriodically} p:validatePeriod=${ldap.pool.validatePeriod} / bean id=sslConfig class=org.ldaptive.ssl.SslConfig property name=credentialConfig bean class=org.ldaptive.ssl.X509CredentialConfig p:trustCertificates=${ldap.trustedCert} / /property /bean bean id=pruneStrategy class=org.ldaptive.pool.IdlePruneStrategy p:prunePeriod=${ldap.pool.prunePeriod} p:idleTime=${ldap.pool.idleTime} / bean id=searchValidator class=org.ldaptive.pool.SearchValidator / bean id=serviceConnectionFactory class=org.ldaptive.DefaultConnectionFactory p:connectionConfig-ref=serviceConnectionConfig / bean id=serviceConnectionConfig parent=svcAbstractConnectionConfig p:connectionInitializer-ref=serviceConnectionInitializer / bean id=svcAbstractConnectionConfig abstract=true class=org.ldaptive.ConnectionConfig p:ldapUrl=${ldap.service.url} p:connectTimeout=${ldap.connectTimeout} p:useStartTLS=${ldap.useStartTLS} p:sslConfig-ref=sslConfig / bean id=serviceConnectionInitializer class=org.ldaptive.BindConnectionInitializer p:bindDn=${ldap.service.managerDn} property name=bindCredential bean class=org.ldaptive.Credential c:password=${ldap.service.managerPassword} / /property /bean bean id=searchRequest class=org.ldaptive.SearchRequest p:baseDn=${ldap.service.baseDn} p:searchFilter=${ldap.service.searchFilter} / bean id=ldapMapper class=org.jasig.cas.adaptors.ldap.services.DefaultLdapServiceMapper/ Maven builds the package with no errors, but when we go to start up Tomcat this is what we see: INFO: Starting Servlet Engine: Apache Tomcat/7.0.54 Aug 04, 2014 1:06:50 PM org.apache.catalina.startup.HostConfig deployWAR INFO: Deploying web application archive /opt/apache-tomcat-7.0.54/webapps/cas.war 2014-08-04 13:06:57,222 ERROR [org.springframework.web.context.ContextLoader] - Context initialization failed org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'servicesManager' defined in ServletContext resource [/WEB-INF/spring-configuration/applicationContext.xml]: Cannot resolve reference to bean 'serviceRegistryDao' while setting
Re: [cas-user] Issues with deploying LDAP-based Service Registry (4.0.0)
That goes into the deployerConfigContext.xml file right after the beans element like so, correct: beans xmlns=http://www.springframework.org/schema/beans; xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; xmlns:p=http://www.springframework.org/schema/p; xmlns:c=http://www.springframework.org/schema/c; xmlns:tx=http://www.springframework.org/schema/tx; xmlns:util=http://www.springframework.org/schema/util; xmlns:sec=http://www.springframework.org/schema/security; xsi:schemaLocation=http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.2.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd; *context:component-scan base-package=org.jasig.cas /* When I do that, I get the following error on startup: 2014-08-05 10:02:59,392 ERROR [org.jasig.cas.web.init.SafeContextLoaderListener] - SafeContextLoaderListener: The Spring ContextLoaderListener we wrap threw on contextInitialized. But for our having caught this error, the web application context would not have initialized. org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException: Line 47 in XML document from ServletContext resource [/WEB-INF/deployerConfigContext.xml] is invalid; nested exception is org.xml.sax.SAXParseException; lineNumber: 47; columnNumber: 86; The prefix context for element context:component-scan is not bound. at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:396) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:334) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:302) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:174) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:209) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:180) at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:125) at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:94) at org.springframework.context.support.AbstractRefreshableApplicationContext.refreshBeanFactory(AbstractRefreshableApplicationContext.java:130) at org.springframework.context.support.AbstractApplicationContext.obtainFreshBeanFactory(AbstractApplicationContext.java:537) at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:451) at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:389) at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:294) at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:112) at org.jasig.cas.web.init.SafeContextLoaderListener.contextInitialized(SafeContextLoaderListener.java:75) at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4973) at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5467) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:901) at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:877) at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:632) at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:1083) at org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1880) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) On 8/5/14 3:02 AM, Misagh Moayyed wrote: Your ldap DAO is missing both the search filter and the load filter and they should be automatically set by the code. Try adding: context:component-scan base-package=org.jasig.cas / To your configuration. *From:*David A. Kovacic [mailto:d...@case.edu] *Sent:* Monday, August 4, 2014 10:32 AM *To:* cas-user@lists.jasig.org *Subject:*
Re: [cas-user] Issues with deploying LDAP-based Service Registry (4.0.0)
Here you go: # # Licensed to Jasig under one or more contributor license # agreements. See the NOTICE file distributed with this work # for additional information regarding copyright ownership. # Jasig licenses this file to you under the Apache License, # Version 2.0 (the License); you may not use this file # except in compliance with the License. You may obtain a # copy of the License at the following location: # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, # software distributed under the License is distributed on an # AS IS BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY # KIND, either express or implied. See the License for the # specific language governing permissions and limitations # under the License. # server.name=http://localhost:8080 server.prefix=${server.name}/cas # IP address or CIDR subnet allowed to access the /status URI of CAS that exposes health check information #cas.securityContext.status.allowedSubnet=127.0.0.1 cas.securityContext.status.allowedSubnet=129.22.114.201 cas.themeResolver.defaultThemeName=cas-theme-default cas.viewResolver.basename=default_views ## # Unique CAS node name # host.name is used to generate unique Service Ticket IDs and SAMLArtifacts. This is usually set to the specific # hostname of the machine running the CAS node, but it could be any label so long as it is unique in the cluster. host.name=tapioca-dev.cwru.edu ## # Database flavors for Hibernate # # One of these is needed if you are storing Services or Tickets in an RDBMS via JPA. # # database.hibernate.dialect=org.hibernate.dialect.OracleDialect # database.hibernate.dialect=org.hibernate.dialect.MySQLInnoDBDialect # database.hibernate.dialect=org.hibernate.dialect.HSQLDialect ## # CAS Logout Behavior # WEB-INF/cas-servlet.xml # # Specify whether CAS should redirect to the specified service parameter on /logout requests # cas.logout.followServiceRedirects=false ## # Single Sign-On Session Timeouts # Defaults sourced from WEB-INF/spring-configuration/ticketExpirationPolices.xml # # Maximum session timeout - TGT will expire in maxTimeToLiveInSeconds regardless of usage tgt.maxTimeToLiveInSeconds=86400 # # Idle session timeout - TGT will expire sooner than maxTimeToLiveInSeconds if no further requests # for STs occur within timeToKillInSeconds tgt.timeToKillInSeconds=21600 ## # Service Ticket Timeout # Default sourced from WEB-INF/spring-configuration/ticketExpirationPolices.xml # # Service Ticket timeout - typically kept short as a control against replay attacks, default is 10s. You'll want to # increase this timeout if you are manually testing service ticket creation/validation via tamperdata or similar tools st.timeToKillInSeconds=10 ## # Single Logout Out Callbacks # Default sourced from WEB-INF/spring-configuration/argumentExtractorsConfiguration.xml # # To turn off all back channel SLO requests set slo.disabled to true # slo.callbacks.disabled=false ## # Service Registry Periodic Reloading Scheduler # Default sourced from WEB-INF/spring-configuration/applicationContext.xml # # Force a startup delay of 2 minutes. service.registry.quartz.reloader.startDelay=12 # # Reload services every 2 minutes service.registry.quartz.reloader.repeatInterval=12 ## Log4J #log4j.config.location=/etc/cas/log4j.xml #log4j.refresh.interval=6 ## # Password Policy # # Warn all users of expiration date regardless of warningDays value. password.policy.warnAll=false # Threshold number of days to begin displaying password expiration warnings. password.policy.warningDays=30 # URL to which the user will be redirected to change the passsword. password.policy.url=https://its-services.case.edu/my-case-identity/password/change ## # LDAP Authentication properties # # General properties # ldap.url=ldap://ldap-test.cwru.edu ldap.service.url=ldap://ldap-test.cwru.edu # LDAP connection timeout in milliseconds ldap.connectTimeout=3000 # Whether to use StartTLS (probably needed if not SSL connection) ldap.useStartTLS=true ldap.trustedCert=file:/etc/cas/ldap-certs # # LDAP connection pool configuration # ldap.pool.minSize=3 ldap.pool.maxSize=10 ldap.pool.validateOnCheckout=false ldap.pool.validatePeriodically=true # Amount of time in milliseconds to block on pool exhausted condition # before giving up. ldap.pool.blockWaitTime=3000 # Frequency of connection validation in seconds # Only applies if validatePeriodically=true ldap.pool.validatePeriod=300 # Attempt to prune connections every N seconds ldap.pool.prunePeriod=300 # Maximum amount of time an idle connection is allowed to be in # pool before it is liable to be removed/destroyed ldap.pool.idleTime=600 # # Service Ticket Registry # # Base DN of users to
Re: [cas-user] Issues with deploying LDAP-based Service Registry (4.0.0)
Hi David, You need to add the context namespace and schema to the beans definition: Before the schemaLocation add: xmlns:context=http://www.springframework.org/schema/context; in schemaLocation attribute add: http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd On 8/5/14, 7:11 AM, David A. Kovacic wrote: That goes into the deployerConfigContext.xml file right after the beans element like so, correct: beans xmlns=http://www.springframework.org/schema/beans; xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; xmlns:p=http://www.springframework.org/schema/p; xmlns:c=http://www.springframework.org/schema/c; xmlns:tx=http://www.springframework.org/schema/tx; xmlns:util=http://www.springframework.org/schema/util; xmlns:sec=http://www.springframework.org/schema/security; xsi:schemaLocation=http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.2.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd; *context:component-scan base-package=org.jasig.cas /* When I do that, I get the following error on startup: 2014-08-05 10:02:59,392 ERROR [org.jasig.cas.web.init.SafeContextLoaderListener] - SafeContextLoaderListener: The Spring ContextLoaderListener we wrap threw on contextInitialized. But for our having caught this error, the web application context would not have initialized. org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException: Line 47 in XML document from ServletContext resource [/WEB-INF/deployerConfigContext.xml] is invalid; nested exception is org.xml.sax.SAXParseException; lineNumber: 47; columnNumber: 86; The prefix context for element context:component-scan is not bound. at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:396) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:334) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:302) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:174) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:209) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:180) at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:125) at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:94) at org.springframework.context.support.AbstractRefreshableApplicationContext.refreshBeanFactory(AbstractRefreshableApplicationContext.java:130) at org.springframework.context.support.AbstractApplicationContext.obtainFreshBeanFactory(AbstractApplicationContext.java:537) at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:451) at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:389) at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:294) at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:112) at org.jasig.cas.web.init.SafeContextLoaderListener.contextInitialized(SafeContextLoaderListener.java:75) at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4973) at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5467) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:901) at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:877) at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:632) at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:1083) at org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1880) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at
Re: [cas-user] Issues with deploying LDAP-based Service Registry (4.0.0)
Wow! That last looks to have done it. This time when Tomcat started up it started with the log entry loading 0 service and access to the pages was denied with service not registered errors (correct behavior). When I hand-entered the stub HTTP and IMAP service into the correct location in our LDAP server, the logs show a load of 1 service and access to the login page is restored (again correct behavior). Now I just need to get the cas-management webapp up and running and we can move on to the next step of our deployment. Thanks to all who offered assistance getting us over this hurdle. Dave On 8/5/14 11:48 AM, John Gasper wrote: Hi David, You need to add the context namespace and schema to the beans definition: Before the schemaLocation add: xmlns:context=http://www.springframework.org/schema/context; in schemaLocation attribute add: http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd On 8/5/14, 7:11 AM, David A. Kovacic wrote: That goes into the deployerConfigContext.xml file right after the beans element like so, correct: beans xmlns=http://www.springframework.org/schema/beans; xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; xmlns:p=http://www.springframework.org/schema/p; xmlns:c=http://www.springframework.org/schema/c; xmlns:tx=http://www.springframework.org/schema/tx; xmlns:util=http://www.springframework.org/schema/util; xmlns:sec=http://www.springframework.org/schema/security; xsi:schemaLocation=http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.2.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd; *context:component-scan base-package=org.jasig.cas /* When I do that, I get the following error on startup: 2014-08-05 10:02:59,392 ERROR [org.jasig.cas.web.init.SafeContextLoaderListener] - SafeContextLoaderListener: The Spring ContextLoaderListener we wrap threw on contextInitialized. But for our having caught this error, the web application context would not have initialized. org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException: Line 47 in XML document from ServletContext resource [/WEB-INF/deployerConfigContext.xml] is invalid; nested exception is org.xml.sax.SAXParseException; lineNumber: 47; columnNumber: 86; The prefix context for element context:component-scan is not bound. at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:396) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:334) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:302) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:174) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:209) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:180) at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:125) at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:94) at org.springframework.context.support.AbstractRefreshableApplicationContext.refreshBeanFactory(AbstractRefreshableApplicationContext.java:130) at org.springframework.context.support.AbstractApplicationContext.obtainFreshBeanFactory(AbstractApplicationContext.java:537) at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:451) at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:389) at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:294) at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:112) at org.jasig.cas.web.init.SafeContextLoaderListener.contextInitialized(SafeContextLoaderListener.java:75) at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4973) at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5467) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) at
Re: [cas-user] Issues with deploying LDAP-based Service Registry (4.0.0)
hello, can you show me your cas.properties please ? 2014-08-04 19:32 GMT+02:00 David A. Kovacic d...@case.edu: We have been trying to get the LDAP service registry running on CAS 4.0.0 by fleshing out the beans given in the 4.0.0 documentation. Essentially what we've done is create the pooledLdapConnectionFactory and searchRequest properties using our LDAP authentication setup as a template. The ldapServiceMapper property does not appear to require more configuration (at least when using the default LDAP attribute names) than is given in the documentation (note that I've only pulled the pertinent pieces of the deployerConfigContext.xml file below to help keep the size of this down to something reasonable). The abstractConnectionPool stuff is shared between the service registry and the authentication pieces. This is what our deployerConfigContext.xml file looks like: bean id=serviceRegistryDao class=org.jasig.cas.adaptors.ldap.services.LdapServiceRegistryDao p:connectionFactory-ref=servicePooledLdapConnectionFactory p:searchRequest-ref=searchRequest p:ldapServiceMapper-ref=ldapMapper / bean id=servicePooledLdapConnectionFactory class=org.ldaptive.pool.PooledConnectionFactory p:connectionPool-ref=serviceConnectionPool / bean id=serviceConnectionPool parent=abstractConnectionPool p:connectionFactory-ref=serviceConnectionFactory / bean id=abstractConnectionPool abstract=true class=org.ldaptive.pool.BlockingConnectionPool init-method=initialize p:poolConfig-ref=ldapPoolConfig p:blockWaitTime=${ldap.pool.blockWaitTime} p:validator-ref=searchValidator p:pruneStrategy-ref=pruneStrategy / bean id=abstractConnectionConfig abstract=true class=org.ldaptive.ConnectionConfig p:ldapUrl=${ldap.url} p:connectTimeout=${ldap.connectTimeout} p:useStartTLS=${ldap.useStartTLS} p:sslConfig-ref=sslConfig / bean id=ldapPoolConfig class=org.ldaptive.pool.PoolConfig p:minPoolSize=${ldap.pool.minSize} p:maxPoolSize=${ldap.pool.maxSize} p:validateOnCheckOut=${ldap.pool.validateOnCheckout} p:validatePeriodically=${ldap.pool.validatePeriodically} p:validatePeriod=${ldap.pool.validatePeriod} / bean id=sslConfig class=org.ldaptive.ssl.SslConfig property name=credentialConfig bean class=org.ldaptive.ssl.X509CredentialConfig p:trustCertificates=${ldap.trustedCert} / /property /bean bean id=pruneStrategy class=org.ldaptive.pool.IdlePruneStrategy p:prunePeriod=${ldap.pool.prunePeriod} p:idleTime=${ldap.pool.idleTime} / bean id=searchValidator class=org.ldaptive.pool.SearchValidator / bean id=serviceConnectionFactory class=org.ldaptive.DefaultConnectionFactory p:connectionConfig-ref=serviceConnectionConfig / bean id=serviceConnectionConfig parent=svcAbstractConnectionConfig p:connectionInitializer-ref=serviceConnectionInitializer / bean id=svcAbstractConnectionConfig abstract=true class=org.ldaptive.ConnectionConfig p:ldapUrl=${ldap.service.url} p:connectTimeout=${ldap.connectTimeout} p:useStartTLS=${ldap.useStartTLS} p:sslConfig-ref=sslConfig / bean id=serviceConnectionInitializer class=org.ldaptive.BindConnectionInitializer p:bindDn=${ldap.service.managerDn} property name=bindCredential bean class=org.ldaptive.Credential c:password=${ldap.service.managerPassword} / /property /bean bean id=searchRequest class=org.ldaptive.SearchRequest p:baseDn=${ldap.service.baseDn} p:searchFilter=${ldap.service.searchFilter} / bean id=ldapMapper class=org.jasig.cas.adaptors.ldap.services.DefaultLdapServiceMapper/ Maven builds the package with no errors, but when we go to start up Tomcat this is what we see: INFO: Starting Servlet Engine: Apache Tomcat/7.0.54 Aug 04, 2014 1:06:50 PM org.apache.catalina.startup.HostConfig deployWAR INFO: Deploying web application archive /opt/apache-tomcat-7.0.54/webapps/cas.war 2014-08-04 13:06:57,222 ERROR [org.springframework.web.context.ContextLoader] - Context initialization failed org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'servicesManager' defined in ServletContext resource [/WEB-INF/spring-configuration/applicationContext.xml]: Cannot resolve reference to bean 'serviceRegistryDao' while setting constructor argument; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'serviceRegistryDao' defined in ServletContext resource [/WEB-INF/deployerConfigContext.xml]: Initialization of bean