Re: [cas-user] CAS/LDAP user

Tue, 17 May 2022 09:23:34 -0700 

zak,

This are the settings I have for ldap


cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].ldapUrl=ldaps://...
cas.authn.ldap[0].connectTimeout=PT3S
cas.authn.ldap[0].baseDn=ou=people,...
cas.authn.ldap[0].subtreeSearch=true
cas.authn.ldap[0].searchFilter=uid={user}
cas.authn.ldap[0].bindDn=cn=Auth Manager,...
cas.authn.ldap[0].bindCredential=...
cas.authn.ldap[0].principalAttributeList=...

You can use the command line utility, ldapsearch, to be sure your ldap settings 
are correct.
Also check ldap logs.

Ray

On Tue, 2022-05-17 at 08:25 -0700, zak elmi wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

Hi everyone.

I have a problem that I haven't been able to solve for a long time.


[org.apereo.cas.configuration.CasConfigurationPropertiesValidator] - <Validated 
CAS property sources and configuration successfully.>

     _    ____  _____ ____  _____ ___     ____    _    ____
    / \  |  _ \| ____|  _ \| ____/ _ \   / ___|  / \  / ___|
   / _ \ | |_) |  _| | |_) |  _|| | | | | |     / _ \ \___ \
  / ___ \|  __/| |___|  _ <| |__| |_| | | |___ / ___ \ ___) |
 /_/   \_\_|   |_____|_| \_\_____\___/   \____/_/   \_\____/


CAS Version: 6.6.0-RC2
CAS Branch: master
CAS Commit Id: 7946bc20e93ed407274ca391864c8e67165b4c8c
CAS Build Date/Time: 2022-05-10T11:39:56Z
Spring Boot Version: 2.6.6
Spring Version: 5.3.19
Java Home: /usr/lib/jvm/jdk-11
Java Vendor: Oracle Corporation
Java Version: 11.0.15
JVM Free Memory: 298 MB
JVM Maximum Memory: 910 MB
JVM Total Memory: 603 MB
OS Architecture: amd64
OS Name: Linux
OS Version: 4.9.0-18-amd64
OS Date/Time: 2022-05-17T16:45:45.852237
OS Temp Directory: /opt/tomcat/latest/temp
------------------------------------------------------------
Apache Tomcat Version: Apache Tomcat/9.0.30
-----------------------------------------------
  ____  _____    _    ______   __
 |  _ \| ____|  / \  |  _ \ \ / /
 | |_) |  _|   / _ \ | | | \ V /
 |  _ <| |___ / ___ \| |_| || |
 |_| \_\_____/_/   \_\____/ |_|

>
2022-05-17 16:55:04,681 WARN 
[org.apereo.cas.web.flow.resolver.impl.DefaultCasDelegatingWebflowEventResolver]
 - <1 errors, 0 successes>
2022-05-17 16:55:13,354 INFO 
[org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit 
trail record BEGIN
=============================================================
WHO: audit:unknown
WHAT: {result=Service Access Granted, service=https://example.com/index.php, 
requiredAttributes={}}
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
APPLICATION: CAS
WHEN: Tue May 17 16:55:13 CEST 2022
CLIENT IP ADDRESS: X.X.X.X
SERVER IP ADDRESS: X.X.X.X
=============================================================

>
2022-05-17 16:55:13,367 INFO 
[org.apereo.cas.authentication.DefaultAuthenticationManager] - 
<[LdapAuthenticationHandler] exception details: [Unable to resolve user dn for 
userxxxx].>
2022-05-17 16:55:13,368 INFO 
[org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit 
trail record BEGIN
=============================================================
WHO:  userxxxx
WHAT: [UsernamePasswordCredential(username= userxxxx  , source=null, 
customFields={})]
ACTION: AUTHENTICATION_FAILED
APPLICATION: CAS
WHEN: Tue May 17 16:55:13 CEST 2022
CLIENT IP ADDRESS: X.X.X.X
SERVER IP ADDRESS: X.X.X.X
=============================================================

>
2022-05-17 16:55:13,368 WARN 
[org.apereo.cas.web.flow.resolver.impl.DefaultCasDelegatingWebflowEventResolver]
 - <1 errors, 0 successes>



also find my cas.properties
cas.server.name=https://192.168.143.203:8443
cas.server.prefix=${cas.server.name}/cas

logging.config=file:/etc/cas/config/log4j2.xml

 cas.authn.accept.enabled=false

### Desactivation des comptes locaux

cas.authn.accept.users=
### Connexion LDAP
#cas.authn.ldap[0].providerClass=org.ldaptive.provider.unboundid.UnboundIDProvider
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].useSsl=false

### Credential to connect to LDAP
cas.authn.ldap[0].ldapUrl=ldap://192.168.143.200:389
cas.authn.ldap[0].bindDn=cn=admin,dc=example,dc=com
cas.authn.ldap[0].bindCredential=xxxxxxxx


cas.authn.ldap[0].baseDn=ou=people,dc=example,dc=com
cas.authn.ldap[0].subtreeSearch=true
cas.authn.ldap[0].searchFilter=supannAliasLogin={%s}
# peut-être optionnel
cas.authn.ldap[0].principalAttributeId=supannAliasLogin

cas.serviceRegistry.json.location: file:/etc/cas/services



please if someone can help me?
--------------------

--

Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE 019 | r...@uvic.ca<mailto:r...@uvic.ca>

I acknowledge and respect the lək̓ʷəŋən peoples on whose traditional territory 
the university stands, and the Songhees, Esquimalt and WSÁNEĆ peoples whose 
historical relationships with the land continue to this day.

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/375c36d83561da185d101fe03b2b5f55873d327d.camel%40uvic.ca.

Reply via email to