Andrew,
The current property is 'iteration';
https://github.com/apereo/cas/blob/6.5.x/api/cas-server-core-api-configuration-model/src/main/java/org/apereo/cas/configuration/model/core/config/standalone/StandaloneConfigurationSecurityProperties.java
'iterations' "worked" because the real default was used; since 'Failed to bind
properties' message was printed.
Maybe setting debug/trace logging for org.apereo.cas.util will provide some
more insight.
Ray
On Tue, 2022-09-06 at 11:40 -0700, Andrew Marker wrote:
Notice: This message was sent from outside the University of Victoria email
system. Please be cautious with links and sensitive information.
In my CAS instance:
These are working with error message:
* cas.standalone.configuration-security.iterations
* cas.standalone.configurationsecurity.iterations
This is what is documented and it fails:
* cas.standalone.configuration-security.iteration
On Tuesday, September 6, 2022 at 1:34:03 PM UTC-5 Andrew Marker wrote:
The warning message about the property seems to be incorrect, and using the
documented property seems to lead to failure.
Today, I was testing a move from v6.5.7 to v6.5.9 and I saw a warning that I
did not see in the previous version at runtime. I'm not having a functional
problem, but there seems to be a disconnect between the code and the
documentation.
When I start CAS, I am seeing the following ERROR.
Failed to bind properties under 'cas' to
org.apereo.cas.configuration.CasConfigurationProperties
cas.standalone.configurationsecurity.iterations = 999 (Origin:
"cas.standalone.configurationSecurity.iterations" from property source
"commandLineArgs")
----------------------------
The documented property is:
cas.standalone.configuration-security.iteration=999
2022-09-06 12:58:30,001 ERROR [org.apereo.cas.util.crypto.CipherExecutor] -
<Could not decrypt value [{cas-cipher}someawesometext]
> It appears the documented property does not work
----------------------
To try to understand the scope I tried the following:
2022-09-06 13:13:22,629 ERROR
[org.apereo.cas.configuration.CasConfigurationPropertiesValidator] - <
Failed to bind properties under 'cas' to
org.apereo.cas.configuration.CasConfigurationProperties
cas.standalone.configuration-security.iterations = 999
This however seemed still to function.
----------------------
In the event my original was incorrect and being ignored giving way to the
default, I tried what is posted.
cas.standalone.configuration-security.iteration=0
This too led to a fail to decrypt message.
----------------------
Using the old naming convention, I pass
* iterations
* password
* provider (SunJCE).
I've never needed to pass:
* Algorithm
* Initialization vector
Is there some additional requirement necessary to move to the new property
names?
--
Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE 019 | r...@uvic.ca<mailto:r...@uvic.ca>
I acknowledge and respect the lək̓ʷəŋən peoples on whose traditional territory
the university stands, and the Songhees, Esquimalt and WSÁNEĆ peoples whose
historical relationships with the land continue to this day.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/b3acb55c79cb1f92951b3f2ec44dfd2fa1c0b74d.camel%40uvic.ca.
