Ray, In relation to what you said I've made some modifications to "cas.properties" above but still "username/password" incorrect, as far as ldap is concerned I can't find or access the logs for it, and it's case sensitive.
My new cas.properties: as.server.name=http://acsi.cg:8443 cas.server.prefix=${cas.server.name}/cas logging.config=file:/etc/cas/config/log4j2.xml cas.authn.accept.users= ### Connexion LDAP cas.authn.ldap[0].providerClass=org.ldaptive.provider.unboundid.UnboundIDProvid> cas.authn.ldap[0].type=AUTHENTICATED cas.authn.ldap[0].useSsl=false cas.authn.ldap[0].ldapUrl=ldap://acsi.cg:389 cas.authn.ldap[0].baseDn=dc=acsi,dc=cg cas.authn.ldap[0].subtreeSearch=true cas.authn.ldap[0].searchFilter=sAMAccountName={user} # cas.authn.ldap[0].principalAttributeList=cn,givenName,mail # Credential to connect to LDAP cas.authn.ldap[0].bindDn=cn=admin,dc=acsi,dc=cg cas.authn.ldap[0].bindCredential=@Debian453 Le vendredi 26 mai 2023 à 17:44:52 UTC+1, Ray Bon a écrit : > Coeurcy, > > The ldap loggers from my previous email should help with debugging the > problem. > Do you have access to the ldap server logs? > > Is your ldap case sensitive (you have 'dc' and 'DC')? > > Is there a class identifier missing in bind-dn? > > Ray > > On Fri, 2023-05-26 at 02:22 -0700, Coeurcy Mokoko wrote: > > Notice: This message was sent from outside the University of Victoria > email system. Please be cautious with links and sensitive information. > > > Yes, I manage to connect from the command line with the same parameters, > but when I try to authenticate to cas with the same login and password, it > doesn't work! > Le mardi 23 mai 2023 à 18:08:03 UTC+1, Ray Bon a écrit : > > azer, > > Can you connect to your ldap server from the computer running cas using > command line or gui and the same connection parameters? > > Turn up logging for ldap. > > Ray > > P.S. here are some ldap related logs I have used > > > <AsyncLogger name="org.ldaptive" level="${sys:ldap.log.level}" > includeLocation="true" /> > <!-- TODO: investigate: DEBUG 'Operation exception encountered, reopening > connection' --> > <AsyncLogger name="org.ldaptive.AbstractOperation" level="error" > additivity="false" /> > <AsyncLogger > name="org.ldaptive.AbstractOperation$ReopenOperationExceptionHandler" > level="error" > additivity="false" /> > <AsyncLogger name="org.ldaptive.BindOperation" level="warn" > additivity="false" /> > <AsyncLogger name="org.ldaptive.SearchOperation" level="warn" > additivity="false" /> > <AsyncLogger name="org.ldaptive.PooledConnectionFactory" level="warn" > additivity="false" /> > <!-- INFO Authentication failed for dn: ... > DEBUG prints failed log in error reason (among other ldap connection > details) --> > <!-- <AsyncLogger name="org.ldaptive.auth" level="debug" > additivity="false" /> --> > <AsyncLogger name="org.ldaptive.pool.BlockingConnectionPool" level="warn" > additivity="false" /> > <AsyncLogger name="org.ldaptive.ssl.AggregateTrustManager" level="warn" > additivity="false" /> > <AsyncLogger name="org.ldaptive.ssl.DefaultHostnameVerifier" level="warn" > additivity="false" /> > <AsyncLogger name="org.ldaptive.ssl.HostnameVerifyingTrustManager" > level="warn" additivity="false" /> > <AsyncLogger name="org.ldaptive.transport.DefaultSearchOperationHandle" > level="warn" additivity="false" /> > <AsyncLogger name="org.ldaptive.transport.netty.MessageFrameDecoder" > level="warn" additivity="false" /> > <AsyncLogger name="org.ldaptive.transport.netty.NettyConnection" > level="warn" additivity="false" /> > <AsyncLogger > name="org.ldaptive.transport.netty.NettyConnection$BindOperationHandle" > level="warn" additivity="false" /> > <AsyncLogger > name="org.ldaptive.transport.netty.NettyConnection$RequestEncoder" > level="warn" additivity="false" /> > > On Sat, 2023-05-20 at 07:54 -0700, azer tyuiop wrote: > > Notice: This message was sent from outside the University of Victoria > email system. Please be cautious with links and sensitive information. > > > Hello, how to connect CAS to LDAP > > I implemented openLdap to install CAS then I created the file > cas.properties in cas-overlay-template/etc/cas/config/ > > Because in this folder after the installation of CAS I did not find the > file "cas.properties" which should normally be in the folder > cas-overlay-template/etc/cas/config > > I recompiled and then deployed in cas but I still have this error attached. > > Here are the contents of the "cas.properties" file I created in > cas-overlay-template/etc/cas/config: > > cas.server.name=http://acsi.cg:8443 > cas.server.prefix=${cas.server.name}/cas > logging.config: file:/etc/cas/config/log4j2.xml > > > cas.authn.accept.users= > ### LDAP connection > > #cas.authn.ldap\[0\].providerClass=org.ldaptive.provider.unboundid.UnboundIDPro> > cas.authn.ldap[0].type=AUTHENTICATED > #cas.authn.ldap\[0\].useSsl=false > cas.authn.ldap[0].ldap-url=ldap://acsi.cg:389 > cas.authn.ldap[0].base-dn= subtreeA,dc=acsi,dc=cg|subtreeC,dc=acsi,dc=cg > cas.authn.ldap[0].password-encoder.type=NONE > cas.authn.ldap[0].search-filter={user} > #cas.authn.ldap\[0].subtreeSearch=true > #cas.authn.ldap\[0].principalAttributeList=cn,givenName,mail > > > ### Credential to connect to LDAP > cas.authn.ldap[0].bind-dn=admincas,CN=admincas,DC= acsi,DC=cg > cas.authn.ldap[0].bind-credential=@Debian453 > > > As a reminder, I use: > openLdap, ldap account manager, jdk-17, tomcat 10 and cas-overlay-template > 6.6.7 > > > I'm looking forward to your help, thanks in advance! > > > [image: cas ....png] > > > > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/b6aa2395-8e60-47d4-920e-4f4ef998edbfn%40apereo.org.
