I followed the instructions at (https://wiki.jasig.org/display/CASUM/Best+Practice+-+Setting+Up+CAS+Locally+using+the+Maven2+WAR+Overlay+Method) for building the CAS server, and then the instructions for authenticating through LDAP (https://wiki.jasig.org/display/CASUM/LDAP). However, I keep getting the following error message in my Tomcat logs:
[LDAP: error code 34 - Invalid DN]; nested exception is javax.naming.InvalidNameException: [LDAP: error code 34 - Invalid DN]
I have verified that my bind user credentials are correct as I am able to perform the following search from the command line:
ldapsearch -x -H ldaps://fuller.edu:636 -b "ou=People,o=fuller.edu,o=cp" -D "cn=Directory Manager" -w "password" "(sn=Smith)" cn sn pdsLoginId
The results from that search are correct and nearly instantaneous.
At this point, I'm not entirely certain what I'm missing. Below are snippets from my deployerConfigContext.xml file.
<bean class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler"
p:filter="pdsLoginId=%u"
p:searchBase="ou=People,o=fuller.edu,o=cp"
p:contextSource-ref="contextSource" />
<bean id="contextSource"
class="org.springframework.ldap.core.support.LdapContextSource">
<property name="pooled" value="true"/>
<property name="url" value="ldaps://fuller.edu:636" />
<property name="userDn" value="cn=Directory Manager"/>
<property name="password" value="our password"/>
<property name="baseEnvironmentProperties">
<map>
<entry key="com.sun.jndi.ldap.connect.timeout" value="3000" />
<entry key="com.sun.jndi.ldap.read.timeout" value="3000" />
<entry key="java.naming.security.authentication" value="simple" />
</map>
</property>
</bean>
I've searched through several posts here at stackoverflow.com, and tried most of the answers, but without luck. I'm hoping someone will spot what is missing in my configuration and send me in the right direction.
I'm happy to post any more code that you may need to see.
Thanks in advance.
Your command line LDAP bind test uses the DN of "ou=People,o=our.edu,o=cp" but the config file specifies the DN of ou=People,o=edu,o=cp. Those are not the same.
o=our.edu or o=edu
Comment explained, it is ou=People,o=fuller.edu,o=cp
Next step would be to see if you need to escape the period with a backslash, so that ou=People,o=fuller.edu,o=cp which works on the command line, might beed to be ou=People,o=fuller\.edu,o=cp in the configuration file.
Related
I have a password alias and I need to use it in my API configuration file.
I am getting error in configuration after saving it.
Any help would be greatly appreciated.
<property name="uri.var.Password" expression="wso2:vault-lookup('testenc.password')"/>
<property name="messageType" value="application/xacml+json" scope="axis2" type="STRING"/>
<property name="Authorization" expression="fn:concat('Basic ', base64Encode('username:get-property('uri.var.Password')'))" scope="transport"/>.
You can do as you tried the other question you posted here. Add the password using Management Console, "Secure Vault Tool" section. Then refer the password in ESB synapse configuration file, using the alias you used.
Hi its done finally as <property name="Authorization" expression="fn:concat('Basic ', base64Encode(fn:concat('username:',get-property('Password'))))" scope="transport"/> where "Password" is my alias password configured using secure vault.
This is my first steps with Restcomm,
I got install the restcomm (jboss version), on the first time I got to hear the welcome message, and I got to access to the admin page.
Then, I tried to restart the jboss, I saw some errors. And I tried to change the dabase in the ibatis.conf from hsql to postgresql.
My question is:
If is possible to change the database (users,roles and rules) and where I can find the instructions for do this.
And I have another question
<dataSource type="POOLED">
<property name="driver" value="org.hsqldb.jdbcDriver"/>
<property name="url" value="jdbc:hsqldb:file://${data}/restcomm;ifexists=true;hsqldb.write_delay=false;shutdown=true"/>
<property name="username" value="sa"/>
<property name="password" value=""/>
</dataSource>
Where the restcomm save the data of the hsql, because I deleted all, install again and then my problem continues.
The following link shows how to configure a different database on Restcomm (MariaDB).
http://docs.telestax.com/restcomm-install-and-configure-restcomm-to-use-mariadb/
You will also need the driver to configure the PostgreSQL DB.
I am using camel in servicemix on my localmachine i want to connect to sql server so i have to install jdbc or i can use m2 of servicemix please Help can i use camel-sql-datasource-h2 for sql operation if yes then i tried change username and password of \blueprint.xml but its not giving proper result
No, you have to provide the corresponding JDBC driver in your ServiceMix installation. For example, if you use MySQL you have to install the JDBC driver in ServicMix:
osgi:install -s mvn:mysql/mysql-connector-java/5.1.34
In your datasource, you have to provide the corresponding properties, for MySQL:
<bean id="mySqlDataSource" class="org.apache.commons.dbcp2.BasicDataSource"
destroy-method="close" scope="singleton">
<property name="driverClassName" value="com.mysql.jdbc.Driver" />
<property name="url" value="jdbc:mysql://localhost:3306/myveo" />
<property name="username" value="xxx" />
<property name="password" value="yyy" />
<property name="initialSize" value="0" />
</bean>
And configure the sql component like this
<bean id="sql" class="org.apache.camel.component.sql.SqlComponent">
<property name="dataSource" ref="mySqlDataSource" />
</bean>
You use it like in this enrich component
<enrich uri="sql:select * from MY_TABLE;" strategyRef="myAggregationStrategy" strategyMethodAllowNull="true" />
You can also use jdbc:create command. You should install the jdbc feature first and create the data source like this
jdbc:create -t MySQL -i --username xxx --password yyy -url jdbc:mysql://localhost:3306/myveo mySqlDataSource
The -i parameter will install the driver automatically. You can find the driver condiguration in deploy/datasource-mySqlDataSource.xml
You can next reference the data source using
<reference id="demoDataSource" interface="javax.sql.DataSource" />
I want to configure CAS server 4.0 with ApacheDS LDAP. I followed the bellow steps:
1- Based on this Link I modify the deployerConfigContext.xml file. The following beans added to this file:
<bean id="ldapAuthenticationHandler"
class="org.jasig.cas.authentication.LdapAuthenticationHandler"
p:principalIdAttribute="uid"
c:authenticator-ref="authenticator">
<property name="principalAttributeMap">
<map>
<!--
| This map provides a simple attribute resolution mechanism.
| Keys are LDAP attribute names, values are CAS attribute names.
| Use this facility instead of a PrincipalResolver if LDAP is
| the only attribute source.
-->
<entry key="member" value="member" />
<entry key="mail" value="mail" />
<entry key="displayName" value="displayName" />
</map>
</property>
</bean>
<bean id="authenticator" class="org.ldaptive.auth.Authenticator"
c:resolver-ref="dnResolver"
c:handler-ref="authHandler" />
<!--
| The following DN format works for many directories, but may need to be
| customized.
-->
<bean id="dnResolver"
class="org.ldaptive.auth.FormatDnResolver"
c:format="uid=%s,${ldap.baseDn}" />
<bean id="authHandler" class="org.ldaptive.auth.PooledBindAuthenticationHandler"
p:connectionFactory-ref="pooledLdapConnectionFactory" />
<bean id="pooledLdapConnectionFactory"
class="org.ldaptive.pool.PooledConnectionFactory"
p:connectionPool-ref="connectionPool" />
<bean id="connectionPool"
class="org.ldaptive.pool.BlockingConnectionPool"
init-method="initialize"
p:poolConfig-ref="ldapPoolConfig"
p:blockWaitTime="${ldap.pool.blockWaitTime}"
p:validator-ref="searchValidator"
p:pruneStrategy-ref="pruneStrategy"
p:connectionFactory-ref="connectionFactory" />
<bean id="ldapPoolConfig" class="org.ldaptive.pool.PoolConfig"
p:minPoolSize="${ldap.pool.minSize}"
p:maxPoolSize="${ldap.pool.maxSize}"
p:validateOnCheckOut="${ldap.pool.validateOnCheckout}"
p:validatePeriodically="${ldap.pool.validatePeriodically}"
p:validatePeriod="${ldap.pool.validatePeriod}" />
<bean id="connectionFactory" class="org.ldaptive.DefaultConnectionFactory"
p:connectionConfig-ref="connectionConfig" />
<bean id="connectionConfig" class="org.ldaptive.ConnectionConfig"
p:ldapUrl="${ldap.url}"
p:connectTimeout="${ldap.connectTimeout}"
p:useStartTLS="${ldap.useStartTLS}"
p:sslConfig-ref="sslConfig" />
<bean id="sslConfig" class="org.ldaptive.ssl.SslConfig">
<property name="credentialConfig">
<bean class="org.ldaptive.ssl.X509CredentialConfig"
p:trustCertificates="${ldap.trustedCert}" />
</property>
</bean>
<bean id="pruneStrategy" class="org.ldaptive.pool.IdlePruneStrategy"
p:prunePeriod="${ldap.pool.prunePeriod}"
p:idleTime="${ldap.pool.idleTime}" />
<bean id="searchValidator" class="org.ldaptive.pool.SearchValidator" />
Also the bellow properties added to the cas.properties:
#========================================
# General properties
#========================================
ldap.url=ldaps://localhost:10636
# LDAP connection timeout in milliseconds
ldap.connectTimeout=30000
# Whether to use StartTLS (probably needed if not SSL connection)
ldap.useStartTLS=true
#========================================
# LDAP connection pool configuration
#========================================
ldap.pool.minSize=3
ldap.pool.maxSize=10
ldap.pool.validateOnCheckout=false
ldap.pool.validatePeriodically=true
# Amount of time in milliseconds to block on pool exhausted condition
# before giving up.
ldap.pool.blockWaitTime=3000
# Frequency of connection validation in seconds
# Only applies if validatePeriodically=true
ldap.pool.validatePeriod=3000
# Attempt to prune connections every N seconds
ldap.pool.prunePeriod=3000
# Maximum amount of time an idle connection is allowed to be in
# pool before it is liable to be removed/destroyed
ldap.pool.idleTime=6000
#========================================
# Authentication
#========================================
ldap.baseDn=dc=example,dc=com
# Base DN of users to be authenticated
ldap.authn.baseDn=dc=example,dc=com
# Manager DN for authenticated searches
ldap.authn.managerDN=uid=admin,ou=system
# Manager password for authenticated searches
ldap.authn.managerPassword=secret
# Search filter used for configurations that require searching for DNs
#ldap.authn.searchFilter=(&(uid={user})(accountState=active))
ldap.authn.searchFilter=(uid={0})
# Search filter used for configurations that require searching for DNs
#ldap.authn.format=uid=%s,ou=Users,dc=example,dc=org
ldap.authn.format=uid=%s,ou=system
ldap.trustedCert=file:/D:/ApacheDS.cer
Also I used InstallCert to add the port of localhosr:8443 (tomcat) and localhost:10636 (ApacheDS) to the cacers file. And with Portecle export the ApacheDS.cer from ApacheDs certification from cacers.
My server.xml file of tomcat modified as bellow:
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="50" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="C:/Program Files/Java/jdk1.7.0_60/jre/lib/security/cacerts"
keystorePass="changeit"
/>
Also the following Jars add to the apache-tomcat-8.0.8\webapps\cas-server-webapp-4.0.0\WEB-INF\lib :
cas-server-support-ldap-4.0.0.jar
spring-ldap-core-2.0.2.RELEASE.jar
spring-ldap-1.2.1.jar
ldaptive-1.0.5.jar
Finally! After lots of struggling tries I get the bellow error:
Caused by: java.lang.IllegalStateException: Could not initialize pool size
at org.ldaptive.pool.AbstractConnectionPool.initialize(AbstractConnectionPool.java:258)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeCustomInitMethod(AbstractAutowireCapableBeanFactory.java:1638)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1579)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1509)
... 70 more
Caused by: [org.ldaptive.provider.ConnectionException#3778440::resultCode=null, matchedDn=null, responseControls=null, referralURLs=null, messageId=-1, providerException=javax.naming.ServiceUnavailableException: localhost:10636; socket closed]
at org.ldaptive.provider.jndi.JndiStartTLSConnectionFactory.createInternal(JndiStartTLSConnectionFactory.java:95)
at org.ldaptive.provider.jndi.JndiStartTLSConnectionFactory.createInternal(JndiStartTLSConnectionFactory.java:37)
at org.ldaptive.provider.AbstractProviderConnectionFactory.create(AbstractProviderConnectionFactory.java:99)
at org.ldaptive.DefaultConnectionFactory$DefaultConnection.open(DefaultConnectionFactory.java:295)
at org.ldaptive.pool.AbstractConnectionPool.createConnection(AbstractConnectionPool.java:482)
at org.ldaptive.pool.AbstractConnectionPool.createAvailableConnection(AbstractConnectionPool.java:523)
at org.ldaptive.pool.AbstractConnectionPool.grow(AbstractConnectionPool.java:363)
at org.ldaptive.pool.AbstractConnectionPool.initialize(AbstractConnectionPool.java:252)
... 77 more
Caused by: javax.naming.ServiceUnavailableException: localhost:10636; socket closed
at com.sun.jndi.ldap.Connection.readReply(Connection.java:454)
at com.sun.jndi.ldap.LdapClient.extendedOp(LdapClient.java:1202)
at com.sun.jndi.ldap.LdapCtx.extendedOperation(LdapCtx.java:3206)
at javax.naming.ldap.InitialLdapContext.extendedOperation(InitialLdapContext.java:183)
at org.ldaptive.provider.jndi.JndiStartTLSConnectionFactory.startTLS(JndiStartTLSConnectionFactory.java:134)
at org.ldaptive.provider.jndi.JndiStartTLSConnectionFactory.createInternal(JndiStartTLSConnectionFactory.java:92)
... 84 more
Could you possibly help me to solve this issue! I really don't know the main reason of my problem?
I don`t know is it late to answer or not, but to day I had same problem and after reading the ldaptive project source, I found the answer as below:
just add the p:failFastInitialize="false" parameter to your connectionPool bean just like
<bean id="connectionPool"
class="org.ldaptive.pool.BlockingConnectionPool"
init-method="initialize"
p:poolConfig-ref="ldapPoolConfig"
p:blockWaitTime="${ldap.pool.blockWaitTime}"
p:validator-ref="searchValidator"
p:pruneStrategy-ref="pruneStrategy"
p:connectionFactory-ref="connectionFactory" p:failFastInitialize="false" />
Finally I can find the solution! Listed bellow are the steps that help you to connect to AacheDS through CAS server 4.
Download cas-server-4.0.0-release.zip
Download Tomcat 8 and run it
Extract the cas-server-4.0.0-release.zip and copy cas-server-webapp-4.0.0.war into apache-tomcat-8.0.8\webapps of your tomcat. Wait till Tomcat extract the War file and make cas-server-webapp-4.0.0
Stop Tomcat Server
Go to conf folder of your Tomcat and edit the server.xml file. You should uncomment the HTTPS part of this file.
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="C:/Program Files/Java/jdk1.7.0_60/jre/lib/security/cacerts"
keystorePass="changeit"
/>
As you can see , the certification of HTTPS Tomcat should be added to the cacerts file. You can check the following link to do this:
A Simple Step-By-Step Guide To Apache Tomcat SSL Configuration
Go to the apache-tomcat-8.0.8\webapps\cas-server-webapp-4.0.0\WEB-INF and replace deployerConfigContext.xml content with the following:
Go to my Blog to copy the content of file
Go to the apache-tomcat-8.0.8\webapps\cas-server-webapp-4.0.0\META-INF\maven\org.jasig.cas\cas-server-webapp and add the following to the pom.xml:
Add the following jar files into apache-tomcat-8.0.8\webapps\cas-server-webapp-4.0.0\WEB-INF\lib
cas-server-support-ldap-4.0.0.jar
spring-ldap-core-2.0.2.RELEASE.jar
spring-ldap-1.2.1.jar
ldaptive-1.0.5.jar
Run ApacheDS
Connect to your ApacheDS with Apache Directory Studio and create a user in dc=example,dc=com
Start Tomcat
Go to the http://localhost:8080/cas-server-webapp-4.0.0/login
Type username and password that you made in the Apache Directory Studio. You can login to CAS with ldap user now!
I'm using successfully Moghadam's solution above, but I had to make a small adjustment in deployerConfigContext.xml:
<bean id="ldapAuthenticationHandler" class="org.jasig.cas.authentication.LdapAuthenticationHandler" >
<constructor-arg ref="authenticator" />
<property name="principalAttributeMap">
<map>
<entry key="mail" value="mail" />
<entry key="cn" value="cn" />
</map>
</property>
</bean>
Please notice I removed the p:principalIdAttribute="uid" property.
I have a Glassfish server working on windows and a problem with alternatedocroot. When I use this
<property name="alternatedocroot_1" value="from=/images/9075.png dir=C:\member\"/>
and request server:8080/myapp/images/9075.png the correct file is displayed. However the directory is full of images so I have tried all of these at different times
<property name="alternatedocroot_1" value="from=/images/\*.png dir=C:\member\"/>
<property name="alternatedocroot_1" value="from=/images/*.png dir=C:\member\"/>
<property name="alternatedocroot_1" value="from=/images/\* dir=C:\member\"/>
<property name="alternatedocroot_1" value="from=/images/* dir=C:\member\"/>
but the same request (server:8080/myapp/images/9075.png) produces a 404 error. I am sure I am making a silly error but I can't see it. I hope someone can help.
Did you try this?
<property name="alternatedocroot_1" value="from=/images/* dir=C:\\member\\"/>
This may have to do with windows back-slashes requires escaping.