almost there
jsalvaggio at ci.norwood.ma.us
jsalvaggio at ci.norwood.ma.us
Tue May 8 13:53:26 EDT 2007
I'm trying to set CAS up with LDAP for authentication.
I'm
receiving this error when I access CAS:
CAS is
Unavailable
There was a fatal error initializing the CAS
application context. This is
almost always because of an error in the
Spring bean configuration files. Are the files valid XML? Do the beans
they refer to all exist?
Before placing CAS in production, you
should change this page to present
a UI appropriate for the case
where the CAS web application is
fundamentally broken. Perhaps
"Sorry, CAS is currently unavailable." with some links to your
user support information.
The Throwable encountered at
context listener initialization was:
org.springframework.beans.factory.CannotLoadBeanClassException: Error
loading class
[org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource] for
bean with name 'contextSource' defined in ServletContext resource
[/WEB-INF/deployerConfigContext.xml]: problem with class file or
dependent class; nested exception is java.lang.NoClassDefFoundError:
org/springframework/ldap/support/LdapContextSource
The
Throwable encountered at dispatcher servlet initialization was:
org.springframework.beans.factory.CannotLoadBeanClassException:
Error
loading class
[org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource] for
bean with name 'contextSource' defined in ServletContext resource
[/WEB-INF/deployerConfigContext.xml]: problem with class file or
dependent class; nested exception is java.lang.NoClassDefFoundError:
org/springframework/ldap/support/LdapContextSource
The deployerConfigContext.xml looks loke this:
<?xml
version="1.0" encoding="UTF-8"?>
<!DOCTYPE
beans PUBLIC "-//SPRING//DTD BEAN//EN"
"http://www.springframework.org/dtd/spring-beans.dtd">
<!--
| deployerConfigContext.xml centralizes into one file
some of the declarative configuration that
| all CAS deployers
will need to modify.
|
| This file declares some of
the Spring-managed JavaBeans that make up a CAS deployment.
|
The beans declared in this file are instantiated at context
initialization time by the Spring
| ContextLoaderListener
declared in web.xml. It finds this file because this
| file is
among those declared in the context parameter
"contextConfigLocation".
|
| By far the
most common change you will need to make in this file is to change the
last bean
| declaration to replace the default
SimpleTestUsernamePasswordAuthenticationHandler with
| one
implementing your approach for authenticating usernames and passwords.
+-->
<beans>
<!--
| This
bean declares our AuthenticationManager. The
CentralAuthenticationService service bean
| declared in
applicationContext.xml picks up this
AuthenticationManager by
reference to its id,
| "authenticationManager".
Most deployers will be able to use the default AuthenticationManager
| implementation and so do not need to change the class of this
bean. We include the whole
| AuthenticationManager here in
the userConfigContext.xml so that you can see the things you will
| need to change in context.
+-->
<bean
id="authenticationManager"
class="org.jasig.cas.authentication.AuthenticationManagerImpl">
<!--
| This is the List of
CredentialToPrincipalResolvers that identify what Principal is trying to
authenticate.
| The AuthenticationManagerImpl considers
them in order, finding a CredentialToPrincipalResolver which
| supports the presented credentials.
|
| AuthenticationManagerImpl uses these resolvers for two purposes.
First, it uses them to identify the Principal
|
attempting to authenticate to CAS /login . In the default configuration,
it is the DefaultCredentialsToPrincipalResolver
| that
fills this role. If you are using some other kind of credentials than
UsernamePasswordCredentials, you will need to replace |
DefaultCredentialsToPrincipalResolver with a
CredentialsToPrincipalResolver that supports the credentials you are
| using.
|
| Second,
AuthenticationManagerImpl uses these resolvers to identify a service
requesting a proxy granting ticket.
| In the default
configuration, it is the
HttpBasedServiceCredentialsToPrincipalResolver that serves this purpose.
| You will need to change this list if you are identifying
services by something more or other than their callback URL.
+-->
<property
name="credentialsToPrincipalResolvers">
<list>
<!--
|
UsernamePasswordCredentialsToPrincipalResolver supports the
UsernamePasswordCredentials that we use for /login
| by default and produces SimplePrincipal instances conveying the
username from the credentials.
|
| If you've changed your LoginFormAction to use credentials
other than UsernamePasswordCredentials then you will also
| need to change this bean declaration (or add additional
declarations) to declare a CredentialsToPrincipalResolver that supports
the
| Credentials you are using.
+-->
<bean
class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver"
/>
<!--
|
HttpBasedServiceCredentialsToPrincipalResolver supports
HttpBasedCredentials. It supports the CAS 2.0 approach of
| authenticating services by SSL callback, extracting the callback
URL from the Credentials and representing it as a
| SimpleService identified by that callback URL. |
| If you are representing services by something
more or other than an HTTPS URL whereat they are able to
| receive a proxy callback, you will need to change this bean
declaration (or add additional declarations).
+-->
<bean
class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver"
/>
</list>
</property>
<!--
| Whereas
CredentialsToPrincipalResolvers identify who it is some Credentials might
authenticate,
| AuthenticationHandlers actually
authenticate credentials. Here we declare the AuthenticationHandlers that
| authenticate the Principals that the
CredentialsToPrincipalResolvers identified. CAS will try these handlers
in turn
| until it finds one that both supports the
Credentials presented and succeeds in authenticating.
+-->
<property
name="authenticationHandlers">
<list>
<!--
| This is the
authentication handler that
authenticates services by means of
callback via SSL, thereby validating | a server side
SSL certificate.
+-->
<bean
class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler">
<property name="httpClient"
ref="httpClient" />
</bean>
<!--
| This is the authentication handler
declaration that every CAS deployer will need to change before deploying
CAS
| into production.
| With this
configuration you’ll be using LDAP FastBind authentication.
+-->
<bean
class="org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler"
> <property
name="filter"
value="uid=%u,ou=people,dc=norwoodma,dc=gov" />
<property name="contextSource"
ref="contextSource" />
</bean>
</list>
</property>
</bean>
<bean id="contextSource"
class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource">
<property name="urls">
<list>
<value>ldap://localhost:636/</value>
</list>
</property>
</bean>
</beans>
Please help me
figure out what's wrong.
Thank you
Joe
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20070508/e11a4ed7/attachment.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20070508/e11a4ed7/attachment-0001.html
More information about the cas
mailing list