almost there

[Scott Battaglia]

It looks like you're missing Spring LDAP (
http://www.springframework.org/ldap).

This should include the Spring LDAP jar and its dependencies (I believe one
other jar is required).

-Scott


On 5/8/07, jsalvaggio at ci.norwood.ma.us <jsalvaggio at ci.norwood.ma.us> wrote:
>
>
> I'm trying to set CAS up with LDAP for authentication.
> I'm receiving this error when I access CAS:
>
>
>
> CAS is Unavailable
>
> There was a fatal error initializing the CAS application context. This is
> almost always because of an error in the Spring bean configuration files.
> Are the files valid XML? Do the beans they refer to all exist?
>
> Before placing CAS in production, you should change this page to present
> a UI appropriate for the case where the CAS web application is
> fundamentally broken. Perhaps "Sorry, CAS is currently unavailable." with
> some links to your user support information.
>
> The Throwable encountered at context listener initialization was:
>
> org.springframework.beans.factory.CannotLoadBeanClassException: Error
> loading class
> [org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource] for bean
> with name 'contextSource' defined in ServletContext resource
> [/WEB-INF/deployerConfigContext.xml]: problem with class file or
> dependent class; nested exception is java.lang.NoClassDefFoundError:
> org/springframework/ldap/support/LdapContextSource
>
> The Throwable encountered at dispatcher servlet initialization was:
>
> org.springframework.beans.factory.CannotLoadBeanClassException: Error
> loading class
> [org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource] for bean
> with name 'contextSource' defined in ServletContext resource
> [/WEB-INF/deployerConfigContext.xml]: problem with class file or
> dependent class; nested exception is java.lang.NoClassDefFoundError:
> org/springframework/ldap/support/LdapContextSource
>
>
>
>
> The deployerConfigContext.xml looks loke this:
>
> <?xml version="1.0" encoding="UTF-8"?>
> <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
> "http://www.springframework.org/dtd/spring-beans.dtd">
> <!--
> | deployerConfigContext.xml centralizes into one file some of the
> declarative configuration that
> | all CAS deployers will need to modify.
> |
> | This file declares some of the Spring-managed JavaBeans that make up a
> CAS deployment.
> | The beans declared in this file are instantiated at context
> initialization time by the Spring
> | ContextLoaderListener declared in web.xml. It finds this file because
> this
> | file is among those declared in the context parameter
> "contextConfigLocation".
> |
> | By far the most common change you will need to make in this file is to
> change the last bean
> | declaration to replace the default
> SimpleTestUsernamePasswordAuthenticationHandler with
> | one implementing your approach for authenticating usernames and
> passwords.
> +-->
> <beans>
> <!--
> | This bean declares our AuthenticationManager. The
> CentralAuthenticationService service bean
> | declared in applicationContext.xml picks up this
> AuthenticationManager by reference to its id,
> | "authenticationManager". Most deployers will be able to use the default
> AuthenticationManager
> | implementation and so do not need to change the class of this bean. We
> include the whole
> | AuthenticationManager here in the userConfigContext.xml so that you can
> see the things you will
> | need to change in context.
> +-->
> <bean id="authenticationManager"
> class="org.jasig.cas.authentication.AuthenticationManagerImpl"> <!--
> | This is the List of CredentialToPrincipalResolvers that identify what
> Principal is trying to authenticate.
> | The AuthenticationManagerImpl considers them in order, finding a
> CredentialToPrincipalResolver which
> | supports the presented credentials.
> |
> | AuthenticationManagerImpl uses these resolvers for two purposes. First,
> it uses them to identify the Principal
> | attempting to authenticate to CAS /login . In the default configuration,
> it is the DefaultCredentialsToPrincipalResolver
> | that fills this role. If you are using some other kind of credentials
> than UsernamePasswordCredentials, you will need to replace |
> DefaultCredentialsToPrincipalResolver with a
> CredentialsToPrincipalResolver that supports the credentials you are |
> using.
> |
> | Second, AuthenticationManagerImpl uses these resolvers to identify a
> service requesting a proxy granting ticket.
> | In the default configuration, it is the
> HttpBasedServiceCredentialsToPrincipalResolver that serves this purpose. |
> You will need to change this list if you are identifying services by
> something more or other than their callback URL.
> +-->
> <property name="credentialsToPrincipalResolvers">
> <list>
> <!--
> | UsernamePasswordCredentialsToPrincipalResolver supports the
> UsernamePasswordCredentials that we use for /login
> | by default and produces SimplePrincipal instances conveying the username
> from the credentials.
> |
> | If you've changed your LoginFormAction to use credentials other than
> UsernamePasswordCredentials then you will also | need to change this bean
> declaration (or add additional declarations) to declare a
> CredentialsToPrincipalResolver that supports the
> | Credentials you are using.
> +-->
> <bean
>
> class="
> org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver"
> />
> <!--
> | HttpBasedServiceCredentialsToPrincipalResolver supports
> HttpBasedCredentials. It supports the CAS 2.0 approach of | authenticating
> services by SSL callback, extracting the callback URL from the Credentials
> and representing it as a
> | SimpleService identified by that callback URL. |
> | If you are representing services by something more or other than an
> HTTPS URL whereat they are able to
> | receive a proxy callback, you will need to change this bean declaration
> (or add additional declarations).
> +-->
> <bean
>
> class="
> org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver"
> />
> </list>
> </property>
>
> <!--
> | Whereas CredentialsToPrincipalResolvers identify who it is some
> Credentials might authenticate,
> | AuthenticationHandlers actually authenticate credentials. Here we
> declare the AuthenticationHandlers that
> | authenticate the Principals that the
> CredentialsToPrincipalResolvers identified. CAS will try these handlers in
> turn
> | until it finds one that both supports the Credentials presented and
> succeeds in authenticating.
> +-->
> <property name="authenticationHandlers">
> <list>
> <!--
> | This is the authentication handler that
> authenticates services by means of callback via SSL, thereby validating |
> a server side SSL certificate.
> +-->
> <bean
> class="
> org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler">
> <property name="httpClient" ref="httpClient" />
> </bean>
>
> <!--
> | This is the authentication handler declaration that every CAS deployer
> will need to change before deploying CAS
> | into production.
> | With this configuration you&rsquo;ll be using LDAP FastBind
> authentication.
> +-->
> <bean
>
> class="org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler" >
> <property name="filter"
> value="uid=%u,ou=people,dc=norwoodma,dc=gov" />
> <property name="contextSource"
> ref="contextSource" />
> </bean>
> </list>
> </property>
> </bean>
> <bean id="contextSource"
> class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource">
> <property name="urls">
> <list>
> <value>ldap://localhost:636/</value> </list>
> </property>
> </bean>
> </beans>
>
>
> Please help me figure out what's wrong.
>
> Thank you
>
> Joe
>
>
>
>
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
>


-- 
-Scott Battaglia

LinkedIn: http://www.linkedin.com/in/scottbattaglia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20070508/57ee5928/attachment.html