Monday, July 16, 2012

CAS Jasig in Ubuntu: Login Issue

Case: Cannot login to ldap after done configuration in Tomcat6.

Solution steps:

1. Check tomcat log
    # cd /var/log/tomcat6

    # grep -R 443 *     <- to grep all log related to 443 port

2. Check established port See if port 8443 established?
    # netstat -na

3. Check LDAP log whether CAS listen/connected with LDAP server.
    # tail -f  /var/log/debug.log

4. How to check tomcat root folder ?
    # nano  /etc/init.d/tomcat6

    From this file, you will find that root folder for tomcat in:
    CATALINA_HOME =  /usr/share/tomcat6

5. Check the SSL Cert current location. In my case, the cert located in /root/ folder.
    The cert should move to tomcat root folder : /usr/share/tomcat6


6. Move the SSL cert folder from /root  to   /usr/share/tomcat6/
   # cd  /root/
   # mv cert  
/usr/share/tomcat6/

7. Change ownership for the cert folder
    # cd 
 /usr/share/tomcat6/
    # chown -R  tomcat6:tomcat6  cert



8. Fix the cert path in server.xml configuration file


9. Check the deployerConfigContext.xml  for 'authenticationHandlers' setting:
    For new version of CAS Jasig, the basedn setting look like this:
    **
    
value="cn=%u, ou=people, dc=staff, dc=company, dc=com, dc=my" 
    In our case, we missed the ou object in the property value.

10. Restart Tomcat Server
    # /etc/init.d/tomcat6  restart



11. Test login again & good luck. Its working in my case!


Thank you to sifoo Saufi .... cayalah.. terbukti pemegang CCNA. Arigato...
.

0 comments:

Post a Comment