Open fiedl opened 7 years ago
Thanks for your reply. I gather what I've experienced is not the regular behaviour and I should rather get a response when curl
ing the ports.
I've set up a minimal example: https://github.com/fiedl/cas-docker-test
git clone git@github.com:fiedl/cas-docker-test.git
cd cas-docker-test
docker-compose up
The output is quite short and does not show any indication that the server is listening at port 8080.
▶ docker-compose up
Recreating casdockertest_cas_1 ...
Recreating casdockertest_cas_1 ... done
Attaching to casdockertest_cas_1
cas_1 | Executing build from directory:
cas_1 | /cas-overlay
cas_1 | [INFO] Scanning for projects...
cas_1 | [INFO]
cas_1 | [INFO] Using the MultiThreadedBuilder implementation with a thread count of 5
cas_1 | [INFO]
cas_1 | [INFO] ------------------------------------------------------------------------
cas_1 | [INFO] Building cas-overlay 1.0
cas_1 | [INFO] ------------------------------------------------------------------------
cas_1 | [INFO]
cas_1 | [INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ cas-overlay ---
cas_1 | [INFO] Deleting /cas-overlay/target
cas_1 | [INFO]
cas_1 | [INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ cas-overlay ---
cas_1 | [INFO] Using 'UTF-8' encoding to copy filtered resources.
cas_1 | [INFO] skip non existing resourceDirectory /cas-overlay/src/main/resources
cas_1 | [INFO]
cas_1 | [INFO] --- maven-compiler-plugin:3.3:compile (default-compile) @ cas-overlay ---
cas_1 | [INFO] No sources to compile
cas_1 | [INFO]
cas_1 | [INFO] --- maven-resources-plugin:2.6:testResources (default-testResources) @ cas-overlay ---
cas_1 | [INFO] Using 'UTF-8' encoding to copy filtered resources.
cas_1 | [INFO] skip non existing resourceDirectory /cas-overlay/src/test/resources
cas_1 | [INFO]
cas_1 | [INFO] --- maven-compiler-plugin:3.3:testCompile (default-testCompile) @ cas-overlay ---
cas_1 | [INFO] No sources to compile
cas_1 | [INFO]
cas_1 | [INFO] --- maven-surefire-plugin:2.12.4:test (default-test) @ cas-overlay ---
cas_1 | [INFO] No tests to run.
cas_1 | [INFO]
cas_1 | [INFO] --- maven-war-plugin:2.6:war (default-war) @ cas-overlay ---
cas_1 | [INFO] Packaging webapp
cas_1 | [INFO] Assembling webapp [cas-overlay] in [/cas-overlay/target/cas]
cas_1 | [info] Copying manifest...
cas_1 | [INFO] Processing war project
cas_1 | [INFO] Processing overlay [ id org.apereo.cas:cas-server-webapp-tomcat]
cas_1 | [INFO] Webapp assembled in [465 msecs]
cas_1 | [INFO] Building war: /cas-overlay/target/cas.war
cas_1 | [INFO] ------------------------------------------------------------------------
cas_1 | [INFO] BUILD SUCCESS
cas_1 | [INFO] ------------------------------------------------------------------------
cas_1 | [INFO] Total time: 2.053 s (Wall Clock)
cas_1 | [INFO] Finished at: 2017-09-08T16:20:41Z
cas_1 | [INFO] Final Memory: 10M/188M
cas_1 | [INFO] ------------------------------------------------------------------------
cas_1 | Creating configuration directory under /etc/cas
cas_1 | Copying configuration files from etc/cas to /etc/cas
cas_1 | 'etc/cas/config/log4j2.xml' -> '/etc/cas/config/log4j2.xml'
cas_1 | 'etc/cas/config/cas.properties' -> '/etc/cas/config/cas.properties'
cas_1 | 'etc/cas/config/application.yml' -> '/etc/cas/config/application.yml'
cas_1 |
cas_1 | __ ____ _ ____ __
cas_1 | / / / ___| / \ / ___| \ \
cas_1 | | | | | / _ \ \___ \ | |
cas_1 | | | | |___ / ___ \ ___) | | |
cas_1 | | | \____| /_/ \_\ |____/ | |
cas_1 | \_\ /_/
cas_1 |
cas_1 | CAS Version: 5.1.2
cas_1 | CAS Commit Id: fae163b426ba91cc78a18e3805b2f2fac9c03b2e
cas_1 | CAS Build Date/Time: 2017-09-08T16:20:41Z
cas_1 | Spring Boot Version: 1.5.3.RELEASE
cas_1 | ------------------------------------------------------------
cas_1 | System Date/Time: 2017-09-08T16:20:46.344
cas_1 | System Temp Directory: /tmp
cas_1 | ------------------------------------------------------------
cas_1 | Java Home: /opt/zulu8.19.0.1-jdk8.0.112-linux_x64/jre
cas_1 | Java Vendor: Azul Systems, Inc.
cas_1 | Java Version: 1.8.0_112
cas_1 | JCE Installed: yes
cas_1 | ------------------------------------------------------------
cas_1 | OS Architecture: amd64
cas_1 | OS Name: Linux
cas_1 | OS Version: 4.9.41-moby
cas_1 | ------------------------------------------------------------
cas_1 | Apache Tomcat Version: Apache Tomcat/8.5.15
cas_1 | ------------------------------------------------------------
cas_1 |
cas_1 |
cas_1 | 2017-09-08 16:20:46,492 INFO [org.apereo.cas.configuration.config.CasCoreBootstrapStandaloneConfiguration] - <Configuration files found at [/etc/cas/config] are [[/etc/cas/config/application.yml, /etc/cas/config/cas.properties]]>
cas_1 | 2017-09-08 16:20:46,522 INFO [org.apereo.cas.configuration.config.CasCoreBootstrapStandaloneConfiguration] - <Found and loaded [5] setting(s) from [/etc/cas/config]>
cas_1 | 2017-09-08 16:20:46,523 INFO [org.springframework.cloud.bootstrap.config.PropertySourceBootstrapConfiguration] - <Located property source: PropertiesPropertySource [name='standaloneCasConfigService']>
cas_1 | 2017-09-08 16:20:51,367 WARN [org.apereo.cas.config.CasCoreTicketsConfiguration] - <Runtime memory is used as the persistence storage for retrieving and managing tickets. Tickets that are issued during runtime will be LOST upon container restarts. This MAY impact SSO functionality.>
cas_1 | 2017-09-08 16:21:04,243 WARN [org.apereo.cas.config.support.authentication.AcceptUsersAuthenticationEventExecutionPlanConfiguration] - <>
cas_1 | 2017-09-08 16:21:04,247 WARN [org.apereo.cas.config.support.authentication.AcceptUsersAuthenticationEventExecutionPlanConfiguration] - <
cas_1 |
cas_1 | ____ _____ ___ ____ _
cas_1 | / ___| |_ _| / _ \ | _ \ | |
cas_1 | \___ \ | | | | | | | |_) | | |
cas_1 | ___) | | | | |_| | | __/ |_|
cas_1 | |____/ |_| \___/ |_| (_)
cas_1 |
cas_1 |
cas_1 | CAS is configured to accept a static list of credentials for authentication. While this is generally useful for demo purposes, it is STRONGLY recommended that you DISABLE this authentication method (by SETTING 'cas.authn.accept.users' to a blank value) and switch to a mode that is more suitable for production.>
cas_1 | 2017-09-08 16:21:04,247 WARN [org.apereo.cas.config.support.authentication.AcceptUsersAuthenticationEventExecutionPlanConfiguration] - <>
cas_1 | 2017-09-08 16:21:05,147 WARN [org.apereo.cas.config.CasCoreServicesConfiguration] - <Runtime memory is used as the persistence storage for retrieving and persisting service definitions. Changes that are made to service definitions during runtime WILL be LOST upon container restarts.>
cas_1 | 2017-09-08 16:21:11,106 WARN [org.apereo.cas.util.cipher.BaseStringCipherExecutor] - <Secret key for encryption is not defined for [Ticket-granting Cookie]; CAS will attempt to auto-generate the encryption key>
cas_1 | 2017-09-08 16:21:11,118 WARN [org.apereo.cas.util.cipher.BaseStringCipherExecutor] - <Generated encryption key [YMwIubHCn5NaWNoequAc0uaGtf3_9Jd9-Mkz-yGN3Zg] of size [256] for [Ticket-granting Cookie]. The generated key MUST be added to CAS settings.>
cas_1 | 2017-09-08 16:21:11,118 WARN [org.apereo.cas.util.cipher.BaseStringCipherExecutor] - <Secret key for signing is not defined for [Ticket-granting Cookie]. CAS will attempt to auto-generate the signing key>
cas_1 | 2017-09-08 16:21:11,119 WARN [org.apereo.cas.util.cipher.BaseStringCipherExecutor] - <Generated signing key [0ISOEx0OfGn-mZ3_B7ZVi5Y7QgXhYWtdD0n4KF4Y3eb0ZtSwewUcX3EJb22BvggyV6FjPTfDGGJzi-o3sIe_aQ] of size [512] for [Ticket-granting Cookie]. The generated key MUST be added to CAS settings.>
cas_1 | 2017-09-08 16:21:11,590 WARN [org.apereo.cas.util.cipher.BaseBinaryCipherExecutor] - <Secret key for signing is not defined. CAS will attempt to auto-generate the signing key>
cas_1 | 2017-09-08 16:21:11,590 WARN [org.apereo.cas.util.cipher.BaseBinaryCipherExecutor] - <Generated signing key [Estn5Jcl5MFnNOwaVQcWkVR_DXaotCGEZOrhQ5K8tzHUNyZKvAM7Gg8CMvKnGs_jqwa83-mDZo05AJAfI3U9sw] of size [512]. The generated key MUST be added to CAS settings.>
cas_1 | 2017-09-08 16:21:11,591 WARN [org.apereo.cas.util.cipher.BaseBinaryCipherExecutor] - <No encryption key is defined. CAS will attempt to auto-generate keys>
cas_1 | 2017-09-08 16:21:11,591 WARN [org.apereo.cas.util.cipher.BaseBinaryCipherExecutor] - <Generated encryption key [hqZmRoszMUuROWoz] of size [16]. The generated key MUST be added to CAS settings.>
Docker shows that the ports are correctly redirected.
▶ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0fa9bc5a3908 apereo/cas:v5.1.2 "/cas-overlay/bin/..." 12 minutes ago Up 12 minutes 0.0.0.0:8080->8080/tcp, 0.0.0.0:8443->8443/tcp casdockertest_cas_1
Curl does not reach the server.
▶ curl localhost:8080
curl: (52) Empty reply from server
Could I assume that you have correctly created a keystore and CAS is using it? Because your logs seem incomplete. You should be seeing a READY asciiart, and since you dont that means something has gone wrong and the server has not really started.
Actually, ignore the comment about the READY asciiart. That does not apply to 5.1.x, but the rest is all the same. Does port 8443 work?
Also it appears that port 8080 is not by default enabled: https://github.com/apereo/cas/blob/5.1.x/core/cas-server-core-configuration/src/main/java/org/apereo/cas/configuration/model/core/CasServerProperties.java#L326
You'll need to enable the port for the embedded tomcat first before you can access/expose it.
@mmoayyed Thanks for the pointers, but I'm really not sure how to approach this. I'm still reading the CAS documentation.
Maybe I did not understand this docker image altogether: I'm wondering if it is possible to use this docker image and configure it to connect to our ldap server, and maybe, also include a custom logo or welcome text, without coding any java, just by setting environment variables, mounting configuration files and resource folders through docker.
I'm running into (I think) the same thing - I mapped port 8080 with -p8080:8080, and traffic is getting to Tomcat because it's showing up in the Tomcat access log, but I'm getting back 400 (Bad Request) when I try to navigate to the root of the site (http://localhost:8080)
I haven't been able to find any configuration RE Tomcat at all. If there's something that needs to be enabled, I'm completely lost.
Did someone find a solution ? I have the same issue...
Yes and no. I never got the HTTP endpoint to work, but if I recall correctly, I got the HTTPS endpoint to work from inside the container by..I think generating a new cert, but it's been a while.
On Fri, Mar 2, 2018 at 12:27 PM, sebastiennoir notifications@github.com wrote:
Did someone find a solution ? I have the same issue...
— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/apereo/cas-webapp-docker/issues/17#issuecomment-369991232, or mute the thread https://github.com/notifications/unsubscribe-auth/ACPsRy91I0FNvZ573tNM368AqYDNleG7ks5taYDqgaJpZM4PPq1e .
I have the same problem, generate the certs, put in the keystore and the cacerts file, but still not working. Now my error is: java.io.IOException: Alias name [null] does not identify a key entry
I have the same problem too.
Finally, I found the problem, the thekeystore
in /etc/cas/
is a empty keystore. We need to add an entry into it using keytool -genkeypair -alias cas -keyalg RSA -keypass changeit -storepass changeit -keystore \path\to\thekeystore -dname "CN=cas.example.org,OU=Example,OU=Org,C=US" -ext SAN="dns:example.org,dns:localhost,ip:127.0.0.1"
see more on https://github.com/CenterForOpenScience/docker-library/blob/master/cas/Dockerfile
I hava set up the keystore ,but still exists this proplem , where are the ploblems?
I'm trying setup CAS as authentication proxy for several web applications.
Why opening an issue here?
Through the Getting Started Guide I got to the Docker Installation Guide, which, for instructions on the configuration, directs to this repo.
How to get started?
I've successfully created a docker container for
cas:v5.1.2
. Although the guide readsopeneing the ports suggested by
docker ps
in the browser does not work. Alsocurl
returns "curl: (52) Empty reply from server".Thus, I guess I'm missing some documentation on how to proceed. Could you give me some pointers on the following topics or point me to the corresponding documentation:
nginx
to redirect properly to CAS when authentication is needed.