apereo / cas-webapp-docker Goto Github PK

There are two broken links in the README.md file. In the Configuration > Image section, the two "CAS overlay project" links are broken. The point to a 404 error page.

How to change the 8443 port number?

Are you guys planning on publishing the new docker images? The latest docker image I see is 5.2.2, at the time of writing this 5.3.2 is the latest release of cas.

Hi,
When i run:
sudo docker exec cas ./build.sh v4.2.1
See this output:
rpc error: code = 2 desc = containerd: container not started

What's wrong??

sudo docker ps :
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES f599d89b002c apereo/cas:v4.2.1 "/cas-overlay/bin/run" 49 minutes ago Up 49 minutes 8080/tcp, 8443/tcp cas

and sudo docker info :
Containers: 2 Running: 1 Paused: 0 Stopped: 1 Images: 1 Server Version: 1.12.6 Storage Driver: aufs Root Dir: /var/lib/docker/aufs Backing Filesystem: extfs Dirs: 17 Dirperm1 Supported: true Logging Driver: json-file Cgroup Driver: cgroupfs Plugins: Volume: local Network: host bridge overlay null Swarm: inactive Runtimes: runc Default Runtime: runc Security Options: apparmor seccomp Kernel Version: 4.4.0-83-generic Operating System: Ubuntu 16.04.2 LTS OSType: linux Architecture: x86_64 CPUs: 4 Total Memory: 7.664 GiB Name: falsafin ID: P4L2:UI4Y:XDNG:XFZ5:FKHU:2ZLJ:XGJV:GO7D:WA5U:KIFW:K227:5LZA Docker Root Dir: /var/lib/docker Debug Mode (client): false Debug Mode (server): false Registry: https://index.docker.io/v1/ WARNING: No swap limit support Insecure Registries: 127.0.0.0/8

Is there any reason why there is no v5.1.1 tag on https://hub.docker.com/r/apereo/cas/tags/ ?

:~ xx$ docker start cas

Error response from daemon: oci runtime error: container_linux.go:247: starting container process caused "exec: "cas-overlay/bin/run-cas.sh": stat cas-overlay/bin/run-cas.sh: no such file or directory"
Error: failed to start containers: cas

env is mac docker.

I'm trying setup CAS as authentication proxy for several web applications.

incoming request ----> nginx ----> CAS
                        |           |------> LDAP server
                        |
                        |--------> web app

Why opening an issue here?

Through the Getting Started Guide I got to the Docker Installation Guide, which, for instructions on the configuration, directs to this repo.

How to get started?

I've successfully created a docker container for cas:v5.1.2. Although the guide reads

Once CAS is running, it will be available under ports 8080 and 8443.

openeing the ports suggested by docker ps in the browser does not work. Also curl returns "curl: (52) Empty reply from server".

Thus, I guess I'm missing some documentation on how to proceed. Could you give me some pointers on the following topics or point me to the corresponding documentation:

1. How to access the docker container through the browser, and in case that this is only possible after configuration,
2. how tell CAS which LDAP server to use for authentication and how to connect to this LDAP server,
3. how to configure nginx to redirect properly to CAS when authentication is needed.

the cas-overlay temple did't contain any file in cas-overlay/etc/ .
it just has an dirt 'cas'.

I succesfully created a Docker instance with CAS in it, and I can access it from https://myURL/cas/login

I can successfully login using casuser/Mellon

But I cannot access the dashboard https://MyURL/cas/status/dashboard, It says I am not authorized.

What am I missing here ?

Thanks

I would like to have more precisions in the introduction of the README.md file. In particular, I want to know how to use this repo:

• Can I use the image available on dockerhub as is ? If I can, how can I configure it ?
• Do I have to clone this repository to make my own image, in which I will embed my particular config ? And in this case what do I have to do to configure the server web app ? Am I supposed to customize the Dockerfile itself, to add my config files to the overlay project that is cloned from the Dockerfile ?

Maybe a page on the wiki would be the right place to go, but I find the documentation is hard to understand. Maybe the page to improve would be the "Docker Installation" page, more precisely this sentence: "Additional instructions on how to use CAS docker images for deployment and adoption will become available in the future".

I have just downloaded a fresh copy of the docker image for cas, but after doing ./build.sh and ./run.sh , the build is fine, but Tomcat is complaining that 8443 is being occupied in the image itself. Is this normal ? What should I do with it?

APPLICATION FAILED TO START

Description:

The Tomcat connector configured to listen on port 8443 failed to start. The port may already be in use or the connector may be misconfigured.

Action:

Verify the connector's configuration, identify and stop any process that's listening on port 8443, or configure this application to listen on another port.

Using the most up-to-date posted code to GitHub. I am trying to allow access for my server to be authorized, or any host for my testing matters, and I do not believe my configurations are being recognized. I have logged into the docker image and saw that the files are in fact copied to /etc/. Thank you in advance.

2018-05-24 20:06:28,696 INFO [org.apereo.cas.configuration.DefaultCasConfigurationPropertiesSourceLocator] - <Configuration directory [/etc/cas/config] is not a directory or cannot be found at the specific path>

2018-05-24 20:13:58,299 WARN [org.apereo.cas.web.flow.ServiceAuthorizationCheck] - <No service definitions are found in the service manager. Service [http://localhost:8001/accounts/login/?next=%2F] will not be automatically authorized to request authentication.> 2018-05-24 20:13:58,311 WARN [org.apereo.cas.services.web.RegisteredServiceThemeResolver] - <No registered service is found to match [AbstractWebApplicationService(id=http://localhost:8001/accounts/login/?next=%2F, originalUrl=http://localhost:8001/accounts/login/?next=%2F, artifactId=null, principal=null, source=service, loggedOutAlready=false, format=XML, attributes={})] or access is denied. Using default theme [cas-theme-default]> 2018-05-24 20:13:58,351 WARN [org.apereo.cas.services.web.RegisteredServiceThemeResolver] - <No registered service is found to match [AbstractWebApplicationService(id=http://localhost:8001/accounts/login/?next=%2F, originalUrl=http://localhost:8001/accounts/login/?next=%2F, artifactId=null, principal=null, source=service, loggedOutAlready=false, format=XML, attributes={})] or access is denied. Using default theme [cas-theme-default]> 2018-05-24 20:14:13,825 INFO [org.apereo.cas.services.AbstractServicesManager] - <Loaded [0] service(s) from [InMemoryServiceRegistry].>

/etc/cas/config/cas.properties
cas.server.name: https://localhost:8443
cas.server.prefix: https://localhost:8443/cas
logging.config: file:/etc/cas/config/log4j2.xml
cas.serviceRegistry.initFromJson=true
cas.serviceRegistry.json.location:file:/etc/cas/services

/etc/cas/services/all.json
{
"@Class" : "org.apereo.cas.services.RegexRegisteredService",
"serviceId" : "^(https|http)://.*",
"name" : "HTTPS and HTTP",
"id" : 10000001,
}

Hello there,
I'm new to Docker/CAS and hope someone clarify some getting started steps for me...

Specifically to try this out for proof-of-concept, I've got Docker Tool (Kitematic) on Win7Pro running with the image of CAS Version: 5.3.2.

1. Where do I navigate (absolute path?) to find, change, and issue build.sh and run.sh if this required to proceed?

2. Can I bypass thekeystore configuration and http for the demo right now? Are there any more detailed instructions available for new-buys like me to get this part right?

Container logs attached CAS v5.3.2 Container.log

Thanks bunch,
GTM

I can't build the image from this Dockerfile. In the command line, I get a "503 Service Unavailable" error. If I visit the corresponding link from my Browser, I get the following error:

"Thank you for accessing the Oracle Software Delivery Cloud. Due to your country location, we are unable to process your request."

In short I can't build the docker image because I am located in an unauthorized country from Oracle's point of view.

I searched for the JDK in another repository, but with no success.

Do you know another repository to download the JDK ?
Do you think the docker file could be rewritten to use a repository that is more accessible across countries ?

I've spent a while setting up CAS 5.3.x and this is a summary of what I learned to make it running. Details below are relevant to particular issues discussed in #17 and #20.

1. Clone https://github.com/apereo/cas-webapp-docker and change directory into the clone.

2. Apply the following patch to make it use the correct branch:

    diff --git a/Dockerfile b/Dockerfile
    index 9cd4edc9d2..6f272ce1bc 100644
    --- a/Dockerfile
    +++ b/Dockerfile
    @@ -45,7 +45,7 @@ RUN cd / \
     
     # Download the CAS overlay project \
     RUN cd / \
    -    && git clone --depth 1 --single-branch https://github.com/apereo/cas-overlay-template.git cas-overlay \                                                                              
    +    && git clone --depth 1 --single-branch --branch 5.3 https://github.com/apereo/cas-overlay-template.git cas-overlay \                                                                 
         && mkdir -p /etc/cas \
         && mkdir -p cas-overlay/bin;

3. The keystore coming with the repository is empty. Add a new self-signed entry into the keystore so that SSL will work in Tomcat:

    $ keytool -genkeypair -alias cas -keyalg RSA -keypass changeit -storepass changeit -keystore ./thekeystore \                                                                              
        -dname "CN=cas.example.org,OU=Example,OU=Org,C=AU" -ext SAN="dns:example.org,dns:localhost,ip:127.0.0.1"                                                                              

3. Build it.

    ./build.sh 5.3.5

4. Run it.

    ./run.sh 5.3.5

5. Add cas.example.org to your hosts file.

    # echo '127.0.0.1 cas.example.org' >> /etc/hosts

6. Go to https://cas.example.org:8443/cas/login

Hi,
The instructions here on docker hub don't work because there is no "latest" tag:
https://hub.docker.com/r/apereo/cas/

docker pull apereo/cas
Please push the latest version tagged as "latest" and make it part of the docker build and push process.

Docker version: 17.06.0-ce, build 02c1d87
...
Step 6/16 : RUN cd / && wget http://www.azulsystems.com/sites/default/files/images/ZuluJCEPolicies.zip && unzip ZuluJCEPolicies.zip && mv -f ZuluJCEPolicies/*.jar /opt/jre-home/lib/security && rm ZuluJCEPolicies.zip;
---> Running in 925e9df6ae41
--2017-07-21 15:21:10-- http://www.azulsystems.com/sites/default/files/images/ZuluJCEPolicies.zip
Resolving www.azulsystems.com (www.azulsystems.com)... 67.225.185.52
Connecting to www.azulsystems.com (www.azulsystems.com)|67.225.185.52|:80... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://www.azul.com/sites/default/files/images/ZuluJCEPolicies.zip [following]
--2017-07-21 15:21:11-- https://www.azul.com/sites/default/files/images/ZuluJCEPolicies.zip
Resolving www.azul.com (www.azul.com)... 67.225.185.52
Connecting to www.azul.com (www.azul.com)|67.225.185.52|:443... connected.
HTTP request sent, awaiting response... 404 Not Found
2017-07-21 15:21:12 ERROR 404: Not Found.

The command '/bin/sh -c cd / && wget http://www.azulsystems.com/sites/default/files/images/ZuluJCEPolicies.zip && unzip ZuluJCEPolicies.zip && mv -f ZuluJCEPolicies/*.jar /opt/jre-home/lib/security && rm ZuluJCEPolicies.zip;' returned a non-zero code: 8

Issue an && rm ~/.m2 ~/.gradle_whatever so we don't carry around extra data in the image. ./mvnw will pull down tons of libs, plugins, etc that will never be used again in the life of the image/container. If the removal happens in the same RUN command then its not added to the image.

I followed document to run "./build.sh 5.1.2", there is some errors and I don't know how to reslove them, so I just comment it in "Dockerfile". Error info are below:

`Step 12/18 : RUN chmod -R 750 cas-overlay/bin && chmod 750 cas-overlay/mvnw && chmod 750 cas-overlay/build.sh && chmod 750 /opt/jre-home/bin/java;
---> Running in a4e36a0a070d

chmod: cannot access 'cas-overlay/mvnw': No such file or directory

chmod: cannot access 'cas-overlay/build.sh': No such file or directory`

Also I comment the command "RUN ./mvnw clean package -T 10".

I've started container with:
docker run -p 8080:8080 -p 8443:8443 --name cas apereo/cas:v4.2.1

When trying to go to https://localhost:8443/cas/login it doesn't connect.
http://localhost:8080/cas/login Woks fine.

$ openssl s_client -connect localhost:8443
CONNECTED(00000003)
16762:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:/BuildRoot/Library/Caches/com.apple.xbs/Sources/OpenSSL098/OpenSSL098-64/src/ssl/s23_lib.c:185