文章/答案/技术大牛

发布

社区首页 >问答首页 >运行"apereo/cas“docker图像打印”启动连接器失败“错误

问运行"apereo/cas“docker图像打印”启动连接器失败“错误
EN

Stack Overflow用户

提问于 2018-08-30 22:41:35

回答 2查看 1.7K关注 0票数 6

我的目标是运行CAS来取代ADFS。我认为从docker图像开始是一个很好的开始。

我试过运行两个不同版本的apereo/cas，它们都有相同的错误。

这是我尝试过的。

命令

docker run -p 8080:8080 -p 8443:8443 apereo/cas:v5.3.2

输出

   __   ____      _      ____   __
  / /  / ___|    / \    / ___|  \ \
 | |  | |       / _ \   \___ \   | |
 | |  | |___   / ___ \   ___) |  | |
 | |   \____| /_/   \_\ |____/   | |
  \_\                           /_/

CAS Version: 5.3.2
CAS Commit Id: 145d8c3dd5e27333dd05f5cc10987df4656fba5e
CAS Build Date/Time: 2018-07-30T21:09:46Z
Spring Boot Version: 1.5.14.RELEASE
Spring Version: 4.3.18.RELEASE
Java Home: /opt/zulu8.30.0.1-jdk8.0.172-linux_x64/jre
Java Vendor: Azul Systems, Inc.
Java Version: 1.8.0_172
JVM Free Memory: 24 MB
JVM Maximum Memory: 539 MB
JVM Total Memory: 52 MB
JCE Installed: Yes
Node Version: N/A
NPM Version: N/A
OS Architecture: amd64
OS Name: Linux
OS Version: 4.9.87-linuxkit-aufs
OS Date/Time: 2018-08-30T13:18:59.269
OS Temp Directory: /tmp
------------------------------------------------------------
Apache Tomcat Version: Apache Tomcat/8.5.32
------------------------------------------------------------


2018-08-30 13:18:59,416 INFO [org.apereo.cas.configuration.DefaultCasConfigurationPropertiesSourceLocator] - <Configuration directory [/etc/cas/config] is not a directory or cannot be found at the specific path>
2018-08-30 13:18:59,470 INFO [org.springframework.cloud.bootstrap.config.PropertySourceBootstrapConfiguration] - <Located property source: CompositePropertySource [name='casCompositePropertySource', propertySources=[PropertiesPropertySource {name='embeddedYamlOverriddenProperties'}]]>
2018-08-30 13:18:59,500 INFO [org.apereo.cas.web.CasWebApplication] - <The following profiles are active: standalone>
2018-08-30 13:18:59,674 INFO [org.apereo.cas.web.CasWebApplicationContext] - <Refreshing CasWebApplicationContext()>
2018-08-30 13:19:09,553 WARN [org.apereo.cas.config.CasCoreTicketsConfiguration] - <Runtime memory is used as the persistence storage for retrieving and managing tickets. Tickets that are issued during runtime will be LOST when the web server is restarted. This MAY impact SSO functionality.>
2018-08-30 13:19:09,557 INFO [org.apereo.cas.util.CoreTicketUtils] - <Ticket registry encryption/signing is turned off. This MAY NOT be safe in a clustered production environment. Consider using other choices to handle encryption, signing and verification of ticket registry tickets, and verify the chosen ticket registry does support this behavior.>
2018-08-30 13:19:36,081 INFO [org.apereo.cas.config.CasConfigurationSupportUtilitiesConfiguration] - <CAS is configured to NOT watch configuration directory [/etc/cas/config]. Changes require manual reloads/restarts.>
2018-08-30 13:19:37,111 WARN [org.apereo.cas.config.support.authentication.AcceptUsersAuthenticationEventExecutionPlanConfiguration] - <>
2018-08-30 13:19:37,128 WARN [org.apereo.cas.config.support.authentication.AcceptUsersAuthenticationEventExecutionPlanConfiguration] - <

  ____    _____    ___    ____    _
 / ___|  |_   _|  / _ \  |  _ \  | |
 \___ \    | |   | | | | | |_) | | |
  ___) |   | |   | |_| | |  __/  |_|
 |____/    |_|    \___/  |_|     (_)


CAS is configured to accept a static list of credentials for authentication. While this is generally useful for demo purposes, it is STRONGLY recommended that you DISABLE this authentication method (by setting 'cas.authn.accept.users' to a blank value) and switch to a mode that is more suitable for production.>
2018-08-30 13:19:37,129 WARN [org.apereo.cas.config.support.authentication.AcceptUsersAuthenticationEventExecutionPlanConfiguration] - <>
2018-08-30 13:19:50,183 INFO [org.apereo.cas.support.events.listener.CasConfigurationEventListener] - <Refreshing CAS configuration. Stand by...>
2018-08-30 13:19:51,182 WARN [org.apereo.cas.config.CasCoreServicesConfiguration] - <Runtime memory is used as the persistence storage for retrieving and persisting service definitions. Changes that are made to service definitions during runtime WILL be LOST when the web server is restarted. Ideally for production, you need to choose a storage option (JDBC, etc) to store and track service definitions.>
2018-08-30 13:19:51,278 INFO [org.apereo.cas.services.AbstractServicesManager] - <Loaded [0] service(s) from [InMemoryServiceRegistry].>
2018-08-30 13:19:51,931 WARN [org.apereo.cas.util.cipher.BaseStringCipherExecutor] - <Secret key for encryption is not defined for [Ticket-granting Cookie]; CAS will attempt to auto-generate the encryption key>
2018-08-30 13:19:51,956 WARN [org.apereo.cas.util.cipher.BaseStringCipherExecutor] - <Generated encryption key [eTqXF8ggwLZtTQEZCskBylE0S4px3iBbGcverLvO2Fs] of size [256] for [Ticket-granting Cookie]. The generated key MUST be added to CAS settings under setting [cas.tgc.crypto.encryption.key].>
2018-08-30 13:19:51,961 WARN [org.apereo.cas.util.cipher.BaseStringCipherExecutor] - <Secret key for signing is not defined for [Ticket-granting Cookie]. CAS will attempt to auto-generate the signing key>
2018-08-30 13:19:51,973 WARN [org.apereo.cas.util.cipher.BaseStringCipherExecutor] - <Generated signing key [ZJNEO4PuSX3og9E923KKcp6bVVHb7bajkqkP1B4_35ytg4rW5CPqRvFYuxzmBTHAvsaTnBRvKqe53F_4ulg5Rw] of size [512] for [Ticket-granting Cookie]. The generated key MUST be added to CAS settings under setting [cas.tgc.crypto.signing.key].>
2018-08-30 13:19:53,293 WARN [org.apereo.cas.util.cipher.BaseBinaryCipherExecutor] - <Secret key for signing is not defined under [cas.webflow.crypto.signing.key]. CAS will attempt to auto-generate the signing key>
2018-08-30 13:19:53,295 WARN [org.apereo.cas.util.cipher.BaseBinaryCipherExecutor] - <Generated signing key [txKypaRUGM0NyMfI9reKAPzMCEuTDO4xWh9J-G16rmp5l-ZWpqBR7bge1wPvAx0FdYw2j__4aI_6Q9qANFe5ng] of size [512]. The generated key MUST be added to CAS settings under setting [cas.webflow.crypto.signing.key].>
2018-08-30 13:19:53,297 WARN [org.apereo.cas.util.cipher.BaseBinaryCipherExecutor] - <Secret key for encryption is not defined under [cas.webflow.crypto.encryption.key]. CAS will attempt to auto-generate the encryption key>
2018-08-30 13:19:53,300 WARN [org.apereo.cas.util.cipher.BaseBinaryCipherExecutor] - <Generated encryption key [xUiptRY2-RuCvAFV39UJlg] of size [16]. The generated key MUST be added to CAS settings under setting [cas.webflow.crypto.encryption.key].>
2018-08-30 13:19:53,867 ERROR [org.apache.catalina.core.StandardService] - <Failed to start connector [Connector[HTTP/1.1-8443]]>
org.apache.catalina.LifecycleException: Failed to start component [Connector[HTTP/1.1-8443]]
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:167) ~[tomcat-catalina-8.5.32.jar!/:8.5.32]
        at org.apache.catalina.core.StandardService.addConnector(StandardService.java:225) ~[tomcat-catalina-8.5.32.jar!/:8.5.32]
        at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainer.addPreviouslyRemovedConnectors(TomcatEmbeddedServletContainer.java:265) ~[spring-boot-1.5.14.RELEASE.jar!/:1.5.14.RELEASE]
        at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainer.start(TomcatEmbeddedServletContainer.java:208) ~[spring-boot-1.5.14.RELEASE.jar!/:1.5.14.RELEASE]
        at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.startEmbeddedServletContainer(EmbeddedWebApplicationContext.java:297) ~[spring-boot-1.5.14.RELEASE.jar!/:1.5.14.RELEASE]
        at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.finishRefresh(EmbeddedWebApplicationContext.java:145) ~[spring-boot-1.5.14.RELEASE.jar!/:1.5.14.RELEASE]
        at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:546) ~[spring-context-4.3.18.RELEASE.jar!/:4.3.18.RELEASE]
        at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.refresh(EmbeddedWebApplicationContext.java:122) ~[spring-boot-1.5.14.RELEASE.jar!/:1.5.14.RELEASE]
        at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:693) ~[spring-boot-1.5.14.RELEASE.jar!/:1.5.14.RELEASE]
        at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:360) ~[spring-boot-1.5.14.RELEASE.jar!/:1.5.14.RELEASE]
        at org.springframework.boot.SpringApplication.run(SpringApplication.java:303) ~[spring-boot-1.5.14.RELEASE.jar!/:1.5.14.RELEASE]
        at org.springframework.boot.builder.SpringApplicationBuilder.run(SpringApplicationBuilder.java:134) ~[spring-boot-1.5.14.RELEASE.jar!/:1.5.14.RELEASE]
        at org.apereo.cas.web.CasWebApplication.main(CasWebApplication.java:71) ~[cas-server-webapp-init-5.3.2.jar!/:5.3.2]
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_172]
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_172]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_172]
        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_172]
        at org.springframework.boot.loader.MainMethodRunner.run(MainMethodRunner.java:48) ~[cas.war:?]
        at org.springframework.boot.loader.Launcher.launch(Launcher.java:87) ~[cas.war:?]
        at org.springframework.boot.loader.Launcher.launch(Launcher.java:50) ~[cas.war:?]
        at org.springframework.boot.loader.WarLauncher.main(WarLauncher.java:59) ~[cas.war:?]
Caused by: org.apache.catalina.LifecycleException: Protocol handler start failed
        at org.apache.catalina.connector.Connector.startInternal(Connector.java:1020) ~[tomcat-catalina-8.5.32.jar!/:8.5.32]
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) ~[tomcat-catalina-8.5.32.jar!/:8.5.32]
        ... 20 more
Caused by: java.lang.IllegalArgumentException: No aliases for private keys found in key store
        at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:116) ~[tomcat-coyote-8.5.32.jar!/:8.5.32]
        at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:87) ~[tomcat-coyote-8.5.32.jar!/:8.5.32]
        at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:225) ~[tomcat-coyote-8.5.32.jar!/:8.5.32]
        at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1150) ~[tomcat-coyote-8.5.32.jar!/:8.5.32]
        at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:591) ~[tomcat-coyote-8.5.32.jar!/:8.5.32]
        at org.apache.catalina.connector.Connector.startInternal(Connector.java:1018) ~[tomcat-catalina-8.5.32.jar!/:8.5.32]
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) ~[tomcat-catalina-8.5.32.jar!/:8.5.32]
        ... 20 more
Caused by: java.io.IOException: No aliases for private keys found in key store
        at org.apache.tomcat.util.net.jsse.JSSEUtil.getKeyManagers(JSSEUtil.java:233) ~[tomcat-coyote-8.5.32.jar!/:8.5.32]
        at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:114) ~[tomcat-coyote-8.5.32.jar!/:8.5.32]
        at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:87) ~[tomcat-coyote-8.5.32.jar!/:8.5.32]
        at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:225) ~[tomcat-coyote-8.5.32.jar!/:8.5.32]
        at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1150) ~[tomcat-coyote-8.5.32.jar!/:8.5.32]
        at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:591) ~[tomcat-coyote-8.5.32.jar!/:8.5.32]
        at org.apache.catalina.connector.Connector.startInternal(Connector.java:1018) ~[tomcat-catalina-8.5.32.jar!/:8.5.32]
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) ~[tomcat-catalina-8.5.32.jar!/:8.5.32]
        ... 20 more

我也尝试了一个不同的版本，但没有成功。

docker run -p 8080:8080 -p 8443:8443 apereo/cas:v5.2.2

这似乎是缺少密钥的问题，我认为需要生成这些密钥，但我不确定是否/在哪里需要挂载卷，也不确定下一步该做什么。

spring

docker

tomcat

cas

catalina

回答 2

Stack Overflow用户

发布于 2018-10-23 16:45:25

FILE: /etc/cas/config/
  keytool -genkeypair -alias cas -keyalg RSA \
     -keypass changeit -storepass changeit \
     -keystore $AP_HOME/etc/cas/thekeystore \
     -dname "CN=localhost.xxx.com.tw,OU=xxx,OU=xxx,C=TW" \
     -ext SAN="dns:localhost,ip:127.0.0.1,dns:`hostname`"

将此文件复制到容器docker中：

docker cp /etc/cas/thekeystore   *container_name*:/etc/cas

票数 3

Stack Overflow用户

发布于 2018-10-25 17:52:32

我想在容器外部映射etc，但在容器中维护。

~/etc/cas/密钥库

~/etc/cas/config/application.properties

~/etc/cas/config/cas.properties

~/etc/cas/config/log4j2.xml

~/cas-overlay:从github克隆。

尝尝这个

docker --name ...

-p 8443:8443 -p ...

-v ~/etc/cas:/etc/cas

-v ~/cas-overlay:/cas-overlay

...

我还在容器外维护我的项目。比如修改~/etc/cas/config/application.properties，...

和/或在~/cas- cas.war /mvnm包中重建覆盖。

然后重新启动这个容器dokcer。

票数 0

页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持

原文链接：

https://stackoverflow.com/questions/52099768

复制

相似问题

问运行"apereo/cas“docker图像打印”启动连接器失败“错误
EN

回答 2

Stack Overflow用户

Stack Overflow用户

社区

活动

圈层

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问运行"apereo/cas“docker图像打印”启动连接器失败“错误EN

回答 2

Stack Overflow用户

Stack Overflow用户

社区

活动

圈层

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问运行"apereo/cas“docker图像打印”启动连接器失败“错误
EN