For one of my services, I have the following accessStrategy defined in my
JSON file:
---begin---
"accessStrategy" :
{
"@class" :
"org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy",
"enabled" : true,
"unauthorizedRedirectUrl" :
"https://ssohost.mydomain.edu/cas_nowayjose/";,
"requireAllAttributes" : false,
"ssoEnabled" : true,
"requiredAttributes" :
{
"@class" : "java.util.HashMap",
"memberOf" : [ "java.util.HashSet", [
"CN=some_cn,OU=some_subgroup,OU=some_group,DC=my_subdomain,DC=my_domain,DC=edu","CN=some_other_cn,OU=some_subgroup,OU=some_group,DC=my_subdomain,DC=mydomain,DC=edu"
] ]
}
}
---end---
This works nicely to redirect unauthorized users who do not belong to
either of the memberOf AD groups. However, the default log settings in
log4j2.xml do not provide any indication that an unauthorized user
attempted to obtain a service ticket.
How can I set up my CAS (v5.2.2) instance to log failed attempts by
unauthorized users to obtain a service ticket?
Carl
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/4399e99f-b47f-444c-9232-cee6538ad9b9%40apereo.org.
