Hi Mohammed, Could you share your WS-Fed configuration with the CAS and JSON file of the service as well may I help you.
On Tue, Nov 12, 2019 at 7:39 AM mohamed gamal <[email protected]> wrote: > Hello Steve, > Thanks for your support. > but now I am getting this error > DEBUG [org.apereo.cas.support.realm.UriRealmParser] - <URI realm parsed: > [CAS]> > │ > │2019-11-11 13:22:51,868 WARN > [org.apache.cxf.sts.token.provider.SAMLTokenProvider] - <> > > │ > │java.lang.ClassCastException: class java.lang.String cannot be cast to > class java.net.URI (java.lang.String and java.net.URI are in module > java.base of loader 'bootstrap') │ > │ at > org.apereo.cas.support.claims.CustomNamespaceWSFederationClaimsClaimsHandler$CustomNamespaceWSFederationClaimsList.contains(CustomNamespaceWSFederationClaimsClaimsHandler.java:58) > ~[cas-server-suppor│ > │ at > org.apache.cxf.sts.claims.ClaimsManager.filterHandlerClaims(ClaimsManager.java:286) > ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2] > │ > │ at > org.apache.cxf.sts.claims.ClaimsManager.handleClaims(ClaimsManager.java:191) > ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2] > │ > │ at > org.apache.cxf.sts.claims.ClaimsManager.retrieveClaimValues(ClaimsManager.java:149) > ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2] > │ > │ at > org.apache.cxf.sts.claims.ClaimsManager.retrieveClaimValues(ClaimsManager.java:110) > ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2] > │ > │ at > org.apache.cxf.sts.claims.ClaimsUtils.processClaims(ClaimsUtils.java:57) > ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2] > │ > │ at > org.apache.cxf.sts.claims.ClaimsAttributeStatementProvider.getStatement(ClaimsAttributeStatementProvider.java:38) > ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2] > │ > │ at > org.apache.cxf.sts.token.provider.SAMLTokenProvider.createCallbackHandler(SAMLTokenProvider.java:336) > ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2] > │ > │ at > org.apache.cxf.sts.token.provider.SAMLTokenProvider.createSamlToken(SAMLTokenProvider.java:307) > ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2] > │ > │ at > org.apache.cxf.sts.token.provider.SAMLTokenProvider.createToken(SAMLTokenProvider.java:121) > ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2] > │ > │ at > org.apache.cxf.sts.operation.TokenIssueOperation.issueSingle(TokenIssueOperation.java:172) > ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2] > │ > │ at > org.apache.cxf.sts.operation.TokenIssueOperation.issue(TokenIssueOperation.java:85) > ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2] > │ > │ at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native > Method) ~[?:?] > │ > │ at > jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > ~[?:?] > │ > │ at > jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > ~[?:?] > │ > │ at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?] > > │ > │ at > org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider.invoke(SecurityTokenServiceProvider.java:244) > ~[cxf-rt-ws-security-3.3.2.jar!/:3.3.2] > > > and this > > at > org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:836) > ~[tomcat-coyote-9.0.20.jar!/:9.0.20] > │ > │ at > org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1839) > ~[tomcat-coyote-9.0.20.jar!/:9.0.20] > │ > │ at > org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) > ~[tomcat-coyote-9.0.20.jar!/:9.0.20] > │ > │ at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) > ~[?:?] > │ > │ at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) > ~[?:?] > │ > │ at > org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) > ~[tomcat-embed-core-9.0.20.jar!/:9.0.20] > │ > │ at java.lang.Thread.run(Thread.java:834) [?:?] > > │ > │2019-11-11 13:22:51,868 WARN > [org.apache.cxf.sts.operation.TokenIssueOperation] - <> > > │ > │org.apache.cxf.ws.security.sts.provider.STSException: The specified > request failed > │ > │ at > org.apache.cxf.sts.token.provider.SAMLTokenProvider.createToken(SAMLTokenProvider.java:181) > ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2] > │ > │ at > org.apache.cxf.sts.operation.TokenIssueOperation.issueSingle(TokenIssueOperation.java:172) > ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2] > │ > │ at > org.apache.cxf.sts.operation.TokenIssueOperation.issue(TokenIssueOperation.java:85) > ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2] > │ > │ at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native > Method) ~[?:?] > │ > │ at > jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > ~[?:?] > │ > │ at > jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > ~[?:?] > │ > │ at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?] > > │ > │ at > org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider.invoke(SecurityTokenServiceProvider.java:244) > ~[cxf-rt-ws-security-3.3.2.jar!/:3.3.2] > │ > │ at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native > Method) ~[?:?] > │ > │ at > jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > ~[?:?] > │ > │ > > > On Monday, November 11, 2019 at 3:39:57 AM UTC+3, Steve Cheung wrote: >> >> Hi mohamed, >> >> Please try this whether can help to solve your problem. >> >> 1. Enable the service registry module in CAS >> /etc/cas/config/cas.properties >> cas.serviceRegistry.initFromJson=false >> cas.serviceRegistry.json.location:file:/etc/cas/services >> >> 2. Place the enabled services file under /etc/cas/services >> >> File name: HTTPSandIMAPS-10000001.json >> >> Json content sample which only allows https and imaps call: >> { >> "@class": "org.apereo.cas.services.RegexRegisteredService", >> "serviceId": "^(https|imaps)://.*", >> "name": "HTTPS and IMAPS", >> "id": 10000001, >> "description": "This service definition authorizes all application urls >> that support HTTPS and IMAPS protocols.", >> "evaluationOrder": 10000 >> } >> >> >> Regards, Steve >> >> >> >> >> >> >> >> On Sun, Nov 10, 2019 at 2:36 AM mohamed gamal <[email protected]> >> wrote: >> >>> Hello everyone, >>> I am trying to integrate cas with a share point application using >>> WS-FED I added the service file and the application connects normally to >>> cas. the app redirects the user to cas for authentication, the user is >>> authenticated by cas and I can see in logs that the user is authenticated >>> and everything looks fine. But after the authentication the user is shown a >>> message "Application Not Authorized to Use CAS". I am using the git service >>> registry could this be the problem ? any idea how to solve this ? >>> kindest regards. >>> >>> -- >>> - Website: https://apereo.github.io/cas >>> - Gitter Chatroom: https://gitter.im/apereo/cas >>> - List Guidelines: https://goo.gl/1VRrw7 >>> - Contributions: https://goo.gl/mh7qDG >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "CAS Community" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/8b7414a7-b714-400d-a1ea-16ee001b7f56%40apereo.org >>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/8b7414a7-b714-400d-a1ea-16ee001b7f56%40apereo.org?utm_medium=email&utm_source=footer> >>> . >>> >> -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/baa7c049-66d7-4266-845d-6812e6c81782%40apereo.org > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/baa7c049-66d7-4266-845d-6812e6c81782%40apereo.org?utm_medium=email&utm_source=footer> > . > -- Best regards, ------------------------------------ *Abdelrahman Halawa* Teacher Assistant, Computer and Systems Department, Al-Azhar University +2 01008131693 <+2+01008131693> | [email protected] | Skype: abdelrahmanhalawa <https://mail.google.com/mail/u/0/#> | Maadi, Cairo, Egypt <http://eg.linkedin.com/pub/abdelrahman-halawa/2b/689/886> <http://twitter.com/Abdelrahman_S_H> -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAHr-WtYmGfnhSvMNKBGfRk_dbaf2ozNSXmwuhiCN0jCzaFRBKw%40mail.gmail.com.
