I know this is an old thread, but we are trying to do the same thing. I would like to see a sanitized version of your configs for a starting point if you don't mind sharing.
On Thursday, December 20, 2018 at 8:32:58 PM UTC-6, Raghavan TV wrote: > > Hi Jason > > We configured the CAS server as SP with used Azure AD SAML endpoint as > the Idp. There was issues in the latest 5.2.6 and I remember falling > back to 5.2.3 (will cross check) > Let me know if you still facing issues and I shall share our configuration > > Thanks > -Raghav > > On Tue, Dec 4, 2018 at 2:57 AM Jason Brooks <[email protected] > <javascript:>> wrote: > > > > We're looking at integrating CAS with Azure AD for authentication. How > did you get CAS linked up with Azure AD? We've not been able to find any > docs to help on this. > > > > Thanks, > > J > > > > > > > > On Wednesday, September 19, 2018 at 3:34:41 PM UTC-4, Raghavan TV wrote: > >> > >> Hi All > >> > >> Am testing CAS 5.2.6 to work on a delegated authentication mode against > Azure AD > >> > >> When we get a SAML response back from the Idp, am getting redirect to > CAS > UnAuthorized Access page > >> > >> The logs indicate the following errors > >> > >> 2018-09-19 19:28:09,358 ERROR > [org.pac4j.saml.sso.impl.SAML2DefaultResponseValidator] - <Current > assertion validation failed, continue with the next one> > >> org.pac4j.saml.exceptions.SAMLException: Signature is not trusted > >> at > org.pac4j.saml.sso.impl.SAML2DefaultResponseValidator.validateSignature(SAML2DefaultResponseValidator.java:704) > > ~[pac4j-saml-2.3.1.jar:?] > >> ... > >> ... > >> 2018-09-19 19:28:09,363 DEBUG > [org.apereo.cas.support.pac4j.web.flow.DelegatedClientAuthenticationAction] > - <The request requires http action> > >> org.pac4j.saml.exceptions.SAMLException: No valid subject assertion > found in response > >> ... > >> ... > >> > >> Any pointers on which cert should be imported into the keystore ? > >> > >> > >> Thanks > >> Raghavan > >> > >> > >> > > -- > > - Website: https://apereo.github.io/cas > > - Gitter Chatroom: https://gitter.im/apereo/cas > > - List Guidelines: https://goo.gl/1VRrw7 > > - Contributions: https://goo.gl/mh7qDG > > --- > > You received this message because you are subscribed to a topic in the > Google Groups "CAS Community" group. > > To unsubscribe from this topic, visit > https://groups.google.com/a/apereo.org/d/topic/cas-user/hTqhOVubd88/unsubscribe. > > > > To unsubscribe from this group and all its topics, send an email to > [email protected] <javascript:>. > > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/acedfef4-3f18-41d8-923b-f7b94feec03c%40apereo.org. > > > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/94543874-9df9-4473-9663-4be14edf7c6b%40apereo.org.
