Laura, Would ssoEnabled flag in service definition work? https://apereo.github.io/cas/6.1.x/services/Configuring-Service-Access-Strategy.html
Ray On Wed, 2020-02-05 at 09:17 -0800, Laura McCord wrote: Hi Everyone! It's been awhile since posting on the cas list, but I've come into a situation that I could use some help with. I'll start off the conversation like this but let me know if you need more information. Basically, we're trying to enforce a login on our Banner Self-Service Application How do we implement /serviceValidate with renew option when the client bean doesn’t have the /serviceValidate settings. We are using SAML ticket enabled CAS. The following is the cas-client-filter file. <?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd";> <bean id="SSOAuthenticationFilter" class="org.jasig.cas.client.authentication.AuthenticationFilter"> <property name="casServerLoginUrl" value="${cas.server.loginurl}"></property> <property name="serverName" value="${cas.client.url}"></property> </bean> <bean id="Saml11TicketValidationFilter" class="org.jasig.cas.client.validation.Saml11TicketValidationFilter"> <property name="serverName" value="${cas.client.url}"></property> <property name="redirectAfterValidation" value="false"></property> <property name="artifactParameterName" value="ticket" /> <property name="useSession" value="false"></property> <property name="ticketValidator"> <bean class="org.jasig.cas.client.validation.Saml11TicketValidator"> <constructor-arg index="0" value="${cas.server.url}" /> <property name="tolerance" value="${cas.validator.tolerance}" /> </bean> </property> </bean> <bean id="Saml11TicketValidator" class="org.jasig.cas.client.validation.Saml11TicketValidator"> <constructor-arg index="0" value="${cas.server.url}" /> <property name="tolerance" value="${cas.validator.tolerance}" /> </bean> <bean id="BannerTicketValidationFilter" class="com.ellucian.sso.client.web.filter.BannerTicketValidationFilter"> <!-- serverName of client to construct serviceURL eg:"thisServer.myDomain.net" --> <constructor-arg index="0" value="${cas.client.serverName}" /> <!-- serviceUrl of client: either provide serverName or serviceUrl --> <constructor-arg index="1"> <null /> </constructor-arg> <!-- ticketValidator implementation (defines protocol version to be used) --> <constructor-arg index="2" ref="BannerApplicationTicketValidator" /> </bean> <bean id="BannerApplicationTicketValidator" class="com.ellucian.sso.client.web.validation.BannerApplicationTicketValidator"> <constructor-arg index="0" value="${cas.server.url}" /> <constructor-arg index="1" ref="httpClient" /> </bean> <bean id="httpClient" class="org.jasig.cas.util.HttpClient3FactoryBean"> </bean> Thanks so much, Laura -- Ray Bon Programmer Analyst Development Services, University Systems 2507218831 | CLE 019 | [email protected]<mailto:[email protected]> I respectfully acknowledge that my place of work is located within the ancestral, traditional and unceded territory of the Songhees, Esquimalt and WSÁNEĆ Nations. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/6b3a6532c3450b32de3a474d216a448382235763.camel%40uvic.ca.
