Hi Sneha, Your client must use https too. You can use Let's encrypt free SSL for you client. Thank you.
Vào Th 5, 26 thg 3, 2020 vào lúc 10:05 Sneha Kashyap < [email protected]> đã viết: > Hi napolean, > Thanks for your prompt reply. Yes I do realise that the CAS oauth server > works only on https protocol. > > What about the client applications that connect to the server? Must they > be a https URL as well? Ideally that is not required by oauth2.. But > somehow my application on http does not receive back the accesstoken from > CAS oauth server. > > My question to you is, have you used serviceids values as a http URL and > successful authenticated your application? > Foe example: serviceid: "http://example.com/.*"; > > Does such a URL get successful authentication in CAS oauth2 server? > > Thanks & regards > Sneha > > On Thu, 26 Mar, 2020, 6:54 am Nguyen Tran Thanh Lam, < > [email protected]> wrote: > >> Hi Sneha, >> I know this. >> You must use https for Oauth2 >> Thank you >> >> Vào Th 5, 26 thg 3, 2020 vào lúc 01:52 Sneha Kashyap < >> [email protected]> đã viết: >> >>> Hi napolean, >>> Do you have any idea if there is restriction by CAS oauth2 server to use >>> http urls instead of https urls in service id to be authenticated? >>> >>> Thanks sneha >>> >>> On Mon, 23 Mar, 2020, 10:37 pm Sneha, <[email protected]> >>> wrote: >>> >>>> Hello All, >>>> >>>> Replying on this post as it is the most recent post on OAuth >>>> authentication.I am back working on the project again. >>>> >>>> Having gotten the oauth2 with JWT sample code working on CAS 6.1 >>>> overlay I find that It works on service ids with https URLs but on >>>> configuring http URLs I am unable to obtain the JWT or access token with a >>>> successful authentication and code generated. I am getting the following >>>> output on debug logs on the server side: >>>> >>>> >>>> >>>> my json registration: >>>> >>>> { >>>> "@class" : >>>> "org.apereo.cas.support.oauth.services.OAuthRegisteredService", >>>> "clientId": "exampleOauthClient", >>>> "clientSecret": "test1", >>>> "serviceId": "^http://localhost:9999/.*";, >>>> "name": "oauth2test", >>>> "id": 6, >>>> "supportedGrantTypes": [ "java.util.HashSet", [ "authorization_code" >>>> ] ], >>>> "supportedResponseTypes": [ "java.util.HashSet", [ "code" ] ] >>>> "attributeReleasePolicy": { >>>> "@class": >>>> "org.apereo.cas.services.ReturnAllAttributeReleasePolicy", >>>> "principalAttributesRepository": { >>>> "@class": >>>> "org.apereo.cas.authentication.principal.DefaultPrincipalAttributesRepository" >>>> }, >>>> }, >>>> "jwtAccessToken": true, >>>> "usernameAttributeProvider": { >>>> "@class": >>>> "org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProvider", >>>> "usernameAttribute": "username" >>>> } >>>> } >>>> >>>> >>>> On the client side, i receive a 403 forbidden status or a 401 : >>>> >>>> Not sure what I am missing out.. Or does the CAS OAuth server allow >>>> only clients with https urls to participate in SSO? >>>> Any inputs regarding this will be of great help.. >>>> >>>> Thanks >>>> Sneha >>>> On Tuesday, March 10, 2020 at 3:01:34 PM UTC+5:30, Napoleon Ponaparte >>>> wrote: >>>>> >>>>> Hi Mr Gandhi, >>>>> You must use CAS version at least 6.1.x. >>>>> The key will generate in log of CAS, when you build it. >>>>> Please try again. >>>>> Thanks >>>>> >>>>> Vào Th 3, 10 thg 3, 2020 vào lúc 16:15 Gandhi <[email protected]> >>>>> đã viết: >>>>> >>>>>> I'm facing the same issue with 5.2.X version of CAS. i'm having >>>>>> trouble to enable JWT for OIDC related flows. >>>>>> >>>>>> Can you please post any findings here, in case if you have solved >>>>>> this? >>>>>> >>>>>> On Thursday, February 13, 2020 at 8:48:02 AM UTC+5:30, Napoleon >>>>>> Ponaparte wrote: >>>>>>> >>>>>>> Hi all, >>>>>>> I have trouble in enable Oauth JWT token on CAS overlay template >>>>>>> version 6.0. >>>>>>> >>>>>>> I will sponsor 10$, if anyone help me in this case. >>>>>>> >>>>>>> I tried two tutorial on two link: >>>>>>> >>>>>>> 1) Link 1 >>>>>>> JWT Of All Things With CAS >>>>>>> https://apereo.github.io/2017/10/17/cas-jwt-authn-with-duo/ >>>>>>> But I have a trouble with cas shell. >>>>>>> I have described it here ( >>>>>>> https://stackoverflow.com/questions/60186080/generate-jwt-on-cas-apereo-version-6-0-for-oauth-jwt-access-tokens >>>>>>> ) >>>>>>> 2) Link 2 >>>>>>> Apereo CAS - OAuth JWT Access Tokens But it uses for cas version >>>>>>> 6.2.x. >>>>>>> And this properties can't use >>>>>>> >>>>>>> cas.authn.oauth.access-token.crypto.encryption.key=cas.authn.oauth.access-token.crypto.signing.key= >>>>>>> cas.authn.oauth.access-token.crypto.enabled=falsecas.authn.oauth.access-token.crypto.signing-enabled=falsecas.authn.oauth.access-token.crypto.encryption-enabled=false >>>>>>> >>>>>>> Thank you. >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>> *This mail contains confidential information intended only for the >>>>>> individual(s) named. If you’re not the named addressee, don’t >>>>>> disseminate, >>>>>> distribute or copy this e-mail. Please notify the sender immediately and >>>>>> delete it from your system.If you wish not to receive such e-mails you >>>>>> may >>>>>> reply with text “Unsubscribe”.* >>>>>> >>>>>> -- >>>>>> - Website: https://apereo.github.io/cas >>>>>> - Gitter Chatroom: https://gitter.im/apereo/cas >>>>>> - List Guidelines: https://goo.gl/1VRrw7 >>>>>> - Contributions: https://goo.gl/mh7qDG >>>>>> --- >>>>>> You received this message because you are subscribed to the Google >>>>>> Groups "CAS Community" group. >>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>> send an email to [email protected]. >>>>>> To view this discussion on the web visit >>>>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/162ff6a6-d2e2-4149-aade-e404de062f06%40apereo.org >>>>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/162ff6a6-d2e2-4149-aade-e404de062f06%40apereo.org?utm_medium=email&utm_source=footer> >>>>>> . >>>>>> >>>>> -- >>>> - Website: https://apereo.github.io/cas >>>> - Gitter Chatroom: https://gitter.im/apereo/cas >>>> - List Guidelines: https://goo.gl/1VRrw7 >>>> - Contributions: https://goo.gl/mh7qDG >>>> --- >>>> You received this message because you are subscribed to the Google >>>> Groups "CAS Community" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> To view this discussion on the web visit >>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/a0b3ad99-6a8c-4967-b8eb-0a4c30f6259c%40apereo.org >>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/a0b3ad99-6a8c-4967-b8eb-0a4c30f6259c%40apereo.org?utm_medium=email&utm_source=footer> >>>> . >>>> >>> -- >>> - Website: https://apereo.github.io/cas >>> - Gitter Chatroom: https://gitter.im/apereo/cas >>> - List Guidelines: https://goo.gl/1VRrw7 >>> - Contributions: https://goo.gl/mh7qDG >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "CAS Community" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAE2k68nAZ8cKB1MYYtH1jek_ALgGoyD7UNMQozH0Qzzgzt%3DGGg%40mail.gmail.com >>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAE2k68nAZ8cKB1MYYtH1jek_ALgGoyD7UNMQozH0Qzzgzt%3DGGg%40mail.gmail.com?utm_medium=email&utm_source=footer> >>> . >>> >> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAEjUsAhJA3EpSBfHVR2pm31xHzO5ZhLAGiJppts3ZPxHAuSO6Q%40mail.gmail.com >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAEjUsAhJA3EpSBfHVR2pm31xHzO5ZhLAGiJppts3ZPxHAuSO6Q%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAE2k68nGn6_vHCTawGJHBma%2BAVxEu%2BxqewAg8zFc5vH0Ez%2BXBg%40mail.gmail.com > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAE2k68nGn6_vHCTawGJHBma%2BAVxEu%2BxqewAg8zFc5vH0Ez%2BXBg%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAEjUsAjA%3DZgBiahy9tW3FgcUnLGs-yqm2jzExgqzMtn%3DAVP23Q%40mail.gmail.com.
