Quick update, I did some testing and discovered it's not CAS 7 that changed the functionality, it was actually CAS 6.6.14. I believe it's something about this commit, https://github.com/apereo/cas/commit/2b367835ed22478eb853a267760869a1d2eaf3ae, that changed how it works. I am most definitely not a Java developer so I can't decipher exactly whats happening.
Thanks! On Friday, May 10, 2024 at 10:39:36 PM UTC-5 jbstowe22 wrote: > We have a few old vendor apps that use SAML 1.1 and those are working fine > with our cas 6.6.x instance that is delegating to Azure/Entra AD. > > We recently spun up a test instance of CAS 7 and those apps seem to reject > the ticket from CAS 7 when being delegated to Azure (they work when not > being delegated). I believe it has to do with the url parameter CAS sends > after receiving the Azure delegation response. In CAS 6.6 it sends the > SAMLart url parameter: > > ?SAMLart=ST- > > But in CAS 7 it sends a ticket param: > > ?ticket=ST- > > It almost seems if CAS forgets it is using SAML 1.1 after the delegation > is complete. Anybody else experience this or know if there's some config we > are missing in CAS 7 causing this? > > Thanks! > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/16116875-ccdd-4dd2-a02b-ba86956a9b2dn%40apereo.org.
