Re: [cas-user] CAS Security Releases/Patches

Hi Baron. It’s the “binary only” release hidden from repo before the security “grace period” has passed. >From that post: "All source code and repository tags that contain fixes for this issue are kept privately until the grace period has passed. Note that repository tags are generally irrelevant

Re: [cas-user] CAS6 SAML usernameAttribute

Hi. Try this: usernameAttributeProvider: { @class: org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProvider usernameAttribute: mail } D. On Mon, Oct 23, 2023 at 2:53 PM atilling wrote: > Working on a SAML integration where the subject needs to be the user's > em

Re: [cas-user] CAS6 SAML usernameAttribute

day, October 23, 2023 at 3:21:21 PM UTC-4 Dmitriy Kopylenko wrote: > >> Hi. >> >> Try this: >> >> usernameAttributeProvider: >> { >> @class: >> org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProvider >> username

Re: [cas-user] MFA User Selection Menu in CAS v7.0

The formatting didn’t work. The updated property namespace is: cas.authn.mfa.core.provider-selection.provider-selection-enabled On Tue, Jan 9, 2024 at 06:18 Dmitriy Kopylenko wrote: > Hi. > > The namespace for the property has changed in version 7: > > cas.authn.mf

Re: [cas-user] MFA User Selection Menu in CAS v7.0

Hi. The namespace for the property has changed in version 7: cas.authn.mfa.core.provider-selection.provider-selection-enabled=true as.authn.mfa.core.provider-selection.provider-selection-enabled=true Cheers, D. On Tue, Jan 9, 2024 at 05:33 Mm Mm wrote: > in cas v 6.6 there is a configurati

Re: [cas-user] MFA User Selection Menu in CAS v7.0

about it in > documentation > في الثلاثاء، 9 يناير 2024 في تمام الساعة 11:49:31 ص UTC، كتب Dmitriy > Kopylenko رسالة نصها: > >> Hi. >> >> The namespace for the property has changed in version 7: >> >> cas.authn.mfa.core.provider-selection.provider-selection-enabled=

Re: [cas-user] Help With Performance Optimisation. CAS 6.6.x

Which exact version of CAS (and the embedded Tomcat that it carries)? D. On Mon, Feb 12, 2024 at 06:49 Vaibhav GPT wrote: > Thank you Ron for the information but I have found the issue. > > Looks like the embedded tomcat in CAS is responsible for high cpu usage. > When I switched to a standalon

Re: [cas-user] Help With Performance Optimisation. CAS 6.6.x

9.8.0 > > On Monday, February 12, 2024 at 6:37:06 PM UTC+5:30 Dmitriy Kopylenko > wrote: > >> Which exact version of CAS (and the embedded Tomcat that it carries)? >> >> D. >> >> On Mon, Feb 12, 2024 at 06:49 Vaibhav GPT wrote: >> >>&g

Re: [cas-user] How to implement DelegatedClientAuthenticationHandler class in cas v6.6.15

Is this the class you're looking for? https://github.com/apereo/cas/blob/v6.6.15.1/support/cas-server-support-pac4j-core-clients/src/main/java/org/apereo/cas/support/pac4j/authentication/handler/support/DelegatedClientAuthenticationHandler.java Cheers, D. On Thu, Jun 27, 2024 at 1:41 PM Danielo D

Re: [cas-user] gradlew command to generate cas.properties with all options...?

./gradlew generateConfigMetadata You could view a list of tasks available by ./gradlew tasks Cheers, D. On Wed, Jul 24, 2024 at 19:30 'Matthew Gordon' via CAS Community < cas-user@apereo.org> wrote: > Hello, > > I am pretty certain a command exists to do this, but I can not for the > life of me

Re: [cas-user] Installing CAS 7 on Debian 12

You have JRE. You need to install JDK (which includes javac compiler) D. On Wed, Jul 31, 2024 at 08:20 wouldsmina wrote: > Hello Ray, > > $ java --version > > java 21.0.4 2024-07-16 LTS > Java(TM) SE Runtime Environment (build 21.0.4+8-LTS-274) > Java HotSpot(TM) 64-Bit Server VM (build 21.0.4+

Re: [cas-user] Amazon Corretto Requirement cas 7.x.x

Not actually the case. Here's the successful build of overlay template (7.1.0-SNAPSHOT), freshly cloned from here: https://github.com/apereo/cas-overlay-template JDK 21 from Zulu: *> java -version* *openjdk version "21.0.4" 2024-07-16 LTSOpenJDK Runtime Environment Zulu21.36+17-CA (build 21.0

Re: [cas-user] Amazon Corretto Requirement cas 7.x.x

usr/lib/jvm/zulu-21-amd64/ > > Wouldsmina > > Le jeu. 1 août 2024 à 04:56, AJ a écrit : > >> I’ve built it successfully with just OpenJDK. >> >> >> On Jul 31, 2024, at 3:21 PM, Dmitriy Kopylenko >> wrote: >> >>  >> Not actually th

Re: [cas-user] Amazon Corretto Requirement cas 7.x.x

ds/5134ac7a54914eeb21d2b27139d19684/redirect> > 96.2 MiB/291.1 MiB* ... D. On Thu, Aug 1, 2024 at 8:56 AM Dmitriy Kopylenko wrote: > Something is messing with the build in your environment. Did you use > completely fresh overlay? > > D. > > On Thu, Aug 1, 2024 at 08:02 would

Re: [cas-user] Amazon Corretto Requirement cas 7.x.x

Here's more info on Gradle's toolchain auto-detection: https://docs.gradle.org/8.9/userguide/toolchains.html#sec:auto_detection D. On Thu, Aug 1, 2024 at 9:24 AM Dmitriy Kopylenko wrote: > There's is this setting in gradle.properties: > > > > > > *# This p

Re: [cas-user] I'm getting a PlatformTransactionManager related exception every time I try to load /cas

Try getting rid of this dependency from build.gradle: implementation "org.apereo.cas:cas-server-support-session-jdbc" On Tue, Aug 6, 2024 at 21:06 David Reagan wrote: > I've been trying to get a basic standalone instance of CAS set up using a > MariaDB db for storage. Just as a proof of concep

Re: [cas-user] I'm getting a PlatformTransactionManager related exception every time I try to load /cas

module helped? > > I'm still testing things, but I thought having sessions stored in the db > would be a good initial setup until I figured out HA. > > Thanks! > > - David > > On Wednesday, August 7, 2024 at 3:01:17 AM UTC-7 Dmitriy Kopylenko wrote: > >> Try g

Re: [cas-user] I'm getting a PlatformTransactionManager related exception every time I try to load /cas

availability/High-Availability-Guide.html D. On Wed, Aug 7, 2024 at 1:09 PM David Reagan wrote: > Ok, thanks. Would that be something to post on github as a bug report? > > On Wednesday, August 7, 2024 at 9:19:56 AM UTC-7 Dmitriy Kopylenko wrote: > >> I haven’t looked closely

Re: [cas-user] Where is AbstractCasWebflowConfigurer

Add a maven dependency on cas-server-core-webflow-api module. Best, D. From: Michael MacEachran Reply: cas-user@apereo.org Date: April 24, 2019 at 10:48:37 PM To: cas-user@apereo.org Subject:  [cas-user] Where is AbstractCasWebflowConfigurer According to the documentation https://apereo.g

Re: [cas-user] Re: [CAS 6.0] Attribute Mappings to SAML Identifiers Broken in CAS 6.0

Just confirmed - fixed in 6.1.0-RC4 Best, D. From: Josh G Reply: cas-user@apereo.org Date: July 31, 2019 at 11:10:11 AM To: CAS Community Subject:  [cas-user] Re: [CAS 6.0] Attribute Mappings to SAML Identifiers Broken in CAS 6.0 Has anyone else experienced this issue? This is holding up

Re: [cas-user] OpenID Connect issues

What is the value of cas.authn.oidc.jwksFile property? D. From: Shawn Cutting Reply: cas-user@apereo.org Date: September 24, 2019 at 10:49:24 AM To: CAS Community Subject:  [cas-user] OpenID Connect issues I am trying to setup CAS to function as an OpenID provider, and am running into a r

Re: [cas-user] OpenID Connect issues

why did it persist after I restarted the service? On Tuesday, September 24, 2019 at 10:59:05 AM UTC-4, Shawn Cutting wrote: cas.authn.oidc.jwksFile=file:/etc/cas/keystore.jwks On Tuesday, September 24, 2019 at 10:57:02 AM UTC-4, Dmitriy Kopylenko wrote: What is the value of cas.authn.oidc.jwksFile

Re: [cas-user] CAS 5.3.12, Groovy Multifactor Policy, anyone successfully used logger/LOGGER for debugging,

There is no logger instance available to your Groovy class. You’ll have to create an instance yourself e.g. static final org.slf4j.Logger log = org.slf4j.LoggerFactory.getLogger(GroovyMultifactorPolicy) Best, D. From: randomuser878 Reply: cas-user@apereo.org Date: September 26, 2019 at 9:57

Re: [cas-user] Re: CAS 6.x Error while deploying cas.war in tomcat

For what it's worth - if anyone is deploying CAS 6.1 to external Tomcat versions that do not have the newer API, and do not want to either upgrade Tomcat or use CAS in the embedded mode, add this line to your cas.properties ->  spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.w

Re: [cas-user] 6.2.x Gradle Compilation

Hi there. Change version of CAS to 6.2 RC2 in gradle.properties like so: cas.version=6.2.0-RC2 Best, D. From: Jérémie Pilette Reply: cas-user@apereo.org Date: January 2, 2020 at 7:57:00 AM To: CAS Community Subject:  [cas-user] 6.2.x Gradle Compilation Hi everybody, I have a problem with

Re: [cas-user] 6.2.x Gradle Compilation

docs.gradle.org/6.0.1/userguide/command_line_interface.html#sec:command_line_warnings Thank you, Jérémie Le jeudi 2 janvier 2020 14:24:48 UTC+1, Dmitriy Kopylenko a écrit : Hi there. Change version of CAS to 6.2 RC2 in gradle.properties like so: cas.version=6.2.0-RC2 Best, D. From: Jérémie Pilette Rep

Re: [cas-user] Re: CAS 6.x Error while deploying cas.war in tomcat

Wednesday, November 13, 2019 at 8:58:43 AM UTC-5, Dmitriy Kopylenko wrote: For what it's worth - if anyone is deploying CAS 6.1 to external Tomcat versions that do not have the newer API, and do not want to either upgrade Tomcat or use CAS in the embedded mode, add this line to your cas.prope

Re: [cas-user] 6.2.x Gradle Compilation

> > > > > > I have changed my gradle.properties > > > > > to cas.version=6.2.0-RC2 > > > > > (I copied it right from the posting. ) > > > > > > > > > > and I get: > > > > > > > > > > C

Re: [cas-user] 6.2.x Gradle Compilation

ok 13.924 secs. > > > > > > > > > > FAILURE: Build failed with an exception. > > > > > > > > > > * Where: > > > > > Script '/home//bin/cas-overlay-template-6.2/gradle/tasks.gradle' > > > > > line: 6

Re: [cas-user] 6.2.x Gradle Compilation

ies file. > > I have made it No changes. (http 404) > > Please note I do not have a json file in the /etc/cas/services directory yet. > > Jérémie > > > Le mardi 11 février 2020 15:34:45 UTC+1, Dmitriy Kopylenko a écrit : > > Hi there. > > > > K

Re: [cas-user] SAML Delegated Authentication Auto Redirect

Set this flag to true: ${configurationKey}.autoRedirect=true where configurationKey is your pac4j client prefix path of interest. https://apereo.github.io/cas/6.0.x/configuration/Configuration-Properties-Common.html#delegated-authentication-settings Cheers, D. On March 11, 2020 at 03:57:17, Joh

Re: [cas-user] Custom AUP Implementation

The best way to implement AUP flow customizations would be through a pluggable Groovy script which CAS will use for 2 phases - verification and recording of acceptance fact:  https://apereo.github.io/cas/6.1.x/webflow/Webflow-Customization-AUP.html#groovy So you could do the additional work nee

Re: [cas-user] Cas 6.1.x Web Flow Customization

Hi there. I’d suggest you be a bit more specific regarding what you are trying to accomplish. Best, D. On May 7, 2020 at 04:16:28, 'Suhas Bansude' via CAS Community (cas-user@apereo.org) wrote: I am using cas 6.1.x version . I am trying to configure login web flow. Please help with -- - W

Re: [cas-user] JDBC Connection Pooling

Indeed, that might be a good idea to reuse a global DataSource for all Jdbc attributes repos. Currently it’s only possible if you have a globally defined JNDI-bound DataSource (but who does JNDI these days?) ;-)  As could be seen here:  https://github.com/apereo/cas/blob/master/support/cas-serve

RE: [cas-user] Cas 6.1.x Web Flow Customization

resources/webflow/login folder but code not execute this file login page rendered from somewhere else.   Please suggest solution so I can write my custom code in login-webflow.xml page.   From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of Dmitriy Kopylenko Sent: 07 May 2020 0

Re: [cas-user] HandlerResult

Hi there. Which stub code example? You’d want to make sure you implement the correct SPI for AuthenticationHandler, which is this: https://github.com/apereo/cas/blob/6.2.x/api/cas-server-core-api-authentication/src/main/java/org/apereo/cas/authentication/AuthenticationHandler.java Best, D. On

Re: [cas-user] HandlerResult

sManager, principalFactory, order); > } > > @Override > protected HandlerResult authenticateUsernamePasswordInternal( > final > UsernamePasswordCredential credential, > final > String originalPassword)

Re: [cas-user] override REST API on CAS 4.1.x

Daniel, that class was not designed to be extended in the first place (with the annotation-driven Spring MVC facility impl.). That protected ‘obtainCredential’ method is a carryover from the original implementation and indeed is an overlook - which gives the wrong impression that this class is

Re: [cas-user] Unauthorized Service Access with REST in 4.1.2

Out of the box, CAS' service registry does not contain 'http' services (only https/imaps - wide open by default). You could either use https//... based service or configure a finer-grained set of allowed service via a service registry facility: https://jasig.github.io/cas/4.1.x/installation/Ser

Re: [cas-user] War overlay project with cas and cas-management

FWIW, here's a svc mgmt overlay: https://github.com/UniconLabs/cas4-services-management-overlay D. Sent from my iPhone > On Nov 26, 2015, at 08:49, Robert Oschwald wrote: > > While I currently migrate CAS from 3.4.11 to 4.1.2, I’m currently facing an > issue with the cas-management module a

Re: [cas-user] how to get shiro roles and permissions attributes from cas server

Not necessary at all. You could've simply switched Shiro's CAS ST validation mode to SAML like so: casRealm.validationProtocol=SAML http://shiro.apache.org/cas.html Note: CAS v4 requires explicit enablement of SAML support. Cheers, Dmitriy. Sent from my iPhone > On Dec 25, 2015, at 10:42, r

Re: [cas-user] Re: CAS 4.2.0 RC1 release announcement

http://jasig.github.io/cas/development/planning/Upgrade-Guide.html > On Jan 4, 2016, at 3:34 PM, Jonathan Labin wrote: > > Is there an upgrade recipe published which describes what must be performed > in order to upgrade your

Re: [cas-user] Returning userid in Validation Response

Can you share your entire deployerConfigContext.xml? Thanks, Dmitriy. > On Jan 6, 2016, at 2:14 PM, John Bruestle wrote: > > I wasn't erally expecting to change the username provided, although that > would be OK. I was just expecting to add an other data item to what the > validation respons

Re: [cas-user] Returning userid in Validation Response

Are you manually calling CAS server validation endpoint or using CAS client library? In other words - how do you get that validation XML response that you are showing? Few pointers - for validation, CAS4 has 4 (I believe off the top of my head): 1) Legacy: /validate 2) CAS2 protocol: /serviceVa

Re: [cas-user] how to get shiro roles and permissions attributes from cas server

d but went with v3 since it's a much thinner stack. > John > RedZone Software > On 1/7/2016 4:05 PM, Dmitriy Kopylenko wrote: >> Attributes are exposed by CAS in the ticket validation response via SAML >> response and CAS protocol v3 response (only in CAS4). Most like

Re: [cas-user] Returning userid in Validation Response

urn createHandlerResult(credential, > this.principalFactory.createPrincipal(userid), null); > > > > So I am getting userid instead of username. Ideally though, I'd like to get > both. > > > > > > > > > > On Thu, Jan 7, 2016 at

Re: [cas-user] CAS 4.1 - How to open to all services

So out of the box, as.war contains several JSON services definitions in webapps/resources/services. Allow ALL https or imaps regex definition is one of them. In your case you have HTTP. So you’d want to find this file in your exploded war and add ‘http’ to the serviceId regex: https://github.co

Re: [cas-user] CAS documentation

Hi there. Try to go over this: http://jasig.github.io/cas/4.1.x/installation/Maven-Overlay-Installation.html Cheers, Dmitriy. > On Jan 20, 2016, at 9:14 AM, Josep Manel Andrés wrote: > > Hi all, > I am trying to s

Re: [cas-user] CAS documentation

w-r-- 1 root root 3369 Jan 18 17:42 pom.xml > drwxrwxr-x 5 root root 4096 Jan 18 17:42 src/ > > to my current cas-overlay-template ? > > would it be the right way of doing it? what about if I want to allow CAS > server to store tickets in a mySQL database? > > Thanks in

Re: [cas-user] JSON service registry from URL (CAS 3.6)

Once the services are loaded into memory from the existing resource (file, URI), the responsibility for “watching” this resource lies in the separate component (a Spring managed bean bound to a periodic scheduled task). If during its "watch loop” iteration the resource becomes unavailable, the e

Re: [cas-user] How to replace SimplePrincipal? (4.0->4.1)

Use PrincipalFactory: https://github.com/Jasig/cas/blob/4.1.x/cas-server-core-api/src/main/java/org/jasig/cas/authentication/principal/PrincipalFactory.java in particular, the default implementation: https://github.com/Jasig/cas/blob/4.1.x/cas-server-core/src/main/java/org/jasig/cas/authenticati

Re: [cas-user] principal attributes from ldap in CAS 4.2

use value="#{null}" instead of value-ref D. On Feb 8, 2016, at 04:34, Mikko Tuumanen wrote: >> Study >> http://jasig.github.io/cas/4.2.x/installation/Configuring-Principal-Resolution.html#principalresolver-vs-authenticationhandler >> > > > > causes > > Caused by: org.springframework.beans

Re: [cas-user] Anonymous Access (Re-Posting In cas-user)

FWIW, the AnonymousRegisteredServiceUsernameAttributeProvider has nothing to do with your use case. Basically this component generates a random, opaque tokens (unique per registered service) and releases those values in place of real authenticated principal ids to CAS client apps. In your case,

Re: [cas-user] AuthenticationHandler triggered twice when coming from CAS Client

This has been fixed in 4.1.5: https://github.com/Jasig/cas/pull/1523 Cheers, Dmitriy. > On Mar 1, 2016, at 10:53 AM, Artur Stöcklin wrote: > > Hello Community > > > We are currently facing the following problem with our CAS 4.1.4. > > 1. When I direc

Re: [cas-user] CAS Service Management webapp not loading

What user are you using to login to the mgmt app? By default only 'casuser' is authorized to use the app: https://github.com/Jasig/cas-services-management-overlay/blob/master/etc/user-details.properties#L29 Cheers, Dmitriy. Sent from my iPhone > On Mar 8, 2016, at 08:23, Josep Manel Andrés

Re: [cas-user] CAS Service Management webapp not loading

s02.mydomain.com:8443/cas which the main cas server, to which I am able to > log in. But the weird thing is when I type > https://cas02.mydomain.com:8443/cas-services/login/cas > <https://cas02.mydomain.com:8443/cas-services/login/cas> I am able to get the > unauthorized access p

Re: [cas-user] CAS overlay, what happens when I must copy a source file and make changes?

For dispatcher servlet context beans in CAS 4.1+ there is a better way than copying the entire cas-servlet.xml. CAS now recognizes the pattern of additional files for the dispatcher servlet context in the form of WEB-INF/cas-serlet-*.xml So basically you’d just create an empty file let’s say WE

Re: [cas-user] CAS overlay, what happens when I must copy a source file and make changes?

change one line. > > Yan > > On 3/10/2016 1:27 PM, Dmitriy Kopylenko wrote: >> For dispatcher servlet context beans in CAS 4.1+ there is a better way than >> copying the entire cas-servlet.xml. CAS now recognizes the pattern of >> additional files for the dispatcher se

Re: [cas-user] CAS overlay, what happens when I must copy a source file and make changes?

To be more clear - you _CAN_ put the existing bean definitions found in cas-servlet.xml into your acs-servlet-{custom-whatver}.xml file or multiple such files for that matter, and those beans _WILL_ override the ones in cas-servlet-xml Best, D. > On Mar 10, 2016, at 3:08 PM, Dmitriy Kopyle

Re: [cas-user] The supplied service xxxxx is not authorized to use CAS proxy authentication.

It’d be always useful to provide what exact version of CAS being used when asking questions. For CAS 4.1+ (4.1 and greater), please consult the following guide on proxying config options: https://jasig.github.io/cas/4.2.x/installation/Configuring-Service-Proxy-Policy.html

Re: [cas-user] CAS User connection with MSSQL database and ASP.NET client

I'm just speculating here since you did not provide any detailed logs: are you storing the password values in the password column for your users in plain text? If so, the DB authn handler delegates to the password encoder to hash the provided credentials and compare it to the password value sto

Re: [cas-user] CAS User connection with MSSQL database and ASP.NET client

And I'm testing all three users each time to make sure it's not an encoder problem... Regardless of this possible issue, which log would you need to know more ? And where would it be located ? Thank you, Valentine Tuesday 19 April 2016 12:38:20 UTC+2, Dmitriy Kopylenko wrote : I

Re: [cas-user] CAS User connection with MSSQL database and ASP.NET client

gt; APPLICATION: CAS > WHEN: Tue Apr 19 14:40:00 CEST 2016 > CLIENT IP ADDRESS: x.x.x.x > SERVER IP ADDRESS: x.x.x.x > = > > > > Le mardi 19 avril 2016 14:13:51 UTC+2, Dmitriy Kopylenko a écrit : > https://jasig.github.io/cas/4.0.x/installa

Re: [cas-user] Releasing credential

You need to add one particular authentication metadata populator in deployerConfigContext.xml, so it looks like this: The documentation is missing that piece. Also, you don’t need any of this: Cheers, Dmitriy. > On Apr 21, 2016, at 3:59 AM, Miklós Barabás

Re: [cas-user] Externalizing Log4j2 Not Working on Cas 4.2.1

Yes, as indicated in the doc that Misagh referenced, the ‘log4j.configurationFile’ is a system level JVM property that is not set in your cas.properties file. This is the change in 4.2+. You’d need to explicitly pass this system property to your JVM runtime with -D prefix. Here’s for example an

Re: [cas-user] Externalizing Log4j2 Not Working on Cas 4.2.1

o create setenv.sh in the Tomcat home/bin > directory. > > I haven't found anything yet regarding how to tell Tomcat to use setenv.sh. > Is there another way to set this in Tomcat? > > Thanks, > Matt > > On Thursday, April 28, 2016 at

Re: [cas-user] JS Client to CAS Rest Protocol

After simple googling, this came up: https://github.com/danielefenix/jasig-cas-rest-client Cheers, D. > On May 2, 2016, at 11:36 AM, Marcelo Quiroz > wrote: > > Has anyone some Jquery or Javascript example/link/whatever to use CAS over

Re: [cas-user] Re: How to build cas-4.2.1 with LDAP for Active Directory?

Make sure you read, understand, and follow instructions described in the documentation represented by links below in the exact order: https://jasig.github.io/cas/4.2.x/installation/Maven-Overlay-Installation.html https://jasig.github.io/cas/4.2.x/installation/LDAP-Authentication.html [https://jas

Re: [cas-user] Re: How to build cas-4.2.1 with LDAP for Active Directory?

ps or sample files for deployerConfigContext.xml with Active Directory implementation? Thanks. بتاريخ الثلاثاء، 3 مايو، 2016 1:35:39 م UTC+3، كتب Dmitriy Kopylenko: Make sure you read, understand, and follow instructions described in the documentation represented by links below in the exact

Re: [cas-user] Help Using a Different Principal ID Attribute

This works as designed and employeeID is being returned in place of principal’s identifier. The log message is confusing, though. You could try to verify the attributes returned with this client app: https://github.com/UniconLabs/bootiful-cas-client

Re: [cas-user] Dynamic error messages

Currently not possible or straightforward to achieve. In CAS v5 (available in SNAPSHOTs versions already) custom error messages based on the custom authentication exceptions would be a trivial feature available out of the box: On Fri, May 6, 2016 at 17:47, Nicolás wrote: Hello all, I need to sh

Re: [cas-user] Dynamic error messages

The link : https://jasig.github.io/cas/development/installation/Webflow-Customization-Exceptions.html [https://jasig.github.io/cas/development/installation/Webflow-Customization-Exceptions.html] On Fri, May 6, 2016 at 18:07, Dmitriy Kopylenko wrote: Currently not possible or straightforward

Re: [cas-user] cas documentation

e way, all documentations and source code seems to have disappeared from JASIG Github. Is it intended? http://jasig.github.io/cas/ [http://jasig.github.io/cas/] (error 404) Cheers, Mehdi Le 08/05/2016 21:24, Dmitriy Kopylenko a écrit : What exactly do you find confusing in the docs? Suggest an are

Re: [cas-user] cas documentation

Tutorials and HOWTOs, and now we don't. Now the documentation is very simplified and schematic, before it had like better explanations to understand the whole system. Regards! On 09/05/16 11:49, Dmitriy Kopylenko wrote: > Please do note that project (source code and all assets) has moved t

Re: [cas-user] Why get Invalid Login Ticket error?

CAS' /login resource was never designed for non-human interactive login transaction "edge service” and this "login ticket” entity was designed as an opaque token to prevent any CSRF type of replay attacks, etc. For the automated testing tools you might need to choose to use CAS’ REST resources:

Re: [cas-user] Re: /p3/serviceValidate returning "Ticket...not recognized"

Hi William, you’d need to map the default cookie cipher executor to the noop one here: https://github.com/apereo/cas/blob/4.2.x/cas-server-webapp/src/main/webapp/WEB-INF/deployerConfigContext.xml#L76

Re: [cas-user] CAS server with backend Ldap (openldap) :

See if this helps: http://apereo.github.io/cas/4.2.x/installation/Maven-Overlay-Installation.html http://apereo.github.io/cas/4.2.x/installation/LDAP-Authentication.html

Re: [cas-user] [CAS 4.2.x] cas-server-support-gauth not resolvable

May be this warning box needs to be big BOLD RED ;-) Cheers, D. > On May 17, 2016, at 9:46 AM, Misagh Moayyed wrote: > > See the big blue warning up at the top of the docs. > > From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of Abhishek > [ABK] Kumar > Sent: Tuesday, May 1

Re: [cas-user] [CAS 4.2.x] cas-server-support-gauth not resolvable

those are not production quality versions and willing to try it out, use 5.0.0-SNAPSHOT version in your Maven pom. Cheers, D. > On May 17, 2016, at 10:27 AM, Dmitriy Kopylenko wrote: > > May be this warning box needs to be big BOLD RED ;-) > > Cheers, > D. > >> On

Re: [cas-user] [CAS 4.2.x] cas-server-support-gauth not resolvable

Sounds good. No “beta” releases are available yet, although milestone releases (you could consider them as “alpha”) should be appearing soon (before the end of May) if everything goes smoothly e.g. 5.0.0-M1, with 5.0.0-M2 to follow, etc. before “beta” releases ('release candidates' in CAS lingo)

Re: [cas-user] Missing dependencies?

Hi there. The ‘org.apereo.cas’ group id is not available in the released versions of 4.x line of CAS server. This will only be available in the next generation of CAS, namely 5.0.0. For CAS 4.2.x generation, use ‘org.jasig.cas’ group id. Cheers, Dmitriy. > On May 23, 2016, at 9:59 AM, Conan Ma

Re: [cas-user] too many attributes released for org.jasig.cas.services.ReturnAllowedAttributeReleasePolicy

Hi Ted, if you could provide the simplest possible CAS overlay with the version that you are using (perhaps with the stub in-memory person dir dao to simulate attribute repo) here: https://github.com/cas-projects/cas-issues that could demonstrate the

Re: [cas-user] CAS Server WAR fails to deploy on WildFly 9.0.2 App Server when running on AIX OS

Speculation: but I have a feeling it has to do with different processor architectures mismatches e.g. the keystore was built/produced on one processor architecture and when deployed on AIX (ppc64-64) and was tried to be read - Caused by: java.io.IOException: com.sun.crypto.provider.SealedObject

Re: [cas-user] Implicit grant

No plans to bring any new features into 4.1.x line as it's purely in the "maintenance" mode (critical bug fixes). Wrt v5 release date - there is no definitive "do or die" set date, but there are targets: https://github.com/apereo/cas/milestones [https://github.com/apereo/cas/milestones] Cheers,

Re: [cas-user] Implicit grant

n? On the other hand, if you're targeting August.. it's not that far away and would probably a lot safer bet. Cheers, Tom On Monday, 30 May 2016 13:19:27 UTC+3, Dmitriy Kopylenko wrote: No plans to bring any new features into 4.1.x line as it's purely in the "maintenance&quo

Re: [cas-user] No EntityManager exception with JpaTicketRegistry, CAS 4.2.2

This cold be a bug. Please push an overlay with a reproducible behavior that you are seeing, with the exact version that you use (4.2.2) here: https://github.com/cas-projects/cas-issues [https://github.com/cas-projects/cas-issues] along with a Github Issue to track it. Best, Dmitriy. On Mon,

Re: [cas-user] OTP MFA

I'm afraid that v4 of CAS does not natively support multi phased authentication transactions for several different authentication factors. Upcoming v5 does. Best, D. On Wed, Jun 1, 2016 at 03:11, Nouman Fallouh wrote: Briefly, I want authentication system supports (username, password and optiona

Re: [cas-user] OTP MFA

The following guide is for v5 which is not yet released: http://apereo.github.io/cas/development/installation/Configuring-Multifactor-Authentication.html D. On Wed, Jun 1, 2016 at 06:25, Dmitriy Kopylenko wrote: I'm afraid that v4 of CAS does not natively support multi phased authentic

Re: [cas-user] cannot find ST in debugger mode?

Most likely the ST just expires during your debugging session. The default expiration time is 10 second. Set it to a higher value for your debugging so it stays valid. The example below sets it to 3 minutes: st.timeToKillInSeconds=180 This could be the same problem with your REST clients - by t

Re: [cas-user] No EntityManager exception with JpaTicketRegistry, CAS 4.2.2

Thank you. We'll examine it. Cheers, D. On Fri, Jun 3, 2016 at 05:46, Siim wrote: https://github.com/apereo/cas/issues/1817 teisipäev, 31. mai 2016 0:06.17 UTC+3 kirjutas Dmitriy Kopylenko: This cold be a bug. Please push an overlay with a reproducible behavior that you are seeing, wit

Re: [cas-user] queryDatabaseAuthenticationHandler not being called (CAS 4.2.2)

You mentioned ‘propertyFileDescriptor.xml’. Is that where you define your beans shown below? Where do you place this file? D. > On Jun 3, 2016, at 11:21 AM, John Rellis wrote: > > Thanks but that doesn't use queryDatabaseAuthenticationHandler :( > > On Friday, 3 June 2016 16:11:23 UTC+1, Misa

Re: [cas-user] queryDatabaseAuthenticationHandler not being called (CAS 4.2.2)

opertyFileDescriptor.xml is where I have copied that xml from. > > Once deployed it is in > apache-tomcat-8.0.33/webapps/cas/WEB-INF/spring-configuration/propertyFileConfigurer.xml > > Do you need any more info? > > Thanks! > John > > On Fri, 3 Jun 2016 at 16:26 Dmitri

Re: [cas-user] queryDatabaseAuthenticationHandler not being called (CAS 4.2.2)

both. Hopefully I > won't have to come back with more questions. > > Thanks, > John > > On Fri, 3 Jun 2016 at 16:40 Dmitriy Kopylenko <mailto:dkopyle...@unicon.net>> wrote: > Place the custom handler definitions and aliases into > WEB-INF/deployerConfigC

Re: [cas-user] (Need Help) ClearPass integration with CAS 4.0.0

This -> http://apereo.github.io/cas/4.0.x/integration/ClearPass.html Cheers, D. On Mon, Jun 6, 2016 at 07:14, wael souissi wrote: Hello Cas community , I'm working on CASifying Outlook Web Access 2010 [https://wiki.jasig.org/display/CAS/CASifying+Outlook+Web+Access+2010] and i have problem con

Re: [cas-user] (Need Help) ClearPass integration with CAS 4.0.0

and in the one you provided the necessary things is to add this to the > pom.xml file : > >org.jasig.cas >cas-server-extension-clearpass >${cas.version} >runtime > > > Thank you . > > On Monday, June 6, 2016 at 1:48:34 PM UTC+2, Dmitriy Kopylenko

Re: [cas-user] User encryption

set anonymousAccess property on the registered service in question to false to get a plain principal username name instead of this opaque identifier. Cheers, D. > On Jun 6, 2016, at 9:51 AM, yogesh munjal wrote: > > Hi All, > > I am using CAS 4.0.1, i did the configure the mod_auth_cas on Apa

Re: [cas-user] Assistance with x509 + LDAP

I think you’d need to implement a custom principal resolver to do this LDAP look up which should return null principal reference if not successful, which would trigger UnresolvedPrincipalException up the authentication transaction stack, etc. Cheers, D. > On Jun 8, 2016, at 3:23 PM, Nick Couch

Re: [cas-user] Re: Help with SLO and Java Web Client

It's hard to understand what you are after, but perhaps take a look at the sample CASyfied Spring Boot web app: https://github.com/UniconLabs/bootiful-cas-client [https://github.com/UniconLabs/bootiful-cas-client] Cheers, D. On Mon, Jun 13, 2016 at 02:06, Atul shinde wrote: HI .. i am trying t

Re: [cas-user] howto print out Database AUTHENTICATION_FAILED details

https://apereo.github.io/cas/4.2.x/installation/Logging.html D. > On Jun 13, 2016, at 10:42 AM, Cross Zheng wrote: > > Hi guys > > I am new to CAS and start from v4.2.2. > > I have tried cas-overlay-template and dockerized-webapp

Re: [cas-user] Problem whith service access strategy

Try this (notice 2 comma-separated string in the list literal there: "requiredAttributes": { "@class": "java.util.HashMap", "listas": [ "java.util.HashSet", [ “group1", "group3" ] ] } > On Jun 15, 2016, at 9:28 AM, Juan Carlos Giménez Moncada > wrote: > > "requiredAttributes": { "@clas

  1   2   3   >