Hi @leleuj, Kindly guide to parse or cas understand response from keycloak; It will be great help me to proceed further. As you said previous; it might require some customisation; Could you please guide me if possible: am I doing something wrong in oidcClient configuration: @applicationContext.xml file. <bean id="keyCloakOpenid" class="org.pac4j.oidc.client.OidcClient"> <property name="name" value="openid" /> <property name="clientID" value="yarra-client" /> <property name="secret" value="e374ff0-f724-411d-b6474-46aea4b62a6f" /> <property name="discoveryURI" value="http://hostname:8080/auth/realms/yarra/.well-known/openid-configuration"; /> </bean> <bean id="clients" class="org.pac4j.core.client.Clients"> <property name="callbackUrl" value="https://hostname:8443/cas/login"; /> <property name="clientNameParameter" value="KeycloakOIDC" /> <property name="clients"> <list> <ref bean="keyCloakOpenid" /> </list> </property> </bean> login-webflow.xml: <action-state id="clientAction"> <evaluate expression="clientAction" /> <transition on="success" to="sendTicketGrantingTicket" /> <transition on="error" to="ticketGrantingTicketCheck" /> <transition on="stop" to="stopWebflow" /> </action-state> <view-state id="stopWebflow" /> <action-state id="ticketGrantingTicketCheck"> <evaluate expression="ticketGrantingTicketCheckAction"/> <transition on="notExists" to="gatewayRequestCheck"/> <transition on="invalid" to="terminateSession"/> <transition on="valid" to="hasServiceCheck"/> </action-state>
org.springframework.webflow.engine.NoMatchingTransitionException: No transition was matched on the event(s) signaled by the [1] action(s) that executed in this action state 'ticketGrantingTicketCheck' of flow 'login'; transitions must be defined to handle action result outcomes -- possible flow configuration error? Note: the eventIds signaled were: 'array<String>['success']', while the supported set of transitional criteria for this action state is 'array<TransitionCriteria>[notExists, invalid, valid]' Kindly help me; On Tuesday, September 29, 2020 at 1:51:04 PM UTC+5:30 yarra srinivas wrote: > Thank you @leleuj for your detail information. I understand your comment, > but, based on customer requirements; I'm exploring the feasibility & > constraints if we use CAS 4.0.0 version; > > On Tuesday, September 29, 2020 at 1:22:52 PM UTC+5:30 leleuj wrote: > >> Hi, >> >> pac4j v1.7.0 is an old version based on an old version of the Nimbus SDK >> without default support for Keycloak. >> >> So, even if it is feasible, you'll need customisations to make it work. >> >> As I said on the pac4j mailing list, I highly recommend upgrading the CAS >> server. >> >> Thanks. >> Best regards, >> Jérôme >> >> >> Le lun. 28 sept. 2020 à 19:47, yarra srinivas <[email protected]> a >> écrit : >> >>> Hi Folks, >>> >>> We' re using pretty older version of CAS component (i.e. 4.0.0) for >>> authentication purpose. As per requirement, we don't want to upgrade the >>> CAS Server component; If possible delegate the authentication to third >>> party component like Keycloak. So, to avoid the CAS component upgrade and >>> it's inter-dependency components like spring and other modules in the >>> project. >>> >>> My basic a doubts as: >>> >>> 1. Will it possible with CAS 4.0.0 to delegate authentication to >>> Keycloak Server? >>> 2. if so, what will be best robust delegate the authentication >>> techniques based on CAS 4.0.0 help us to connect to Keycloak component. >>> >>> >>> Thanks, >>> Yarra >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "CAS Developer" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/a/apereo.org/d/msgid/cas-dev/24bda63e-781f-4bee-ba0d-8b2bb01f2d80n%40apereo.org >>> >>> <https://groups.google.com/a/apereo.org/d/msgid/cas-dev/24bda63e-781f-4bee-ba0d-8b2bb01f2d80n%40apereo.org?utm_medium=email&utm_source=footer> >>> . >>> >> -- You received this message because you are subscribed to the Google Groups "CAS Developer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-dev/ab8d6a46-f6a6-4a9c-97d4-91050945cdaan%40apereo.org.
