That depends on how your service wants to exercise proxy AuthN. The change you have applied will have CAS, in addition to everything it does today, produce a PGT directly in the final response an attribute provided you have also configured a key to encrypt it. That does not authorize the service for proxy though. This does: http://jasig.github.io/cas/4.1.x/installation/Service-Management.html#configure-proxy-authentication-policy
> -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf Of > Nicolás > Sent: Tuesday, December 22, 2015 9:51 AM > To: [email protected] > Subject: [cas-user] Allow proxy for a service > > Hi, > > We're running CAS 4.1.1. We've been asked to activate the proxying feature > for one of the services. For that purpose, we've checked the 'Authorized > to > release proxy granting ticket' checkbox in the CAS-Management module for > this service, but we're still getting this > message: > > 2015-12-21 09:56:29,408 WARN > [org.jasig.cas.CentralAuthenticationServiceImpl] - <ServiceManagement: > Service [https://<service>/foo.php] attempted to proxy, but is not > allowed.> > > I remember in versions 3.5.x to see an explicit "Allow proxy" checkbox for > services in the CAS Management, but in newer versions I'm not sure if > something else is needed additionally to the checkbox I described above. > > Is there something else to do to allow proxying? > > Thanks. > > Nicolás > > -- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > Visit this group at > https://groups.google.com/a/apereo.org/group/cas-user/. -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
