This probably points to some other underlying issue. I have never had to set that.
You can see the configuration of the demo webapp running on heroku. There is no reference to that flag. https://github.com/apereo/cas/blob/heroku-mgmtwebapp/src/main/resources/user-details.properties From: [email protected] [mailto:[email protected]] On Behalf Of Dan Reeder Sent: Tuesday, June 7, 2016 8:24 PM To: CAS Community <[email protected]> Cc: [email protected] Subject: Re: [cas-user] Re: CAS Services Management "Access Denied" I figured it out in the end... the users listed in /etc/cas/user-details.properties were required to have the "enabled" flag on the end, despite the comments indicating it was optional. eg: jsmith=notused,ROLE_ADMIN,enabled cheers, Dan On Tuesday, 7 June 2016 22:50:54 UTC+10, Eric Kyle wrote: Hi Dan, No, I still haven't figured this out - though I haven't had much time to look at it. I plan on digging back into it this summer. Eric On Mon, May 23, 2016 at 6:48 PM, Dan Reeder <[email protected] <javascript:> > wrote: Hi Eric, did you ever manage to get this working? We're using CAS 4.2 with the additional cas-services app. CAS is setup to use our ADFS which works beautifully for other registered json services, but I can't figure out how to get the cas-services app to also pay attention to ADFS auth tickets. It would be nice if cas-services could check for an attribute being passed back from adfs (such as the presence of a particular AD group membership), but I'd settle for a static list of permitted principal usernames. cheers, Dan On Tuesday, 1 March 2016 05:43:21 UTC+10, Eric Kyle wrote: The title says it call. I have CAS (4.2 RC2) setup to authenticate against ADFS, which works fine when I got to localhost/cas, but when I try to go to the deployed cas-services page (which also authenticates successfully against cas/adfs), I get the message Access Denied You are not authorized to access this resource. Contact your CAS administrator for more info This is the one thing holding me back from authenticating uPortal and our other services. I have looked in the deployerConfigContext.xml file and a hundred other places, but I can't seem to figure out how to authenticate properly. Any help would be greatly appreciated. Eric -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected] <javascript:> . To post to this group, send email to [email protected] <javascript:> . Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/99f3bace-3e66-4bad-b660-4ea34689b905%40apereo.org <https://groups.google.com/a/apereo.org/d/msgid/cas-user/99f3bace-3e66-4bad-b660-4ea34689b905%40apereo.org?utm_medium=email&utm_source=footer> . For more options, visit https://groups.google.com/a/apereo.org/d/optout. -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected] <mailto:[email protected]> . To post to this group, send email to [email protected] <mailto:[email protected]> . Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/f8bf7ee7-8170-4baa-b2df-7ed2b15960d2%40apereo.org <https://groups.google.com/a/apereo.org/d/msgid/cas-user/f8bf7ee7-8170-4baa-b2df-7ed2b15960d2%40apereo.org?utm_medium=email&utm_source=footer> . For more options, visit https://groups.google.com/a/apereo.org/d/optout. -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/008001d1c13a%243b0ee1b0%24b12ca510%24%40unicon.net. For more options, visit https://groups.google.com/a/apereo.org/d/optout.
