We are on cas 5.2.2, banner 8 via ssomanager and banner 9 admin apps.  
Seems to work fine since we upgraded to cas 5.2.2 in late December.

We populate the udcid in ldap from banner, then map it in cas as:


Please note, without full BEIS the udcid in banner is not automatically 
populated when new users are created.  Our IDM calls a delivered BEIS 
component to populate any blank udcid values in banner before ldap 
provisioning since we don't use BEIS.



BEIS = Banner Enterprise Identity Services

On Wednesday, February 21, 2018 at 5:46:21 PM UTC-6, Matthew Uribe wrote:
> Hello Community,
> I am wondering whether anyone has had success with Banner 9 and CAS 5.2.x 
> We have been using the Luminis delivered CAS 3.5.2, but are interested in 
> the features available in 5, such as SAML2 IdP, and MFA using Duo. I have 
> deployed CAS 5.2.0, included cas-server-support-ldap and 
> cas-server-support-saml 
> dependencies, and setup a service for one of our Banner 9 apps, but haven't 
> been able to successfully access the application. I can access the CAS 
> Dashboard, as well as the CAS-Management webapp, but the Banner apps are 
> beyond me at this point. Right now, when I navigate to the Banner 9 app, I 
> am redirected to the CAS login page. After logging in successfully, the 
> browser gives me an error: "HTTP Status 403 - No assertions found".
> I figure the problem is either in my service registry, or that I maybe 
> need to import the CAS certificate into a keystore somewhere on the Banner 
> 9 server. Since I don't see anything related to a cert import in the Banner 
> 9 install guides, I'm focused on the first of these two possibilities, but 
> after 2 days of going in circles I've run out of ideas and would eagerly 
> accept the advice of this community.
> Thank you,
> Matt

- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 

Reply via email to