Since my DN is not fixed as I authenticate users at the Forest level, I
could not use AD and used AUTHENTICATED instead, and
used cas.authn.ldap[0].userFilter=(userPrincipalName={user}) as filter,
with subtreeSearch set to true, and was able to authenticate on two
different domains (but this is our setup, you should use sAMAccountName if
this is what you need).
Le lundi 26 février 2018 16:43:45 UTC-5, Kevin Liu a écrit :
>
> Okay so I've changed my cas.properties to reflect what you're saying.
>
> I'm getting an error which requires me to input an dnFormat. Fair enough
> but looking at your documentation, it says to put %s which will get the
> username entered into the query. Does this mean that in your AD, your CN
> and sAMAccountName are the same? If so, I don't understand why it would be
> neccessary to put a userFilter because otherwise you would be verifying
> twice right? Once via dNFormat and then again with the userFilter. Sorry if
> I'm just being dumb and not seeing things.
>
> On Monday, February 26, 2018 at 3:28:48 PM UTC-6, David Curry wrote:
>>
>> Correct. If you're using the AD type, you should be using
>>
>> cas.authn.ldap[0].userFilter: sAMAccountName={user}
>>
>> Putting "anything" in the username field and getting authenticated
>> doesn't sound right.
>>
>> But if you're using AD and dnFormat, I'm almost positive that you DO NOT
>> want to have a "bindDn" or "bindCredential" in there. Those are for the
>> AUTHENTICATED (and other) types, not for the AD type.
>>
>> --Dave
>>
>>
>>
>> --
>>
>> DAVID A. CURRY, CISSP
>> *DIRECTOR OF INFORMATION SECURITY*
>> INFORMATION TECHNOLOGY
>>
>> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
>> +1 212 229-5300 x4728 • david.cu...@newschool.edu
>>
>> [image: The New School]
>>
>> On Mon, Feb 26, 2018 at 4:14 PM, Kevin Liu <annih...@gmail.com> wrote:
>>
>>> No worries! Reading the documents again, it looks like I may confused a
>>> couple of things.
>>> AD Acive Directory - Users authenticate with sAMAccountName typically
>>> using a DN format.
>>> It says that it authenticates using the sAMAccountName which should get
>>> passed in if we use cas.authn.ldap[0].userFilter=sAMAccountName={user}
>>> correct?
>>> Right now, I can put anything in the username field and it gets
>>> authenticated. That can't be right?
>>>
>>> On Monday, February 26, 2018 at 3:11:51 PM UTC-6, David Curry wrote:
>>>>
>>>> Sorry, I don't. But some other folks on the list have been doing other
>>>> kinds of logins, so maybe they do.
>>>>
>>>>
>>>> --
>>>>
>>>> DAVID A. CURRY, CISSP
>>>> *DIRECTOR OF INFORMATION SECURITY*
>>>> INFORMATION TECHNOLOGY
>>>>
>>>> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
>>>> <https://maps.google.com/?q=71+FIFTH+AVE.,+9TH+FL.,+NEW+YORK,+NY+10003&entry=gmail&source=g>
>>>> +1 212 229-5300 x4728 • david.cu...@newschool.edu
>>>>
>>>> [image: The New School]
>>>>
>>>> On Mon, Feb 26, 2018 at 3:54 PM, Kevin Liu <annih...@gmail.com> wrote:
>>>>
>>>>> Thanks, got it working!
>>>>>
>>>>> I hope you don't mind me picking your brain a little further. Do you
>>>>> have any experience with principalAttributeId fields? I'm wondering if I
>>>>> can first bind to LDAP, and then use username and password to
>>>>> authenticate
>>>>> instead and it looks like principalAttribute fields might be it.
>>>>>
>>>>> On Monday, February 26, 2018 at 2:36:13 PM UTC-6, David Curry wrote:
>>>>>>
>>>>>> I haven't tried it myself, but you ought to be able to put
>>>>>> cas.log.level back to "warn" and then add something like
>>>>>>
>>>>>> <AsyncLogger name="org.apereo.cas.authentication" level="debug"
>>>>>> includeLocation="true"/>
>>>>>>
>>>>>>
>>>>>> in the <Loggers> section (down around line 61). See the comment
>>>>>> right there in the file for a little more info.
>>>>>>
>>>>>> --Dave
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>>
>>>>>> DAVID A. CURRY, CISSP
>>>>>> *DIRECTOR OF INFORMATION SECURITY*
>>>>>> INFORMATION TECHNOLOGY
>>>>>>
>>>>>> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
>>>>>> <https://maps.google.com/?q=71+FIFTH+AVE.,+9TH+FL.,+NEW+YORK,+NY+10003&entry=gmail&source=g>
>>>>>> +1 212 229-5300 x4728 • david.cu...@newschool.edu
>>>>>>
>>>>>> [image: The New School]
>>>>>>
>>>>>> On Mon, Feb 26, 2018 at 3:23 PM, Kevin Liu <annih...@gmail.com>
>>>>>> wrote:
>>>>>>
>>>>>>> I'm messing with the logger. Is it possible to have just LDAP debug
>>>>>>> codes output? If so, how? Cause I can't seem to be able to shut off the
>>>>>>> others without shutting off debug all together.
>>>>>>>
>>>>>>> On Monday, February 26, 2018 at 11:53:16 AM UTC-6, David Curry wrote:
>>>>>>>>
>>>>>>>> Well, you can start with log4j2.xml, and change
>>>>>>>>
>>>>>>>> <Property name="cas.log.level" >warn</Property>
>>>>>>>>
>>>>>>>>
>>>>>>>> to
>>>>>>>>
>>>>>>>> <Property name="cas.log.level" >debug</Property>
>>>>>>>>
>>>>>>>>
>>>>>>>> which will give you a lot of detail (all in cas.log) about what's
>>>>>>>> going on. If that doesn't give you want you want, you can also (or
>>>>>>>> instead)
>>>>>>>> change
>>>>>>>>
>>>>>>>> <AsyncLogger name="org.ldaptive" level="warn" />
>>>>>>>>
>>>>>>>>
>>>>>>>> to
>>>>>>>>
>>>>>>>> <AsyncLogger name="org.ldaptive" level="debug" />
>>>>>>>>
>>>>>>>>
>>>>>>>> to get debugging from the LDAP code itself.
>>>>>>>>
>>>>>>>> As for your second question... you've exceeded my level of
>>>>>>>> knowledge of AD/LDAP. I think the answer might be that you can't use
>>>>>>>> the
>>>>>>>> "AD" type of LDAP setup and will have to switch to the "AUTHENTICATED"
>>>>>>>> type, but I'm not very sure of that answer.
>>>>>>>>
>>>>>>>> Perhaps someone else on the list can jump in.
>>>>>>>>
>>>>>>>> --Dave
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>>
>>>>>>>> DAVID A. CURRY, CISSP
>>>>>>>> *DIRECTOR OF INFORMATION SECURITY*
>>>>>>>> INFORMATION TECHNOLOGY
>>>>>>>>
>>>>>>>> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
>>>>>>>> <https://maps.google.com/?q=71+FIFTH+AVE.,+9TH+FL.,+NEW+YORK,+NY+10003&entry=gmail&source=g>
>>>>>>>> +1 212 229-5300 x4728 • david.cu...@newschool.edu
>>>>>>>>
>>>>>>>> [image: The New School]
>>>>>>>>
>>>>>>>> On Mon, Feb 26, 2018 at 12:43 PM, Kevin Liu <annih...@gmail.com>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>> Thank you Dave for providing additonal insight!
>>>>>>>>>
>>>>>>>>> Just to add, my MSDN I was refering above is actually an Microsoft
>>>>>>>>> Active Directory Server which I'm using the LDAP protocol to talk to
>>>>>>>>> (at
>>>>>>>>> least that is my understanding).
>>>>>>>>>
>>>>>>>>> I've got a few more questions. Is it possible to see what the LDAP
>>>>>>>>> is returning to CAS? Maybe via logs? Getting insight to what is being
>>>>>>>>> returned will help me get a better grasp on the LDAP CAS connections
>>>>>>>>> and
>>>>>>>>> communications.
>>>>>>>>>
>>>>>>>>> Also, in addition to multiple OUs, it turns out that the DN that
>>>>>>>>> is being used doesn't utilize a user's username but rather a user's
>>>>>>>>> full
>>>>>>>>> name as part of the DN. For example, my DN is CN=Kevin Liu,
>>>>>>>>> OU=Alpha,
>>>>>>>>> DC=beta, DC=gamma instead of CN=kliu. Do you have any ideas on how I
>>>>>>>>> might
>>>>>>>>> get around that?
>>>>>>>>>
>>>>>>>>> On Friday, February 23, 2018 at 2:24:37 PM UTC-6, David Curry
>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> There are smarter (way smarter) LDAP people than me, but yeah,
>>>>>>>>>> that's kind of it. Some LDAPs (like AD) will let you bind as the
>>>>>>>>>> user
>>>>>>>>>> him/herself to authenticate, others require you to use a special
>>>>>>>>>> account to
>>>>>>>>>> make the bind, and then authenticate the user. Although come to
>>>>>>>>>> think of
>>>>>>>>>> it, I think AD might only permit that over an LDAPS connection,
>>>>>>>>>> which might
>>>>>>>>>> be why you were having trouble.
>>>>>>>>>>
>>>>>>>>>> Likewise, some LDAPs will let you retrieve attributes at the same
>>>>>>>>>> time that you authenticate, and others require you to make a
>>>>>>>>>> separate
>>>>>>>>>> request for that. In our particular case, our LDAP contains a
>>>>>>>>>> superset of
>>>>>>>>>> the users in AD (AD has "active" people, LDAP has "active" and
>>>>>>>>>> "alumni").
>>>>>>>>>> But the two directories have different (overlapping) sets of
>>>>>>>>>> attributes,
>>>>>>>>>> and we always want to get all of them and merge them together, so in
>>>>>>>>>> my CAS
>>>>>>>>>> config, I do the authentication and attribute retrieval separately.
>>>>>>>>>>
>>>>>>>>>> I'm not sure how you get a dnFormat that handles multiple OUs, or
>>>>>>>>>> if you even can. In my case, we have almost everyone in a single OU,
>>>>>>>>>> except
>>>>>>>>>> for some administrator accounts, which are in a separate OU. Rather
>>>>>>>>>> than
>>>>>>>>>> try and handle them all together, I just punted and defined two
>>>>>>>>>> different
>>>>>>>>>> AD configs for them, one for each OU. If you look at my
>>>>>>>>>> documentation,
>>>>>>>>>> you'll note that ldap[0] and ldap[2] are actually the SAME AD
>>>>>>>>>> server, they
>>>>>>>>>> just have different baseDN and dnFormat settings.
>>>>>>>>>>
>>>>>>>>>> --Dave
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> --
>>>>>>>>>>
>>>>>>>>>> DAVID A. CURRY, CISSP
>>>>>>>>>> *DIRECTOR OF INFORMATION SECURITY*
>>>>>>>>>> INFORMATION TECHNOLOGY
>>>>>>>>>>
>>>>>>>>>> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
>>>>>>>>>> <https://maps.google.com/?q=71+FIFTH+AVE.,+9TH+FL.,+NEW+YORK,+NY+10003&entry=gmail&source=g>
>>>>>>>>>> +1 212 229-5300 x4728 • david.cu...@newschool.edu
>>>>>>>>>>
>>>>>>>>>> [image: The New School]
>>>>>>>>>>
>>>>>>>>>> On Fri, Feb 23, 2018 at 3:12 PM, Kevin Liu <annih...@gmail.com>
>>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>>> Just to make sure I understand the LDAP and CAS connection
>>>>>>>>>>> properly, CAS is sending over a set of credentials to first access
>>>>>>>>>>> the LDAP
>>>>>>>>>>> correct? Is that the bindDN and bindCredential? Does it then search
>>>>>>>>>>> through
>>>>>>>>>>> the result query for userFilter for a match?
>>>>>>>>>>>
>>>>>>>>>>> Also, I'm a little confused about the dNFormat. I inputed
>>>>>>>>>>> directly what is the DN for user 1. However, for other users, since
>>>>>>>>>>> they
>>>>>>>>>>> belong to different OU, how do I change the code such that it
>>>>>>>>>>> becomes more
>>>>>>>>>>> versatile?
>>>>>>>>>>>
>>>>>>>>>>> My eventual goal is for cas to authenticate users from a single
>>>>>>>>>>> OU.
>>>>>>>>>>>
>>>>>>>>>>> Thank you all for bearing with me so far and all my questions.
>>>>>>>>>>>
>>>>>>>>>>> On Friday, February 23, 2018 at 11:44:35 AM UTC-6, Kevin Liu
>>>>>>>>>>> wrote:
>>>>>>>>>>>>
>>>>>>>>>>>> I finally got it to talk to my LDAP! I've realized I should
>>>>>>>>>>>> also put that my LDAP is really a MSDN. It is in a very limited
>>>>>>>>>>>> capacity
>>>>>>>>>>>> though. Here is my cas.properties and I hope someone can help me
>>>>>>>>>>>> figure out
>>>>>>>>>>>> how to expand the scope of authentication. My apologies about the
>>>>>>>>>>>> obfuscation.
>>>>>>>>>>>>
>>>>>>>>>>>> #AD Configurations
>>>>>>>>>>>> cas.authn.ldap[0].type=AD
>>>>>>>>>>>> cas.authn.ldap[0].ldapUrl=ldap://ladpserver:389
>>>>>>>>>>>> cas.authn.ldap[0].useSsl=false
>>>>>>>>>>>> cas.authn.ldap[0].useStartTls=false
>>>>>>>>>>>> cas.authn.ldap[0].connectTimeout=5000
>>>>>>>>>>>> cas.authn.ldap[0].subtreeSearch=true
>>>>>>>>>>>> cas.authn.ldap[0].baseDn=dc=beta,dc=gamma
>>>>>>>>>>>> cas.authn.ldap[0].userFilter=cn={user}
>>>>>>>>>>>> cas.authn.ldap[0].bindDn=user1@beta.gamma
>>>>>>>>>>>> cas.authn.ldap[0].bindCredential=user1Password
>>>>>>>>>>>> cas.authn.ldap[0].dnFormat=CN=User
>>>>>>>>>>>> 1,OU=Test,OU=alpha,DC=beta,DC=gamma
>>>>>>>>>>>>
>>>>>>>>>>>> This configuration only works for 1 user, user1. How do I
>>>>>>>>>>>> expand it such that any user can input their credentials for
>>>>>>>>>>>> validation?
>>>>>>>>>>>> Also interesting, for user1, they can input either user1 or
>>>>>>>>>>>> user1@beta.gamma and be able to login with the correct password.
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> On Friday, February 23, 2018 at 9:17:02 AM UTC-6, David Curry
>>>>>>>>>>>> wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>> Yes, that looks like your DN.
>>>>>>>>>>>>>
>>>>>>>>>>>>> But if CAS is not starting, it's something else. Are you using
>>>>>>>>>>>>> 5.2.2? Can you post your pom.xml and cas.log files as attachments?
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> --
>>>>>>>>>>>>>
>>>>>>>>>>>>> DAVID A. CURRY, CISSP
>>>>>>>>>>>>> *DIRECTOR OF INFORMATION SECURITY*
>>>>>>>>>>>>> INFORMATION TECHNOLOGY
>>>>>>>>>>>>>
>>>>>>>>>>>>> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
>>>>>>>>>>>>> <https://maps.google.com/?q=71+FIFTH+AVE.,+9TH+FL.,+NEW+YORK,+NY+10003&entry=gmail&source=g>
>>>>>>>>>>>>> +1 212 229-5300 x4728 • david.cu...@newschool.edu
>>>>>>>>>>>>>
>>>>>>>>>>>>> [image: The New School]
>>>>>>>>>>>>>
>>>>>>>>>>>>> On Fri, Feb 23, 2018 at 9:56 AM, Kevin Liu <annih...@gmail.com
>>>>>>>>>>>>> > wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> For my own account, when I execute the LDAP query in my first
>>>>>>>>>>>>>> post, I can't see my own DN but I can see what I'm a member of.
>>>>>>>>>>>>>> Is the
>>>>>>>>>>>>>> listed member field my DN?
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> member: CN=Kevin Liu,OU=Delta,OU=Alpha,DC=Beta,DC=Gamma
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Would this be my DN?
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> On Friday, February 23, 2018 at 6:17:22 AM UTC-6, alberto
>>>>>>>>>>>>>> wrote:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> On Thu, 22 Feb 2018 13:43:05 -0800 (PST)
>>>>>>>>>>>>>>> Kevin Liu <annih...@gmail.com> wrote:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> > Correct me if I'm wrong but looking at the directory, not
>>>>>>>>>>>>>>> everyone
>>>>>>>>>>>>>>> > has a DN. Some users are only members of a group it looks
>>>>>>>>>>>>>>> like.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> I don't think so. DN is the ultimate identifier in LDAP/AD.
>>>>>>>>>>>>>>> As stated
>>>>>>>>>>>>>>> in MSDN: «The LDAP API references an LDAP object by its
>>>>>>>>>>>>>>> distinguished
>>>>>>>>>>>>>>> name (DN)». Even a group have a DN so you can perform
>>>>>>>>>>>>>>> operations on it.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> ( Source:
>>>>>>>>>>>>>>> https://msdn.microsoft.com/en-us/library/aa366101(v=vs.85).aspx
>>>>>>>>>>>>>>> )
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> --
>>>>>>>>>>>>>>> Alberto Cabello Sánchez
>>>>>>>>>>>>>>> Servicio de Informática
>>>>>>>>>>>>>>> Universidad de Extremadura
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>> --
>>>>>>>>>>>>>> - Website: https://apereo.github.io/cas
>>>>>>>>>>>>>> - Gitter Chatroom: https://gitter.im/apereo/cas
>>>>>>>>>>>>>> - List Guidelines: https://goo.gl/1VRrw7
>>>>>>>>>>>>>> - Contributions: https://goo.gl/mh7qDG
>>>>>>>>>>>>>> ---
>>>>>>>>>>>>>> You received this message because you are subscribed to the
>>>>>>>>>>>>>> Google Groups "CAS Community" group.
>>>>>>>>>>>>>> To unsubscribe from this group and stop receiving emails from
>>>>>>>>>>>>>> it, send an email to cas-user+u...@apereo.org.
>>>>>>>>>>>>>> To view this discussion on the web visit
>>>>>>>>>>>>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/4c960c01-c31d-4c3b-8386-c9dadafaf812%40apereo.org
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/4c960c01-c31d-4c3b-8386-c9dadafaf812%40apereo.org?utm_medium=email&utm_source=footer>
>>>>>>>>>>>>>> .
>>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> --
>>>>>>>>>>> - Website: https://apereo.github.io/cas
>>>>>>>>>>> - Gitter Chatroom: https://gitter.im/apereo/cas
>>>>>>>>>>> - List Guidelines: https://goo.gl/1VRrw7
>>>>>>>>>>> - Contributions: https://goo.gl/mh7qDG
>>>>>>>>>>> ---
>>>>>>>>>>> You received this message because you are subscribed to the
>>>>>>>>>>> Google Groups "CAS Community" group.
>>>>>>>>>>> To unsubscribe from this group and stop receiving emails from
>>>>>>>>>>> it, send an email to cas-user+u...@apereo.org.
>>>>>>>>>>> To view this discussion on the web visit
>>>>>>>>>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/197ffc37-0e97-4a1b-b997-30c462259b65%40apereo.org
>>>>>>>>>>>
>>>>>>>>>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/197ffc37-0e97-4a1b-b997-30c462259b65%40apereo.org?utm_medium=email&utm_source=footer>
>>>>>>>>>>> .
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> --
>>>>>>>>> - Website: https://apereo.github.io/cas
>>>>>>>>> - Gitter Chatroom: https://gitter.im/apereo/cas
>>>>>>>>> - List Guidelines: https://goo.gl/1VRrw7
>>>>>>>>> - Contributions: https://goo.gl/mh7qDG
>>>>>>>>> ---
>>>>>>>>> You received this message because you are subscribed to the Google
>>>>>>>>> Groups "CAS Community" group.
>>>>>>>>> To unsubscribe from this group and stop receiving emails from it,
>>>>>>>>> send an email to cas-user+u...@apereo.org.
>>>>>>>>> To view this discussion on the web visit
>>>>>>>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/73cfed99-5049-4eff-a0f9-880e8edf37df%40apereo.org
>>>>>>>>>
>>>>>>>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/73cfed99-5049-4eff-a0f9-880e8edf37df%40apereo.org?utm_medium=email&utm_source=footer>
>>>>>>>>> .
>>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>> - Website: https://apereo.github.io/cas
>>>>>>> - Gitter Chatroom: https://gitter.im/apereo/cas
>>>>>>> - List Guidelines: https://goo.gl/1VRrw7
>>>>>>> - Contributions: https://goo.gl/mh7qDG
>>>>>>> ---
>>>>>>> You received this message because you are subscribed to the Google
>>>>>>> Groups "CAS Community" group.
>>>>>>> To unsubscribe from this group and stop receiving emails from it,
>>>>>>> send an email to cas-user+u...@apereo.org.
>>>>>>> To view this discussion on the web visit
>>>>>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/f8568e68-b156-44fc-b2fd-5d42841b47a9%40apereo.org
>>>>>>>
>>>>>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/f8568e68-b156-44fc-b2fd-5d42841b47a9%40apereo.org?utm_medium=email&utm_source=footer>
>>>>>>> .
>>>>>>>
>>>>>>
>>>>>> --
>>>>> - Website: https://apereo.github.io/cas
>>>>> - Gitter Chatroom: https://gitter.im/apereo/cas
>>>>> - List Guidelines: https://goo.gl/1VRrw7
>>>>> - Contributions: https://goo.gl/mh7qDG
>>>>> ---
>>>>> You received this message because you are subscribed to the Google
>>>>> Groups "CAS Community" group.
>>>>> To unsubscribe from this group and stop receiving emails from it, send
>>>>> an email to cas-user+u...@apereo.org.
>>>>> To view this discussion on the web visit
>>>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/e69a02bf-4b0f-4ccf-a8f2-2a2540d91fc0%40apereo.org
>>>>>
>>>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/e69a02bf-4b0f-4ccf-a8f2-2a2540d91fc0%40apereo.org?utm_medium=email&utm_source=footer>
>>>>> .
>>>>>
>>>>
>>>> --
>>> - Website: https://apereo.github.io/cas
>>> - Gitter Chatroom: <a href="https://gitter.im/apereo/cas";
>>> target="_blank" rel="nofollow" onmousedown="this.href='
>>> https://www.google.com/url?q\x3dhttps%3A%2F%2Fgitter.im%2Fapereo%2Fcas\x26sa\x3dD\x
>>>
>>> <https://www.google.com/url?q%5Cx3dhttps%3A%2F%2Fgitter.im%2Fapereo%2Fcas%5Cx26sa%5Cx3dD%5Cx>
>>
>>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/3cd28be8-a0c7-41e9-94a3-024acf5db25a%40apereo.org.
