We are running CAS 4.1.5 and we need to make a couple services do authentication only through CAS without creating an SSO session – that is force renew=true from the CAS server and do not create a session after authenticating (no TGT). My understanding of how to do this (per https://apereo.github.io/cas/4.2.x/installation/Configuring-SSO-Session-Cookie.html) is to set create.sso.renewed.authn=false in cas.properties and include these in the service definition: "accessStrategy" : { "@class" : "org.jasig.cas.services.DefaultRegisteredServiceAccessStrategy", "enabled" : true, "ssoEnabled" : false },
However, when I do this it does not allow authentication at all with the following complaint in the log: [org.jasig.cas.CentralAuthenticationServiceImpl] - ServiceManagement: Service [https://ssotest.bgsu.edu … is not allowed to use SSO. Am I missing something? Can anyone suggest why it is not processing the service parameters as it seems it should? Thanks. Ted Fisher ITS, BGSU -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CY4PR05MB29339FFE13545423F8F44CA8C0AB0%40CY4PR05MB2933.namprd05.prod.outlook.com.
