<https://lh3.googleusercontent.com/-jrTP52-s_VY/WrEvioW27PI/AAAAAAAAAAM/Dx1zUMgbjGsI_8n-fys1ePKK9jJqnuAHgCLcBGAs/s1600/Screenshot%2Bfrom%2B2018-03-20%2B09-55-58.png> Hi,
I am using CAS 5.2.2 and tried out disabling SSO (see attached image). It appears to be the same setting you turned off. I found that I had to first completely log out of CAS before trying to access the service. Otherwise if I was already signed in and visited the service, it did correctly show a login screen, BUT it would fail in logging me in even though I supplied correct credentials. Hope this helps, it is all I really know about it. -Michael On Tuesday, March 20, 2018 at 9:09:24 AM UTC-5, tffishe wrote: > > > > We are running CAS 4.1.5 and we need to make a couple services do > authentication only through CAS without creating an SSO session – that is > force renew=true from the CAS server and do not create a session after > authenticating (no TGT). My understanding of how to do this (per > https://apereo.github.io/cas/4.2.x/installation/Configuring-SSO-Session-Cookie.html) > > is to set create.sso.renewed.authn=false in cas.properties and include > these in the service definition: > > "accessStrategy" : { > > "@class" : > "org.jasig.cas.services.DefaultRegisteredServiceAccessStrategy", > > "enabled" : true, > > "ssoEnabled" : false > > }, > > > > However, when I do this it does not allow authentication at all with the > following complaint in the log: > > [org.jasig.cas.CentralAuthenticationServiceImpl] - ServiceManagement: > Service [https://ssotest.bgsu.edu *… is not allowed to use SSO.* > > Am I missing something? Can anyone suggest why it is not processing the > service parameters as it seems it should? > > > > Thanks. > > > > Ted Fisher > > ITS, BGSU > > > > > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/c9ed1da2-822b-4d8e-a7da-4aae0bc590a3%40apereo.org.
