Hello,

I followed the tutorial 
(https://apereo.github.io/2017/03/22/cas51-delauthn-tutorial/) to delegate 
CAS authentication to an external SAML2 IdP. 
It works well with CAS 5.2.x, but when I upgraded to CAS 5.3..2, I have the 
following errors:


*==> In the browser I see:*
Application Not Authorized to Use CAS
The application you attempted to authenticate to is not authorized to use 
CAS. This usually indicates that the application is not registered with 
CAS, or its authorization policy defined in its registration record 
prevents it from leveraging CAS functionality, or it's malformed and 
unrecognized by CAS. Contact your CAS administrator to learn how you might 
register and integrate your application with CAS.


*==> in the logs: *
ERROR [org.apereo.cas.web.flow.DelegatedClientAuthenticationAction] - <No 
client found for name: SAML2Client>
org.pac4j.core.exception.TechnicalException: No client found for name: 
SAML2Client
at org.pac4j.core.client.Clients.findClient(Clients.java:128) 
~[pac4j-core-3.0.1.jar!/:?]


I added the following dependency in build.gradle 

*compile* 
"org.apereo.cas:cas-server-support-pac4j-webflow:${project.'cas.version'}"


*Here are the properties I use:*

cas.authn.pac4j.saml[0].keystorePassword=zzz
cas.authn.pac4j.saml[0].privateKeyPassword=zzz
cas.authn.pac4j.saml[0].serviceProviderEntityId=urn:mace:saml:pac4j.org
cas.authn.pac4j.saml[0].serviceProviderMetadataPath=<absolute-path>/sp-metadata.xml
cas.authn.pac4j.saml[0].keystorePath=<absolute-path>/keystore
cas.authn.pac4j.saml[0].identityProviderMetadataPath=https://xxxxx.oktapreview.com/app/xxxxxx/sso/saml/metadata


I also added the following service declaration 

{
  "@class" : "org.apereo.cas.services.RegexRegisteredService",
  "serviceId" : "^https://localhost:8446/iam-client-2(\\z|/.*)",
  "name" : "CAS Client 2",
  "id" : 3,
  "description" : "CAS java webapp client",
  "attributeReleasePolicy" : {
    "@class" : "org.apereo.cas.services.ReturnMappedAttributeReleasePolicy",
    "allowedAttributes" : {
      "@class" : "java.util.TreeMap",
      "Group" : "role",
      "FirstName" : "FirstName",
      "LastName" : "LastName",
      "Email" : "Email"
    }
  }
}



Have I missed something? please help

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/914dc1d1-a924-46cd-96bc-7556040abda8%40apereo.org.

Reply via email to