IMHO, Nebil has a fair point. The pac4j.saml[0].clientName property is in the 5.2.x doc (line 27 of the SAML section under the Pac4j delegated authn section) but not the 5.3.x. Being paranoid & cynical, I have to wonder, if the documentation for 1 property has been removed, what are the odds it's the only piece of regressed documentation? I have to jump back into CAS 5.3 soon, I need to invest the time into determining how to find all the config properties in the source code, because of my cynicism. I give thanks each day for the excellent project & user community feedback, postings. helps us all, I suspect.
Hopefully, my cynicism will improved over the remainder of today... -Steve On Thu, Aug 2, 2018 at 4:23 AM, Nebil Mabrouk <[email protected]> wrote: > > Thank you Misagh, it works. > But this property does not exist in CAS documentation ( > https://apereo.github.io/cas/5.3.x/installation/ > Configuration-Properties.html#saml2). > > Nebil > > > On Wed, Aug 1, 2018 at 10:22 PM, Misagh Moayyed <[email protected]> > wrote: > >> cas.authn.pac4j.saml[0].clientName=SAML2Client >> >> --Misagh >> >> ------------------------------ >> >> *From: *"Nebil Mabrouk" <[email protected]> >> *To: *"CAS Community" <[email protected]> >> *Sent: *Wednesday, August 1, 2018 1:15:18 PM >> *Subject: *[cas-user] CAS 5.3.2 - Delegate auth to SAML2 IdP issue - No >> client found for name: SAML2Client >> >> Hello, >> I followed the tutorial (https://apereo.github.io/2017 >> /03/22/cas51-delauthn-tutorial/) to delegate CAS authentication to an >> external SAML2 IdP. >> It works well with CAS 5.2.x, but when I upgraded to CAS 5.3..2, I have >> the following errors: >> >> >> *==> In the browser I see:* >> Application Not Authorized to Use CAS >> The application you attempted to authenticate to is not authorized to use >> CAS. This usually indicates that the application is not registered with >> CAS, or its authorization policy defined in its registration record >> prevents it from leveraging CAS functionality, or it's malformed and >> unrecognized by CAS. Contact your CAS administrator to learn how you might >> register and integrate your application with CAS. >> >> >> *==> in the logs: * >> ERROR [org.apereo.cas.web.flow.DelegatedClientAuthenticationAction] - >> <No client found for name: SAML2Client> >> org.pac4j.core.exception.TechnicalException: No client found for name: >> SAML2Client >> at org.pac4j.core.client.Clients.findClient(Clients.java:128) >> ~[pac4j-core-3.0.1.jar!/:?] >> >> >> I added the following dependency in build.gradle >> >> *compile* >> "org.apereo.cas:cas-server-support-pac4j-webflow:${project.'cas.version'}" >> >> >> *Here are the properties I use:* >> >> cas.authn.pac4j.saml[0].keystorePassword=zzz >> cas.authn.pac4j.saml[0].privateKeyPassword=zzz >> cas.authn.pac4j.saml[0].serviceProviderEntityId=urn:mace:saml:pac4j.org >> cas.authn.pac4j.saml[0].serviceProviderMetadataPath=<absolute-path>/sp-metadata.xml >> cas.authn.pac4j.saml[0].keystorePath=<absolute-path>/keystore >> cas.authn.pac4j.saml[0].identityProviderMetadataPath=https://xxxxx.oktapreview.com/app/xxxxxx/sso/saml/metadata >> >> >> I also added the following service declaration >> >> { >> "@class" : "org.apereo.cas.services.RegexRegisteredService", >> "serviceId" : "^https://localhost:8446/iam-client-2(\\z|/.*)", >> "name" : "CAS Client 2", >> "id" : 3, >> "description" : "CAS java webapp client", >> "attributeReleasePolicy" : { >> "@class" : "org.apereo.cas.services.ReturnMappedAttributeReleasePolicy", >> "allowedAttributes" : { >> "@class" : "java.util.TreeMap", >> "Group" : "role", >> "FirstName" : "FirstName", >> "LastName" : "LastName", >> "Email" : "Email" >> } >> } >> } >> >> >> >> Have I missed something? please help >> >> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit https://groups.google.com/a/ap >> ereo.org/d/msgid/cas-user/914dc1d1-a924-46cd-96bc-7556040abd >> a8%40apereo.org >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/914dc1d1-a924-46cd-96bc-7556040abda8%40apereo.org?utm_medium=email&utm_source=footer> >> . >> >> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit https://groups.google.com/a/ap >> ereo.org/d/msgid/cas-user/308092497.6622737.1533154966534. >> JavaMail.zimbra%40unicon.net >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/308092497.6622737.1533154966534.JavaMail.zimbra%40unicon.net?utm_medium=email&utm_source=footer> >> . >> > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit https://groups.google.com/a/ > apereo.org/d/msgid/cas-user/CAKnBmdxvQKNFd0PmrnNN2NWWHpWTr > LR3TZ9-XX_X8yj80QjdBQ%40mail.gmail.com > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAKnBmdxvQKNFd0PmrnNN2NWWHpWTrLR3TZ9-XX_X8yj80QjdBQ%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BnSNkp%3DAVMWcMHTHt3tXVFRjSsEwPjBrhWAZ241NJz0D8CGfg%40mail.gmail.com.
