Hi Jason We configured the CAS server as SP with used Azure AD SAML endpoint as the Idp. There was issues in the latest 5.2.6 and I remember falling back to 5.2.3 (will cross check) Let me know if you still facing issues and I shall share our configuration
Thanks -Raghav On Tue, Dec 4, 2018 at 2:57 AM Jason Brooks <[email protected]> wrote: > > We're looking at integrating CAS with Azure AD for authentication. How did > you get CAS linked up with Azure AD? We've not been able to find any docs to > help on this. > > Thanks, > J > > > > On Wednesday, September 19, 2018 at 3:34:41 PM UTC-4, Raghavan TV wrote: >> >> Hi All >> >> Am testing CAS 5.2.6 to work on a delegated authentication mode against >> Azure AD >> >> When we get a SAML response back from the Idp, am getting redirect to CAS > >> UnAuthorized Access page >> >> The logs indicate the following errors >> >> 2018-09-19 19:28:09,358 ERROR >> [org.pac4j.saml.sso.impl.SAML2DefaultResponseValidator] - <Current assertion >> validation failed, continue with the next one> >> org.pac4j.saml.exceptions.SAMLException: Signature is not trusted >> at >> org.pac4j.saml.sso.impl.SAML2DefaultResponseValidator.validateSignature(SAML2DefaultResponseValidator.java:704) >> ~[pac4j-saml-2.3.1.jar:?] >> ... >> ... >> 2018-09-19 19:28:09,363 DEBUG >> [org.apereo.cas.support.pac4j.web.flow.DelegatedClientAuthenticationAction] >> - <The request requires http action> >> org.pac4j.saml.exceptions.SAMLException: No valid subject assertion found in >> response >> ... >> ... >> >> Any pointers on which cert should be imported into the keystore ? >> >> >> Thanks >> Raghavan >> >> >> > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to a topic in the Google > Groups "CAS Community" group. > To unsubscribe from this topic, visit > https://groups.google.com/a/apereo.org/d/topic/cas-user/hTqhOVubd88/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/acedfef4-3f18-41d8-923b-f7b94feec03c%40apereo.org. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CADNy93pXtSQfmpxHQtrfD-kyt5qNuq5L3hiqzh-q%2BSnK%2BG5wLQ%40mail.gmail.com.
