Are you certain your configuration values are not overridden by something else?
> On Aug 28, 2019, at 1:30 AM, 'Mallory, Erik' via CAS Community > <[email protected]> wrote: > > Yes. > # OpenID Authentication > cas.authn.oidc.issuer=http://cas-dev.wichita.edu/cas/oidc > <http://cas-dev.wichita.edu/cas/oidc> > # Skew ID tokens in minutes > cas.authn.oidc.skew=5 > > cas.authn.oidc.jwksFile=file:/etc/cas/config/keystore.jwks > cas.authn.oidc.jwksCacheInMinutes=60 > > #cas.authn.oidc.dynamicClientRegistrationMode=OPEN|PROTECTED > cas.authn.oidc.dynamicClientRegistrationMode=PROTECTED > > cas.authn.oidc.subjectTypes=public,pairwise > > Erik Mallory > Server Analyst > Wichita State University > 316.978.3502 > > > From: <[email protected] <mailto:[email protected]>> on behalf of Misagh > Moayyed <[email protected] <mailto:[email protected]>> > Reply-To: "[email protected] <mailto:[email protected]>" > <[email protected] <mailto:[email protected]>> > Date: Tuesday, August 27, 2019 at 2:59 AM > To: CAS Community <[email protected] <mailto:[email protected]>> > Subject: Re: [cas-user] CAS 6.1-RC4 OIDC configuration > > Have you defined an issuer? > https://apereo.github.io/cas/development/configuration/Configuration-Properties.html#openid-connect > > <https://apereo.github.io/cas/development/configuration/Configuration-Properties.html#openid-connect> > > >> On Aug 27, 2019, at 2:23 AM, 'Mallory, Erik' via CAS Community >> <[email protected] <mailto:[email protected]>> wrote: >> >> Hello, >> I'm trying to configure oAuth/OIDC and I'm running into a head scratcher. >> The CAS oidc/.well-known endpoint returns cas.example.org:8443 >> <http://cas.example.org:8443/> for all of the related endpoints. >> Example: >> {"issuer":"http://cas-dev.wichita.edu/cas/oidc >> <http://cas-dev.wichita.edu/cas/oidc>","scopes_supported":["openid","profile","email","address","phone","offline_access"],"response_types_supported":["code","token","id_token >> >> token"],"subject_types_supported":["public","pairwise"],"claim_types_supported":["normal"],"claims_supported":["sub","name","preferred_username","family_name","given_name","middle_name","given_name","profile","picture","nickname","website","zoneinfo","locale","updated_at","birthdate","email","email_verified","phone_number","phone_number_verified","address","gender"],"grant_types_supported":["authorization_code","password","client_credentials","refresh_token"],"id_token_signing_alg_values_supported":["none","RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512","HS256","HS384","HS512"],"id_token_encryption_alg_values_supported":["RSA1_5","RSA-OAEP","RSA-OAEP-256","A128KW","A192KW","A256KW","A128GCMKW","A192GCMKW","A256GCMKW","ECDH-ES","ECDH-ES+A128KW","ECDH-ES+A192KW","ECDH-ES+A256KW"],"id_token_encryption_enc_values_supported":["A128CBC-HS256","A192CBC-HS384","A256CBC-HS512","A128GCM","A192GCM","A256GCM"],"userinfo_signing_alg_values_supported":["none","RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512","HS256","HS384","HS512"],"userinfo_encryption_alg_values_supported":["RSA1_5","RSA-OAEP","RSA-OAEP-256","A128KW","A192KW","A256KW","A128GCMKW","A192GCMKW","A256GCMKW","ECDH-ES","ECDH-ES+A128KW","ECDH-ES+A192KW","ECDH-ES+A256KW"],"userinfo_encryption_enc_values_supported":["A128CBC-HS256","A192CBC-HS384","A256CBC-HS512","A128GCM","A192GCM","A256GCM"],"introspection_endpoint_auth_methods_supported":["client_secret_basic"],"token_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt"],"claims_parameter_supported":true,"request_parameter_supported":false,"authorization_endpoint":"https://cas.example.org:8443/cas/oidc/authorize >> >> <https://cas.example.org:8443/cas/oidc/authorize>","token_endpoint":"https://cas.example.org:8443/cas/oidc/accessToken >> >> <https://cas.example.org:8443/cas/oidc/accessToken>","userinfo_endpoint":"https://cas.example.org:8443/cas/oidc/profile >> >> <https://cas.example.org:8443/cas/oidc/profile>","registration_endpoint":"https://cas.example.org:8443/cas/oidc/register >> >> <https://cas.example.org:8443/cas/oidc/register>","end_session_endpoint":"https://cas.example.org:8443/cas/oidc/logout >> >> <https://cas.example.org:8443/cas/oidc/logout>","introspection_endpoint":"https://cas.example.org:8443/cas/oidc/introspect >> >> <https://cas.example.org:8443/cas/oidc/introspect>","revocation_endpoint":"https://cas.example.org:8443/cas/oidc/revoke >> >> <https://cas.example.org:8443/cas/oidc/revoke>","jwks_uri":"https://cas.example.org:8443/cas/oidc/jwks >> <https://cas.example.org:8443/cas/oidc/jwks>"} >> >> >> I thought this value was controlled by the cas.server.name property. But I >> guess it's elsewhere? >> >> server.context-path=/cas >> server.port=443 >> cas.server.name=https://cas-dev.wichita.edu <https://cas-dev.wichita.edu/> >> cas.server.prefix=https://cas-dev.wichita.edu/cas >> <https://cas-dev.wichita.edu/cas> >> cas.host.name=cas-dev.wichita.edu <http://cas-dev.wichita.edu/> >> >> Hopefully someone can shine a light on this for me. >> Thanks, >> Erik Mallory >> Server Analyst >> Wichita State University >> >> >> -- >> - Website: https://apereo.github.io/cas <https://apereo.github.io/cas> >> - Gitter Chatroom: https://gitter.im/apereo/cas >> <https://gitter.im/apereo/cas> >> - List Guidelines: https://goo.gl/1VRrw7 <https://goo.gl/1VRrw7> >> - Contributions: https://goo.gl/mh7qDG <https://goo.gl/mh7qDG> >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] >> <mailto:[email protected]>. >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/3B7E953C-586C-41E3-BB3A-73A53D433AB0%40wichita.edu >> >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/3B7E953C-586C-41E3-BB3A-73A53D433AB0%40wichita.edu>. > > > -- > - Website: https://apereo.github.io/cas <https://apereo.github.io/cas> > - Gitter Chatroom: https://gitter.im/apereo/cas <https://gitter.im/apereo/cas> > - List Guidelines: https://goo.gl/1VRrw7 <https://goo.gl/1VRrw7> > - Contributions: https://goo.gl/mh7qDG <https://goo.gl/mh7qDG> > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] > <mailto:[email protected]>. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/375F9DAF-027B-4CE0-A5F3-AE84255B3C99%40gmail.com > > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/375F9DAF-027B-4CE0-A5F3-AE84255B3C99%40gmail.com?utm_medium=email&utm_source=footer>. > > > -- > - Website: https://apereo.github.io/cas <https://apereo.github.io/cas> > - Gitter Chatroom: https://gitter.im/apereo/cas <https://gitter.im/apereo/cas> > - List Guidelines: https://goo.gl/1VRrw7 <https://goo.gl/1VRrw7> > - Contributions: https://goo.gl/mh7qDG <https://goo.gl/mh7qDG> > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] > <mailto:[email protected]>. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/E63C583B-638A-4E54-A7C4-BC772DF53CB2%40wichita.edu > > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/E63C583B-638A-4E54-A7C4-BC772DF53CB2%40wichita.edu?utm_medium=email&utm_source=footer>. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/DF7A72D8-CDF2-4BDA-B302-8A9E5A1A9E48%40gmail.com.
