Hi,
I am on CAS v6.1.0 RC4. Everythings works fine but i want to allow
iframe for a specific service.
Is it possible ?
I read
https://apereo.github.io/cas/6.0.x/configuration/Configuration-Properties.html#http-web-requests
https://apereo.github.io/cas/6.0.x/services/Configuring-Service-Http-Security-Headers.html
If i put "cas.httpWebRequest.header.xframeOptions=ALLOWALL" in my
cas.properties it's ok iframe is allowed for all services but is it
possible to just allow only a specific service ?
I tried to add something like this in my service :
{
"@class" : "org.apereo.cas.services.RegexRegisteredService",
"serviceId" : "^https?://toto.uang/.*",
"name" : "toto",
"id" : 100501,
"description" : "toto",
"properties" : {
"@class" : "java.util.HashMap",
"httpHeaderXFrameOptions" : {
"@class" :
"org.apereo.cas.services.DefaultRegisteredServiceProperty",
"values" : [ "java.util.HashSet", [ "ALLOWALL" ] ]
}
}
}
I tried different properties/values but it does not work.
Someone know how to allow a specific service ? (if it's possible)
thank you
--
Adrien
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/b2c9bbba-a843-fa25-6794-d67c9c5b2f63%40univ-angers.fr.
