I get same error too and when I debug the application, I see that problem happens because when we request JWT following code works:
val registeredService = payload.getRegisteredService() == null ? locateRegisteredService(serviceAudience) : payload.getRegisteredService(); RegisteredServiceAccessStrategyUtils.ensureServiceAccessIsAllowed(registeredService); which calls locateRegisteredService with serviceAudience -> as your cas instance (http://localhost:8080/cas). And that is not registered as a service in my case, than RegisteredServiceAccessStrategyUtils.ensureServiceAccessIsAllowed(registeredService); throws the exception. My question is, should we than inject our cas instance as a service too? Because inside the DefaultServicesManager class, orderedServices has http://localhost:8095/bouncer/oauth2.0/callbackAuthorize.* which makes me thing like should not there be a service also for CAS protocol too? On Friday, 28 June 2019 17:33:24 UTC+3, K Devops wrote: > > Hi, I've configured CAS to return TGT as JWT adding the dependency on the > maven overlay: > <dependency> > <groupId>org.apereo.cas</groupId> > <artifactId>cas-server-support-rest-tokens</artifactId> > <version>${cas.version}</version> > </dependency> > > Info: > > https://apereo.github.io/cas/5.3.x/protocol/REST-Protocol.html#jwt-ticket-granting-tickets > > > I've configured CAS to return a JWT Signed with HS512. > ST granting works fine (with standard TGT). > > Every time I try to get a TGT in JWT with the following REST call: > POST /cas/v1/tickets HTTP/1.0 > > username=battags&password=password&token=true&additionalParam1=paramvalue > > > I receive this error: > Unauthorized Service Access. Service [] is not found in service registry. > > If I omit or set the token param to "false", the standard TGT is granted > correctly. > > What's wrong with that? > > > Thank you very much > > > Bye > > K > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/8d49ac0b-62c2-49a1-9226-bad6b34571e1%40apereo.org.
