You probably should configure the host that is making the POST request as a CAS authorized service
Cemal Önder <[email protected]> escreveu no dia segunda, 16/12/2019 à(s) 08:33: > I get same error too and when I debug the application, I see that problem > happens because when we request JWT following code works: > > val registeredService = payload.getRegisteredService() == null > ? locateRegisteredService(serviceAudience) > : payload.getRegisteredService(); > RegisteredServiceAccessStrategyUtils.ensureServiceAccessIsAllowed(registeredService); > > which calls locateRegisteredService with serviceAudience -> as your cas > instance (http://localhost:8080/cas). And that is not registered as a service > in my case, than > > RegisteredServiceAccessStrategyUtils.ensureServiceAccessIsAllowed(registeredService); > throws the exception. My question is, should we than inject our cas instance > as a service too? Because inside the DefaultServicesManager class, > orderedServices > > has http://localhost:8095/bouncer/oauth2.0/callbackAuthorize.* which makes me > thing like should not there be a service also for CAS protocol too? > > > On Friday, 28 June 2019 17:33:24 UTC+3, K Devops wrote: >> >> Hi, I've configured CAS to return TGT as JWT adding the dependency on the >> maven overlay: >> <dependency> >> <groupId>org.apereo.cas</groupId> >> <artifactId>cas-server-support-rest-tokens</artifactId> >> <version>${cas.version}</version> >> </dependency> >> >> Info: >> >> https://apereo.github.io/cas/5.3.x/protocol/REST-Protocol.html#jwt-ticket-granting-tickets >> >> >> I've configured CAS to return a JWT Signed with HS512. >> ST granting works fine (with standard TGT). >> >> Every time I try to get a TGT in JWT with the following REST call: >> POST /cas/v1/tickets HTTP/1.0 >> >> username=battags&password=password&token=true&additionalParam1=paramvalue >> >> >> I receive this error: >> Unauthorized Service Access. Service [] is not found in service registry. >> >> If I omit or set the token param to "false", the standard TGT is granted >> correctly. >> >> What's wrong with that? >> >> >> Thank you very much >> >> >> Bye >> >> K >> > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/8d49ac0b-62c2-49a1-9226-bad6b34571e1%40apereo.org > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/8d49ac0b-62c2-49a1-9226-bad6b34571e1%40apereo.org?utm_medium=email&utm_source=footer> > . > -- Francisco Castel-Branco -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAMrou-Nx%2BSghEAqCBjy7rQb8d6HQ_WDjNao%3DdAkskdRZEk9Xjw%40mail.gmail.com.
