Sneha, I have not used oauth2 and do not know how that protocol is handled in cas. I do know that other CAS protocols required back channel communication, and that is always https.
The real question is, why, in this day and age, do you want to use http? For testing it is easy to create your own certificates. For external sites, https://letsencrypt.org/ Ray On Thu, 2020-03-26 at 08:35 +0530, Sneha Kashyap wrote: Hi napolean, Thanks for your prompt reply. Yes I do realise that the CAS oauth server works only on https protocol. What about the client applications that connect to the server? Must they be a https URL as well? Ideally that is not required by oauth2.. But somehow my application on http does not receive back the accesstoken from CAS oauth server. My question to you is, have you used serviceids values as a http URL and successful authenticated your application? Foe example: serviceid: "http://example.com/.*"; Does such a URL get successful authentication in CAS oauth2 server? Thanks & regards Sneha On Thu, 26 Mar, 2020, 6:54 am Nguyen Tran Thanh Lam, <naphaluan211...@gmail.com<mailto:naphaluan211...@gmail.com>> wrote: Hi Sneha, I know this. You must use https for Oauth2 Thank you Vào Th 5, 26 thg 3, 2020 vào lúc 01:52 Sneha Kashyap <sneha.kash...@healthelife.in<mailto:sneha.kash...@healthelife.in>> đã viết: Hi napolean, Do you have any idea if there is restriction by CAS oauth2 server to use http urls instead of https urls in service id to be authenticated? Thanks sneha On Mon, 23 Mar, 2020, 10:37 pm Sneha, <sneha.kash...@healthelife.in<mailto:sneha.kash...@healthelife.in>> wrote: Hello All, Replying on this post as it is the most recent post on OAuth authentication.I am back working on the project again. Having gotten the oauth2 with JWT sample code working on CAS 6.1 overlay I find that It works on service ids with https URLs but on configuring http URLs I am unable to obtain the JWT or access token with a successful authentication and code generated. I am getting the following output on debug logs on the server side: [cid:0804684d777fd1aeabef9447ddf706c1c0bc629c.camel@uvic.ca] my json registration: { "@class" : "org.apereo.cas.support.oauth.services.OAuthRegisteredService", "clientId": "exampleOauthClient", "clientSecret": "test1", "serviceId": "^http://localhost:9999/.*";, "name": "oauth2test", "id": 6, "supportedGrantTypes": [ "java.util.HashSet", [ "authorization_code" ] ], "supportedResponseTypes": [ "java.util.HashSet", [ "code" ] ] "attributeReleasePolicy": { "@class": "org.apereo.cas.services.ReturnAllAttributeReleasePolicy", "principalAttributesRepository": { "@class": "org.apereo.cas.authentication.principal.DefaultPrincipalAttributesRepository" }, }, "jwtAccessToken": true, "usernameAttributeProvider": { "@class": "org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProvider", "usernameAttribute": "username" } } On the client side, i receive a 403 forbidden status or a 401 : [cid:83d864b591938b491b4ba9ffa0f749f28a8648e0.camel@uvic.ca] Not sure what I am missing out.. Or does the CAS OAuth server allow only clients with https urls to participate in SSO? Any inputs regarding this will be of great help.. Thanks Sneha On Tuesday, March 10, 2020 at 3:01:34 PM UTC+5:30, Napoleon Ponaparte wrote: Hi Mr Gandhi, You must use CAS version at least 6.1.x. The key will generate in log of CAS, when you build it. Please try again. Thanks Vào Th 3, 10 thg 3, 2020 vào lúc 16:15 Gandhi <gandh...@imaginea.com> đã viết: I'm facing the same issue with 5.2.X version of CAS. i'm having trouble to enable JWT for OIDC related flows. Can you please post any findings here, in case if you have solved this? On Thursday, February 13, 2020 at 8:48:02 AM UTC+5:30, Napoleon Ponaparte wrote: Hi all, I have trouble in enable Oauth JWT token on CAS overlay template version 6.0. I will sponsor 10$, if anyone help me in this case. I tried two tutorial on two link: 1) Link 1 JWT Of All Things With CAS https://apereo.github.io/2017/10/17/cas-jwt-authn-with-duo/ But I have a trouble with cas shell. I have described it here (https://stackoverflow.com/questions/60186080/generate-jwt-on-cas-apereo-version-6-0-for-oauth-jwt-access-tokens) 2) Link 2 Apereo CAS - OAuth JWT Access Tokens But it uses for cas version 6.2.x. And this properties can't use cas.authn.oauth.access-token.crypto.encryption.key = cas.authn.oauth.access-token.crypto.signing.key = cas.authn.oauth.access-token.crypto.enabled=false cas.authn.oauth.access-token.crypto.signing-enabled = false cas.authn.oauth.access-token.crypto.encryption-enabled = false Thank you. This mail contains confidential information intended only for the individual(s) named. If you’re not the named addressee, don’t disseminate, distribute or copy this e-mail. Please notify the sender immediately and delete it from your system.If you wish not to receive such e-mails you may reply with text “Unsubscribe”. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/162ff6a6-d2e2-4149-aade-e404de062f06%40apereo.org<https://groups.google.com/a/apereo.org/d/msgid/cas-user/162ff6a6-d2e2-4149-aade-e404de062f06%40apereo.org?utm_medium=email&utm_source=footer>. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org<mailto:cas-user+unsubscr...@apereo.org>. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/a0b3ad99-6a8c-4967-b8eb-0a4c30f6259c%40apereo.org<https://groups.google.com/a/apereo.org/d/msgid/cas-user/a0b3ad99-6a8c-4967-b8eb-0a4c30f6259c%40apereo.org?utm_medium=email&utm_source=footer>. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org<mailto:cas-user+unsubscr...@apereo.org>. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAE2k68nAZ8cKB1MYYtH1jek_ALgGoyD7UNMQozH0Qzzgzt%3DGGg%40mail.gmail.com<https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAE2k68nAZ8cKB1MYYtH1jek_ALgGoyD7UNMQozH0Qzzgzt%3DGGg%40mail.gmail.com?utm_medium=email&utm_source=footer>. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org<mailto:cas-user+unsubscr...@apereo.org>. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAEjUsAhJA3EpSBfHVR2pm31xHzO5ZhLAGiJppts3ZPxHAuSO6Q%40mail.gmail.com<https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAEjUsAhJA3EpSBfHVR2pm31xHzO5ZhLAGiJppts3ZPxHAuSO6Q%40mail.gmail.com?utm_medium=email&utm_source=footer>. -- Ray Bon Programmer Analyst Development Services, University Systems 2507218831 | CLE 019 | r...@uvic.ca<mailto:r...@uvic.ca> I respectfully acknowledge that my place of work is located within the ancestral, traditional and unceded territory of the Songhees, Esquimalt and WSÁNEĆ Nations. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/d39ff04ce23f5a60ba6e6ad49a718b3a50042961.camel%40uvic.ca.
