Ray, Thank You. Now its working as expected.
Regards Bartek czwartek, 22 kwietnia 2021 o 22:58:02 UTC+2 Ray Bon napisał(a): > Bartosz, > > The only cas properties I have that you do not are: > cas.authn.pac4j.oidc[0].azure.discoveryUri= > <https://login.microsoftonline.com/37b56a68-3494-448b-9c6b-f42f98041e00/oauth2/v2.0/> > https://login.microsoftonline.com/[tenant id goes here]/oauth2/v2.0/ > cas.authn.pac4j.oidc[0].azure.logoutUrl= > https://login.microsoftonline.com/common/oauth2/logout > > When I go from cas to azure, this is the link (from developer tools): > > <https://login.microsoftonline.com/37b56a68-3494-448b-9c6b-f42f98041e00/oauth2/authorize?response_type=code&redirect_uri=https://local.uvic.ca/cas/login?client_name=CasAsAClient&state=TST-1-7MlVK-yh42Y60jZJPEp6fXck45BFasyX&client_id=6d16c7e9-2c54-4c95-b78c-e9599d1edffd&scope=openid> > https://login.microsoftonline.com/[tenant id goes > here]/oauth2/authorize?response_type=code&redirect_uri= > https://local.uvic.ca/cas/login?client_name=CasAsAClient&state=TST-1-...&client_id=[client > id > goes here]&scope=openid profile email > > In azure I added an app registration called CasAsAClient. In this > application I have a web redirect url, > https://local.uvic.ca/cas/login?client_name=CasAsAClient > > I do not have specific notes on the steps I took. I did read a lot of MS > documentation and web tutorials. > > Ray > > > On Thu, 2021-04-22 at 11:27 -0700, Bartosz Nitkiewicz wrote: > > Notice: This message was sent from outside the University of Victoria > email system. Please be cautious with links and sensitive information. > > I want to setup Azure as default auth for all services. But it gives me > this error AADSTS900971: No reply address provided. > There are no logs on CAS server side. > I think that I have missconfigure something during Azure app registration. > I don't know how it shoud be configure. I want to delagate auth to Azure > through OIDC. > I've read that You have it working :) > > czwartek, 22 kwietnia 2021 o 20:18:08 UTC+2 Ray Bon napisał(a): > > Bartosz, > > After successful login on azure, cas will redirect to your intended > service. > > Are there any error messages in the logs? > > Ray > > On Thu, 2021-04-22 at 10:18 -0700, Bartosz Nitkiewicz wrote: > > Notice: This message was sent from outside the University of Victoria > email system. Please be cautious with links and sensitive information. > > > Hi. I got stucked. I've managed to delegate auth to Azure AD. I can login > with my user and password. But after that I have AADSTS900971: No reply > address provided. > > I don't know how to set it up properly. > > My registered CAS app (Azure) is redirected to my CAS server > https://example.org/cas with enable ID tokens and Access tokens. > > "cas.authn.pac4j.name": "Azure", > "cas.authn.pac4j.oidc[0].azure.autoRedirect": "true", > "cas.authn.pac4j.oidc[0].azure.clientName": "Azure", > "cas.authn.pac4j.oidc[0].azure.enabled": "true", > "cas.authn.pac4j.oidc[0].azure.id": "xxxxx", > "cas.authn.pac4j.oidc[0].azure.responseMode": "form_post", > "cas.authn.pac4j.oidc[0].azure.responseType": "id_token", > "cas.authn.pac4j.oidc[0].azure.scope": "openid", > "cas.authn.pac4j.oidc[0].azure.secret": "xxxxxx", > "cas.authn.pac4j.oidc[0].azure.tenant": "xxxxx", > "cas.authn.pac4j.oidc[0].azure.useNonce": "true", > > I don't know if it is ok? > Any hints? > > -- > > > Ray Bon > Programmer Analyst > Development Services, University Systems > 2507218831 <(250)%20721-8831> | CLE 019 | [email protected] > > I respectfully acknowledge that my place of work is located within the > ancestral, traditional and unceded territory of the Songhees, Esquimalt and > WSÁNEĆ Nations. > > > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/7bb7b5f7-0136-4ab5-adb0-a2a3faa00eacn%40apereo.org.
