[cas-user] Integrating elastic cloud with apereo cas saml

Thu, 22 Jul 2021 20:47:37 -0700 

I'm doing a POC to integrate elastic cloud with apereo using SAML2 
protocol. 

Here is my service registry configuration:
{
 "@class" : "org.apereo.cas.support.saml.services.SamlRegisteredService",
 "serviceId" : "^https://yyy.kb.ap-northeast-1.aws.found.io.*";,
 "name" : "ElasticsearchSAMLService",
 "id" : 2,
 "evaluationOrder" : 2,
 "metadataLocation" : 
"file:/root/cas-overlay-template/saml-metadata/elasticsearch.xml",
 "issuerEntityId": "https://cas.sinlead.com/cas/idp";
}

I'm able to redirect from kibana to apereo login page. However, after 
authenticate myself, I got an 500 Internal server error page.

Here is the application log:

2021-07-23 11:39:49,831 INFO 
[org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade]
 
- <Resolved metadata chain from 
[file:/root/cas-overlay-template/saml-metadata/elasticsearch.xml]. 
Filtering the chain by entity ID 
[https://yyy.kb.ap-northeast-1.aws.found.io:9243/]>
2021-07-23 11:39:49,834 INFO 
[org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade]
 
- <Resolved metadata chain from 
[file:/root/cas-overlay-template/saml-metadata/elasticsearch.xml]. 
Filtering the chain by entity ID 
[https://yyy.kb.ap-northeast-1.aws.found.io:9243/]>
2021-07-23 11:39:49,886 ERROR 
[org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner] 
- <Unable to locate any signing credentials for service 
[ElasticsearchSAMLService]>
2021-07-23 11:39:49,889 INFO 
[org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit 
trail record BEGIN
=============================================================
WHO: audit:unknown
WHAT: Unable to locate signing credentials
ACTION: SAML2_RESPONSE_CREATED
APPLICATION: CAS
WHEN: Fri Jul 23 11:39:49 CST 2021
CLIENT IP ADDRESS: 127.0.0.1
SERVER IP ADDRESS: 127.0.0.1

I was wondering what did I do wrong. I pretty sure the file path is correct.

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/06bc87c8-b041-44f7-8acd-9300ccb95561n%40apereo.org.

Reply via email to