[cas-user] directive: excludedAuthenticationHandler for service cas 6.3.x

Thu, 02 Dec 2021 03:03:54 -0800 

 Can anybody  confirm that excludedAuthenticationHandler works in cas 6.3. ?
*https://apereo.github.io/cas/6.3.x/services/Configuring-Service-AuthN-Policy.htm*
 

{ "@class": "org.apereo.cas.services.RegexRegisteredService", "serviceId": 
"^(https|imaps)://example.org/cas.*", "name": "Example", "id": 1, 
"authenticationPolicy": { "@class": 
"org.apereo.cas.services.DefaultRegisteredServiceAuthenticationPolicy", 
"excludedAuthenticationHandlers" : ["java.util.TreeSet", [ "JSON" ]], 
"criteria": { "@class": 
"org.apereo.cas.services.ExcludedAuthenticationHandlersRegisteredServiceAuthenticationPolicyCriteria"
 
} } } 


I have 3  AD handlers like :

cas.authn.ldap[0].name=everest
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].ldapUrl=****
cas.authn.ldap[0].baseDn=****
cas.authn.ldap[0].bindDn=ldap
cas.authn.ldap[0].bindCredential=****
cas.authn.ldap[0].searchFilter=*****
cas.authn.ldap[0].principalAttributeId=sAMAccountName
cas.authn.ldap[0].connectTimeout=3000

cas.authn.ldap[1].name=rysy
...
cas.authn.ldap[3].name=ppm
---

And during testing via  Curl API test  , Cas used ppm or everest. It means  
after I restarted cas  container  I made  couple of test  and some times 
Cas used one or other handler from cas.propierties.
I dont know why it doesnt keep always  everest (or JSON). I am digging in 
it long time.


Accordind to:

*https://apereo.github.io/cas/6.3.x/services/Configuring-Service-AuthN-Policy.html*

*I thought  that it is possible.* I was trying :

{ "@class": "org.apereo.cas.services.RegexRegisteredService", "serviceId": 
"^(https|imaps)://example.org/cas.*", "name": "Example", "id": 1, 
"authenticationPolicy": { "@class": 
"org.apereo.cas.services.DefaultRegisteredServiceAuthenticationPolicy", 
"excludedAuthenticationHandlers" : ["java.util.TreeSet", [ "JSON" ]], 
"criteria": { "@class": 
"org.apereo.cas.services.ExcludedAuthenticationHandlersRegisteredServiceAuthenticationPolicyCriteria"
 
} } } 

  Afer test i can see user  wasnt foreced to use ony one handler dedicated 
for service.

Regards

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/5a22802f-b50d-4f0f-939d-d422fad6c47dn%40apereo.org.

Reply via email to