Oh my, Ocean Liu, you are my new best friend! Thanks
Ray On Fri, 2022-02-18 at 10:02 -0800, Ocean Liu wrote: Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information. Hey Ray, > I keep a copy of the cas project locally. I use it to search for properties, > log messages and classes. I used to do the same thing until I found github.dev , https://docs.github.com/en/codespaces/the-githubdev-web-based-editor It is a web-based VSCode editor, it can also sync your VSCode configuration. Whenever you are on a github.com repo, you can: * Press . (the dot key) while browsing any repository on GitHub. * Change the URL from "github.com" to "github.dev". Then you will have a VSCode in your browser, you can do global search very easily, supports regex and all that stuff. Hope this will be helpful, I love that tool. On Friday, February 18, 2022 at 7:37:39 AM UTC-8 Ray Bon wrote: I keep a copy of the cas project locally. I use it to search for properties, log messages and classes. $ grep -rln cifsServicePrincipal # leave out the first letter since it may be lower or upper case in files api/cas-server-core-api-configuration-model/src/main/java/org/apereo/cas/configuration/model/support/spnego/SpnegoAuthenticationProperties.java support/cas-server-support-spnego/src/test/java/org/apereo/cas/support/spnego/authentication/handler/support/JcifsConfigTests.java support/cas-server-support-spnego/src/main/java/org/apereo/cas/config/SpnegoConfiguration.java support/cas-server-support-spnego/src/main/java/org/apereo/cas/support/spnego/authentication/handler/support/JcifsConfig.java The first hit has the property you were asking about. You can then open that file locally or on github to see what other properties are at that level. The next search you can perform going up the property hierarchy, $ grep -rln SpnegoAuthenticationProperties api/cas-server-core-api-configuration-model/src/main/java/org/apereo/cas/configuration/model/support/spnego/SpnegoProperties.java api/cas-server-core-api-configuration-model/src/main/java/org/apereo/cas/configuration/model/support/spnego/SpnegoAuthenticationProperties.java The first one has the properties field and it is a list. The properties are in cascading classes, the top one being CasConfigurationProperties, https://github.com/apereo/cas/blob/6.4.x/api/cas-server-core-api-configuration-model/src/main/java/org/apereo/cas/configuration/CasConfigurationProperties.java You may need to turn on debug logging to see which properties are identified as incorrect. There might be a way to tell spring to fail if a property is incorrect. Ray On Fri, 2022-02-18 at 09:06 +0100, spfma...@e.mail.fr wrote: Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information. Hi, Thank you very much for your help ! Even if it is still not working, I see in the logfiles that the parameter is now taken recognized. So it's confusing when there is no error but the parameter is still ignored ! Here is what I have, it looks like all the config blocks I have seen coming from previous versions :: cas.authn.spnego.supportedBrowsers=MSIE,Trident,Firefox,AppleWebKit, curl cas.authn.spnego.system.login-conf=file:///etc/jaas.conf cas.authn.spnego.system.kerberos-conf=file:/etc/krb5.conf cas.authn.spnego.system.kerberos-realm=MY_REALM cas.authn.spnego.system.kerberos-kdc=krb-master.my.domain cas.authn.spnego.properties[0].jcifs-service-principal=HTTP/ssodev.my.domain@MY_REALM cas.authn.spnego.system.kerberos-debug=true cas.authn.spnego.mixed-mode-authentication=true cas.authn.spnego.send401OnAuthenticationFailure=false cas.authn.spnego.ips-to-check-pattern=.+ cas.authn.spnego.ntlm-allowed=true cas.authn.spnego.ntlm=false cas.authn.spnego.spnego-attribute-name=sAMAccountName cas.authn.spnego.ldap.base-dn: dc=my,dc=domain cas.authn.spnego.ldap.bind-credential: PASS cas.authn.spnego.ldap.bind-dn: cn=casldap,dc=my,dc=fr cas.authn.spnego.ldap.ldap-url: ldaps://ldap.my.domain:636 cas.authn.spnego.ldap.search-filter: (uid={user}) So maybe my other SPNEGO and CIFS properties need to be adjusted too ? Regards Le 18-Feb-2022 06:53:17 +0100, rb...@uvic.ca a écrit: Use the kabob case version (it is the new format). 'properties' is an array. cas.authn.spnego.properties[0].jcifs-service-principal Ray On Thu, 2022-02-17 at 12:43 +0100, spfma...@e.mail.fr wrote: Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information. Hi, Is there a global reference for all available configuration properties, with some description ? While trying to configure SPNEGO, the documentation mentions "Make sure you have at least specified the JCIFS Service Principal in the CAS configuration". But how can I do that ? I have found examples with "cas.authn.spnego.properties.jcifs-service-principal" or "cas.authn.spnego.jcifsServicePrincipal" but all these syntaxes are rejected. Their references have links to Jasig website, so I guess I need something more recent :-) But I was not able to find anything so far. Regards ________________________________ FreeMail powered by mail.fr<https://mail.fr> -- Ray Bon Programmer Analyst Development Services, University Systems 2507218831<tel:(250)%20721-8831> | CLE 019 | rb...@uvic.ca I acknowledge and respect the lək̓ʷəŋən peoples on whose traditional territory the university stands, and the Songhees, Esquimalt and WSÁNEĆ peoples whose historical relationships with the land continue to this day. ________________________________ FreeMail powered by mail.fr<https://mail.fr> -- Ray Bon Programmer Analyst Development Services, University Systems 2507218831<tel:(250)%20721-8831> | CLE 019 | rb...@uvic.ca I acknowledge and respect the lək̓ʷəŋən peoples on whose traditional territory the university stands, and the Songhees, Esquimalt and WSÁNEĆ peoples whose historical relationships with the land continue to this day. -- Ray Bon Programmer Analyst Development Services, University Systems 2507218831 | CLE 019 | r...@uvic.ca<mailto:r...@uvic.ca> I acknowledge and respect the lək̓ʷəŋən peoples on whose traditional territory the university stands, and the Songhees, Esquimalt and WSÁNEĆ peoples whose historical relationships with the land continue to this day. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/498861e67b0df82dd78611c00e341e1efab13aea.camel%40uvic.ca.
