Good morning I've tried to use some config like this:
*mgmt.in-common-mdq-url=file:/etc/cas/config/entities* But, I'm afraid what it expects is a URL... So, it doesn't work. Is there another option to take it from local? Anyway, I am not sure of needing this. I don't know the purpose of these metadata and how not having it could impact on my enviroment. Could anybody of you guys provide me more info, at least at a basic level, to have a better understanding? Perhaps I'm struggling with something I don't need at all and therefore wasting my time... Again, thank you very much El viernes, 11 de marzo de 2022 a las 14:11:45 UTC+1, [email protected] escribió: > Hello, > > Technically MDQ is an API so not really set of XML files, sorry for > mistaking you a bit. But returning document is a valid XML, so... :) > If you do not need to use InCommon (or possibly other MDQ registry), you > can leave the property empty. > Otherwise, > https://github.com/apereo/cas-management/blob/0396f5a5a69af22845b4dd4e633cf74dda195e63/api/cas-mgmt-api-configuration/src/main/java/org/apereo/cas/configuration/CasManagementConfigurationProperties.java#L157 > > Cheers, > Fiisch > > > On 03/11/2022 01:48 PM, Juan María Reina Ortiz wrote: > > Leaving this parameter empty allowed me tyo start cas-management, but I'm > still considering to have this xml locally downloaded. But, here's another > thing I need to ask: What is the URL from I could download the xml file? > > Again, thanks in advance. Your help is being very valuable > > Cheers! > > El viernes, 11 de marzo de 2022 a las 12:27:27 UTC+1, [email protected] > escribió: > >> Hello, >> MDQ metadata endpoint is basically one huge XML file (or a set of small >> ones) with SAML metadata of various organizations, in this case, members of >> InCommon community. >> MDQ as a technical standard is an IETF thing. >> >> But what it means for CAS and Mgmt apps... >> https://apereo.github.io/cas/6.5.x/installation/Configuring-SAML2-DynamicMetadata.html >> - When you are creating a SAML registration in Mgmt app, the Mgmt app can >> give you a choice of ready-made SAML metadata configurations because it >> downloaded them upon its startup. >> - CAS does not need to store the SAML metadata locally, it can gather >> them from MDQ endpoint. This implies that CAS administrator doesn't need to >> manage local metadata files of various connected 3rd parties. >> - If you cannot access InCommon MDQ, you cannot consume 3rd party SAML >> metadata automatically. So you are back to manual management of metadata >> XML files. That is all. >> >> Other than automating tasks around SAML metadata upkeeping, there is no >> impact on the functionality. >> >> However, even without proxy access, you can work around the issue. You >> can, for example, periodically download the metadata with wget and let CAS >> read the file locally or from some internal webserver. You have a property >> (mgmt.in-common-mdq-url) which you can configure, so if there is a will, >> there is a way. :) But I would do it only if you really desperately need to >> access the InCommon MDQ registry. >> >> Cheers, >> Fiisch >> >> >> On 03/11/2022 11:05 AM, Juan María Reina Ortiz wrote: >> >> Thanks, Petr >> >> Having read that tread, what I've understood is that disabling mdq would >> allow the process to start, but, what would be the consecuences? I don't >> have a knowledge deep enough to foresee what it will happen by not using >> this feature... >> >> Thanks in advance >> >> El viernes, 11 de marzo de 2022 a las 8:29:03 UTC+1, [email protected] >> escribió: >> >>> Hello, >>> If the proxy settings do not work, you still should be able to >>> manipulate the URL of InCommon service... either to point it somewhere >>> where it can reach the data or to disable it completely. >>> If i remember the source code correctly, you do not have to specify only >>> an URL but a filesystem path (file:///somepath) might work too. >>> >>> Check this thread >>> https://groups.google.com/a/apereo.org/g/cas-user/c/8eJvw8oikPw/m/tNAH1jIKBgAJ >>> >>> Cheers, >>> Fiisch >>> >>> >>> On 03/10/2022 07:20 PM, Juan María Reina Ortiz wrote: >>> >>> Hello everybody >>> >>> Doesn't anybody have to deal with this? I mean, having a cas-management >>> installed on a server behind a proxy... >>> >>> In that case, can anybody point me to a different place where I could >>> find some help? >>> >>> Cheers! >>> >>> El jueves, 3 de marzo de 2022 a las 8:16:11 UTC+1, Juan María Reina >>> Ortiz escribió: >>> >>>> Hello everybody >>>> >>>> Ray, first of all, I have to confirm that I'm using 6.3. And, yes, some >>>> of the options were probably wrong, so I stuck to the ones you've >>>> mentioned. Anyway, it doesn't work as the request are not passing through >>>> the proxy... And I have to say that proxy is working well as I've had to >>>> configure it to build the product (gradle.properties) >>>> >>>> This failure prevent my cas-management to start >>>> >>>> Thanks for your help. >>>> >>>> >>>> El 02/03/2022 a las 18:49, Ray Bon escribió: >>>> >>>> Juan, >>>> >>>> I am unable to find proxy-host in the cas 6.4 docs. It is in 6.3. >>>> Is it still a property in 6.4? >>>> >>>> Some cas. ... properties are available in cas-management. I searched >>>> around the code but could not find a place where proxy-host is used. >>>> >>>> In cas 6.3 docs, I see only these proxy options >>>> >>>> # cas.http-client.proxy-host= >>>> # cas.http-client.proxy-port=0 >>>> >>>> I see that incommon is still hard coded into cas management app; which >>>> is a shame. >>>> >>>> Are you trying to get the incommon metadata? >>>> >>>> Is that failure preventing cas management from working? >>>> >>>> As a work around, you could filter out those log messages. >>>> >>>> Ray >>>> >>>> On Wed, 2022-03-02 at 14:13 +0100, Juan María Reina Ortiz wrote: >>>> >>>> Notice: This message was sent from outside the University of Victoria >>>> email system. Please be cautious with links and sensitive information. >>>> >>>> Well, just changing "cas" to "mgmt" didn't work... I'm trying to >>>> configure proxy parameters when starting java, but, it neither doesn't work >>>> >>>> Cheers! >>>> El 02/03/2022 a las 13:18, Petr Fišer escribió: >>>> >>>> Hello, >>>> cas.* properties are meant to configure CAS, not the management app. >>>> Properties for management app start with "mgmt." >>>> Skimming through >>>> https://github.com/apereo/cas-management/blob/6.3.x/api/cas-mgmt-api-configuration/src/main/java/org/apereo/cas/configuration/CasManagementConfigurationProperties.java >>>> >>>> there is no obvious property to configure a proxy. >>>> >>>> Cheers, >>>> Fiisch >>>> >>>> On 03/02/2022 01:00 PM, Juan María Reina Ortiz wrote: >>>> >>>> I did some research and I don't see traffic through proxy, but through >>>> firewall, so I'm affraid proxy is not configured properly. I did it adding >>>> the above lines in management.properties... >>>> >>>> Cheers >>>> >>>> El miércoles, 2 de marzo de 2022 a las 12:17:34 UTC+1, Juan María Reina >>>> Ortiz escribió: >>>> >>>> Good morning everybody >>>> >>>> I'm trying to start cas-management and after a while, the process shows >>>> me the following: >>>> >>>> ERROR [org.apereo.cas.util.HttpUtils] - <Connect to >>>> mdq.incommon.org:443 [mdq.incommon.org/13.33.232.95, >>>> mdq.incommon.org/13.33.232.10, mdq.incommon.org/13.33.232.66, >>>> mdq.incommon.org/13.33.232.102] failed: Expiró el tiempo de conexión >>>> (Connection timed out)> >>>> org.apache.http.conn.HttpHostConnectException: Connect to >>>> mdq.incommon.org:443 [mdq.incommon.org/13.33.232.95, >>>> mdq.incommon.org/13.33.232.10, mdq.incommon.org/13.33.232.66, >>>> mdq.incommon.org/13.33.232.102] failed: Expiró el tiempo de conexión >>>> (Connection timed out) >>>> >>>> My server is behind a proxy so I've configured the following: >>>> >>>> cas.http-client.proxy-host=my_proxy_hostname >>>> cas.http-client.proxy-port=my_proxy_port >>>> cas.http-client.proxy-nonproxyihosts= domain_1,domain_2,domain_3 >>>> cas.https-client.proxy-host= my_proxy_hostname >>>> cas.https-client.proxy-port= my_proxy_port >>>> cas.https-client.proxy-nonproxyihosts=domain_1,domain_2,domain_3 >>>> >>>> But the situation persists. I've also tried to set the above when start >>>> the process >>>> >>>> java -jar PATH_TO_CAS_MAN/cas-management.war -Dhttp.proxySet=true >>>> -Dhttps.proxySet=true -Dhttp.proxyHost=my_proxy_hostname... >>>> >>>> It doesn't work >>>> >>>> What I have to configure? What's happening? >>>> >>>> Thanks in advance >>>> >>>> -- >>>> - Website: https://apereo.github.io/cas >>>> - Gitter Chatroom: https://gitter.im/apereo/cas >>>> - List Guidelines: https://goo.gl/1VRrw7 >>>> - Contributions: https://goo.gl/mh7qDG >>>> --- >>>> You received this message because you are subscribed to the Google >>>> Groups "CAS Community" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> To view this discussion on the web visit >>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/bf1b275f-4182-4708-8725-87818fb5adb2n%40apereo.org >>>> >>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/bf1b275f-4182-4708-8725-87818fb5adb2n%40apereo.org?utm_medium=email&utm_source=footer> >>>> . >>>> >>>> >>>> >>>> -- >>>> >>>> Ray Bon >>>> Programmer Analyst >>>> Development Services, University Systems >>>> 2507218831 <%28250%29%20721-8831> | CLE 019 | [email protected] >>>> >>>> I acknowledge and respect the lək̓ʷəŋən peoples on whose traditional >>>> territory the university stands, and the Songhees, Esquimalt and WSÁNEĆ >>>> peoples whose historical relationships with the land continue to this day. >>>> >>>> -- >>>> - Website: https://apereo.github.io/cas >>>> - Gitter Chatroom: https://gitter.im/apereo/cas >>>> - List Guidelines: https://goo.gl/1VRrw7 >>>> - Contributions: https://goo.gl/mh7qDG >>>> --- >>>> >>>> You received this message because you are subscribed to a topic in the >>>> Google Groups "CAS Community" group. >>>> To unsubscribe from this topic, visit >>>> https://groups.google.com/a/apereo.org/d/topic/cas-user/1NIV6j269I8/unsubscribe >>>> . >>>> To unsubscribe from this group and all its topics, send an email to >>>> [email protected]. >>>> To view this discussion on the web visit >>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/c06c58a6cfbf6cde3f2a124425f72231dfcbe8d1.camel%40uvic.ca >>>> >>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/c06c58a6cfbf6cde3f2a124425f72231dfcbe8d1.camel%40uvic.ca?utm_medium=email&utm_source=footer> >>>> . >>>> >>>> >>>> >>>> -- >>> - Website: https://apereo.github.io/cas >>> - Gitter Chatroom: https://gitter.im/apereo/cas >>> - List Guidelines: https://goo.gl/1VRrw7 >>> - Contributions: https://goo.gl/mh7qDG >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "CAS Community" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> >>> To view this discussion on the web visit >>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/973a8aa7-61ce-44d5-b46f-4fb191f0b4c4n%40apereo.org >>> >>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/973a8aa7-61ce-44d5-b46f-4fb191f0b4c4n%40apereo.org?utm_medium=email&utm_source=footer> >>> . >>> >>> >>> >> > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/9a1dcfc4-dc08-4c4c-88c8-43302872d6efn%40apereo.org.
