Hello Fiisch, Yes debug logging is enabled, but nothing interesting. Service file is correctly loaded : [2022-05-05 12:10:03] [info] #033[36m2022-05-05 12:10:03,277 DEBUG [org.apereo.cas.services.resource.AbstractResourceBasedServiceRegistry] - <Attempting to read and parse [/etc/cas/services/appoidc-1624798320.json]>#033[m [2022-05-05 12:10:03] [info] #033[36m2022-05-05 12:10:03,277 DEBUG [org.apereo.cas.oidc.services.OidcServiceRegistryListener] - <Mapped [email] to attribute release policy [OidcEmailScopeAttributeReleasePolicy]>#033[m [2022-05-05 12:10:03] [info] #033[36m2022-05-05 12:10:03,277 DEBUG [org.apereo.cas.oidc.services.OidcServiceRegistryListener] - <Mapped [profile] to attribute release policy [OidcProfileScopeAttributeReleasePolicy]>#033[m [2022-05-05 12:10:03] [info] #033[36m2022-05-05 12:10:03,277 DEBUG [org.apereo.cas.oidc.services.OidcServiceRegistryListener] - <Given scope [offline_access], service [1624798320] is marked to generate refresh tokens>#033[m
The CAS server is behind a proxy (apache) like my CAS 6.1 : <VirtualHost *:443> ServerAdmin [email protected] ServerName cas-test.domain.fr DocumentRoot /var/www/cas-test AccessFileName .htaccess <Directory /> Options FollowSymLinks AllowOverride None Allow from all </Directory> <Directory /var/www/> Options FollowSymLinks MultiViews AllowOverride AuthConfig Order allow,deny Allow from all </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> LogLevel warn ErrorLog ${APACHE_LOG_DIR}/cas-test-error.log CustomLog ${APACHE_LOG_DIR}/cas-test-ssl_access.log combined Alias /doc/ "/usr/share/doc/" <Directory "/usr/share/doc/"> Options MultiViews FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 </Directory> SSLEngine on <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> BrowserMatch ".*.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 ProxyPass /cas ajp://spartana-b2.domain.fr:8010/cas </VirtualHost> Regards. Le jeu. 5 mai 2022 à 11:02, Petr Fišer <[email protected]> a écrit : > Hello, > Do you have DEBUG logging enabled? Is there anything interesting in the > logs? > Also, what is your setup? Are you running behind a proxy, perchance? > > Cheers, > Fiisch > > On 05/05/2022 09:27 AM, wouldsmina wrote: > > I had no properties in cas.properties for oidc. I added > cas.authn.oidc.core.issuer like in the documentation, but it doesn't change > anything. > Cas.log and catalina.log return no warn on a replaced attribute and the > service file is loaded correctly. > > Looks like the regex in serviceId is not working (yet the same works on > cas 6.1). > > Regards. > > Le mer. 4 mai 2022 à 19:39, Ray Bon <[email protected]> a écrit : > >> I meant search for the property that you are currently using. >> There should be a note about the name of the new property. >> >> Ray >> >> On Wed, 2022-05-04 at 17:38 +0200, wouldsmina wrote: >> >> Notice: This message was sent from outside the University of Victoria >> email system. Please be cautious with links and sensitive information. >> >> Thank you Ray. the file contains nearly 80,000 lines... it's not going >> to be easy to find my way around. I will still try to find a solution, >> but if someone can guide me more, I'm interested. >> >> >> Le mar. 3 mai 2022 à 17:56, Ray Bon <[email protected]> a écrit : >> >> Said, >> >> Some of the property names may have changed. >> Run this command to get the list of all properties: >> >> ./gradlew exportConfigMetadata >> >> then search for the properties you are using. >> >> See, >> https://github.com/apereo/cas-overlay-template/tree/6.5#configuration-metadata >> >> Ray >> >> On Tue, 2022-05-03 at 05:08 -0700, Said b wrote: >> >> Notice: This message was sent from outside the University of Victoria >> email system. Please be cautious with links and sensitive information. >> >> >> Hello, >> >> I am using OpenID connect with CAS 6.1.7. I installed CAS 6.5.3 in test, >> but I get an error (Application not authorized to use CAS) while the >> service file is identical. Is there a configuration change between 6.1 >> and 6.5? I don't see anything in the documentation. >> Service file : >> { >> "id": 1624798320, >> "name": "AppOIDC", >> "description": "mobile app", >> "evaluationOrder":99, >> "@class": "org.apereo.cas.services.OidcRegisteredService", >> "supportedGrantTypes": [ >> "java.util.HashSet", >> [ >> "authorization_code", >> "refresh_token" >> ] >> ], >> "clientId": "mobileapp", >> "clientSecret": "xxxxxxxxxxxxxxxxxxxxxxxxxx", >> "serviceId": "^https://service.callback.oauth.domain.com$";, >> "scopes": [ >> "java.util.HashSet", >> [ >> "profile", >> "email", >> "offline_access" >> ] >> ] >> "attributeReleasePolicy" : { >> "@class" : >> "org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy", >> "allowedAttributes" : [ "java.util.ArrayList", ["sn", >> "givenName" ] ] >> >> }, >> } >> >> Regards. >> >> -- >> >> >> Ray Bon >> Programmer Analyst >> Development Services, University Systems >> 2507218831 | CLE 019 | [email protected] >> >> I acknowledge and respect the lək̓ʷəŋən peoples on whose traditional >> territory the university stands, and the Songhees, Esquimalt and WSÁNEĆ >> peoples whose historical relationships with the land continue to this day. >> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/b2c1e72d4e772cd0546ce898cf76ea5cace25b26.camel%40uvic.ca >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/b2c1e72d4e772cd0546ce898cf76ea5cace25b26.camel%40uvic.ca?utm_medium=email&utm_source=footer> >> . >> >> -- >> >> Ray Bon >> Programmer Analyst >> Development Services, University Systems >> 2507218831 | CLE 019 | [email protected] >> >> I acknowledge and respect the lək̓ʷəŋən peoples on whose traditional >> territory the university stands, and the Songhees, Esquimalt and WSÁNEĆ >> peoples whose historical relationships with the land continue to this day. >> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/8b624c61e6153b92b3457aa74e45741274a1adfb.camel%40uvic.ca >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/8b624c61e6153b92b3457aa74e45741274a1adfb.camel%40uvic.ca?utm_medium=email&utm_source=footer> >> . >> > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAH2NqNbTpSQeO9ZK6JKC4%2Bp3TZ_6bsbJYCLniYTtA8LsTAGi%2Bg%40mail.gmail.com > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAH2NqNbTpSQeO9ZK6JKC4%2Bp3TZ_6bsbJYCLniYTtA8LsTAGi%2Bg%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > > > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAH2NqNa4VRSjGPcRpWOBHNzuu5Tri444HHhjKghe3ATb5U0arQ%40mail.gmail.com.
