Pablo, Are you looking for this flow diagram, https://apereo.github.io/cas/6.6.x/installation/Configure-ServiceTicket-JWT.html#flow-diagram ?
JWTs are validated on the service side, not in CAS. Ray On Fri, 2023-03-31 at 19:07 -0700, Pablo Vidaurri wrote: Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information. For JWT as a service, what is the appropriate CAS Validation Filter to use on the client side? Or does this have to be custom Filter where I need to verify the signature, decode, and create the Assertion with principle? On Thursday, March 30, 2023 at 11:05:28 AM UTC-5 Pablo Vidaurri wrote: I'm following this to setup JWT as a service ticket: https://apereo.github.io/cas/6.5.x/installation/Configure-ServiceTicket-JWT.html I am using global keys and not defining them in service json file. I am able to login but get a failure when validating the ST. Looks like the ST being check is the encrypted/signed JWT: ERROR [org.apereo.cas.ticket.DefaultTicketCatalog] - <Ticket definition for [eyJhbGciOiJu...qOWxGRS1sb2NhbGhvc3QifQ.] cannot be found in the ticket catalog which only contains the following ticket types: [[TGT, ST, RT, AT, PT, TST, OC, SART, ODUC, PGT, SATQ, ODT]]> WARN [org.apereo.cas.DefaultCentralAuthenticationService] - <Service ticket [eyJhbGciOiJu...qOWxGRS1sb2NhbGhvc3QifQ.] does not exist.> 2023-03-30 10:15:43,875 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN ============================================================= WHO: audit:unknown WHAT: eyJhbGciOiJu...qOWxGRS1sb2NhbGhvc3QifQ. for http://localhost:9003/login/cas ACTION: SERVICE_TICKET_VALIDATE_FAILED APPLICATION: CAS WHEN: Thu Mar 30 10:15:43 CDT 2023 CLIENT IP ADDRESS: 127.0.0.1 SERVER IP ADDRESS: 127.0.0.1 ============================================================= Is there a config missing that is not in the doucment? -psv -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/103b97e64919f0e267df664a7b79b4221242198a.camel%40uvic.ca.
