Hi all, After installing and configuring CAS to work with our DegreeWorks install, I'm seeing that the application is unable to login with CAS despite having a service registry. Is there some formatting issues with our registry entry?
For reference, we're running tomcat 10, cas 7.0.0, jdk17. here is my cas.properties: cas.server.name=http://{casserver}.edu cas.server.prefix=${cas.server.name}/cas logging.config=file:/etc/cas/config/log4j2.xml #server.port=8080 server.ssl.enabled=false #LDAP Configuration cas.authn.ldap[0].type=AUTHENTICATED cas.authn.ldap[0].ldap-url=ldap://ldapserver:389 cas.authn.ldap[0].base-dn=OU=Accounts,DC=school,DC=edu cas.authn.ldap[0].search-filter=(sAMAccountName={user}) cas.authn.ldap[0].bind-dn=CN=ldap_user,OU=Accounts,DC=school,DC=edu cas.authn.ldap[0].bind-credential=password cas.authn.ldap[0].subtree-search=true #cas.authn.ldap[0].principal-attribute-list=samAccountName:UDC_IDENTIFIER #cas.authn.ldap[0].principal-attribute-password= cas.authn.ldap[0].principal-attribute-id=UDC_IDENTIFIER #DUO MFA cas.authn.mfa.duo[0].duo-api-host={apihostlink} #cas.authn.mfa.duo[0].duo-application-key={key} cas.authn.mfa.duo[0].duo-integration-key={integration_key} cas.authn.mfa.duo[0].duo-secret-key={secret-key} #JSON Registry cas.service-registry.core.init-from-json=false cas.service-registry.json.location=file:/etc/cas/services here is the service registry for DegreeWorks: /etc/cas/services/dashboard-849100.json { /*Dashboard TEST service registry*/ "@class":"org.apereo.cas.services.CasRegisteredService", "serviceId":"^(https:)\/\/degreeworks.school.edu:8491\/dashboard\/", "name":"Degreeworks Dashboard TEST (degreeworks-test)", "id":"849100", "evaluationOrder":1, "proxyPolicy":{ "@class":"org.apereo.cas.services.RegexMatchingRegisteredServiceProxyPolicy", "pattern":"^ (https:)\/\/degreeworks.school.edu:8491\/dashboard\/", //, } logoutType: BACK_CHANNEL attributeReleasePolicy: { "@class" : "org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy", "allowedAttributes" : [ "java.util.ArrayList", [ "UDC_IDENTIFIER" ] ] authorizedToReleaseCredentialPassword: false authorizedToReleaseProxyGrantingTicket: true excludeDefaultAttributes: false authorizedToReleaseAuthenticationAttributes: true } multifactorPolicy: { "@class":"org.apereo.cas.services.DefaultRegisteredServiceMultifactorPolicy" "multifactorAuthenticationProviders" : [ "java.util.LinkedHashSet", [ "mfa-duo" ] ] /*failureMode: NOT_SET * bypassEnabled: false*/ } accessStrategy: { @class: org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy order: 0 enabled: true ssoEnabled: true requireAllAttributes: false caseInsensitive: true } } -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/b303803d-f57d-4e40-aff3-ea937f866102n%40apereo.org.
