Quick update, I did some testing and discovered it's not CAS 7 that changed the functionality, it was actually CAS 6.6.14. I believe it's something about this commit, https://github.com/apereo/cas/commit/2b367835ed22478eb853a267760869a1d2eaf3ae, that changed how it works. I am most definitely not a Java developer so I can't decipher exactly whats happening.
Thanks! On Friday, May 10, 2024 at 10:39:36 PM UTC-5 jbstowe22 wrote: > We have a few old vendor apps that use SAML 1.1 and those are working fine > with our cas 6.6.x instance that is delegating to Azure/Entra AD. > > We recently spun up a test instance of CAS 7 and those apps seem to reject > the ticket from CAS 7 when being delegated to Azure (they work when not > being delegated). I believe it has to do with the url parameter CAS sends > after receiving the Azure delegation response. In CAS 6.6 it sends the > SAMLart url parameter: > > ?SAMLart=ST- > > But in CAS 7 it sends a ticket param: > > ?ticket=ST- > > It almost seems if CAS forgets it is using SAML 1.1 after the delegation > is complete. Anybody else experience this or know if there's some config we > are missing in CAS 7 causing this? > > Thanks! > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/16116875-ccdd-4dd2-a02b-ba86956a9b2dn%40apereo.org.
