Now that you say that it sounds logical.
since i have failed to implementer the ldap service Registry before it will
be JPA then ^^
thanks!

2015-06-08 21:16 GMT+02:00 Misagh Moayyed <[email protected]>:

> That’s not going to work. The cas mgmt app and the cas server must share
> the same service registry [1]. In your case, they don’t. They are both
> isolated to their own memory space. You’ll need to use a registry option
> that allows sharing and one that provides persistence for you (DB, JSON,
> YAML, etc)
>
>
>
> [1] http://jasig.github.io/cas/4.0.x/installation/Service-Management.html
>
>
>
> *From:* Thibault Huguet [mailto:[email protected]]
> *Sent:* Monday, June 8, 2015 12:06 PM
> *To:* [email protected]
> *Subject:* Re: [cas-user] help with
> org.jasig.cas.client.validation.ProxyList
>
>
>
> Sorry haven't told my version, i'm running 4.0.1
>
> the service seems allowed to proxy, in my managementConfigContext.xml :
>
>  <bean
>
>                 id="serviceRegistryDao"
>
>         class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl">
>
>             <property name="registeredServices">
>
>                 <util:list>
>
>                     <bean
> class="org.jasig.cas.services.RegexRegisteredService"
>
>                           p:id="2" p:name="PWM"
>
>                           p:serviceId="
> https://myserver.mydomain.com:8443/pwm/private/";
> p:evaluationOrder="10000001"
>
>                           p:ssoEnabled="true" p:anonymousAccess="false"
>
>                           p:allowedToProxy="true"
>
>                    </util:list>
>
>             </property>
>
>         </bean>
>
> i can also see the service as allowed to proxy in the management web app,
>
>
>
> 2015-06-08 20:56 GMT+02:00 Misagh Moayyed <[email protected]>:
>
> It’s because the service in your registry (svc mgmt) is set to disallow
> proxy. Set allowToProxy=true for that entry, assuming you’re running 3.5.x.
>
>
>
> *From:* Thibault Huguet [mailto:[email protected]]
> *Sent:* Monday, June 8, 2015 10:07 AM
> *To:* [email protected]
> *Subject:* [cas-user] help with org.jasig.cas.client.validation.ProxyList
>
>
>
> Hello,
>
> i'm trying to setup CAS for PWM.
>
> in my clearpass-configuration.xml i have those beans as per the doc:
>
>   <bean id="casValidationFilter"
> class="org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter"
>
>         p:serverName="${server.name}"
> p:exceptionOnValidationFailure="false"
>
>         p:useSession="true"
> p:ticketValidator-ref="clearPassTicketValidator" />
>
>
>
>   <bean id="clearPassTicketValidator"
> class="org.jasig.cas.client.validation.Cas20ProxyTicketValidator"
>
>         c:casServerUrlPrefix="${server.prefix}"
> p:allowedProxyChains-ref="clearPassProxyList" />
>
>   <bean id="clearPassProxyList"
> class="org.jasig.cas.client.validation.ProxyList">
>
>     <constructor-arg>
>
>         <list>
>
>             <value>https://myserver.mydomain.com:8443/pwm/private/</value>
>
>         </list>
>
>     </constructor-arg>
>
>   </bean>
>
> i also tried moving the clearPassProxyList to deployerconfig.xml as per
> some doc says to.
>
> I can also see https://myserver.mydomain.com:8443/pwm/private/ as allowed
> to everything but anonymous access in the service management webapp.
>
>
>
> Anyway, when i try to log into pwm, after a successfull cas login i end up
> with this error:
>
> "javax.servlet.ServletException:
> org.jasig.cas.client.validation.TicketValidationException:
>
>                       The supplied service '
> https://myserver.mydomain.com:8443/pwm/private/' is not authorized to use
> CAS proxy authentication"
>
>
>
> is error due to not beeing autorized in the cas service management or in
> the clearPassProxyList?
>
> Does anyone know what my mistake is?
>
>
>
> regards,
>
> Thib
>
>
>
> --
>
> You are currently subscribed to [email protected] as: 
> [email protected]
>
> To unsubscribe, change settings or access archives, see 
> http://www.ja-sig.org/wiki/display/JSG/cas-user
>
> --
>
> You are currently subscribed to [email protected] as: 
> [email protected]
>
> To unsubscribe, change settings or access archives, see 
> http://www.ja-sig.org/wiki/display/JSG/cas-user
>
>
>
>
>
> --
>
> Cordialement,
> Thibault Huguet
> www.dacave.fr
>
>
>
> --
>
> You are currently subscribed to [email protected] as: 
> [email protected]
>
> To unsubscribe, change settings or access archives, see 
> http://www.ja-sig.org/wiki/display/JSG/cas-user
>
> --
> You are currently subscribed to [email protected] as: 
> [email protected]
> To unsubscribe, change settings or access archives, see 
> http://www.ja-sig.org/wiki/display/JSG/cas-user
>
>


-- 
Cordialement,
Thibault Huguet
www.dacave.fr

-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Reply via email to