Now that you say that it sounds logical. since i have failed to implementer the ldap service Registry before it will be JPA then ^^ thanks!
2015-06-08 21:16 GMT+02:00 Misagh Moayyed <[email protected]>: > That’s not going to work. The cas mgmt app and the cas server must share > the same service registry [1]. In your case, they don’t. They are both > isolated to their own memory space. You’ll need to use a registry option > that allows sharing and one that provides persistence for you (DB, JSON, > YAML, etc) > > > > [1] http://jasig.github.io/cas/4.0.x/installation/Service-Management.html > > > > *From:* Thibault Huguet [mailto:[email protected]] > *Sent:* Monday, June 8, 2015 12:06 PM > *To:* [email protected] > *Subject:* Re: [cas-user] help with > org.jasig.cas.client.validation.ProxyList > > > > Sorry haven't told my version, i'm running 4.0.1 > > the service seems allowed to proxy, in my managementConfigContext.xml : > > <bean > > id="serviceRegistryDao" > > class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl"> > > <property name="registeredServices"> > > <util:list> > > <bean > class="org.jasig.cas.services.RegexRegisteredService" > > p:id="2" p:name="PWM" > > p:serviceId=" > https://myserver.mydomain.com:8443/pwm/private/"; > p:evaluationOrder="10000001" > > p:ssoEnabled="true" p:anonymousAccess="false" > > p:allowedToProxy="true" > > </util:list> > > </property> > > </bean> > > i can also see the service as allowed to proxy in the management web app, > > > > 2015-06-08 20:56 GMT+02:00 Misagh Moayyed <[email protected]>: > > It’s because the service in your registry (svc mgmt) is set to disallow > proxy. Set allowToProxy=true for that entry, assuming you’re running 3.5.x. > > > > *From:* Thibault Huguet [mailto:[email protected]] > *Sent:* Monday, June 8, 2015 10:07 AM > *To:* [email protected] > *Subject:* [cas-user] help with org.jasig.cas.client.validation.ProxyList > > > > Hello, > > i'm trying to setup CAS for PWM. > > in my clearpass-configuration.xml i have those beans as per the doc: > > <bean id="casValidationFilter" > class="org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter" > > p:serverName="${server.name}" > p:exceptionOnValidationFailure="false" > > p:useSession="true" > p:ticketValidator-ref="clearPassTicketValidator" /> > > > > <bean id="clearPassTicketValidator" > class="org.jasig.cas.client.validation.Cas20ProxyTicketValidator" > > c:casServerUrlPrefix="${server.prefix}" > p:allowedProxyChains-ref="clearPassProxyList" /> > > <bean id="clearPassProxyList" > class="org.jasig.cas.client.validation.ProxyList"> > > <constructor-arg> > > <list> > > <value>https://myserver.mydomain.com:8443/pwm/private/</value> > > </list> > > </constructor-arg> > > </bean> > > i also tried moving the clearPassProxyList to deployerconfig.xml as per > some doc says to. > > I can also see https://myserver.mydomain.com:8443/pwm/private/ as allowed > to everything but anonymous access in the service management webapp. > > > > Anyway, when i try to log into pwm, after a successfull cas login i end up > with this error: > > "javax.servlet.ServletException: > org.jasig.cas.client.validation.TicketValidationException: > > The supplied service ' > https://myserver.mydomain.com:8443/pwm/private/' is not authorized to use > CAS proxy authentication" > > > > is error due to not beeing autorized in the cas service management or in > the clearPassProxyList? > > Does anyone know what my mistake is? > > > > regards, > > Thib > > > > -- > > You are currently subscribed to [email protected] as: > [email protected] > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- > > You are currently subscribed to [email protected] as: > [email protected] > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > > > > > -- > > Cordialement, > Thibault Huguet > www.dacave.fr > > > > -- > > You are currently subscribed to [email protected] as: > [email protected] > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- Cordialement, Thibault Huguet www.dacave.fr -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
