[cas-user] Extend AbstractUsernamePasswordAuthenticationHandler for customized authentication impl.?

2016-08-11 Thread Yan Zhou 

Hello, 

I am running CAS Overlay 4.1.9.  Instead of configuring CAS Authentication 
modules (JDBC/LDAP), I extend 
AbstractUsernamePasswordAuthenticationHandler, wrote my class and 
implemented authentication by looking up both database and LDAP for my 
business needs. I have attached some code below.

It works fine on single CAS server. The problem is when I am running two 
CAS server with memcached storing tickets. Authentication still works fine. 
The problem is with /serviceValidate call when looking up ST. 

If server 1 authenticates the user, generating TGT and ST, but server2 is 
the one handling /serviceValidate call (validate ST), I always get "Failed 
Fetching (Exception waiting for value) from memcached client.  But, if the 
same server, server 1, handles /serviceValidate, then that works. 

If I replace my MyCASAuthenticationHandler 
with org.jasig.cas.authentication.AcceptUsersAuthenticationHandler, which 
has the default "casuser/Mellon" credential, then the above works fine 
regardless of which server handles  /serviceValidate call.

This is very odd, as I cannot see how Authentication can affect 
/serviceValidate call, but it does, and I can consistently reproduce this.

What am I missing?

Our authentication needs to look up first database, get some value and with 
that, look up LDAP, no existing authentication module works that way. It 
seems reasonable to write my own authentication and it is very easy to do. 
But, apparently that somehow breaks /serviceValidate call when the call is 
handled by the server that does not perform the authentication.

Is there some kind of server side session variables and/or values that 
/serviceValidate will look up?

Thanks,
Yan



in deployerConfigContext.xml



 dataSource, userRepository and ldapTemplate are defined.   


public class MyCASAuthenticationHandler extends 
AbstractUsernamePasswordAuthenticationHandler {
LoginUserRepository loginUserRepository;
LdapTemplate ldapTemplate;

@Override
protected HandlerResult 
authenticateUsernamePasswordInternal(UsernamePasswordCredential credential) 
throws GeneralSecurityException, PreventedException {

  // i look up database and ldap to authenticate user, 
I update database here for auditing, return below if authentication is 
successful.

 return createHandlerResult(credential, 
principalFactory.createPrincipal(credential.getUsername()), null);
}



-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/a2c170a3-eff9-4314-ace9-d40a109fd886%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

Re: [cas-user] New to CAS, new to Apereo

2016-08-11 Thread Ray Bon 
Hank,

We have 3 CAS (v 3.5.2.1) virtual machine servers in a primary,
secondary, tertiary setup with LDAP (all on Redhat). CAS is very capable
and can handle several logins per second.

Ray

On 2016-08-11 14:23, Hank Foss wrote:
> Thanks, Misagh, much appreciated.
>  
> It sounds like this will work quite well for us. Most of our web apps
> rely on LDAP authentication.
>  
> Regarding architecture, hope you don't mind a couple of other questions:
>  
>
>  1. How many servers are in your CAS environment (presuming you
> recommend an HA environment) - e.g. 1 web server (Tomcat?) + 2 HA
> CAS ticketing servers
>  2. Do you recommend RHEL for OS?
>
>  
> Our user environment is about 12,000 (2,000 staff + 10,000 students)
> so I am trying to architect the CAS to support that.
>  
>  
> -Hank
>  
> On Thursday, August 11, 2016 at 4:45:43 PM UTC-4, Misagh Moayyed wrote:
>
> If you mean CAS is going to provide you with an LDAP server, the
> answer is no. AFAIK, that has never been the case. If you mean you
> wish to authenticate via AD/LDAP and get access to your portal and
> other CAS-protected apps, then it’s quite simple. Since the dawn
> of time, CAS has supported LDAP/AD authentication. 90% of the
> deployments use that method of authentication.
>  
> -- 
> Misagh
> From: Hank Foss  
> Reply: Hank Foss  
> Date: August 11, 2016 at 1:38:35 PM
> To: CAS Community  
> Subject: [cas-user] New to CAS, new to Apereo
>  
>  
>> Hello,
>>  
>> I'm brand new to CAS and Apereo, and am asking the best way to
>> begin. We are migrating our CAS from the cloud to on-premise as a
>> cost savings measure. This will likely save us $60+k annually, as
>> the vendor is also provides our portal.
>>  
>> The externally hosted portal contains LDAP as well as CAS links.
>> I understand CAS 5 comes out this fall (October?) which offers
>> LDAP support, so I am on the fence a bit more. Since AD
>> authentication drives many of our authentication, I have been
>> told that we will either need to use ADFS or Shibboleth. The goal
>> for this to be live is December of this year, so there are
>> learning curve, architecture, installation and customization
>> components of this project that all come into play.
>>  
>> I built the Linux box, most current version of CentOS, but I
>> believe being an open source application that the support of at
>> least the OS should actually be a licensed RHEL instance.
>>  
>> I'm technical, but this is uncharted territory  so suggestions,
>> comments, and criticism are all greatly welcome.
>>  
>>  
>> Thanks,
>> CAS-Newbie
>>  
>> -- 
>> You received this message because you are subscribed to the
>> Google Groups "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it,
>> send an email to cas-user+u...@apereo.org .
>> To post to this group, send email to cas-...@apereo.org
>> .
>> Visit this group at
>> https://groups.google.com/a/apereo.org/group/cas-user/
>> .
>> To view this discussion on the web visit
>> 
>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/ccf659bc-12d9-4cb8-98dd-4dbf926f403a%40apereo.org
>> 
>> .
>> For more options, visit
>> https://groups.google.com/a/apereo.org/d/optout
>> .
>>  
>
> -- 
> You received this message because you are subscribed to the Google
> Groups "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to cas-user+unsubscr...@apereo.org
> .
> To post to this group, send email to cas-user@apereo.org
> .
> Visit this group at
> https://groups.google.com/a/apereo.org/group/cas-user/.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/df64e990-a4f5-406a-871e-f4a8ea96d289%40apereo.org
> .
> For more options, visit https://groups.google.com/a/apereo.org/d/optout.

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit

Re: [cas-user] New to CAS, new to Apereo

2016-08-11 Thread Hank Foss 
Thanks, Misagh, much appreciated.
 
It sounds like this will work quite well for us. Most of our web apps rely 
on LDAP authentication. 
 
Regarding architecture, hope you don't mind a couple of other questions:
 

   1. How many servers are in your CAS environment (presuming you recommend 
   an HA environment) - e.g. 1 web server (Tomcat?) + 2 HA CAS ticketing 
   servers
   2. Do you recommend RHEL for OS?

 
Our user environment is about 12,000 (2,000 staff + 10,000 students) so I 
am trying to architect the CAS to support that.
 
 
-Hank
 
On Thursday, August 11, 2016 at 4:45:43 PM UTC-4, Misagh Moayyed wrote:

> If you mean CAS is going to provide you with an LDAP server, the answer is 
> no. AFAIK, that has never been the case. If you mean you wish to 
> authenticate via AD/LDAP and get access to your portal and other 
> CAS-protected apps, then it’s quite simple. Since the dawn of time, CAS has 
> supported LDAP/AD authentication. 90% of the deployments use that method of 
> authentication.
>  
> -- 
> Misagh
> From: Hank Foss  
> Reply: Hank Foss  
> Date: August 11, 2016 at 1:38:35 PM
> To: CAS Community  
> Subject:  [cas-user] New to CAS, new to Apereo 
>  
>  
>
> Hello,
>  
> I'm brand new to CAS and Apereo, and am asking the best way to begin. We 
> are migrating our CAS from the cloud to on-premise as a cost savings 
> measure. This will likely save us $60+k annually, as the vendor is also 
> provides our portal.
>  
> The externally hosted portal contains LDAP as well as CAS links. I 
> understand CAS 5 comes out this fall (October?) which offers LDAP support, 
> so I am on the fence a bit more. Since AD authentication drives many of our 
> authentication, I have been told that we will either need to use ADFS or 
> Shibboleth. The goal for this to be live is December of this year, so 
> there are learning curve, architecture, installation and customization 
> components of this project that all come into play.
>  
> I built the Linux box, most current version of CentOS, but I believe being 
> an open source application that the support of at least the OS should 
> actually be a licensed RHEL instance.
>  
> I'm technical, but this is uncharted territory  so suggestions, comments, 
> and criticism are all greatly welcome.
>  
>  
> Thanks,
> CAS-Newbie
>  
> --
> You received this message because you are subscribed to the Google Groups 
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to cas-user+u...@apereo.org .
> To post to this group, send email to cas-...@apereo.org .
> Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/
> .
> To view this discussion on the web visit 
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/ccf659bc-12d9-4cb8-98dd-4dbf926f403a%40apereo.org
>  
> 
> .
> For more options, visit https://groups.google.com/a/apereo.org/d/optout.
>  
>
>

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/df64e990-a4f5-406a-871e-f4a8ea96d289%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

Re: [cas-user] New to CAS, new to Apereo

2016-08-11 Thread Christopher Myers 
This is the super-down-and-dirty writeup I did internally when I did a
fresh 4.x install to upgrade us from 3.5 (we use Novell eDirectory, but
it should be very similar for any non-AD LDAP) :

















Comment by  
Christopher
Myers

[
25-Feb-2015

]





Edit
as-server-4.0.0/cas-server-webapp/src/main/webapp/WEB-INF/deployerConfigContext.xml

Comment out














Replace it with


















































Add the following to the bottom of the file
/opt/cas-server-4.0.0/cas-#
ldap.url=ldap://ldapserver.school.edu

# Base DN of users to be authenticated
ldap.baseDn=o=our_base_dn


# LDAP connection timeout in milliseconds
ldap.connectTimeout=3000

# Whether to use StartTLS (probably needed if not SSL connection)
ldap.useStartTLS=false

#
# LDAP connection pool configuration
#
ldap.pool.minSize=3
ldap.pool.maxSize=10
ldap.pool.validateOnCheckout=false
ldap.pool.validatePeriodically=true

# Amount of time in milliseconds to block on pool exhausted condition
# before giving up.
ldap.pool.blockWaitTime=3000

# Frequency of connection validation in seconds
# Only applies if validatePeriodically=true
ldap.pool.validatePeriod=300

# Attempt to prune connections every N seconds
ldap.pool.prunePeriod=300

# Maximum amount of time an idle connection is allowed to be in
# pool before it is liable to be removed/destroyed
ldap.pool.idleTime=600

#
# Authentication
#

# Search filter used for configurations that require searching for DNs
ldap.authn.searchFilter=(uid={user})




 




While you're in the cas.properties file, also set up the URLs for the
server, etc.


Also edit the line:







and replace it with:







 






Comment by  
Christopher
Myers

[
26-Feb-2015

]




modify the value of CAS's web.xml file, change the default
login session timeout to 2 hours


  

120
  




 





Comment by  
Christopher
Myers

[
26-Feb-2015

]




Edit .../cas-server-webapp/pom.xml and add the following
dependency inside the  section:



  ${project.groupId}
  cas-server-support-ldap
  ${project.version}













Comment by  
Christopher
Myers

[
26-Feb-2015

]




You can't use the maven 2 version that was already on the
 boxes to build the new version of CAS; instead, need to download the 
3.2.5 version from http://maven.apache.org/download.cgi, extract it, and
change the "maven" symlink to point to the new install folder.









Comment by  
Christopher
Myers

[
26-Feb-2015

]




The first time I tried to run "mvn package" after doing
this, I got the error:


 Non-parseable POM 
/root/.m2/repository/org/jasig/parent/jasig-parent/39/jasig-parent-39.pom:
 Expected root element 'project' but found 'html'


When I looked at the contents of that .pom file, it was an HTML document
that just said basically "HTTP 301 moved permanently."


I deleted the /root/.m2 folder, and after doing so, things started
running.









 ]




Now I'm getting the error:


Failed to execute goal 
com.mycila.maven-license-plugin:maven-license-plugin:1.9.0:check 
(default) on project cas-server: Resource 
/opt/cas-server-4.0.0/src/licensing/header.txt not found in file system


Found this: https://github.com/Jasig/cas/issues/745


Modified the pom.xml file, changed


${cs.dir}/src/licensing/header.txt




to 


${licenseHeader}





After doing so, that error went away.









Comment by

Re: [cas-user] New to CAS, new to Apereo

2016-08-11 Thread Misagh Moayyed 
If you mean CAS is going to provide you with an LDAP server, the answer is no. 
AFAIK, that has never been the case. If you mean you wish to authenticate via 
AD/LDAP and get access to your portal and other CAS-protected apps, then it’s 
quite simple. Since the dawn of time, CAS has supported LDAP/AD authentication. 
90% of the deployments use that method of authentication.

-- 
Misagh

From: Hank Foss 
Reply: Hank Foss 
Date: August 11, 2016 at 1:38:35 PM
To: CAS Community 
Subject:  [cas-user] New to CAS, new to Apereo  

Hello,

I'm brand new to CAS and Apereo, and am asking the best way to begin. We are 
migrating our CAS from the cloud to on-premise as a cost savings measure. This 
will likely save us $60+k annually, as the vendor is also provides our portal.

The externally hosted portal contains LDAP as well as CAS links. I understand 
CAS 5 comes out this fall (October?) which offers LDAP support, so I am on the 
fence a bit more. Since AD authentication drives many of our authentication, I 
have been told that we will either need to use ADFS or Shibboleth. The goal for 
this to be live is December of this year, so there are learning curve, 
architecture, installation and customization components of this project that 
all come into play.

I built the Linux box, most current version of CentOS, but I believe being an 
open source application that the support of at least the OS should actually be 
a licensed RHEL instance.

I'm technical, but this is uncharted territory  so suggestions, comments, and 
criticism are all greatly welcome.


Thanks,
CAS-Newbie

--
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/ccf659bc-12d9-4cb8-98dd-4dbf926f403a%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/etPan.57ace3ef.1956c5d8.295c%40unicon.net.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

[cas-user] New to CAS, new to Apereo

2016-08-11 Thread Hank Foss 
Hello,

I'm brand new to CAS and Apereo, and am asking the best way to begin. We 
are migrating our CAS from the cloud to on-premise as a cost savings 
measure. This will likely save us $60+k annually, as the vendor is also 
provides our portal.

The externally hosted portal contains LDAP as well as CAS links. I 
understand CAS 5 comes out this fall (October?) which offers LDAP support, 
so I am on the fence a bit more. Since AD authentication drives many of our 
authentication, I have been told that we will either need to use ADFS or 
Shibboleth. The goal for this to be live is December of this year, so 
there are learning curve, architecture, installation and customization 
components of this project that all come into play.

I built the Linux box, most current version of CentOS, but I believe being 
an open source application that the support of at least the OS should 
actually be a licensed RHEL instance.

I'm technical, but this is uncharted territory  so suggestions, comments, 
and criticism are all greatly welcome.


Thanks,
CAS-Newbie

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/ccf659bc-12d9-4cb8-98dd-4dbf926f403a%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

Re: [cas-user] CAS 5.0.0 SPNEGO issue

2016-08-11 Thread Misagh Moayyed 
Possibly. Could you issue a pull with the updates you have in mind to the docs? 

-- 
Misagh

From: Philippe MARASSE 
Reply: Philippe MARASSE 
Date: August 11, 2016 at 8:45:31 AM
To: cas-user@apereo.org 
Subject:  Re: [cas-user] CAS 5.0.0 SPNEGO issue  

Today, it works a little better : I get 401, my browser send its  
ticket... but no authentication :  

Caused by: KrbException: Invalid argument (400) - Cannot find key of  
appropriate type to decrypt AP REP - RC4 with HMAC  

I have to declare my keytab as default keytab in /etc/krb5.conf to get  
authenticated (keytab is read *before* login.conf) ! It was not  
necessary with CASv3.5.  

If my keytab is not declared in /etc/krb5.conf, login.conf is not read  
either, why ??  

Last test, with only a few parameters :  

cas.authn.spnego.kerberosConf=/etc/krb5.conf  
cas.authn.spnego.mixedModeAuthentication=false  
cas.authn.spnego.jcifsServicePrincipal=HTTP/php-dev.mydomain@mydomain.com  
cas.authn.spnego.ntlmAllowed=false  
cas.authn.spnego.hostNamePatternString=.+  
cas.authn.spnego.supportedBrowsers=MSIE,Firefox,AppleWebKit  
cas.authn.spnego.hostNameClientActionStrategy=hostnameSpnegoClientAction  
cas.authn.spnego.ipsToCheckPattern=172.+  
cas.authn.spnego.send401OnAuthenticationFailure=false  
cas.authn.spnego.principalWithDomainName=false  

it works...  

Is the documentation needing update ?  

Regards.  

Le 10/08/2016 à 17:42, Philippe MARASSE a écrit :  
> Folks,  
>  
> I'm testing my freshly installed cas 5.0.0RC1-SNAPSHOT with SPNEGO,  
> following instructions at  
> https://apereo.github.io/cas/development/installation/SPNEGO-Authentication.html
>   
>  
> Everything looks right at tomcat startup (krb5 princpal (fixed @, kdc,  
> etc.), My browser get a 401 with WWW-Authenticate: Negotiate as  
> expected. So it sends its Authorization: Negotiate header, but CAS does  
> not seem to catch the header (see attached catalina.out log file) and  
> throws a NullPointerException.  
>  
> Tomcat is behind Apache + mod_jk, packetSize has been increased to 16k.  
>  
> Am I missing something ?  
>  
> Regards.  
>  

--  
Philippe MARASSE  

Responsable pôle Infrastructures - DSIO  
Centre Hospitalier Henri Laborit  
CS 10587 - 370 avenue Jacques Cœur  
86021 Poitiers Cedex  
Tel : 05.49.44.57.19  

--  
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.  
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.  
To post to this group, send email to cas-user@apereo.org.  
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.  
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/e1b3772b-8210-abf7-5151-3b85dd10e5ef%40ch-poitiers.fr.
  
For more options, visit https://groups.google.com/a/apereo.org/d/optout.  

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/etPan.57acdf96.21f89478.295c%40unicon.net.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

Re: [cas-user] CAS 5.0.0 SPNEGO issue

2016-08-11 Thread Philippe MARASSE 
Today, it works a little better : I get 401, my browser send its
ticket... but no authentication :

Caused by: KrbException: Invalid argument (400) - Cannot find key of
appropriate type to decrypt AP REP - RC4 with HMAC

I have to declare my keytab as default keytab in /etc/krb5.conf to get
authenticated (keytab is read *before* login.conf) ! It was not
necessary with CASv3.5.

If my keytab is not declared in /etc/krb5.conf, login.conf is not read
either, why ??

Last test, with only a few parameters :

cas.authn.spnego.kerberosConf=/etc/krb5.conf
cas.authn.spnego.mixedModeAuthentication=false
cas.authn.spnego.jcifsServicePrincipal=HTTP/php-dev.mydomain@mydomain.com
cas.authn.spnego.ntlmAllowed=false
cas.authn.spnego.hostNamePatternString=.+
cas.authn.spnego.supportedBrowsers=MSIE,Firefox,AppleWebKit
cas.authn.spnego.hostNameClientActionStrategy=hostnameSpnegoClientAction
cas.authn.spnego.ipsToCheckPattern=172.+
cas.authn.spnego.send401OnAuthenticationFailure=false
cas.authn.spnego.principalWithDomainName=false

it works...

Is the documentation needing update ?

Regards.

Le 10/08/2016 à 17:42, Philippe MARASSE a écrit :
> Folks,
>
> I'm testing my freshly installed cas 5.0.0RC1-SNAPSHOT with SPNEGO,
> following instructions at
> https://apereo.github.io/cas/development/installation/SPNEGO-Authentication.html
>
> Everything looks right at tomcat startup (krb5 princpal (fixed @, kdc,
> etc.), My browser get a 401 with WWW-Authenticate: Negotiate as
> expected. So it sends its Authorization: Negotiate header, but CAS does
> not seem to catch the header (see attached catalina.out log file) and
> throws a NullPointerException.
>
> Tomcat is behind Apache + mod_jk, packetSize has been increased to 16k.
>
> Am I missing something ?
>
> Regards.
>

-- 
Philippe MARASSE

Responsable pôle Infrastructures - DSIO
Centre Hospitalier Henri Laborit
CS 10587 - 370 avenue Jacques Cœur 
86021 Poitiers Cedex
Tel : 05.49.44.57.19

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/e1b3772b-8210-abf7-5151-3b85dd10e5ef%40ch-poitiers.fr.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

Re: [cas-user] Forgot password

2016-08-11 Thread Christopher Myers 
Personally, I just edit the source pages in 

/cas-server-webapp/src/main/webapp/WEB-INF/view/jsp/default/ui/

There are a couple of files you can edit, including the casLoginView.jsp, and 
the files in the "includes" subfolder.

and then it gets compiled when you go to build the app.

If you want to see what ours looks like, just go to https://login.millikin.edu/

Chris



>>> Guru Prashanth Thanakodi  08/11/16 7:06 AM >>>
Hi All



I am using CAS 3.4.11.  I have to add a forgot password in the login page. Are 
there any documentation to add this facility in CAS. Can you please help me 
here on where to start with.




Thanks
Guru

 
 -- 
 You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
 To unsubscribe from this group and stop receiving emails from it, send an 
email to cas-user+unsubscr...@apereo.org.
 To post to this group, send email to cas-user@apereo.org.
 Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
 To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/91c73557-fa17-4964-9653-4d034e543c67%40apereo.org.
 For more options, visit https://groups.google.com/a/apereo.org/d/optout.
 

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/57AC4C390245000742CD%40mugwgate.millikin.edu.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.