[cas-user] CAS Authentication using multiple Ldap Servers

['rheman puewe' via CAS Community]

Hello everyone.

I using cas 4.1.x and I want to know ho to setup CAS Authentication using 
multiple Ldap Servers.

Best regard 

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/2f76912f-21ae-4991-8f12-900d67e48f26%40apereo.org.

Re: [cas-user] CAS 5.0.5 how to release attributes with Protocol V 2.0

[Cyrus Grissom]

Hello Robert,

Many thanks for your help. I will wait CAS 5.0.6 to apply this solution. I 
tried the solution sent by Adam Causey and it's working too ! :-)

Thanks,

Steve.

Le lundi 15 mai 2017 08:02:23 UTC+2, robertoschwald a écrit :
>
> You do not need to customize CasServiceValidationSuccess.html, if you just 
> want to release attributes the same way as p3. 
> For 5.0.5, you currently need to do the following things: 
>
> 1. Overwrite the serviceValidateController bean definition, and wire in 
> the cas3ServiceSuccessView, like so: 
>
> @Bean 
> public ServiceValidateController serviceValidateController() { 
> final ServiceValidateController c = new 
> ServiceValidateController(); 
> 
> c.setValidationSpecification(this.cas20WithoutProxyProtocolValidationSpecification);
>  
>
> c.setSuccessView(cas3ServiceSuccessView()); 
> c.setFailureView(cas2ServiceFailureView); 
> c.setProxyHandler(proxy20Handler); 
> c.setAuthenticationSystemSupport(authenticationSystemSupport); 
> c.setServicesManager(servicesManager); 
> c.setCentralAuthenticationService(centralAuthenticationService); 
> c.setArgumentExtractor(argumentExtractor); 
> 
> c.setMultifactorTriggerSelectionStrategy(multifactorTriggerSelectionStrategy);
>  
>
> 
> c.setAuthenticationContextValidator(authenticationContextValidator); 
> c.setJsonView(cas3ServiceJsonView()); 
> 
> c.setAuthnContextAttribute(casProperties.getAuthn().getMfa().getAuthenticationContextAttribute());
>  
>
> return c; 
> } 
> } 
>
> There is a current limitation up to 5.0.5, were it is not possible to 
> overwrite these bean definitions. Therefore, you must copy the whole 
> CasValidationConfiguration.java class from the CAS sources into your 
> overlay projects org.apereo.cas.web.config package and make the change 
> there. 
> This will be fixed in 5.0.6, where you only need to define the bean 
> definition above in your own config class, like 
> OverwrittenServiceValidateConfiguration. 
>
> 2. Set a property to use the p3 view for 2.0. 
> Set the following property in cas.properties to use the p3 view for 2.0 as 
> well: 
>
> cas.view.cas2.success=protocol/3.0/casServiceValidationSuccess 
>
>
>
> Hope that helps, 
> Robert 
>
> > Am 14.05.2017 um 22:23 schrieb Cyrus Grissom  >: 
> > 
> > Hello, 
> > 
> > Does anybody knows how to release attributes using the protocol 2.0 with 
> CAS 5.0.5 ? 
> > 
> > I tried some customisations of "CasServiceValidationSuccess.html" file 
> but without success. 
> > 
> > Many thanks for your help, 
> > 
> > Steve. 
> > 
> > -- 
> > - CAS gitter chatroom: https://gitter.im/apereo/cas 
> > - CAS mailing list guidelines: 
> https://apereo.github.io/cas/Mailing-Lists.html 
> > - CAS documentation website: https://apereo.github.io/cas 
> > - CAS project website: https://github.com/apereo/cas 
> > --- 
> > You received this message because you are subscribed to the Google 
> Groups "CAS Community" group. 
> > To unsubscribe from this group and stop receiving emails from it, send 
> an email to cas-user+u...@apereo.org . 
> > To view this discussion on the web visit 
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/c89672af-ef5e-4e98-892b-93c1f8aaf091%40apereo.org.
>  
>
>
>

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/dcd4025a-cf28-42e7-99a6-09eb22982721%40apereo.org.

[cas-user] Re: Error when trying to add new service to CAS

[bobbintb]

I changed

username=password,ROLE_ADMIN

to

username=notused,ROLE_ADMIN

and it seems to work now.

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/e712a0fb-c348-44e6-ab40-d6a1caae769c%40apereo.org.

Re: [cas-user] Accessing user credentials in webflow (CAS 5.0)?

[Ben Howell-Thomas]

I think this from login-webflow.xml already puts them into "credential" :


> 
> 
> 
> 


On 12 May 2017 at 22:07, Adam Causey  wrote:

> Is there a way to get a user's credentials in CAS 5.0.5 when extending the
> Webflow? I am using this as an example on extending the flow:
> https://apereo.github.io/2016/10/07/webflow-extcfg/ . I need to get the
> user's entered credentials in my particular use case, but can't figure out
> how to get to them.
>
> Thanks!
>
> -Adam
>
>
> --
> - CAS gitter chatroom: https://gitter.im/apereo/cas
> - CAS mailing list guidelines: https://apereo.github.io/cas/
> Mailing-Lists.html
> - CAS documentation website: https://apereo.github.io/cas
> - CAS project website: https://github.com/apereo/cas
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/CAN6MV5PmHAd4A-Rb1nS35Bm8h5ft9OxVA3Lprx4BWxzW
> ERapnA%40mail.gmail.com
> 
> .
>

-- 
This email is sent on behalf of Northgate Public Services (UK) Limited and 
its associated companies including Rave Technologies (India) Pvt Limited 
(together "Northgate Public Services") and is strictly confidential and 
intended solely for the addressee(s). 
If you are not the intended recipient of this email you must: (i) not 
disclose, copy or distribute its contents to any other person nor use its 
contents in any way or you may be acting unlawfully;  (ii) contact 
Northgate Public Services immediately on +44(0)1908 264500 quoting the name 
of the sender and the addressee then delete it from your system.
Northgate Public Services has taken reasonable precautions to ensure that 
no viruses are contained in this email, but does not accept any 
responsibility once this email has been transmitted.  You should scan 
attachments (if any) for viruses.

Northgate Public Services (UK) Limited, registered in England and Wales 
under number 00968498 with a registered address of Peoplebuilding 2, 
Peoplebuilding Estate, Maylands Avenue, Hemel Hempstead, Hertfordshire, HP2 
4NN.  Rave Technologies (India) Pvt Limited, registered in India under 
number 117068 with a registered address of 2nd Floor, Ballard House, Adi 
Marzban Marg, Ballard Estate, Mumbai, Maharashtra, India, 41.

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAD0p8ptF15_j77ZsC27T6D_ceLmh%3Dk-fwTCOKdFsq9poZqV2yg%40mail.gmail.com.

Re: [cas-user] externalize bootstrap.properties config

[Dmitriy Kopylenko]

http://cloud.spring.io/spring-cloud-static/spring-cloud.html#customizing-bootstrap-properties

D.


From: Nader Karimi 
Reply: cas-user@apereo.org 
Date: May 15, 2017 at 11:26:11 AM
To: CAS Community 
Subject:  [cas-user] externalize bootstrap.properties config  

Is it possible to place bootstrap.properties in /etc/cas/config to preserve the 
file between CAS upgrades?
--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/65ae10da-8563-47db-8e9f-36fd7d69c0fe%40apereo.org.

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/etPan.5919c9be.5eebdd50.4c8%40unicon.net.

Re: [cas-user] CAS 5.0.5 how to release attributes with Protocol V 2.0

[Rinku Vats]

Hi Cyrus,

Please follow below steps for releasing attributes and also for getting
attributes at Java Cas Client side.

Add below properties into your application.properties


cas.authn.attributeRepository.singleRow=true
cas.authn.attributeRepository.jdbc.healthQuery='your health check query'
#cas.authn.attributeRepository.jdbc.sql=select email from 'table name'
where {0};
cas.authn.attributeRepository.jdbc.username=email(0 parameter)
cas.authn.attributeRepository.jdbc.url= database detail
cas.authn.attributeRepository.jdbc.requireAllAttributes=true
cas.authn.attributeRepository.jdbc.user= username
cas.authn.attributeRepository.jdbc.password= password
cas.authn.attributeRepository.jdbc.autocommit=false
cas.authn.attributeRepository.jdbc.driverClass= driver
cas.authn.attributeRepository.jdbc.dialect= dialect
cas.authn.attributeRepository.attributes.email= attribute name by which
name your r getting from table
cas.authn.attributeRepository.attributes.firstname= same as above there can
be multiple values
cas.authn.attributeRepository.attributes.test=test
cas.authn.attributeRepository.defaultAttributesToRelease=write here all
your attributes here with comma seperated firstname , test

After that your can check in your CAS server logs there will be attribute
mapping things got.



After that your can use below link for creating Java Cas client for
checking Attributes in Your client side.

*https://github.com/cas-projects/cas-sample-java-webapp
 (update cas server
details in it)*


For Above detail you can read from
*https://apereo.github.io/2017/02/22/cas51-dbauthn-tutorial/
*

*BR*

*Rinku Sharma*


*Java Developer+919759569142/+917599183846*

*Linkedin - http://linkedin.com/in/rinkuvats
*

*skypee - vats.rinku*

On Mon, May 15, 2017 at 5:11 PM, Adam Causey  wrote:

> Steve,
>
> We are successfully releasing attributes on version 5.0.5 with the CAS 2.0
> protocol by overriding the casServiceValidationSuccess.html in our WAR
> overlay. Do you have the file in the correct directory? It should be in
> src/main/resources/templates/protocol/2.0.  We are using a custom
> namespace.
>
> Here's what I am using:
>
> 
> 
> [[${principal.id}]]
> [[${pgtIou}]
> ]
> 
> [[${
> proxy.principal.id}]]
> 
> 
>
> ​  ​
> 
>
> ​  ​
> 
>
> ​  ​
> 
>
> ​​
> 
> ​  ​
> 
> ​  ​
> 
>
> ​  ​
> 
> 
> 
> 
> 
> 
> 
> 
> 
>
> You could also try Robert's suggestion - I'm just relaying that the html
> customization is working for us.
>
>
> On Mon, May 15, 2017 at 2:02 AM, Robert Oschwald  > wrote:
>
>> You do not need to customize CasServiceValidationSuccess.html, if you
>> just want to release attributes the same way as p3.
>> For 5.0.5, you currently need to do the following things:
>>
>> 1. Overwrite the serviceValidateController bean definition, and wire in
>> the cas3ServiceSuccessView, like so:
>>
>> @Bean
>> public ServiceValidateController serviceValidateController() {
>> final ServiceValidateController c = new
>> ServiceValidateController();
>> c.setValidationSpecification(this.cas20WithoutProxyProtocolV
>> alidationSpecification);
>> c.setSuccessView(cas3ServiceSuccessView());
>> c.setFailureView(cas2ServiceFailureView);
>> c.setProxyHandler(proxy20Handler);
>> c.setAuthenticationSystemSupport(authenticationSystemSupport);
>> c.setServicesManager(servicesManager);
>> c.setCentralAuthenticationService(centralAuthenticationService);
>> c.setArgumentExtractor(argumentExtractor);
>> c.setMultifactorTriggerSelectionStrategy(multifactorTriggerS
>> electionStrategy);
>> c.setAuthenticationContextValidator(authenticationContextVal
>> idator);
>> c.setJsonView(cas3ServiceJsonView());
>> c.setAuthnContextAttribute(casProperties.getAuthn().getMfa()
>> .getAuthenticationContextAttribute());
>> return c;
>> }
>> }
>>
>> There is a current limitation up to 5.0.5, were it is not possible to
>> overwrite these bean definitions. Therefore, you must copy the whole
>> CasValidationConfiguration.java class from the CAS sources into your
>> overlay projects org.apereo.cas.web.config package and make the change
>> there.
>> This will be fixed in 5.0.6, where you only need to define the bean
>> definition above in your own config class, like
>> OverwrittenServiceValidateConfiguration.
>>
>> 2. Set a property to use the p3 view for 2.0.
>> Set the following property in cas.properties to use the p3 view for 2.0
>> as well:
>>
>> cas.view.cas2.success=protocol/3.0/casServiceValidationSuccess
>>
>>
>>
>> Hope that helps,
>> Robert
>>
>> > Am 14.05.2017 um 22:23 schrieb Cyrus Grissom :
>> >
>> > Hello,

Re: [cas-user] CAS 5.x with Duo - screenshots?

[Richard Frovarp]

It shows up post authentication on the next page. It uses the standard Duo 
iframe and you can wrap it however you want.

On May 14, 2017 1:22 PM, David  wrote:
Hi,

We're currently considering a Duo Security deployment on campus. We've been 
planning to go to CAS 5.x for a while now (if other projects would stop 
intervening), so we would just take advantage of its built-in support for Duo. 
Unfortunately, CAS 5.x is still a "later this summer" project and not a "right 
now" project, so I have no handy way to answer the folks on the Duo evaluation 
who are asking me what the CAS+Duo user experience looks like.

Is there someone on the list who has CAS 5.x with Duo up and running who'd be 
willing to take two or three screen shots of what the two of them integrated 
look like and quickly explain the user experience? I can't tell from the 
documentation, for example, whether the Duo stuff appears on the same page as 
the username/password prompts or on a following page.

Thanks for any help,

--Dave


--

DAVID A. CURRY, CISSP
DIRECTOR OF INFORMATION SECURITY
INFORMATION TECHNOLOGY

[The New School]

--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/790e5a32-41b0-426c-a802-eab9e607d309%40apereo.org.

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/2bdef276-4763-4875-8cd4-93a77e858a92%40email.android.com.

[cas-user] externalize bootstrap.properties config

[Nader Karimi]

Is it possible to place bootstrap.properties in /etc/cas/config to preserve 
the file between CAS upgrades?

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/65ae10da-8563-47db-8e9f-36fd7d69c0fe%40apereo.org.

Re: [cas-user] CAS 5.0.5 how to release attributes with Protocol V 2.0

[Adam Causey]

Steve,

We are successfully releasing attributes on version 5.0.5 with the CAS 2.0
protocol by overriding the casServiceValidationSuccess.html in our WAR
overlay. Do you have the file in the correct directory? It should be in
src/main/resources/templates/protocol/2.0.  We are using a custom namespace.

Here's what I am using:



[[${principal.id}]]
[[${pgtIou}]]

[[${
proxy.principal.id}]]



​  ​


​  ​


​  ​


​​

​  ​

​  ​


​  ​










You could also try Robert's suggestion - I'm just relaying that the html
customization is working for us.

On Mon, May 15, 2017 at 2:02 AM, Robert Oschwald 
wrote:

> You do not need to customize CasServiceValidationSuccess.html, if you
> just want to release attributes the same way as p3.
> For 5.0.5, you currently need to do the following things:
>
> 1. Overwrite the serviceValidateController bean definition, and wire in
> the cas3ServiceSuccessView, like so:
>
> @Bean
> public ServiceValidateController serviceValidateController() {
> final ServiceValidateController c = new
> ServiceValidateController();
> c.setValidationSpecification(this.cas20WithoutProxyProtocolValid
> ationSpecification);
> c.setSuccessView(cas3ServiceSuccessView());
> c.setFailureView(cas2ServiceFailureView);
> c.setProxyHandler(proxy20Handler);
> c.setAuthenticationSystemSupport(authenticationSystemSupport);
> c.setServicesManager(servicesManager);
> c.setCentralAuthenticationService(centralAuthenticationService);
> c.setArgumentExtractor(argumentExtractor);
> c.setMultifactorTriggerSelectionStrategy(
> multifactorTriggerSelectionStrategy);
> c.setAuthenticationContextValidator(authenticationContextValidator
> );
> c.setJsonView(cas3ServiceJsonView());
> c.setAuthnContextAttribute(casProperties.getAuthn().getMfa().
> getAuthenticationContextAttribute());
> return c;
> }
> }
>
> There is a current limitation up to 5.0.5, were it is not possible to
> overwrite these bean definitions. Therefore, you must copy the whole
> CasValidationConfiguration.java class from the CAS sources into your
> overlay projects org.apereo.cas.web.config package and make the change
> there.
> This will be fixed in 5.0.6, where you only need to define the bean
> definition above in your own config class, like
> OverwrittenServiceValidateConfiguration.
>
> 2. Set a property to use the p3 view for 2.0.
> Set the following property in cas.properties to use the p3 view for 2.0 as
> well:
>
> cas.view.cas2.success=protocol/3.0/casServiceValidationSuccess
>
>
>
> Hope that helps,
> Robert
>
> > Am 14.05.2017 um 22:23 schrieb Cyrus Grissom :
> >
> > Hello,
> >
> > Does anybody knows how to release attributes using the protocol 2.0 with
> CAS 5.0.5 ?
> >
> > I tried some customisations of "CasServiceValidationSuccess.html" file
> but without success.
> >
> > Many thanks for your help,
> >
> > Steve.
> >
> > --
> > - CAS gitter chatroom: https://gitter.im/apereo/cas
> > - CAS mailing list guidelines: https://apereo.github.io/cas/
> Mailing-Lists.html
> > - CAS documentation website: https://apereo.github.io/cas
> > - CAS project website: https://github.com/apereo/cas
> > ---
> > You received this message because you are subscribed to the Google
> Groups "CAS Community" group.
> > To unsubscribe from this group and stop receiving emails from it, send
> an email to cas-user+unsubscr...@apereo.org.
> > To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/c89672af-ef5e-4e98-892b-
> 93c1f8aaf091%40apereo.org.
>
> --
> - CAS gitter chatroom: https://gitter.im/apereo/cas
> - CAS mailing list guidelines: https://apereo.github.io/cas/
> Mailing-Lists.html
> - CAS documentation website: https://apereo.github.io/cas
> - CAS project website: https://github.com/apereo/cas
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/4474DD13-8559-411E-A603-
> F9EB24F6AF94%40gmail.com.
>

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 

[cas-user] Multiple different MFA provider in CAS 5 for one service

[Jurica Juren]

Is there a way to configure two different providers (mfa-yubikey and 
mfa-gauth) in CAS 5 for one service? 
CAS is connected to LDAP from which we get valid users and all attributes 
for users.
In one attribute is MFA provider (mfa-yubikey or mfa-gauth), and in second 
attribute is list of sites for which MFA is needed.

Flow will be: users attempt to login to site.com, redirected to CAS login, 
CAS check if both attributes are set and true (first attribute: (mfa-gauth 
or mfa-yubike) and second: site.com) and then activate MFA  provider 
registered in first attribute for that user.
If one of attribute is false or unset then MFA if skipped.

Is possible to setup this flow in service configuration?

Does anyone have advice how to setup this?

Regards,
Jurica

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/d5a1418f-8ff3-40f5-b013-68b5cee14754%40apereo.org.

[cas-user] CAS overlay 5.0.5 does not work.

[Mr. K]

I am using 5.0.5 overlay and attempting to run it as a war in external 
tomcat but I get an exception. It appears to be related to the logging 
configuration file, more specifically the logging.config variable in the 
project and the logging_config variable in the tomcat configuration, they 
conflict as the project picks up the tomcat one and it crashes on startup.


Exception:

2017-05-12 17:02:03,362 WARN 
[org.springframework.boot.context.embedded.AnnotationConfigEmbeddedWebApplicationContext]
 
-  2017-05-12 17:02:03,374 ERROR 
[org.springframework.boot.SpringApplication] -  
org.springframework.beans.factory.BeanCreationException: Error creating 
bean with name 'scopedTarget.loggingConfigController': Invocation of init 
method failed; nested exception is java.lang.RuntimeException: 
java.io.FileNotFoundException: ServletContext resource 
[/-Djava.util.logging.config.file="C:/Program Files/Apache Software 
Foundation/apache-tomcat-8.5.15/conf/logging.properties"] cannot be 
resolved to URL because it does not exist


I have tried modifying the logging_config in catalina.bat to a different 
name and after that it worked but I don't want to do that.


I have searched and it appears other people have had the problem as well 
and they suggested putting some settings inside bootstrap.properties such 
as:


spring.profiles.active=native

spring.cloud.config.server.native.searchLocations=file:/etc/cas/config

but that did not work and I got another exception:

Caused by: org.springframework.beans.factory.BeanCreationException: Error 
creating bean with name 
'org.springframework.boot.actuate.autoconfigure.EndpointAutoConfiguration': 
Bean instantiation via constructor failed; nested exception is 
org.springframework.beans.BeanInstantiationException: Failed to instantiate 
[org.springframework.boot.actuate.autoconfigure.EndpointAutoConfiguration$$EnhancerBySpringCGLIB$$5fe5e3a1]:
 
Constructor threw exception; nested exception is 
org.springframework.beans.factory.UnsatisfiedDependencyException: Error 
creating bean with name 'configServerHealthIndicator' defined in class path 
resource 
[org/springframework/cloud/config/server/config/EnvironmentRepositoryConfiguration.class]:
 
Unsatisfied dependency expressed through method 
'configServerHealthIndicator' parameter 0; nested exception is 
org.springframework.beans.factory.BeanCreationException: Error creating 
bean with name 'environmentRepository' defined in class path resource 
[org/springframework/cloud/config/server/config/EnvironmentRepositoryConfiguration$GitRepositoryConfiguration.class]:
 
Invocation of init method failed; nested exception is 
java.lang.IllegalStateException: You need to configure a uri for the git 
repository


CAS Version: 5.0.5
Apache Tomcat Version: Apache Tomcat/8.5.15
Build Date/Time: 2017-04-21T10:24:20Z
System Temp Directory: C:\Program Files\Apache Software 
Foundation\apache-tomcat-8.5.15\temp
Java Home: C:\Program Files\Java\jdk1.8.0_65\jre
Java Vendor: Oracle Corporation
Java Version: 1.8.0_65
JCE Installed: no
OS Architecture: amd64
OS Name: Windows 10
OS Version: 10.0


Thanks



-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/66b1265c-d6b9-4b55-8c56-be0817e3d8c1%40apereo.org.

Re: [cas-user] CAS 5.0.5 how to release attributes with Protocol V 2.0

[Robert Oschwald]

You do not need to customize CasServiceValidationSuccess.html, if you just want 
to release attributes the same way as p3.
For 5.0.5, you currently need to do the following things:

1. Overwrite the serviceValidateController bean definition, and wire in the 
cas3ServiceSuccessView, like so:

@Bean
public ServiceValidateController serviceValidateController() {
final ServiceValidateController c = new ServiceValidateController();

c.setValidationSpecification(this.cas20WithoutProxyProtocolValidationSpecification);
c.setSuccessView(cas3ServiceSuccessView());
c.setFailureView(cas2ServiceFailureView);
c.setProxyHandler(proxy20Handler);
c.setAuthenticationSystemSupport(authenticationSystemSupport);
c.setServicesManager(servicesManager);
c.setCentralAuthenticationService(centralAuthenticationService);
c.setArgumentExtractor(argumentExtractor);

c.setMultifactorTriggerSelectionStrategy(multifactorTriggerSelectionStrategy);
c.setAuthenticationContextValidator(authenticationContextValidator);
c.setJsonView(cas3ServiceJsonView());

c.setAuthnContextAttribute(casProperties.getAuthn().getMfa().getAuthenticationContextAttribute());
return c;
}
}

There is a current limitation up to 5.0.5, were it is not possible to overwrite 
these bean definitions. Therefore, you must copy the whole 
CasValidationConfiguration.java class from the CAS sources into your overlay 
projects org.apereo.cas.web.config package and make the change there.
This will be fixed in 5.0.6, where you only need to define the bean definition 
above in your own config class, like OverwrittenServiceValidateConfiguration.

2. Set a property to use the p3 view for 2.0.
Set the following property in cas.properties to use the p3 view for 2.0 as well:

cas.view.cas2.success=protocol/3.0/casServiceValidationSuccess



Hope that helps,
Robert

> Am 14.05.2017 um 22:23 schrieb Cyrus Grissom :
> 
> Hello,
> 
> Does anybody knows how to release attributes using the protocol 2.0 with CAS 
> 5.0.5 ?
> 
> I tried some customisations of "CasServiceValidationSuccess.html" file but 
> without success.
> 
> Many thanks for your help,
> 
> Steve.
> 
> -- 
> - CAS gitter chatroom: https://gitter.im/apereo/cas
> - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
> - CAS documentation website: https://apereo.github.io/cas
> - CAS project website: https://github.com/apereo/cas
> --- 
> You received this message because you are subscribed to the Google Groups 
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit 
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/c89672af-ef5e-4e98-892b-93c1f8aaf091%40apereo.org.

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/4474DD13-8559-411E-A603-F9EB24F6AF94%40gmail.com.