[cas-user] CAS 5.3.7 Issue Pac4J OIDC + SAML2 Delegation

[kyra1510]

Hy all,

I apologize for my French English.

I have a problem when I upgrade my CAS 5.2.x to CAS 5.3.7 with the SAML 
delegation.
My Cas 5.3.7 is configure to use the OpenIdConnect authentication but it is 
possible to delegate the authentication to an IDP SAML2.
I have no problem with the delegation in CAS 5.2.x 

When I use the OIDC authentication without delegation, the workflow is 
correct.
Workflow:
1 The user enter its password and login in the authentication page
2 The user is redirect to a consent page
3 When click on the button "allow", an authorization code is returned

But when I use the SAML2 delegation, I am not redirect to the consent page:
1 The user click on the button which redirect to the correct IDP
2 The user logged on the IDP SAML  
3 After the user is returned to my CAS 5.3.7 and arrived on the page 
service?ticket=ST-x 
xxx
 
and I have a code 302


I found this issue in the github which seems to correspond to my 
problem https://github.com/apereo/cas/pull/3664.
It describe the same issue in CAS 5.3.x in the SAML2 protocol before the 
bug was fixed. It didn't concern the delegation.
Could it be this problem is related to my issue?

Thanks for any help.

Kyra

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/266a8093-f4d3-4ffa-bfea-1d071d595933%40apereo.org.

[cas-user] Re: > 5.3.4 AUP Webflow seem to break createTicketGrantingTicket

[Curtis Ruck]

Martin,

I'm just now  looking into this, it appears it should address my issue, but 
I lost my testing environment and I havn't reconstituted it yet.

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/b952d8c0-4ab3-4b76-a7db-22b5db743bcb%40apereo.org.

[cas-user] CAS 5.3.4 Kivuto/Microsoft Dreamspark SAML Auth in CAS

[Mac Reid]

Hi,

Is anyone doing SAML auth for Kivuto/Microsoft Dreamspark with CAS? Looking
at the documentation, I can't seem to figure out how to get a working
access strategy for a SAML service.

For example, we need to ensure a user has a memberOf value, then check if
they match another memberOf value, and send an isMemberOf attribute back
with the second matched memberOf value. Seems possible with a groovy script
for service access strategy and attribute release, but they do not seem to
be executing on the SAML service.

Any pointers or references would be appreciated.

Thanks,

Mac Reid

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CALX_e4kJ%3DxMaeZ3ggE_Uw4%3DNC%2B7TdL0de2Cp%3DWwf65iri%3D0vGw%40mail.gmail.com.