[cas-user] CAS 3.5.4 to 6.2.2 migration: LDAP authentication handler

2020-12-03 Thread Sobhen C 
Hello,

In the LDAP  flow, I need to perform some operations like below

1. If the user is locked, we need to display a custom error message
2. Max. possible lock count is 6 and we need to check that count each login 
click
3. if the user is inactive, we need to save some information in a separate 
table

In the CAS 3.5.4, I was able to handle all these in 
BandLdapAuthenicationHandler, 
but coming to CAS 6.2.2, how to perform these customized operations?

Please provide some guidance on this, I went through the documentations but 
didn't get a clue, how to proceed in this.
Also, how will we be able to create some custom errors for view?

With regards,
Sobhen

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/428d4cd4-a50f-4991-9aca-35cf21876b16n%40apereo.org.

Re: [cas-user] cas Java installation

2020-12-03 Thread 'Richard Frovarp' via CAS Community 
You would normally use it with your favorite security library in Java.
Common ones include Apache Shiro, Pac4J, and Spring Security. From
there use the library specific instructions for bringing in the CAS
client library.

On Thu, 2020-12-03 at 13:23 +0530, rohini bansode wrote:
> IF you have some links and information  about java cas client or any
> discussion  happened before so you can send me the discussion blog .
> 
> thanks and reagrds
> 
> On Thu, Dec 3, 2020 at 9:57 AM rohini bansode  > wrote:
> > Hello, 
> > 
> > what is the flow of cas java installation and its steps? 
> > Exactly what is the working environment of java cas  client.
> > 
> > Thanks & Regards
> > -- 
> > - Website: https://apereo.github.io/cas
> > - Gitter Chatroom: https://gitter.im/apereo/cas
> > - List Guidelines: https://goo.gl/1VRrw7
> > - Contributions: https://goo.gl/mh7qDG
> > --- 
> > You received this message because you are subscribed to the Google
> > Groups "CAS Community" group.
> > To unsubscribe from this group and stop receiving emails from it,
> > send an email to cas-user+unsubscr...@apereo.org.
> > To view this discussion on the web visit 
> > https://groups.google.com/a/apereo.org/d/msgid/cas-user/8ca6a9a7-66f5-477a-9416-8f835ed92f11n%40apereo.org
> > .

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/3842e9fa07a378562728aed2c83c9bf6155f291e.camel%40ndsu.edu.

Re: [cas-user] CAS upgrade from 3.5.4 to 6.2.2

2020-12-03 Thread Sobhen C 
Hi,

I got some confusion over the view presentation in the new CAS. Based on
the different errors, we have separate view templates. I want to display
the error messages directly on the CasLoginView.html page itself. As of
now, CasLoginView.html is customized as per our requirements. Can anyone
guide me to get an idea, how to get hold on the response after the LDAP
based authentication? Also, we need to display the captcha after the first
submission of the page, so is there any way to get hold of the response
after the LDAP authentication?

Basically, I wanted to know how to get hold of the handler once the LDAP
authentication completed?

With regards,
Sobhen


On Tue, Dec 1, 2020 at 10:16 AM Sobhen C  wrote:

> Thanks a lot Ray. That helps.
>
> On Thursday, 26 November 2020 at 22:20:37 UTC+5:30 Ray Bon wrote:
>
>> Sobhen,
>>
>> Throttling overview is here,
>> https://apereo.github.io/cas/6.2.x/installation/Configuring-Authentication-Throttling.html,
>> and properties are,
>> https://apereo.github.io/cas/6.2.x/configuration/Configuration-Properties.html#authentication-throttling
>>
>> This is my test config
>>
>> # this is a rate of failed attempts: threshold / rangeSeconds
>> cas.authn.throttle.failure.threshold=1
>> cas.authn.throttle.failure.rangeSeconds=3
>>
>> meaning no more than one login attempt within 3 seconds.
>>
>> This means that your cas properties should be more restrictive than ldap.
>> The cas settings are simpler than LPPE so I did not pursue it.
>>
>> Ray
>>
>> On Thu, 2020-11-26 at 12:47 +0530, Sobhen C wrote:
>>
>> Notice: This message was sent from outside the University of Victoria
>> email system. Please be cautious with links and sensitive information.
>>
>> Thank you Ray for a quick response.
>> Yes, as you mentioned, my approach is the same that the application is
>> developing from scratch.
>>
>> you have mentioned that "In our 3.5 version I used LPPE for throttling,
>> now I use cas configuration.", I am actually stuck here only, can you put
>> some light on this item. How the existing CAS configurations are used. If
>> possible, could you please quote some properties which are relevant?
>>
>> Currently, I configured the following properties in css.properties. If
>> the response is expired, then how can we hold on that? Do we need a
>> customized configuration class for that?
>>
>> cas.authn.ldap[0].type=
>> cas.authn.ldap[0].ldapUrl=
>> cas.authn.ldap[0].baseDn=
>> cas.authn.ldap[0].bindDn=
>> cas.authn.ldap[0].bindCredential=
>>
>> With regards,
>> Sobhen
>>
>>
>>
>> On Wed, Nov 25, 2020 at 11:21 PM Ray Bon  wrote:
>>
>> Sobhen,
>>
>> A lot has changed between those two versions.
>> The short answer; plan to start from scratch.
>>
>> Cas now has many more builtin capabilities. Some things that you had to
>> implement may just need some configuration.
>> In our 3.5 version I used LPPE for throttling, now I use cas
>> configuration. Password management is here,
>> https://apereo.github.io/cas/6.2.x/password_management/Password-Management.html
>>
>> Ray
>>
>> On Wed, 2020-11-25 at 02:59 -0800, Sobhen C wrote:
>>
>> Notice: This message was sent from outside the University of Victoria
>> email system. Please be cautious with links and sensitive information.
>>
>> I was  trying to upgrade the CAS application from version 3.5.4 into
>> 6.2.2. I went through the 6.2.2 password policy. Now, I am wondering if CAS
>> 6.2 supports Ippe configurations. In the existing application, all the
>> configurations are mentioned in the lppe.configuration.xml file. But, in
>> the latest version, I didn't find a way to mention all the
>> configuration which was there in the  lppe.configuration.xml.
>>
>> Please provide some guidance on this? How we can use the similar
>> configurations which we were using in the existing CAS 3.5.4 version.
>>
>> Also, can anyone provide some guidance on this upgrade?
>> 1. Do we need to rewrite the jsp pages into thymeleaf?
>> 2. how to write customized user authentication using LDAP?
>> 3. Currently, we are using web flow, are we able reuse those web flow
>> configurations?
>>
>> With regards,
>> Sobhen
>>
>>
>> --
>>
>>
>> Ray Bon
>> Programmer Analyst
>> Development Services, University Systems
>> 2507218831 <(250)%20721-8831> | CLE 019 | rb...@uvic.ca
>>
>> I respectfully acknowledge that my place of work is located within the
>> ancestral, traditional and unceded territory of the Songhees, Esquimalt and
>> WSÁNEĆ Nations.
>>
>> --
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to cas-user+u...@apereo.org.
>> To view this discussion on the web visit
>>

[cas-user] Re: Hazelcast Ticket Registry break when reloading properties for CAS 6.2.5

2020-12-03 Thread Andy Ng 
Confirm is a bug, here's the PR: https://github.com/apereo/cas/pull/5003

Cheers!
- Andy

On Wednesday, 2 December 2020 at 21:14:45 UTC+8 Andy Ng wrote:

> Hi all,
>
> I was trying to implement Hazelcast Ticket Registry and reloading 
> properties.
>
> I find that, when I change `cas.properties` and force a reload based on 
> this tutorial: 
> https://fawnoos.com/2020/05/02/cas62x-reloadable-configuration/, it 
> stopped the Hazelcast Ticket Registry instance which makes later login 
> failed.
>
> I find the solution to be removing the RefreshScope here:
>
> https://github.com/apereo/cas/blob/v6.2.5/support/cas-server-support-hazelcast-ticket-registry/src/main/java/org/apereo/cas/config/HazelcastTicketRegistryConfiguration.java#L52,
>  
> then the Ticket Registry would not be stopped.
>
> Anybody have similar issue? Thanks.
>
> Cheers!
> - Andy
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/aa1f6765-25e9-4204-b1d5-59d83284f0d6n%40apereo.org.