[cas-user] embedded tomcat error

[Mm Mm]

when I run cas in embedded tomcat mode the following error appears when 
visiting the login page 

ERROR [org.apereo.cas.web.flow.executor.EncryptedTranscoder] - 
https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/99b4768f-3f66-46d2-8525-0840bbeffc48n%40apereo.org.

[cas-user] Password Management multiple ldap backends

['Timothy Hansen' via CAS Community]

We currently have CAS configured to authenticate against two different ldap 
directories with openLDAP taking priority but with Active Directory as a 
fallback.  For example:
cas.authn.ldap[0].order=0
cas.authn.ldap[1].order=1
etc...

When I try to replicate this with cas.authn.pm.ldap[0].etc... and 
cas.authn.pm.ldap[1].etc... configs I get:
java.lang.RuntimeException: jakarta.servlet.ServletException: Request 
processing failed: 
org.springframework.webflow.execution.ActionExecutionException: Exception 
thrown executing 
org.apereo.cas.pm.web.flow.actions.SendPasswordResetInstructionsAction@321668ff 
in state 'sendPasswordResetInstructions' of flow 'login' -- action 
execution attributes were 'map[[empty]]'

I can comment out one or the other and successfully reset my password in 
one of the two ldap directories but adding in both causes the error.  Is 
password management only supported for one configured ldap directory?  The 
goal is for the accounts and passwords to be the same in both?

On a separate note I tried joining the apereo slack server but our @apu.edu 
needs to be registered first?  Is someone able to add me to that or is that 
slack instance not really used?

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/70806ab6-1beb-4cad-a83f-c15174e8949cn%40apereo.org.

Re: [cas-user] Help With Performance Optimisation. CAS 6.6.x

[Ray Bon]

There are some load tests for cas, 
https://apereo.github.io/cas/7.0.x/high_availability/High-Availability-Performance-Testing.html

To eliminate some points of contention:
1. set up a file system store of services, 
https://apereo.github.io/cas/7.0.x/services/JSON-Service-Management.html (or in 
memory).
2. file system store of users, 
https://apereo.github.io/cas/7.0.x/authentication/Permissive-Authentication.html
 (or add to the default list: 
cas.authn.accept.users=casuser::Mellon,hsimpson::password,wsmithers::password,mburns::password)

Search this user list for mentions of cas performance.

Ray

On Tue, 2024-02-06 at 06:34 -0800, Vaibhav GPT wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

Hi ray,
we are using the embedded tomcat with CAS and we are using in memory storage 
for ticket.
I believe there is issue with cas's ability to process requests.

On Tuesday, February 6, 2024 at 6:49:20 PM UTC+5:30 Ray Bon wrote:
Is the issue with tomcat's ability to handle traffic or cas's ability to 
process requests?
How much memory is allocated to tomcat?
What are you using for ticket storage (in memory storage will be faster than 
database, etc)?

See https://apereo.github.io/cas/7.0.x/planning/Installation-Requirements.html 
and other related sections.


Ray

On Tue, 2024-02-06 at 00:08 -0800, Vaibhav GPT wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

Hi,
I'm using CAS version 6.6.x with Zoom for authenticated Meetings. The CAS 
Server is running behind a proxy server.
Following is configuration of CAS Server and Proxy Server : 8 Core with 8 GB 
Ram.

Whenever there is a load of more than 50 users per second the CAS perfromance 
degrades significantly and the site becomes unreachable

I have also tried implementing throttling but I have not got a breakthrough 
cas.authn.throttle.bucket4j.enabled=true
cas.authn.throttle.bucket4j.bandwidth[0].refill-count=50
cas.authn.throttle.bucket4j.bandwidth[0].capacity=50
cas.authn.throttle.bucket4j.bandwidth[0].duration=PT1S

Also i have tried increasing the tomcat configuration

server.tomcat.accept-count=500
server.tomcat.max-connections=8192
server.tomcat.max-keep-alive-requests=100
server.tomcat.threads.min-spare=100
server.tomcat.threads.max=600

Any help or suggestions on how can i make it work.  I'm expecting a user load 
of about 150-200 users per second.


-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/df80de3ebaf4d60a2c063b70b2b63574ead586dd.camel%40uvic.ca.

Re: [cas-user] how do I add dependency without being tied to version?

[Petr Bodnár]

Hi,

AFAIK, just specifying the library without the version *should *be 
sufficient:

 implementation "org.apache.shiro:shiro-core" 

Because like for the other libraries from your example, the version of the 
dependency is already specified in the imported CAS BOM (e.g. 
cas-server-support-bom-6.6.15.pom 
).
 
The BOM is imported by the following line in the CAS overlay's build.gradle 

:

implementation 
enforcedPlatform("org.apereo.cas:cas-server-support-bom:${project.'cas.version'}")

You can see e.g. 
https://docs.gradle.org/current/userguide/platforms.html#sub:bom_import for 
how this works.

(Ad lombokVersion: As this special, compile-only, library is not specified 
in the BOM, I'm doing the same, i.e. I copy the version manually to my 
project.)

I hope this helps
Petr

On Tuesday 6 February 2024 at 05:36:17 UTC+1 Ray Bon wrote:

> Yan,
>
> You  can put the version into gradle.properties (I put this at the bottom 
> of my file):
>
> lombokVersion=1.18.30
> ...
>
> In build.gradle:
>
> compileOnly "org.projectlombok:lombok:${lombokVersion}"
> testCompileOnly("org.projectlombok:lombok:${lombokVersion}")
>
> If the library is included in cas, then you  do not need to use 
> implementation.
>
>
> Ray
>
> On Mon, 2024-02-05 at 08:22 -0800, Yan Zhou wrote:
>
> Notice: This message was sent from outside the University of Victoria 
> email system. Please be cautious with links and sensitive information.
>
>
> HI there, 
>
> with CAS 6.6.x overlay, I need to create my own authentication handler, 
> which uses Apache Shiro's hash service, etc., it comes with CAS, but I have 
> to explicitly list them in my project dependency so my code can compile. 
>
> looks like the following,  Note that I first find out CAS is using 
> shiro-core 1.9.1 and then explicitly include it in build.gradle, is there a 
> better way to manage this (such as I do Not have to explicitly include 
> shiro dependency by specific version# ? this makes it difficult for 
> upgrade.)
>
> implementation "org.apereo.cas:cas-server-support-jdbc"
> implementation "org.apereo.cas:cas-server-support-jdbc-authentication"
> implementation "org.apache.shiro:shiro-core:1.9.1"
> implementation "org.apereo.cas:cas-server-support-ldap"
>
> Thanks,
> Yan
>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/ee197a1b-f4bc-49f9-8f06-d41c88ab8776n%40apereo.org.

Re: [cas-user] Alway Error 404 after compilation deployment

[Ray Bon]

Jérémie,

Are there any files in TOMCAT_HOME/logs ?
(Could also be CATALINA_HOME or CATALINA_BASE)

A pristine clone of cas-overlay-template should display the login page at 
http://localhost:8080/cas/login

What URL are you using that you get 404?

What does java -version say?
How are you deploying to tomcat (tomcat built in deployer, copy to 
TOMCAT_HOME/webapps, etc)?

Is there an application name and version number on the 404 page?

Ray

P.S. you can use openjdk instead of oracle

On Tue, 2024-02-06 at 16:12 +0100, Jérémie Pilette wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

Hi Ray,

ok for cas7. So I downloaded Java but from Oracle website :

wget https://download.oracle.com/java/21/latest/jdk-21_linux-x64_bin.deb

dpkg -i jdk-21_linux-x64_bin.deb



BUILD SUCCESSFUL without errors


Deploy on Tomcat 10.1.6

Always the same ... 404 Not found...

Impossible de see specific logs of cas. I have only catalina.out in 
/var/logs/tomcat10/catalina.out...

Tomcat has rights to write on /var/logs/cas/cas.log

I must forget soething somewhere ... It is crasy !



Jérémie




Le lun. 5 févr. 2024 à 20:45, Ray Bon mailto:r...@uvic.ca>> a 
écrit :
Jérémie,

You might be waiting a long time debian to upgrade java ;)

You can download and install openjdk-21 (on Ubuntu, mine is in /usr/lib/jvm)

You can

$ JAVA_HOME=/usr/lib/jvm/jdk-21

Then when you run ./gradlew ... in the same terminal it will use that JAVA_HOME 
to find java.

For tomcat, download it, untar in a directory you manage (I use 
~/Applications). Start tomcat from the same directory, it should pick up the 
correct java.

You can, of course, create a script that wraps the above, and leaves your 
command line pointing to debian installed java.

With this approach, you can use the latest cas.

Java will be 'more' backwardly compatible than tomcat (I recall reading 
somewhere that tomcat 10 has made some big changes) but stay as close to 
version recommendations as possible.

Cas also comes with an embedded tomcat. Your choice of deployment should be 
base on the settings you will have in production (IMHO).

If you are not getting log output, does the user that runs tomcat have 
permission to write to /var/log ?

Ray

On Mon, 2024-02-05 at 16:50 +0100, Jérémie Pilette wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

Hi Ray Bon, I am using Debian 12 and openjdk is the version 18. So, must I 
install openjdk-11-jdk ? (18 > 11 should be good ...)
The same for Tomcat, tomcat9 is required for cas 6.6 so it should be good for 
tomcat10 too .. normally ...

If I choose cas 7, I need to install openjdk-21. I wanted to let the good 
packages from Debian 12

I think I have activate the logs but maybe I forget something... there are no 
logs  displayed in /var/log/cas/cas.log ... evne if it is configured in 
/etc/cas/config/log4j2.xml ...

Le lun. 5 févr. 2024 à 15:48, Ray Bon mailto:r...@uvic.ca>> a 
écrit :
Jérémie,

Is there a reason why java and tomcat are not the versions in the requirements?

You do not need to concern yourself with spring boot and gradle; they will be 
handled by the build process.

If you are starting out, use the most recent version.
See https://fawnoos.com/2023/12/15/cas70x-gettingstarted-overlay/

If you are still having problems, turn up the logging, and provide more detail. 
Such as, what are you doing that results in 404.

Ray

On Sun, 2024-02-04 at 07:41 -0800, Jérémie Pilette wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

Hi everybody,
I try to compile and deploy cas-overlay-template from initializr but I have 
always Error 404 Not found.

Requirement

Java Version: 11
Spring Boot Version: 2.7.3
Gradle Version: 7.6
Tomcat Version: 9.0.84


I have

Java Version: 18
Spring Boot Version: 2.7.3
Gradle Version: 7.6
Tomcat Version: 10.1.6

Do I forget something ?

Thank you ?


Jérémie




--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to a topic in the Google 
Groups "CAS Community" group.
To unsubscribe from this topic, visit 
https://groups.google.com/a/apereo.org/d/topic/cas-user/6jhMHXaI540/unsubscribe.
To unsubscribe from this group and all its topics, send an email to 
cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/e2eb6a9176088650152d13b872c957b40fbfc2fb.camel%40uvic.ca.



--
- 

Re: [cas-user] Alway Error 404 after compilation deployment

[Jérémie Pilette]

Hi Ray,

ok for cas7. So I downloaded Java but from Oracle website :

wget https://download.oracle.com/java/21/latest/jdk-21_linux-x64_bin.deb

dpkg -i jdk-21_linux-x64_bin.deb


BUILD SUCCESSFUL without errors

Deploy on Tomcat 10.1.6

Always the same ... 404 Not found...

Impossible de see specific logs of cas. I have only catalina.out in
/var/logs/tomcat10/catalina.out...

Tomcat has rights to write on /var/logs/cas/cas.log

I must forget soething somewhere ... It is crasy !


Jérémie





Le lun. 5 févr. 2024 à 20:45, Ray Bon  a écrit :

> Jérémie,
>
> You might be waiting a long time debian to upgrade java ;)
>
> You can download and install openjdk-21 (on Ubuntu, mine is in
> /usr/lib/jvm)
>
> You can
>
> $ JAVA_HOME=/usr/lib/jvm/jdk-21
>
> Then when you run ./gradlew ... in the same terminal it will use that
> JAVA_HOME to find java.
>
> For tomcat, download it, untar in a directory you manage (I use
> ~/Applications). Start tomcat from the same directory, it should pick up
> the correct java.
>
> You can, of course, create a script that wraps the above, and leaves your
> command line pointing to debian installed java.
>
> With this approach, you can use the latest cas.
>
> Java will be 'more' backwardly compatible than tomcat (I recall reading
> somewhere that tomcat 10 has made some big changes) but stay as close to
> version recommendations as possible.
>
> Cas also comes with an embedded tomcat. Your choice of deployment should
> be base on the settings you will have in production (IMHO).
>
> If you are not getting log output, does the user that runs tomcat have
> permission to write to /var/log ?
>
> Ray
>
> On Mon, 2024-02-05 at 16:50 +0100, Jérémie Pilette wrote:
>
> Notice: This message was sent from outside the University of Victoria
> email system. Please be cautious with links and sensitive information.
>
> Hi Ray Bon, I am using Debian 12 and openjdk is the version 18. So, must I
> install openjdk-11-jdk ? (18 > 11 should be good ...)
> The same for Tomcat, tomcat9 is required for cas 6.6 so it should be good
> for tomcat10 too .. normally ...
>
> If I choose cas 7, I need to install openjdk-21. I wanted to let the good
> packages from Debian 12
>
> I think I have activate the logs but maybe I forget something... there are
> no logs  displayed in /var/log/cas/cas.log ... evne if it is configured in
> /etc/cas/config/log4j2.xml ...
>
> Le lun. 5 févr. 2024 à 15:48, Ray Bon  a écrit :
>
> Jérémie,
>
> Is there a reason why java and tomcat are not the versions in the
> requirements?
>
> You do not need to concern yourself with spring boot and gradle; they will
> be handled by the build process.
>
> If you are starting out, use the most recent version.
> See https://fawnoos.com/2023/12/15/cas70x-gettingstarted-overlay/
>
> If you are still having problems, turn up the logging, and provide more
> detail. Such as, what are you doing that results in 404.
>
> Ray
>
> On Sun, 2024-02-04 at 07:41 -0800, Jérémie Pilette wrote:
>
> Notice: This message was sent from outside the University of Victoria
> email system. Please be cautious with links and sensitive information.
>
> Hi everybody,
> I try to compile and deploy cas-overlay-template from initializr but I
> have always Error 404 Not found.
>
> Requirement
>
> *Java Version:* 11
> *Spring Boot Version:* 2.7.3
> *Gradle Version:* 7.6
> *Tomcat Version:* 9.0.84
>
>
> I have
>
> *Java Version:* 18
> *Spring Boot Version:* 2.7.3
> *Gradle Version:* 7.6
> *Tomcat Version:* 10.1.6
>
> Do I forget something ?
>
> Thank you ?
>
>
> Jérémie
>
>
>
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to a topic in the
> Google Groups "CAS Community" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/a/apereo.org/d/topic/cas-user/6jhMHXaI540/unsubscribe
> .
> To unsubscribe from this group and all its topics, send an email to
> cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/e2eb6a9176088650152d13b872c957b40fbfc2fb.camel%40uvic.ca
> 
> .
>
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to a topic in the
> Google Groups "CAS Community" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/a/apereo.org/d/topic/cas-user/6jhMHXaI540/unsubscribe
> .
> To unsubscribe from this group and all its topics, send an email to
> cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> 

Re: [cas-user] Help With Performance Optimisation. CAS 6.6.x

[Vaibhav GPT]

Hi ray,
we are using the embedded tomcat with CAS and we are using in memory 
storage for ticket.
I believe there is issue with cas's ability to process requests.

On Tuesday, February 6, 2024 at 6:49:20 PM UTC+5:30 Ray Bon wrote:

> Is the issue with tomcat's ability to handle traffic or cas's ability to 
> process requests?
> How much memory is allocated to tomcat?
> What are you using for ticket storage (in memory storage will be faster 
> than database, etc)?
>
> See 
> https://apereo.github.io/cas/7.0.x/planning/Installation-Requirements.html 
> and 
> other related sections.
>
>
> Ray
>
> On Tue, 2024-02-06 at 00:08 -0800, Vaibhav GPT wrote:
>
> Notice: This message was sent from outside the University of Victoria 
> email system. Please be cautious with links and sensitive information.
>
>
> Hi, 
> I'm using CAS version 6.6.x with Zoom for authenticated Meetings. The CAS 
> Server is running behind a proxy server.
> Following is configuration of CAS Server and Proxy Server : 8 Core with 8 
> GB Ram.
>
> Whenever there is a load of more than 50 users per second the CAS 
> perfromance degrades significantly and the site becomes unreachable 
>
> I have also tried implementing throttling but I have not got a 
> breakthrough cas.authn.throttle.bucket4j.enabled=true
> cas.authn.throttle.bucket4j.bandwidth[0].refill-count=50
> cas.authn.throttle.bucket4j.bandwidth[0].capacity=50
> cas.authn.throttle.bucket4j.bandwidth[0].duration=PT1S
>
> Also i have tried increasing the tomcat configuration
>
> server.tomcat.accept-count=500 
> server.tomcat.max-connections=8192 
> server.tomcat.max-keep-alive-requests=100 
> server.tomcat.threads.min-spare=100 
> server.tomcat.threads.max=600
>
> Any help or suggestions on how can i make it work.  I'm expecting a user 
> load of about 150-200 users per second.
>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/04e28ed5-4a7f-4e7e-adfe-ee11f61b0c16n%40apereo.org.

Re: [cas-user] Help With Performance Optimisation. CAS 6.6.x

[Ray Bon]

Is the issue with tomcat's ability to handle traffic or cas's ability to 
process requests?
How much memory is allocated to tomcat?
What are you using for ticket storage (in memory storage will be faster than 
database, etc)?

See https://apereo.github.io/cas/7.0.x/planning/Installation-Requirements.html 
and other related sections.


Ray

On Tue, 2024-02-06 at 00:08 -0800, Vaibhav GPT wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

Hi,
I'm using CAS version 6.6.x with Zoom for authenticated Meetings. The CAS 
Server is running behind a proxy server.
Following is configuration of CAS Server and Proxy Server : 8 Core with 8 GB 
Ram.

Whenever there is a load of more than 50 users per second the CAS perfromance 
degrades significantly and the site becomes unreachable

I have also tried implementing throttling but I have not got a breakthrough 
cas.authn.throttle.bucket4j.enabled=true
cas.authn.throttle.bucket4j.bandwidth[0].refill-count=50
cas.authn.throttle.bucket4j.bandwidth[0].capacity=50
cas.authn.throttle.bucket4j.bandwidth[0].duration=PT1S

Also i have tried increasing the tomcat configuration

server.tomcat.accept-count=500
server.tomcat.max-connections=8192
server.tomcat.max-keep-alive-requests=100
server.tomcat.threads.min-spare=100
server.tomcat.threads.max=600

Any help or suggestions on how can i make it work.  I'm expecting a user load 
of about 150-200 users per second.

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/9d0072959fd54812d90bab33feb15fd6e59b1705.camel%40uvic.ca.

Re: [cas-user] Couldn't build in Linux RHEL

[Ray Bon]

Start a new thread. People may skip over this because the problem does not 
match the title.

Ray

On Mon, 2024-02-05 at 22:29 -0800, Amulya Sri Pulijala wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.


Hey,
The following is the error, 2024-02-06 11:31:00,012 DEBUG 
[org.apereo.cas.authentication.DefaultAuthenticationManager] - 
2024-02-06 11:31:00,012 ERROR 
[org.apereo.cas.authentication.DefaultAuthenticationManager] - 
2024-02-06 11:31:00,015 ERROR 
[org.apereo.cas.authentication.DefaultAuthenticationManager] - 
<[GroovyAuthenticationHandler]: [No signature of method: 
CustomAuthenticationHandler.authenticate() is applicable for argument types: 
(org.apereo.cas.adaptors.generic.GroovyAuthenticationHandler, 
org.apereo.cas.authentication.credential.UsernamePasswordCredential...) values: 
[org.apereo.cas.adaptors.generic.GroovyAuthenticationHandler@b2ba975b, ...]
Possible solutions: authenticate(org.apereo.cas.authentication.Credential, 
org.apereo.cas.authentication.principal.Service)]>
2024-02-06 11:31:00,015 DEBUG 
[org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - 


But i do have authenticate method as follows:
AuthenticationHandlerExecutionResult authenticate(Credential credential, 
Service service) {
if (credential instanceof UsernamePasswordCredential) {
def usernamePasswordCredential = (UsernamePasswordCredential) 
credential
if (usernamePasswordCredential.username == 'user' && 
usernamePasswordCredential.password == 'password') {
def principal = 
principalFactory.createPrincipal(usernamePasswordCredential.username)
return new DefaultAuthenticationHandlerExecutionResult(
this,
new BasicCredentialMetaData(credential),
principal,
new ArrayList<>(0)
)
}
}
return null
}

Amulya
On Tuesday, February 6, 2024 at 10:06:17 AM UTC+5:30 Ray Bon wrote:
Amulya,

Depending on where the groovy script is called, it may have different 
requirements / passed in arguments. These are outlined in the docs.

'method not implemented' sounds like a method signature issue; would need to 
see the code.

You should create a new thread for this.

Ray

On Tue, 2024-02-06 at 01:34 +0530, Amulya Sri Pulijala wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

Hey,

Any custom code is also fine, something like mathematical expression etc. I did 
try with Groovy script but I couldnt compile it, as am getting an error that 
authenticate method is not implemented., but I did have that in my script.

Small groovy script which generates an expression and validates at user end is 
sufficient. Generation can be done at front end which I've already done it.

Kindl y provide me if you have any grovy scripts tutorial or custom handler 
tutorial..
Amulya

On Tue, Feb 6, 2024 at 1:27 AM Ray Bon  wrote:
Amulya,

Are you sure you need to have a custom captcha (or any other custom code)?
If you do create something custom, try to make it in such a way that it can be 
added to the main cas project (hopefully you will have time to do so - which I 
seem to lack).
See https://apereo.github.io/cas/developer/Contributor-Guidelines.html

https://fawnoos.com/blog/ is a good place to start. You 
will also need to understand various spring libraries.

Take a look at the existing reCaptcha 
https://apereo.github.io/cas/7.0.x/integration/Configuring-Google-reCAPTCHA.html
 and how it is implemented, how it fits into [spring] web flow, gets properties 
etc. You may be able to extend those classes.

Ray

On Mon, 2024-02-05 at 21:38 +0530, Amulya Sri Pulijala wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

Thanks!

Yeah.. am trying to add captcha, username, password etc in a single handler. 
Any pointers to such tutorials?

Amulya

On Mon, Feb 5, 2024 at 7:58 PM Ray Bon  wrote:
Amulya,

To add 'customHandlers' you would need to modify the class that handles authn 
properties (cas.authn).
To see how the chain of properties works in cas, start with the main class,
https://github.com/apereo/cas/blob/v7.0.0/api/cas-server-core-api-configuration-model/src/main/java/org/apereo/cas/configuration/CasConfigurationProperties.java

Search this file for 'authn' which is a class member pointing to 
AuthenticationProperties

I do not suggest modifying AuthenticationProperties.
You can create your own properties file (maybe CustomProperties) which could 
have a member variable authn pointing to CustomAuthenticationProperties. Given 
CustomAuthenticationProperties extends AuthenticationProperties, your property 
would then be

[cas-user] Issue with MFA bypass

[Alexandre GRENIER]

Hi,
I encountered an issue with Multifactor Authentication. I'm using CAS 6.6.x 
to access a few services.
Recently, I decided to activate MFA (with the "Simple" provider, but I 
don't think the kind of MFA provider has any incidence here) and to use 
principal attributes to bypass some users.

Everything seemed to work fine at first, bypass works has it should, but I 
then noticed that redirections between services do not work anymore for 
bypassed users.
To be more precise, the first time one asks to access a second service 
after having logged in:
- if MFA is off, everything works fine, the user is redirected
- if MFA is on but the user does not have a bypass, everything works fine
- if MFA is on and the user DOES have a bypass, the redirection does not 
work and he is asked to log in again

It seems this issue is the same described in this older post I found : 
https://groups.google.com/a/apereo.org/g/cas-user/c/SsqrWJb3aIc

Would anyone know if there is a fix to this or encountered the same issue?

Thanks in advance,

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/5a7e27b5-dd36-4c9f-ae01-3cb6595f760bn%40apereo.org.

[cas-user] Help With Performance Optimisation. CAS 6.6.x

[Vaibhav GPT]

Hi,
I'm using CAS version 6.6.x with Zoom for authenticated Meetings. The CAS 
Server is running behind a proxy server.
Following is configuration of CAS Server and Proxy Server : 8 Core with 8 
GB Ram.

Whenever there is a load of more than 50 users per second the CAS 
perfromance degrades significantly and the site becomes unreachable 

I have also tried implementing throttling but I have not got a breakthrough 
cas.authn.throttle.bucket4j.enabled=true
cas.authn.throttle.bucket4j.bandwidth[0].refill-count=50
cas.authn.throttle.bucket4j.bandwidth[0].capacity=50
cas.authn.throttle.bucket4j.bandwidth[0].duration=PT1S

Also i have tried increasing the tomcat configuration

server.tomcat.accept-count=500 
server.tomcat.max-connections=8192 
server.tomcat.max-keep-alive-requests=100 
server.tomcat.threads.min-spare=100 
server.tomcat.threads.max=600

Any help or suggestions on how can i make it work.  I'm expecting a user 
load of about 150-200 users per second.

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/1e785df8-df9b-4b87-ba31-4a007d866470n%40apereo.org.