[cas-user] Custom authentication handler and jdbc attributes not executing

[Pablo Vidaurri]

I have a custom authentication handler. I notice when using my custom auth 
handler, my cas.authn.attributeRepository.jdbc[0] query does not execute. 
But when I enable out of the box ldap authentication my jdbc query runs and 
I get attributes back. Do I need to explicitly trigger something after my 
custom auth handler runs?

-psv

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/5e1de1aa-5051-4649-8c81-25b334a5c80en%40apereo.org.

Re: [cas-user] Re: Audit logging in 7.0.x?

[Baron Fujimoto]

Just to close the loop on this in case anyone else has the same question:
we've been informed that the use of UTC/Z TZ here is hardcoded now, and
there is no way to configure this alternatively without modifying the code.
Personally, I find this inconvenient and unfortunate, and wish it were
otherwise, but...

On Wed, Mar 6, 2024 at 7:44 AM Baron Fujimoto  wrote:

> Ah, that was it. Mahalo nui loa!
>
> I notice that now the audit timestamps appear to be in UTC (whereas
> previously it reported using our local TZ). does anyone know where/how we
> can set this to use our local TZ again? The rest of the logs already use
> the local TZ for timestamps.
>
> On Wed, Mar 6, 2024 at 3:54 AM Al Faller  wrote:
>
>> I had the same issue.  Looks like in the early days of 7.0 there was an
>> issue in the log4j2.xml.  You need to change the name of the Logger (remove
>> the audit.support portion of the name):
>>
>> > level="info">
>> 
>> 
>> 
>> 
>>
>> On Monday, March 4, 2024 at 10:41:23 PM UTC-5 Baron Fujimoto wrote:
>>
>>> With CAS v6.x, we used to get audit logs that looks something akin to:
>>>
>>> 2024-03-02 00:00:00,403 INFO
>>> [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - >> trail record BEGIN
>>> =
>>> WHO: joeuser
>>> WHAT: {result=Service Access Granted, service=https:/example.edu/app
>>> ,
>>> requiredAttributes={}}
>>> ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
>>> APPLICATION: CAS
>>> WHEN: Sat Mar 02 00:00:00 HST 2024
>>> CLIENT IP ADDRESS: 192.0.0.192
>>> SERVER IP ADDRESS: 10.10.10.10
>>> =
>>>
>>> >
>>> (and similar others)
>>>
>>> And our configs would additionally log them to a separate audit log
>>> file. However, since upgrading to cas v7, we are no longer generating these
>>> logs.
>>>
>>> I've tried explicitly enabling audit logging in our cas.,properties with:
>>>
>>> cas.audit.engine.enabled=true
>>>
>>> But still nothing. I also don't see a WAR overlay dependency for
>>> build.gradle that looks appropriate?
>>>
>>> I think our audit log is also defined in log4j2.xml which contains:
>>> =
>>> 
>>> >> fileName="${baseDir}/cas_audit.log" append="true"
>>> ...
>>> 
>>> 
>>> 
>>> ...
>>> >> additivity="true" level="info">
>>> 
>>> 
>>> 
>>> 
>>> =
>>>
>>> Any ideas what we're missing to enable audit logging once again?
>>>
>>> Reference: >> 
>>> >
>>> --
>>> Baron Fujimoto  ::: UH Information Technology Services
>>> minutas cantorum, minutas balorum, minutas carboratum descendus pantorum
>>>
>> --
>> - Website: https://apereo.github.io/cas
>> 
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> 
>> - List Guidelines: https://goo.gl/1VRrw7
>> 
>> - Contributions: https://goo.gl/mh7qDG
>> 
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to cas-user+unsubscr...@apereo.org.
>> To view this discussion on the web visit
>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/5d5dd513-db8c-418c-882d-5f5fea62a4adn%40apereo.org
>> 
>> .
>>
>
>
> --
> Baron Fujimoto  ::: UH Information Technology Services
> minutas cantorum, minutas balorum, minutas carboratum descendus pantorum
>


-- 
Baron Fujimoto  ::: UH Information Technology Services
minutas cantorum, minutas balorum, minutas carboratum descendus pantorum

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: 

Re: [cas-user] Disabling escaping of special characters such as '#' in MS Active Directory usernames

[Ray Bon]

Bogdan,

Perhaps you can use the ldap filter
search-filter=#{user}

You can have multiple ldap configs and they are processed in order.

Ray

On Fri, 2024-03-22 at 11:04 -0700, Bogdan Badz wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

Hello CAS Community

We are using CAS v6.5 as Federated Sign-In Module for MS Active Directory 
users. There is a requirement to support  usernames starting with a hash symbol 
'#'.

For example: #t...@domain.com.

We noticed that for integration with LDAP, CAS uses the Ldaptive library.

The documentation says that in this case special characters are escaped. And 
this is working correctly.

But we would also need the ability to disable this feature for certain 
characters.

org.ldaptive.auth.FormatDnResolver contains boolean value 'escapeUser' which is 
'true' by default.

At the Ldaptive library level this parameter can be configured, but based on 
what we saw in the CAS sources, only the default state is used there which does 
not help us authenticate AD users beginning with #.

Could anyone help us solve this problem?

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/74a65e59c3f06a973d78fbe8766d6b9d2b0b9282.camel%40uvic.ca.

[cas-user] Disabling escaping of special characters such as '#' in MS Active Directory usernames

[Bogdan Badz]

Hello CAS Community

We are using CAS v6.5 as Federated Sign-In Module for MS Active Directory 
users. There is a requirement to support  usernames starting with a hash 
symbol '#'.

For example: #t...@domain.com.

We noticed that for integration with LDAP, CAS uses the Ldaptive library.

The documentation says that in this case special characters are escaped. 
And this is working correctly.

But we would also need the ability to disable this feature for certain 
characters.

org.ldaptive.auth.FormatDnResolver contains boolean value 'escapeUser' 
which is 'true' by default.

At the Ldaptive library level this parameter can be configured, but based 
on what we saw in the CAS sources, only the default state is used there 
which does not help us authenticate AD users beginning with #.

Could anyone help us solve this problem?

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/f32f7dcc-a9ec-4a4c-8561-6a3b22ba46ffn%40apereo.org.

Re: [cas-user] SAML2 protocol in CAS6.4.6.6

[Mohamed Amdouni]

Hello,

I have a working instance with :

In addition,
cas.server.prefix
cas.server.scope
cas.server.name

And

implementation "org.apereo.cas:cas-server-support-saml:${project.'
cas.version'}"

But I think it s not required because it s for saml1


Le ven. 22 mars 2024 à 14:09, Xavier Rodríguez  a écrit :

> Hello,
>
> I'm not familiar with SAML 2.0 and I need to set up our CAS 6.4.6.6 with
> SAML2 protocol. Our CAS uses Oauth2 + CAS protocol. Now, we need to add
> this protocol.
>
> Folowing the documentation:
>
>
> https://apereo.github.io/cas/6.6.x/authentication/Configuring-SAML2-Authentication.html
>
> I've added in gradle:
>
> implementation
> "org.apereo.cas:cas-server-support-saml-idp:${project.'cas.version'}"
>
> And in my cas.properties:
>
>cas.authn.saml-idp.core.entity-id: https://mycas.cat/idp
>cas.authn.saml-idp.metadata.file-system.location: file:/etc/cas/saml
>
> I've ever had the same error:
>
> Exception encountered during context initialization - cancelling refresh
> attempt: org.springframework.beans.factory.BeanCreationException: Error
> creating bean with name
> 'scopedTarget.samlProfileSamlAttributeStatementBuilder' defined in class
> path resource [org/apereo/cas/config/SamlIdPConfiguration.class]: Bean
> instantiation via factory method failed; nested exception is
> org.springframework.beans.BeanInstantiationException: Failed to instantiate
> [org.apereo.cas.support.saml.web.idp.profile.builders.SamlProfileObjectBuilder]:
> Factory method 'samlProfileSamlAttributeStatementBuilder' threw exception;
> nested exception is
> org.springframework.beans.factory.NoSuchBeanDefinitionException: *No
> qualifying bean of type
> 'org.apereo.cas.authentication.attribute.AttributeDefinitionStore' *available:
> expected at least 1 bean which qualifies as autowire candidate. Dependency
> annotations:
> {@org.springframework.beans.factory.annotation.Autowired(required=true),
> @org.springframework.beans.factory.annotation.Qualifier("attributeDefinitionStore")}
>
> What am I need to define in my Cas-Server?
>
> I try with several configurations and I've get the same result.
>
> Anyone can help me?
>
> Thanks!!!
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/bd4ac22e-bf9e-4fa7-8210-c8a8168f927cn%40apereo.org
> 
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CALmwvcZLW%2BmAAZ6x10OcA58AdnjywfY1jOUnQ1BYJaAHcLw6PA%40mail.gmail.com.

Re: [cas-user] SAML2 protocol in CAS6.4.6.6

[Ray Bon]

Xavier,

The property names may have changed (your version is old).
Maybe search this blog, https://fawnoos.com/blog/

Ray

On Fri, 2024-03-22 at 06:02 -0700, Xavier Rodríguez wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

Hello,

I'm not familiar with SAML 2.0 and I need to set up our CAS 6.4.6.6 with SAML2 
protocol. Our CAS uses Oauth2 + CAS protocol. Now, we need to add this protocol.


Folowing the documentation:

https://apereo.github.io/cas/6.6.x/authentication/Configuring-SAML2-Authentication.html

I've added in gradle:

implementation 
"org.apereo.cas:cas-server-support-saml-idp:${project.'cas.version'}"

And in my cas.properties:

   cas.authn.saml-idp.core.entity-id: https://mycas.cat/idp
   cas.authn.saml-idp.metadata.file-system.location: file:/etc/cas/saml

I've ever had the same error:

Exception encountered during context initialization - cancelling refresh 
attempt: org.springframework.beans.factory.BeanCreationException: Error 
creating bean with name 'scopedTarget.samlProfileSamlAttributeStatementBuilder' 
defined in class path resource 
[org/apereo/cas/config/SamlIdPConfiguration.class]: Bean instantiation via 
factory method failed; nested exception is 
org.springframework.beans.BeanInstantiationException: Failed to instantiate 
[org.apereo.cas.support.saml.web.idp.profile.builders.SamlProfileObjectBuilder]:
 Factory method 'samlProfileSamlAttributeStatementBuilder' threw exception; 
nested exception is 
org.springframework.beans.factory.NoSuchBeanDefinitionException:No qualifying 
bean of type 
'org.apereo.cas.authentication.attribute.AttributeDefinitionStore'available: 
expected at least 1 bean which qualifies as autowire candidate. Dependency 
annotations: 
{@org.springframework.beans.factory.annotation.Autowired(required=true), 
@org.springframework.beans.factory.annotation.Qualifier("attributeDefinitionStore")}

What am I need to define in my Cas-Server?

I try with several configurations and I've get the same result.

Anyone can help me?

Thanks!!!

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/eea3e86a60c5c58ac1f02bea6cf7a7eac11e911a.camel%40uvic.ca.

[cas-user] Re: CAS v7.0.2 Service Ticket validation delay

[M Ebrahimi]

Did you see this? 
https://groups.google.com/a/apereo.org/g/cas-user/c/6VQ32CEItvA/m/sHsusICPBQAJ

On Thursday, March 21, 2024 at 5:36:43 PM UTC+3:30 Sreeja Pillai wrote:

> We recently upgraded to CAS v7 and are seeing that Service Ticket 
> validations are consistently taking over 10 seconds (which is the default). 
> This was working just fine on our previous version 6.5.9.
>
> We use Dynamo DB for our ticketing registry and it has a similar setup as 
> we had for the previous version.
>
> Anyone else has seen this issue?
>
> Thanks!
> --Sreeja
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/01f9d49b-3ced-489b-ac49-d6f06a7476dfn%40apereo.org.

Re: [cas-user] SAML2 protocol in CAS6.4.6.6

[Mohamed Amdouni]

And you should also add the attribute definitions :

cas.authn.attribute-repository.*

These attaributes mapping will be added in the saml2 response claims


Le ven. 22 mars 2024 à 15:43, Mohamed Amdouni  a
écrit :

> Hello,
>
> I have a working instance with :
>
> In addition,
> cas.server.prefix
> cas.server.scope
> cas.server.name
>
> And
>
> implementation "org.apereo.cas:cas-server-support-saml:${project.'
> cas.version'}"
>
> But I think it s not required because it s for saml1
>
>
> Le ven. 22 mars 2024 à 14:09, Xavier Rodríguez  a
> écrit :
>
>> Hello,
>>
>> I'm not familiar with SAML 2.0 and I need to set up our CAS 6.4.6.6 with
>> SAML2 protocol. Our CAS uses Oauth2 + CAS protocol. Now, we need to add
>> this protocol.
>>
>> Folowing the documentation:
>>
>>
>> https://apereo.github.io/cas/6.6.x/authentication/Configuring-SAML2-Authentication.html
>>
>> I've added in gradle:
>>
>> implementation
>> "org.apereo.cas:cas-server-support-saml-idp:${project.'cas.version'}"
>>
>> And in my cas.properties:
>>
>>cas.authn.saml-idp.core.entity-id: https://mycas.cat/idp
>>cas.authn.saml-idp.metadata.file-system.location: file:/etc/cas/saml
>>
>> I've ever had the same error:
>>
>> Exception encountered during context initialization - cancelling refresh
>> attempt: org.springframework.beans.factory.BeanCreationException: Error
>> creating bean with name
>> 'scopedTarget.samlProfileSamlAttributeStatementBuilder' defined in class
>> path resource [org/apereo/cas/config/SamlIdPConfiguration.class]: Bean
>> instantiation via factory method failed; nested exception is
>> org.springframework.beans.BeanInstantiationException: Failed to instantiate
>> [org.apereo.cas.support.saml.web.idp.profile.builders.SamlProfileObjectBuilder]:
>> Factory method 'samlProfileSamlAttributeStatementBuilder' threw exception;
>> nested exception is
>> org.springframework.beans.factory.NoSuchBeanDefinitionException: *No
>> qualifying bean of type
>> 'org.apereo.cas.authentication.attribute.AttributeDefinitionStore' 
>> *available:
>> expected at least 1 bean which qualifies as autowire candidate. Dependency
>> annotations:
>> {@org.springframework.beans.factory.annotation.Autowired(required=true),
>> @org.springframework.beans.factory.annotation.Qualifier("attributeDefinitionStore")}
>>
>> What am I need to define in my Cas-Server?
>>
>> I try with several configurations and I've get the same result.
>>
>> Anyone can help me?
>>
>> Thanks!!!
>>
>> --
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to cas-user+unsubscr...@apereo.org.
>> To view this discussion on the web visit
>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/bd4ac22e-bf9e-4fa7-8210-c8a8168f927cn%40apereo.org
>> 
>> .
>>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CALmwvcZ%3DtVmgV4-eb119Jum8fy%3DCmf0t-gMBEh21HitFJUnnkw%40mail.gmail.com.

[cas-user] SAML2 protocol in CAS6.4.6.6

[Xavier Rodríguez]

Hello,

I'm not familiar with SAML 2.0 and I need to set up our CAS 6.4.6.6 with 
SAML2 protocol. Our CAS uses Oauth2 + CAS protocol. Now, we need to add 
this protocol.

Folowing the documentation:

https://apereo.github.io/cas/6.6.x/authentication/Configuring-SAML2-Authentication.html

I've added in gradle: 

implementation 
"org.apereo.cas:cas-server-support-saml-idp:${project.'cas.version'}"

And in my cas.properties:

   cas.authn.saml-idp.core.entity-id: https://mycas.cat/idp
   cas.authn.saml-idp.metadata.file-system.location: file:/etc/cas/saml 

I've ever had the same error:

Exception encountered during context initialization - cancelling refresh 
attempt: org.springframework.beans.factory.BeanCreationException: Error 
creating bean with name 
'scopedTarget.samlProfileSamlAttributeStatementBuilder' defined in class 
path resource [org/apereo/cas/config/SamlIdPConfiguration.class]: Bean 
instantiation via factory method failed; nested exception is 
org.springframework.beans.BeanInstantiationException: Failed to instantiate 
[org.apereo.cas.support.saml.web.idp.profile.builders.SamlProfileObjectBuilder]:
 
Factory method 'samlProfileSamlAttributeStatementBuilder' threw exception; 
nested exception is 
org.springframework.beans.factory.NoSuchBeanDefinitionException: *No 
qualifying bean of type 
'org.apereo.cas.authentication.attribute.AttributeDefinitionStore' *available: 
expected at least 1 bean which qualifies as autowire candidate. Dependency 
annotations: 
{@org.springframework.beans.factory.annotation.Autowired(required=true), 
@org.springframework.beans.factory.annotation.Qualifier("attributeDefinitionStore")}

What am I need to define in my Cas-Server?

I try with several configurations and I've get the same result.

Anyone can help me?

Thanks!!!

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/bd4ac22e-bf9e-4fa7-8210-c8a8168f927cn%40apereo.org.

[cas-user] Re: How is TST suppose to work, keep getting db errors

[Pablo Vidaurri]

I'm still dealing with upset users over this issue ... any input on fine 
tuning time to kill or reg cleaner?

On Sunday, March 3, 2024 at 2:35:40 PM UTC-6 Pablo Vidaurri wrote:

> CAS 6.6.8
>
> I'm using delegated auth to Azure AD using OIDC. Things seem to be mostly 
> working but I noticed a couple of different db errors:
>
>1. Delegated client identifier cannot be located in the authentication 
>request* *
>2. org.postgresql.util.PSQLException: ERROR: duplicate key value 
>violates unique constraint "postgres_jpa_ticket_entity_pkey"  Detail: Key 
>(id)=(TST-6f93a6cc-3732-4dbb-9361-706f92a54787) already exists.
>
> Issue #1, gives a false message as the error is actually thrown from 
> DefaultDelegatedClientAuthenticationWebflowManager 
> 
>  as 
> a result of not finding the ticket in the ticket registry.  I think ticket 
> is not found due to a couple of things:
>
>1. Once user is redirected to Azure AD, I see TST ticket created in 
>the registry. But the user is taking too long to enter credentials. By the 
>time they are redirected back to CAS the TST has already expired and 
> purged 
>from ticket registry.
>2. An issue with default 
>cas.ticket.tst.time-to-kill-in-seconds=5 being too short. I have increased 
>this to 120sec hoping that is enough time to provide credentials on Azure 
>AD side. Along with this, I also have my registry cleaner set to every 60 
>seconds. It seems to be helping but still getting this error occasionally.
>
> Issue #2, I'm not sure what is causing this one. Logging in and out, and 
> logging in again somehow the same TST gets generated for the user and he 
> TST from first login is still in the db. Perhaps the 120sec time to kill is 
> too long but then I'm back at issue #1. I would think a new TST would be 
> created at this point.
>
> What is the logic of TST? I think this would be solved if TST creation is 
> more unique with perhaps including timestamp.
>
> Any suggestions?
>
> -psv
>
>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/637fa79b-26b4-444c-b31a-eed7b37c72a7n%40apereo.org.