Re: [cas-user] Re: CAS5.3.x - LDAP change password issue
Thanks Felix.
Yes I did reach out to the AD team to check the bind credentials for this
issue.
The same bind credentials are used in our old CAS3.5 application and it is
working as expected but with the new version CAS5.3.x it cannot change the
password.
Thanks,
Jay
On Thursday, August 2, 2018 at 10:23:35 AM UTC+5:30, Felix Schumacher wrote:
>
>
>
> Am 02.08.2018 um 06:21 schrieb Jay:
>
> Any one can help me here?
>
> On Tuesday, July 31, 2018 at 1:50:46 PM UTC+5:30, Jay wrote:
>>
>> Hi Everyone,
>>
>> Has any one faced the following issue when trying to change a password in
>> Active Directory through LDAP.
>>
>> org.ldaptive.LdapException: javax.naming.NoPermissionException: [LDAP:
>> error code 50 - 0005: SecErr: DSID-031A1256, problem 4003 (
>> INSUFF_ACCESS_RIGHTS), data 0
>>
>
> The exception is giving you the LDAP error that occurred, when CAS tried
> to do some stuff with your LDAP server. So it is probably best to ask your
> local AD expert, why your binddn has not enough rights to change passwords.
>
> Regards,
> Felix
>
> ]; remaining name 'CN=test1,OU=People,OU=Palm
>> Drive,OU=LNSS,DC=dev-,DC=net'
>>
>> Is it something to do with the Bind account or any settings that I am
>> missing in the CAS application.
>>
>> Below is my LDAP properties defined for Password change functionality.
>>
>> cas.authn.pm.ldap.type=AD
>> cas.authn.pm.ldap.ldapUrl=ldaps://:636/
>> cas.authn.pm.ldap.baseDn=DC=dev-,DC=net
>> cas.authn.pm.ldap.bindDn=CN=wls,OU=People,OU=LTI,DC=dev-,DC=net
>> cas.authn.pm.ldap.bindCredential=
>> cas.authn.pm.ldap.searchFilter=sAMAccountName={user}
>>
>> We have separate CAS properties defined for LDAP as below
>> cas.authn.ldap[0].type=AUTHENTICATED
>> cas.authn.ldap[0].ldapUrl=ldaps://:636/
>> cas.authn.ldap[0].baseDn=DC=dev-,DC=net
>> cas.authn.ldap[0].bindDn=CN=wls,OU=People,OU=LTI,DC=dev-,DC=net
>> cas.authn.ldap[0].bindCredential=
>> cas.authn.ldap[0].searchFilter=sAMAccountName={user}
>>
>>
>> Your inputs is much appreciated.
>>
>> Thanks & Regards,
>> Jay
>>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+u...@apereo.org .
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/c7f71a60-e6c7-4a4b-8dc8-748303cec6ce%40apereo.org
>
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/c7f71a60-e6c7-4a4b-8dc8-748303cec6ce%40apereo.org?utm_medium=email_source=footer>
> .
>
>
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/08d856e8-f34d-47e1-a3c7-de88edae9c03%40apereo.org.
[cas-user] Re: CAS5.3.x - LDAP change password issue
Any one can help me here?
On Tuesday, July 31, 2018 at 1:50:46 PM UTC+5:30, Jay wrote:
>
> Hi Everyone,
>
> Has any one faced the following issue when trying to change a password in
> Active Directory through LDAP.
>
> org.ldaptive.LdapException: javax.naming.NoPermissionException: [LDAP:
> error code 50 - 0005: SecErr: DSID-031A1256, problem 4003 (
> INSUFF_ACCESS_RIGHTS), data 0
> ]; remaining name 'CN=test1,OU=People,OU=Palm
> Drive,OU=LNSS,DC=dev-,DC=net'
>
> Is it something to do with the Bind account or any settings that I am
> missing in the CAS application.
>
> Below is my LDAP properties defined for Password change functionality.
>
> cas.authn.pm.ldap.type=AD
> cas.authn.pm.ldap.ldapUrl=ldaps://:636/
> cas.authn.pm.ldap.baseDn=DC=dev-,DC=net
> cas.authn.pm.ldap.bindDn=CN=wls,OU=People,OU=LTI,DC=dev-,DC=net
> cas.authn.pm.ldap.bindCredential=
> cas.authn.pm.ldap.searchFilter=sAMAccountName={user}
>
> We have separate CAS properties defined for LDAP as below
> cas.authn.ldap[0].type=AUTHENTICATED
> cas.authn.ldap[0].ldapUrl=ldaps://:636/
> cas.authn.ldap[0].baseDn=DC=dev-,DC=net
> cas.authn.ldap[0].bindDn=CN=wls,OU=People,OU=LTI,DC=dev-,DC=net
> cas.authn.ldap[0].bindCredential=
> cas.authn.ldap[0].searchFilter=sAMAccountName={user}
>
>
> Your inputs is much appreciated.
>
> Thanks & Regards,
> Jay
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/c7f71a60-e6c7-4a4b-8dc8-748303cec6ce%40apereo.org.
[cas-user] Re: StatsD Metrics 5.3.0-RC2
Hello everyone,
We have enabled the metrics in CAS5.3.x.
By default in the dashboard the metrics are pushed like shown in the
snapshot below.
<https://lh3.googleusercontent.com/-DUuu5_vkD1U/WwgpChpNBkI/AGg/A2_QnZg3ojYFqoKD8FFK7yNL5Z9tAZcnACLcBGAs/s1600/StatsD.PNG>
But we would like to move it under app instead of directly under Stats.
Does updating the property as below will help?
cas.metrics.statsd.host=***
cas.metrics.statsd.port=8125
cas.metrics.statsd.prefix=app/cas
Regards,
Jay
On Monday, April 16, 2018 at 6:32:27 AM UTC-5, yashwanth chowdary wrote:
>
> Hi Team,
>
> I need metrics for the cas app i have configured.How to check the stats
> that are stored.Need more information regarding statsD Metrics in cas.
> These are the props and dependency in my application.
> properties:
>
> cas.metrics.loggerName=perfStatsLogger
> cas.metrics.refreshInterval=30
>
> cas.metrics.statsd.host=***
> cas.metrics.statsd.port=8125
> cas.metrics.statsd.prefix=cas
>
> Dependency:
>
>
> org.apereo.cas
> cas-server-support-metrics
> ${cas.version}
>
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/86070e2b-c5f7-44ce-99e5-baf73e8584cb%40apereo.org.
[cas-user] Re: CAS5.3.x - Health & Version monitor Page
Attaching the version page. On Thursday, May 24, 2018 at 3:14:05 AM UTC-5, Jay wrote: > > Hello everyone, > In our old CAS3.x version, we had the health page and version monitor > page. > > I am trying to figure if we have something similar in CAS5.3.x framework. > Health Page and Version page looks something like this. > > <https://lh3.googleusercontent.com/-hy2VVLzjrqk/WwZzpZ_xGNI/AFc/VrJrPKLR7QoYpu4ROIjRvz2wlDpYagqsACLcBGAs/s1600/Health_Page.PNG> > > > <https://lh3.googleusercontent.com/-hy2VVLzjrqk/WwZzpZ_xGNI/AFc/VrJrPKLR7QoYpu4ROIjRvz2wlDpYagqsACLcBGAs/s1600/Health_Page.PNG> > > <https://lh3.googleusercontent.com/-cAEXbIE0Zy0/WwZ1Gx4e6lI/AF8/L6tbKJ0mnI0-vhUqxnvSbXK6R2gDvBTRQCLcBGAs/s1600/Version.PNG> > > > Could someone help me here to understand that this could be achieved using > only CAS-Management-Overlay. If so is it possible that anyone with a link > can access the above two pages without login or authentication. > > Thanks in advance. > > Regards, > Jay > > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/3fa8b8d7-c1a1-4552-b360-58b849567404%40apereo.org.
[cas-user] CAS5.3.x - Health & Version monitor Page
Hello everyone, In our old CAS3.x version, we had the health page and version monitor page. I am trying to figure if we have something similar in CAS5.3.x framework. Health Page and Version page looks something like this. <https://lh3.googleusercontent.com/-hy2VVLzjrqk/WwZzpZ_xGNI/AFc/VrJrPKLR7QoYpu4ROIjRvz2wlDpYagqsACLcBGAs/s1600/Health_Page.PNG> <https://lh3.googleusercontent.com/-bp_e3vCHyQw/WwZz1FzU-TI/AFg/Cr1k2sgf47M4vtuYhqWlK6bbne2_UtNmACLcBGAs/s1600/registry_json.PNG> Could someone help me here to understand that this could be achieved using only CAS-Management-Overlay. If so is it possible that anyone with a link can access the above two pages without login or authentication. Thanks in advance. Regards, Jay -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/53fd2868-e2c1-43e0-a7f3-beb2105679c1%40apereo.org.
Re: [cas-user] Acceptable Usage Policy(AUP) in CAS5.2.x
We have enabled the User acceptance policy.
Whenever I use incognito window in Chrome and login it does not shows the
User Policy page to accept. Only the first time I could see but closing and
opening a new windows does not show the policy page.
Any help here is much appreciated.
Thanks,
Jay
On Tuesday, April 24, 2018 at 7:59:51 AM UTC-5, Manfredo Hopp wrote:
>
> Manually change login webflow xml.
> You will have to address missing credentials issue.
>
> El martes, 24 de abril de 2018, Jay <sjayanth@lifetouch.com
> > escribió:
>
>> Hello everyone,
>>
>> As part of the migration from CAS3.5 to CAS5.2.x, we have to implement
>> the User Policy acceptance UI to allow the user to agree to the terms.
>>
>> In CAS3.5 we show the policy page even before the Login screen like shown
>> below
>>
>>
>> <https://lh3.googleusercontent.com/-pSKirpMNFsE/Wt7wOLpJNrI/AC8/DXbMUdoyw_st6lrEgfpDC14yBIFybh-pQCLcBGAs/s1600/AUP.png>
>> Tried to have the same feature in CAS5.x and included the following
>> properties.
>>
>>- Added the below in application.properties file:
>>
>> *cas.acceptableUsagePolicy.au
>> <http://cas.acceptableUsagePolicy.au>pAttributeName=aupAccepted*
>>
>>
>>- Added the below dependency in pom.xml:
>>
>>
>> * *
>> *org.apereo.cas*
>> *
>> cas-server-support-aup-webflow*
>> *${cas.version}*
>> **
>>
>> After adding the properties, User policy page is only shown after the
>> user login with his/her credentials not before the login. Is this in built
>> in CAS5 which cannot be changed or we can show the Policy page actually
>> before a user logs in. If so can you please help me here on how to change
>> it.
>>
>> Thanks & Regards,
>> Jay
>>
>> --
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to cas-user+u...@apereo.org .
>> To view this discussion on the web visit
>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/c9f9b1b8-142d-49f8-9510-33813a98913d%40apereo.org
>>
>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/c9f9b1b8-142d-49f8-9510-33813a98913d%40apereo.org?utm_medium=email_source=footer>
>> .
>>
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/3914d42c-e3e4-4fa1-8e22-681b15d6c861%40apereo.org.
Re: [cas-user] CAS5.3.x: Error getting flow information for URL
Ray, To answer your question. Yes there are two tomcat servers running the application and load balancer switches between the servers. I will check with the Run team for clustering or setting load balancer to be sticky. Travis, Yes the encryption keys are copied across the servers so they are same. Anyhow I will verify that once as well. Regards, Jay On Friday, May 18, 2018 at 9:44:44 PM UTC+5:30, Travis Schmidt wrote: > > Do you have the same webflow encryption keys set in each of the config > files on the different servers? If the property is not present the server > generates it's own on each server at start up, resulting in each server not > understanding the other. > > > > On Fri, May 18, 2018 at 8:39 AM Ray Bon <rb...@uvic.ca > > wrote: > >> Jay, >> >> Are there multiple CAS servers? Could this be a result of the load >> balancer switching between CAS servers for each request (load form, post >> form)? >> You may need to cluster your tomcats or set load balancer to be sticky. >> >> Ray >> >> On Thu, 2018-05-17 at 22:42 -0700, Jay wrote: >> >> Hi Ray, >> >> >> Yes, it does not allow the user to be validated and login successfully. >> It redirects back to login page only. >> >> Any suggestion to look into specifically. >> >> We see this issue when we hit the load balance url but not when we >> directly access the server url. >> >> Thanks, >> Jay >> >> On Thursday, May 17, 2018 at 11:46:17 AM UTC-5, rbon wrote: >> >> Jay, >> >> I seem to recall a message like this was produced because of a 'feature' >> to clear out the flow if it sat for too long. It would show up periodically >> and had no bearing on how long the user took to log in. >> Does it cause a problem? >> >> Ray >> >> On Thu, 2018-05-17 at 01:16 -0700, Jay wrote: >> >> Hello everyone, >> >> We have CAS application running in Tomcat in two different instances and >> load balanced by a F5 url. >> Any application is configured with the F5 url for login authentication >> and authorization. >> >> We have customized the url to *https:///las/v3/login* >> (Naming the war file as *las#v3.war* sets the context path here) >> >> When I use individual server instance login/logout works absolutely fine. >> (i.e. *:/las/v3/login* ) >> >> We see below error after we give the user credential and clink on login >> button. >> >> 2018-05-17 01:49:36,786 DEBUG >> [org.apereo.cas.web.FlowExecutionExceptionResolver] - <*Error getting >> flow information for URL* >> [/las/v3/login?service=http%3A%2F%2Flocalhost%3A3001%2Flogin%3Fdestination%3D%252Fconfiguration%252Faccounts%252F34864%252FproductLines%252FPrismPostPD%252Ftemplates%252F311]> >> >> [m >> org.apereo.spring.webflow.plugin.ClientFlowExecutionRepositoryException: >> Error decoding flow execution >> at >> org.apereo.spring.webflow.plugin.ClientFlowExecutionRepository.getFlowExecution(ClientFlowExecutionRepository.java:99) >> >> ~[spring-webflow-client-repo-1.0.3.jar:1.0.3] >> at >> org.springframework.webflow.executor.FlowExecutorImpl.resumeExecution(FlowExecutorImpl.java:168) >> >> ~[spring-webflow-2.4.7.RELEASE.jar:2.4.7.RELEASE] >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> ~[?:1.8.0_31] >> at >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) >> >> ~[?:1.8.0_31] >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >> >> ~[?:1.8.0_31] >> at java.lang.reflect.Method.invoke(Method.java:483) ~[?:1.8.0_31] >> at >> org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:216) >> >> ~[spring-core-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:470) >> >> ~[spring-cloud-context-1.3.0.RELEASE.jar:1.3.0.RELEASE] >> at >> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) >> >> ~[spring-aop-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at >> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) >> >> ~[spring-aop-4.3.14.RELEASE.jar:4.3.14.RELEASE] >> at com.sun.proxy.$Proxy165.resumeExecution(Unknown Source) ~[?:?] >> at >> org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:253) >>
Re: [cas-user] CAS5.3.x: Error getting flow information for URL
Hi Ray, Yes, it does not allow the user to be validated and login successfully. It redirects back to login page only. Any suggestion to look into specifically. We see this issue when we hit the load balance url but not when we directly access the server url. Thanks, Jay On Thursday, May 17, 2018 at 11:46:17 AM UTC-5, rbon wrote: > > Jay, > > I seem to recall a message like this was produced because of a 'feature' > to clear out the flow if it sat for too long. It would show up periodically > and had no bearing on how long the user took to log in. > Does it cause a problem? > > Ray > > On Thu, 2018-05-17 at 01:16 -0700, Jay wrote: > > Hello everyone, > > We have CAS application running in Tomcat in two different instances and > load balanced by a F5 url. > Any application is configured with the F5 url for login authentication and > authorization. > > We have customized the url to *https:///las/v3/login* (Naming > the war file as *las#v3.war* sets the context path here) > > When I use individual server instance login/logout works absolutely fine. > (i.e. *:/las/v3/login* ) > > We see below error after we give the user credential and clink on login > button. > > 2018-05-17 01:49:36,786 DEBUG > [org.apereo.cas.web.FlowExecutionExceptionResolver] - <*Error getting > flow information for URL* > [/las/v3/login?service=http%3A%2F%2Flocalhost%3A3001%2Flogin%3Fdestination%3D%252Fconfiguration%252Faccounts%252F34864%252FproductLines%252FPrismPostPD%252Ftemplates%252F311]> > > [m > org.apereo.spring.webflow.plugin.ClientFlowExecutionRepositoryException: > Error decoding flow execution > at > org.apereo.spring.webflow.plugin.ClientFlowExecutionRepository.getFlowExecution(ClientFlowExecutionRepository.java:99) > > ~[spring-webflow-client-repo-1.0.3.jar:1.0.3] > at > org.springframework.webflow.executor.FlowExecutorImpl.resumeExecution(FlowExecutorImpl.java:168) > > ~[spring-webflow-2.4.7.RELEASE.jar:2.4.7.RELEASE] > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > ~[?:1.8.0_31] > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > ~[?:1.8.0_31] > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > > ~[?:1.8.0_31] > at java.lang.reflect.Method.invoke(Method.java:483) ~[?:1.8.0_31] > at > org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:216) > > ~[spring-core-4.3.14.RELEASE.jar:4.3.14.RELEASE] > at > org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:470) > > ~[spring-cloud-context-1.3.0.RELEASE.jar:1.3.0.RELEASE] > at > org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) > > ~[spring-aop-4.3.14.RELEASE.jar:4.3.14.RELEASE] > at > org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) > > ~[spring-aop-4.3.14.RELEASE.jar:4.3.14.RELEASE] > at com.sun.proxy.$Proxy165.resumeExecution(Unknown Source) ~[?:?] > at > org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:253) > > ~[spring-webflow-2.4.7.RELEASE.jar:2.4.7.RELEASE] > at > org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:967) > > ~[spring-webmvc-4.3.14.RELEASE.jar:4.3.14.RELEASE] > at > org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:901) > > ~[spring-webmvc-4.3.14.RELEASE.jar:4.3.14.RELEASE] > at > org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970) > > ~[spring-webmvc-4.3.14.RELEASE.jar:4.3.14.RELEASE] > at > org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:872) > > ~[spring-webmvc-4.3.14.RELEASE.jar:4.3.14.RELEASE] > at javax.servlet.http.HttpServlet.service(HttpServlet.java:648) > ~[servlet-api.jar:?] > at > org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846) > > ~[spring-webmvc-4.3.14.RELEASE.jar:4.3.14.RELEASE] > at javax.servlet.http.HttpServlet.service(HttpServlet.java:729) > ~[servlet-api.jar:?] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291) > > ~[catalina.jar:8.0.29] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > > ~[catalina.jar:8.0.29] > at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) > ~[tomcat-websocket.jar:8.0.29] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) > > ~[catalina.jar:
[cas-user] Re: CAS5.3.x: Error getting flow information for URL
Hi Ray, https://groups.google.com/a/apereo.org/d/msg/cas-user/FqJW4gS3lCI/y9W-63-nCgAJ Yes, it does allow use to be validated and login. It redirects back to login page only. Any suggestion to look into. We see this issue when we hit the load balance url but not when we directly access the server url. Thanks, Jay On Thursday, May 17, 2018 at 3:16:12 AM UTC-5, Jay wrote: > > Hello everyone, > > We have CAS application running in Tomcat in two different instances and > load balanced by a F5 url. > Any application is configured with the F5 url for login authentication and > authorization. > > We have customized the url to *https:///las/v3/login* (Naming > the war file as *las#v3.war* sets the context path here) > > When I use individual server instance login/logout works absolutely fine. > (i.e. *:/las/v3/login* ) > > We see below error after we give the user credential and clink on login > button. > > 2018-05-17 01:49:36,786 DEBUG > [org.apereo.cas.web.FlowExecutionExceptionResolver] - <*Error getting > flow information for URL* > [/las/v3/login?service=http%3A%2F%2Flocalhost%3A3001%2Flogin%3Fdestination%3D%252Fconfiguration%252Faccounts%252F34864%252FproductLines%252FPrismPostPD%252Ftemplates%252F311]> > > [m > org.apereo.spring.webflow.plugin.ClientFlowExecutionRepositoryException: > Error decoding flow execution > at > org.apereo.spring.webflow.plugin.ClientFlowExecutionRepository.getFlowExecution(ClientFlowExecutionRepository.java:99) > > ~[spring-webflow-client-repo-1.0.3.jar:1.0.3] > at > org.springframework.webflow.executor.FlowExecutorImpl.resumeExecution(FlowExecutorImpl.java:168) > > ~[spring-webflow-2.4.7.RELEASE.jar:2.4.7.RELEASE] > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > ~[?:1.8.0_31] > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > ~[?:1.8.0_31] > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > > ~[?:1.8.0_31] > at java.lang.reflect.Method.invoke(Method.java:483) ~[?:1.8.0_31] > at > org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:216) > > ~[spring-core-4.3.14.RELEASE.jar:4.3.14.RELEASE] > at > org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:470) > > ~[spring-cloud-context-1.3.0.RELEASE.jar:1.3.0.RELEASE] > at > org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) > > ~[spring-aop-4.3.14.RELEASE.jar:4.3.14.RELEASE] > at > org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) > > ~[spring-aop-4.3.14.RELEASE.jar:4.3.14.RELEASE] > at com.sun.proxy.$Proxy165.resumeExecution(Unknown Source) ~[?:?] > at > org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:253) > > ~[spring-webflow-2.4.7.RELEASE.jar:2.4.7.RELEASE] > at > org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:967) > > ~[spring-webmvc-4.3.14.RELEASE.jar:4.3.14.RELEASE] > at > org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:901) > > ~[spring-webmvc-4.3.14.RELEASE.jar:4.3.14.RELEASE] > at > org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970) > > ~[spring-webmvc-4.3.14.RELEASE.jar:4.3.14.RELEASE] > at > org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:872) > > ~[spring-webmvc-4.3.14.RELEASE.jar:4.3.14.RELEASE] > at javax.servlet.http.HttpServlet.service(HttpServlet.java:648) > ~[servlet-api.jar:?] > at > org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846) > > ~[spring-webmvc-4.3.14.RELEASE.jar:4.3.14.RELEASE] > at javax.servlet.http.HttpServlet.service(HttpServlet.java:729) > ~[servlet-api.jar:?] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291) > > ~[catalina.jar:8.0.29] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > > ~[catalina.jar:8.0.29] > at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) > ~[tomcat-websocket.jar:8.0.29] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) > > ~[catalina.jar:8.0.29] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > > ~[catalina.jar:8.0.29] > at > org.apereo.cas.web.support.AuthenticationCredentialsLocalBinderClearingFilter.doFilter(AuthenticationCredentialsLocalBinderClearingFil
[cas-user] CAS5.3.x: Error getting flow information for URL
y help in this regards would be much appreciated. Thanks, Jay -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/14880a57-74e9-41ab-98c0-621a8b84fec1%40apereo.org.
[cas-user] Re: Error - Service Registry json
Sure David, I got that. Thank you again for helping me here.
Thanks,
Jay
On Tuesday, May 15, 2018 at 11:23:28 AM UTC-5, Jay wrote:
>
> Hi Everyone,
> Could someone help me to get this ERROR fixed.
>
> Below is the entry from my json file
> Filename: serviceRegistry-1524464822.json
> [
> {
> "@class" : "org.apereo.cas.services.RegexRegisteredService",
> "serviceId" : "^(https|imaps|http)://.*",
> "name" : "HTTPS/IMAPS wildcard",
> "id" : 20170905111650,
> "evaluationOrder" : 9
> },
> {
> "@class" : "org.apereo.cas.services.RegexRegisteredService",
> "serviceId" : "https://www.google.com/a/dev..com/acs",
> "name" : "googleApps",
> "id" : 1000,
> "evaluationOrder" : 10
> }
> ]
>
> I see this error in the logs.
> [1;31m2018-05-15 11:14:10,091 ERROR
> [org.apereo.cas.util.serialization.AbstractJacksonBackedStringSerializer] -
> [[{"@class":"org.apereo.cas.services.RegexRegisteredService","serviceId":"^(https|imaps|http)://.*","name":"HTTPS/IMAPS
>
> wil...] to deserialize into type [interface
> org.apereo.cas.services.RegisteredService]. This may be caused in the
> absence of a configuration/support module that knows how to interpret the
> fragment, specially if the fragment describes a CAS registered service
> definition. Internal parsing error is [Unexpected token (START_OBJECT),
> expected VALUE_STRING: need JSON String that contains type id (for subtype
> of org.apereo.cas.services.RegisteredService)
> at [Source:
> (String)"[{"@class":"org.apereo.cas.services.RegexRegisteredService","serviceId":"^(https|imaps|http)://.*","name":"HTTPS/IMAPS
>
> wildcard","id":20170905111650,"evaluationOrder":9},{"@class":"org.apereo.cas.services.RegexRegisteredService","serviceId":"
> https://www.google.com/a/dev..com/acs","name":"googleApps","id":1000,"evaluationOrder":10}]";
>
> line: 1, column: 2]]> [m
> [36m2018-05-15 11:14:10,091 DEBUG
> [org.apereo.cas.util.serialization.AbstractJacksonBackedStringSerializer] -
> that contains type id (for subtype of
> org.apereo.cas.services.RegisteredService)
> at [Source:
> (String)"[{"@class":"org.apereo.cas.services.RegexRegisteredService","serviceId":"^(https|imaps|http)://.*","name":"HTTPS/IMAPS
>
> wildcard","id":20170905111650,"evaluationOrder":9},{"@class":"org.apereo.cas.services.RegexRegisteredService","serviceId":"
> https://www.google.com/a/dev..com/acs","name":"googleApps","id":1000,"evaluationOrder":10}]";
>
> line: 1, column: 2]> [m
> com.fasterxml.jackson.databind.exc.MismatchedInputException: Unexpected
> token (START_OBJECT), expected VALUE_STRING: need JSON String that contains
> type id (for subtype of org.apereo.cas.services.RegisteredService)
> at [Source:
> (String)"[{"@class":"org.apereo.cas.services.RegexRegisteredService","serviceId":"^(https|imaps|http)://.*","name":"HTTPS/IMAPS
>
> wildcard","id":20170905111650,"evaluationOrder":9},{"@class":"org.apereo.cas.services.RegexRegisteredService","serviceId":"
> https://www.google.com/a/dev..com/acs","name":"googleApps","id":1000,"evaluationOrder":10}]";
>
> line: 1, column: 2]
> at
> com.fasterxml.jackson.databind.exc.MismatchedInputException.from(MismatchedInputException.java:59)
>
> ~[jackson-databind-2.9.3.jar:2.9.3]
> at
> com.fasterxml.jackson.databind.DeserializationContext.wrongTokenException(DeserializationContext.java:1498)
>
> ~[jackson-databind-2.9.3.jar:2.9.3]
> at
> com.fasterxml.jackson.databind.DeserializationContext.reportWrongTokenException(DeserializationContext.java:1273)
>
> ~[jackson-databind-2.9.3.jar:2.9.3]
> at
> com.fasterxml.jackson.databind.jsontype.impl.AsArrayTypeDeserializer._locateTypeId(AsArrayTypeDeserializer.java:151)
>
> ~[jackson-databind-2.9.3.jar:2.9.3]
> at
> com.fasterxml.jackson.databind.jsontype.impl.AsArrayTypeDeserializer._deserialize(AsArrayTypeDeserializer.java:96)
>
> ~[jackson-databind-2.9.3.jar:2.9.3]
> at
> com.fasterxml.jackson.databind.jsontype.impl.AsArrayTypeDeserializer.deserializeTypedFromAny(AsArrayTypeDeseriali
[cas-user] Re: Error - Service Registry json
Thank you David.
So as I understand.
The id inside the json file servicenumericId in the file name should match.
Something like below:
serviceRegistry-1524464822.json
"id" : 1524464822
Thanks
Jay
On Tuesday, May 15, 2018 at 11:23:28 AM UTC-5, Jay wrote:
>
> Hi Everyone,
> Could someone help me to get this ERROR fixed.
>
> Below is the entry from my json file
> Filename: serviceRegistry-1524464822.json
> [
> {
> "@class" : "org.apereo.cas.services.RegexRegisteredService",
> "serviceId" : "^(https|imaps|http)://.*",
> "name" : "HTTPS/IMAPS wildcard",
> "id" : 20170905111650,
> "evaluationOrder" : 9
> },
> {
> "@class" : "org.apereo.cas.services.RegexRegisteredService",
> "serviceId" : "https://www.google.com/a/dev..com/acs",
> "name" : "googleApps",
> "id" : 1000,
> "evaluationOrder" : 10
> }
> ]
>
> I see this error in the logs.
> [1;31m2018-05-15 11:14:10,091 ERROR
> [org.apereo.cas.util.serialization.AbstractJacksonBackedStringSerializer] -
> [[{"@class":"org.apereo.cas.services.RegexRegisteredService","serviceId":"^(https|imaps|http)://.*","name":"HTTPS/IMAPS
>
> wil...] to deserialize into type [interface
> org.apereo.cas.services.RegisteredService]. This may be caused in the
> absence of a configuration/support module that knows how to interpret the
> fragment, specially if the fragment describes a CAS registered service
> definition. Internal parsing error is [Unexpected token (START_OBJECT),
> expected VALUE_STRING: need JSON String that contains type id (for subtype
> of org.apereo.cas.services.RegisteredService)
> at [Source:
> (String)"[{"@class":"org.apereo.cas.services.RegexRegisteredService","serviceId":"^(https|imaps|http)://.*","name":"HTTPS/IMAPS
>
> wildcard","id":20170905111650,"evaluationOrder":9},{"@class":"org.apereo.cas.services.RegexRegisteredService","serviceId":"
> https://www.google.com/a/dev..com/acs","name":"googleApps","id":1000,"evaluationOrder":10}]";
>
> line: 1, column: 2]]> [m
> [36m2018-05-15 11:14:10,091 DEBUG
> [org.apereo.cas.util.serialization.AbstractJacksonBackedStringSerializer] -
> that contains type id (for subtype of
> org.apereo.cas.services.RegisteredService)
> at [Source:
> (String)"[{"@class":"org.apereo.cas.services.RegexRegisteredService","serviceId":"^(https|imaps|http)://.*","name":"HTTPS/IMAPS
>
> wildcard","id":20170905111650,"evaluationOrder":9},{"@class":"org.apereo.cas.services.RegexRegisteredService","serviceId":"
> https://www.google.com/a/dev..com/acs","name":"googleApps","id":1000,"evaluationOrder":10}]";
>
> line: 1, column: 2]> [m
> com.fasterxml.jackson.databind.exc.MismatchedInputException: Unexpected
> token (START_OBJECT), expected VALUE_STRING: need JSON String that contains
> type id (for subtype of org.apereo.cas.services.RegisteredService)
> at [Source:
> (String)"[{"@class":"org.apereo.cas.services.RegexRegisteredService","serviceId":"^(https|imaps|http)://.*","name":"HTTPS/IMAPS
>
> wildcard","id":20170905111650,"evaluationOrder":9},{"@class":"org.apereo.cas.services.RegexRegisteredService","serviceId":"
> https://www.google.com/a/dev..com/acs","name":"googleApps","id":1000,"evaluationOrder":10}]";
>
> line: 1, column: 2]
> at
> com.fasterxml.jackson.databind.exc.MismatchedInputException.from(MismatchedInputException.java:59)
>
> ~[jackson-databind-2.9.3.jar:2.9.3]
> at
> com.fasterxml.jackson.databind.DeserializationContext.wrongTokenException(DeserializationContext.java:1498)
>
> ~[jackson-databind-2.9.3.jar:2.9.3]
> at
> com.fasterxml.jackson.databind.DeserializationContext.reportWrongTokenException(DeserializationContext.java:1273)
>
> ~[jackson-databind-2.9.3.jar:2.9.3]
> at
> com.fasterxml.jackson.databind.jsontype.impl.AsArrayTypeDeserializer._locateTypeId(AsArrayTypeDeserializer.java:151)
>
> ~[jackson-databind-2.9.3.jar:2.9.3]
> at
> com.fasterxml.jackson.databind.jsontype.impl.AsArrayTypeDeserializer._deserialize(AsArrayTypeDeserializer.java:96)
>
> ~[jackson-databind-2.9.3.jar
[cas-user] Error - Service Registry json
Hi Everyone,
Could someone help me to get this ERROR fixed.
Below is the entry from my json file
Filename: serviceRegistry-1524464822.json
[
{
"@class" : "org.apereo.cas.services.RegexRegisteredService",
"serviceId" : "^(https|imaps|http)://.*",
"name" : "HTTPS/IMAPS wildcard",
"id" : 20170905111650,
"evaluationOrder" : 9
},
{
"@class" : "org.apereo.cas.services.RegexRegisteredService",
"serviceId" : "https://www.google.com/a/dev..com/acs",
"name" : "googleApps",
"id" : 1000,
"evaluationOrder" : 10
}
]
I see this error in the logs.
[1;31m2018-05-15 11:14:10,091 ERROR
[org.apereo.cas.util.serialization.AbstractJacksonBackedStringSerializer] -
https://www.google.com/a/dev..com/acs","name":"googleApps","id":1000,"evaluationOrder":10}]";
line: 1, column: 2]]> [m
[36m2018-05-15 11:14:10,091 DEBUG
[org.apereo.cas.util.serialization.AbstractJacksonBackedStringSerializer] -
https://www.google.com/a/dev..com/acs","name":"googleApps","id":1000,"evaluationOrder":10}]";
line: 1, column: 2]> [m
com.fasterxml.jackson.databind.exc.MismatchedInputException: Unexpected
token (START_OBJECT), expected VALUE_STRING: need JSON String that contains
type id (for subtype of org.apereo.cas.services.RegisteredService)
at [Source:
(String)"[{"@class":"org.apereo.cas.services.RegexRegisteredService","serviceId":"^(https|imaps|http)://.*","name":"HTTPS/IMAPS
wildcard","id":20170905111650,"evaluationOrder":9},{"@class":"org.apereo.cas.services.RegexRegisteredService","serviceId":"https://www.google.com/a/dev..com/acs","name":"googleApps","id":1000,"evaluationOrder":10}]";
line: 1, column: 2]
at
com.fasterxml.jackson.databind.exc.MismatchedInputException.from(MismatchedInputException.java:59)
~[jackson-databind-2.9.3.jar:2.9.3]
at
com.fasterxml.jackson.databind.DeserializationContext.wrongTokenException(DeserializationContext.java:1498)
~[jackson-databind-2.9.3.jar:2.9.3]
at
com.fasterxml.jackson.databind.DeserializationContext.reportWrongTokenException(DeserializationContext.java:1273)
~[jackson-databind-2.9.3.jar:2.9.3]
at
com.fasterxml.jackson.databind.jsontype.impl.AsArrayTypeDeserializer._locateTypeId(AsArrayTypeDeserializer.java:151)
~[jackson-databind-2.9.3.jar:2.9.3]
at
com.fasterxml.jackson.databind.jsontype.impl.AsArrayTypeDeserializer._deserialize(AsArrayTypeDeserializer.java:96)
~[jackson-databind-2.9.3.jar:2.9.3]
at
com.fasterxml.jackson.databind.jsontype.impl.AsArrayTypeDeserializer.deserializeTypedFromAny(AsArrayTypeDeserializer.java:71)
~[jackson-databind-2.9.3.jar:2.9.3]
at
com.fasterxml.jackson.databind.jsontype.impl.AsPropertyTypeDeserializer._deserializeTypedUsingDefaultImpl(AsPropertyTypeDeserializer.java:148)
~[jackson-databind-2.9.3.jar:2.9.3]
at
com.fasterxml.jackson.databind.jsontype.impl.AsPropertyTypeDeserializer.deserializeTypedFromObject(AsPropertyTypeDeserializer.java:88)
~[jackson-databind-2.9.3.jar:2.9.3]
at
com.fasterxml.jackson.databind.deser.AbstractDeserializer.deserializeWithType(AbstractDeserializer.java:254)
~[jackson-databind-2.9.3.jar:2.9.3]
at
com.fasterxml.jackson.databind.deser.impl.TypeWrappedDeserializer.deserialize(TypeWrappedDeserializer.java:68)
~[jackson-databind-2.9.3.jar:2.9.3]
at
com.fasterxml.jackson.databind.ObjectMapper._readMapAndClose(ObjectMapper.java:4001)
~[jackson-databind-2.9.3.jar:2.9.3]
at
com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:2992)
~[jackson-databind-2.9.3.jar:2.9.3]
at
org.apereo.cas.util.serialization.AbstractJacksonBackedStringSerializer.readObjectFromJson(AbstractJacksonBackedStringSerializer.java:232)
~[cas-server-core-util-api-5.3.0-RC2.jar:5.3.0-RC2]
at
org.apereo.cas.util.serialization.AbstractJacksonBackedStringSerializer.from(AbstractJacksonBackedStringSerializer.java:108)
~[cas-server-core-util-api-5.3.0-RC2.jar:5.3.0-RC2]
at
org.apereo.cas.util.serialization.StringSerializer.load(StringSerializer.java:100)
~[cas-server-core-util-api-5.3.0-RC2.jar:5.3.0-RC2]
at
org.apereo.cas.services.resource.AbstractResourceBasedServiceRegistryDao.lambda$load$4(AbstractResourceBasedServiceRegistryDao.java:269)
~[cas-server-core-services-registry-5.3.0-RC2.jar:5.3.0-RC2]
at
org.apereo.cas.services.resource.AbstractResourceBasedServiceRegistryDao$$Lambda$161/230611610.apply(Unknown
Source) ~[?:?]
at
java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:193)
~[?:1.8.0_31]
at
java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:175)
~[?:1.8.0_31]
at
java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1374)
~[?:1.8.0_31]
at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:512)
~[?:1.8.0_31]
at
java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:502)
~[?:1.8.0_31]
at
java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:708)
~[?:1.8.0_31]
at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
~[?:1.8.0_31]
at
[cas-user] CAS5.3.0-RC2 - Setting profile specific properties
Hello everyone, I am trying to place the saml & services directory under the classpath for each environment, like below [src] [main] [resources] [cas-dev] [saml] [services] [cas-stage] [saml] [services] [cas-prod] [saml] [services] Will it be able to load the specific profile if I make the following changes - Add a property to JAVA_OPTS -DSpring.profiles.active = - Make the following changes to application.yml file info: description: CAS Configuration spring: profiles: active: dev cas: authn: samlIdp: metadata: location: classpath:/cas-dev/saml/ serviceRegistry: json: location: classpath:/cas-dev/services/ --- spring: profiles: active: stage cas: authn: samlIdp: metadata: location: classpath:/cas-stage/saml/ serviceRegistry: json: location: classpath:/cas-stage/services/ - Place rest of all the properties in cas.properties file under etc/cas/config Could someone please help me here to know if this is the right approach and by doing this the saml and services related files would be loaded without any issues. P.S. Both application.yml and cas.properties are placed in the same location under etc/cas/config Thanks in advance. Regards Jay -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/5712b812-3b6d-428d-a443-edf53713da5a%40apereo.org.
[cas-user] Re: how to change cas.properties location
Hi Cristina,
I tried to define the property in JAVA_OPTS, but still it could not pick up
the cas.properties file from the location.
I see the below from the catalina.out log file.
May 07, 2018 11:15:14 PM org.apache.catalina.startup.VersionLoggerListener
log
INFO: Command line argument:
-Dcas.standalone.config={{config_dir}}/etc/cas/config
Any help would be really appreciated.
Thanks,
Jay
On Friday, December 8, 2017 at 7:34:56 AM UTC-6, Cristina Vlaicu wrote:
>
> Hello,
>
> I found out my response here :
> https://apereo.github.io/cas/5.2.x/installation/Configuration-Management.html#overview
>
> I added in tomcat in JAVA_OPTS variable the system property
> -Dcas.standalone.config=/my/config/folder/location
>
> Thank you,
> Cristina
>
>
> On Friday, December 8, 2017 at 2:44:44 PM UTC+2, Cristina Vlaicu wrote:
>>
>> Hello,
>>
>> I read in the documentation that for changing cas.properties location I
>> have to change the value of cas.standalone.config property, but I did not
>> understood where this property should be configured ? Should it be
>> configured in file application.properties ? Another question is if for this
>> settings, should I add another dependency in pom.xml file of cas-overlay
>> project?
>>
>> Thank you,
>>
>> Cristina
>>
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/dd458f7f-0482-49b7-8983-b58bbea3ac60%40apereo.org.
[cas-user] Log4j property discrepancies
Hello All, Can someone tell me which is the correct property to be used. In the documentation, I see server.contextParameters.isLog4jAutoInitializationDisabled=true whereas in the application.propeties I see server.context-parameters.isLog4jAutoInitializationDisabled=true and what is the functionality that this property is used for. Thanks, Jay -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/79675e72-659f-45b3-ad2f-a6836dbfbddc%40apereo.org.
[cas-user] <> CAS5.2x Password Management/ Change Password flow
Closing this thread as I got the answer
On Friday, April 27, 2018 at 9:58:43 AM UTC-5, Jay wrote:
>
> Hello everyone,
>
> As part of our migration from CAS3.5 to CAS5.2.x we have added the new
> Password management module and using the change password functionality.
>
> Below are the changes we had to do and everything seems to working fine.
>
> #CAS property
> cas.authn.pm.enabled=true
>
>
>
> org.apereo.cas
> cas-server-support-pm
> ${cas.version}
>
>
>
>
>
> org.apereo.cas
> cas-server-support-pm-webflow
> ${cas.version}
>
>
>
>
> Since in this implementation we wont be able to access the ChangePassword
> screen directly from the url
> (https://:/cas/changePassword) *correct me if I am
> wrong here*.
>
> Is there a way I can enable the Change Password checkbox in the login
> screen when a user tries to access the above said url?
>
> Thanks,
> Jay
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/a32f2461-0bae-40d5-aa93-b2453b3a0e30%40apereo.org.
[cas-user] Deploying CAS5.2.X to Tomcat servers
Hello everyone, We are facing some issues deploying the CAS war file to the server in Unix. We have to keep separate properties file and config files for different environment and server deploy script will take of copying the files to the desired location and from where CAS application can read. Is there a guide or something we can follow to achieve this? Thanks in advance, Jay -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/7303f207-7b63-4b1d-bc35-9387527f8a2d%40apereo.org.
[cas-user] CAS5.2x Password Management/ Change Password flow
Hello everyone,
As part of our migration from CAS3.5 to CAS5.2.x we have added the new
Password management module and using the change password functionality.
Below are the changes we had to do and everything seems to working fine.
#CAS property
cas.authn.pm.enabled=true
org.apereo.cas
cas-server-support-pm
${cas.version}
org.apereo.cas
cas-server-support-pm-webflow
${cas.version}
Since in this implementation we wont be able to access the ChangePassword
screen directly from the url
(https://:/cas/changePassword) *correct me if I am wrong
here*.
Is there a way I can enable the Change Password checkbox in the login
screen when a user tries to access the above said url?
Thanks,
Jay
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/0064b54f-384c-4b04-96a0-b76e9f4083f9%40apereo.org.
[cas-user] <>Re: CAS5.2.x Service registry json Error
<<>>
But posting the fix I figured out, which might be helpful to someone.
JSON formatting was not proper. It should have been
[
{
},
{
}
]
Thanks,
Jay
On Tuesday, April 24, 2018 at 11:21:25 PM UTC-5, Jay wrote:
>
> Hi All,
>
> I need a quick understanding on defining the entries in the
> ServiceRegistry json file.
>
> Below is the entry from my json file
>
> <https://lh3.googleusercontent.com/-4aW0lSkOlUE/WuABta6YTdI/ADg/gbwwab2fVn0Tychsfirja8qAsE6n78DjACLcBGAs/s1600/registry_json.PNG>
>
> And see the below error in the log . My question is, are we supposed to
> have separate json file for each entry?
>
> 2018-04-24 23:06:41,744 ERROR
> [org.apereo.cas.services.resource.AbstractResourceBasedServiceRegistryDao]
> -
> org.hjson.ParseException: Extra characters in input: 123 at 8:0
> at org.hjson.HjsonParser.error(HjsonParser.java:500) ~[hjson-3.0.0.jar:?]
> at org.hjson.HjsonParser.checkTrailing(HjsonParser.java:110)
> ~[hjson-3.0.0.jar:?]
> at org.hjson.HjsonParser.parse(HjsonParser.java:88) ~[hjson-3.0.0.jar:?]
> at org.hjson.JsonValue.readHjson(JsonValue.java:130) ~[hjson-3.0.0.jar:?]
> at
> org.apereo.cas.util.serialization.AbstractJacksonBackedStringSerializer.readJsonFrom(AbstractJacksonBackedStringSerializer.java:120)
>
> ~[cas-server-core-util-api-5.3.0-RC2.jar:5.3.0-RC2]
> at
> org.apereo.cas.util.serialization.AbstractJacksonBackedStringSerializer.from(AbstractJacksonBackedStringSerializer.java:107)
>
> ~[cas-server-core-util-api-5.3.0-RC2.jar:5.3.0-RC2]
> at
> org.apereo.cas.util.serialization.StringSerializer.load(StringSerializer.java:100)
>
> ~[cas-server-core-util-api-5.3.0-RC2.jar:5.3.0-RC2]
> at
> org.apereo.cas.services.resource.AbstractResourceBasedServiceRegistryDao.lambda$load$4(AbstractResourceBasedServiceRegistryDao.java:269)
>
> ~[cas-server-core-services-registry-5.3.0-RC2.jar:5.3.0-RC2]
> at
> org.apereo.cas.services.resource.AbstractResourceBasedServiceRegistryDao$$Lambda$153/2009690216.apply(Unknown
>
> Source) ~[?:?]
> at
> java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:193)
> ~[?:1.8.0_31]
> at
> java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:175)
> ~[?:1.8.0_31]
> at
> java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1374)
>
> ~[?:1.8.0_31]
> at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:512)
> ~[?:1.8.0_31]
> at
> java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:502)
> ~[?:1.8.0_31]
> at
> java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:708)
> ~[?:1.8.0_31]
> at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
> ~[?:1.8.0_31]
> at java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:499)
> ~[?:1.8.0_31]
> at
> org.apereo.cas.services.resource.AbstractResourceBasedServiceRegistryDao.load(AbstractResourceBasedServiceRegistryDao.java:270)
>
> ~[cas-server-core-services-registry-5.3.0-RC2.jar:5.3.0-RC2]
> at
> org.apereo.cas.services.resource.AbstractResourceBasedServiceRegistryDao$$Lambda$146/1473433666.apply(Unknown
>
> Source) ~[?:?]
> at
> java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:193)
> ~[?:1.8.0_31]
> at
> java.util.LinkedList$LLSpliterator.forEachRemaining(LinkedList.java:1235)
> ~[?:1.8.0_31]
> at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:512)
> ~[?:1.8.0_31]
> at
> java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:502)
> ~[?:1.8.0_31]
> at
> java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:708)
> ~[?:1.8.0_31]
> at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
> ~[?:1.8.0_31]
> at java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:499)
> ~[?:1.8.0_31]
> at
> org.apereo.cas.services.resource.AbstractResourceBasedServiceRegistryDao.load(AbstractResourceBasedServiceRegistryDao.java:232)
>
> ~[cas-server-core-services-registry-5.3.0-RC2.jar:5.3.0-RC2]
> at
> org.apereo.cas.services.AbstractServicesManager.load(AbstractServicesManager.java:191)
>
> ~[cas-server-core-services-registry-5.3.0-RC2.jar:5.3.0-RC2]
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> ~[?:1.8.0_31]
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> ~[?:1.8.0_31]
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>
> ~[?:1.8.0_31]
> at java.lang.reflect.Method.invoke(Method.java:483) ~[?:1.8.0_31]
> at
> org.springframework.beans.factory.annotation.InitDestroy
[cas-user] Acceptable Usage Policy(AUP) in CAS5.2.x
Hello everyone,
As part of the migration from CAS3.5 to CAS5.2.x, we have to implement the
User Policy acceptance UI to allow the user to agree to the terms.
In CAS3.5 we show the policy page even before the Login screen like shown
below
<https://lh3.googleusercontent.com/-pSKirpMNFsE/Wt7wOLpJNrI/AC8/DXbMUdoyw_st6lrEgfpDC14yBIFybh-pQCLcBGAs/s1600/AUP.png>
Tried to have the same feature in CAS5.x and included the following
properties.
- Added the below in application.properties file:
*cas.acceptableUsagePolicy.aupAttributeName=aupAccepted*
- Added the below dependency in pom.xml:
* *
*org.apereo.cas*
*
cas-server-support-aup-webflow*
*${cas.version}*
**
After adding the properties, User policy page is only shown after the user
login with his/her credentials not before the login. Is this in built in
CAS5 which cannot be changed or we can show the Policy page actually before
a user logs in. If so can you please help me here on how to change it.
Thanks & Regards,
Jay
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/c9f9b1b8-142d-49f8-9510-33813a98913d%40apereo.org.
Re: [cas-user] Re: CAS 5.2.x as IDP using SAML 2.0
.Http11Processor.service(Http11Processor.java:803)
at
org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
at
org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:790)
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1459)
at
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
Caused by: javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1937)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
at
sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1478)
at
sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:212)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:957)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:892)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1050)
at
sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1363)
at
sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1391)
at
sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1375)
at
sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at
sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1512)
at
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1440)
at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
at
org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:442)
... 95 more
Caused by: sun.security.validator.ValidatorException: PKIX path building
failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387)
at
sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
at sun.security.validator.Validator.validate(Validator.java:260)
at
sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
at
sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
at
sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
at
sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1460)
... 108 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable
to find valid certification path to requested target
at
sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:145)
at
sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:131)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382)
... 114 more
On Friday, April 20, 2018 at 8:38:13 AM UTC-5, David Curry wrote:
>
> Did you create an entry in your service registry to allow the service? It
> should look something like this:
>
> {
> "@class" : "org.apereo.cas.support.saml.services.SamlRegisteredService",
> "serviceId" : "IAMShowcase",
> "name" : "Test SP",
> "id" : 123456789,
> "description" : "IAMShowcase test SP",
> "metadataLocation" : "file:/etc/cas/saml/sp-metadata/iamshowcase.xml",
> "evaluationOrder" : 1
> }
>
>
> with some sort of attribute release policy added. Note that the
> entityID for that service is "IAMShowcase", NOT a URL (see the metadata).
>
> --Dave
>
>
> --
>
> DAVID A. CURRY, CISSP
> *DIRECTOR OF INFORMATION SECURITY*
> INFORMATION TECHNOLOGY
>
> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
> +1 212 229-5300 x4728 • david.cu...@newschool.edu
>
> [image:
Re: [cas-user] Re: CAS 5.2.x as IDP using SAML 2.0
Thank you Dave. I guess it worked out for me, it was able to hit the IDP successfully and I think I am missing something in the CAS-Overlay. Can you help me here. Below is the error message I see when I hit the url that was generated in sptest.iamshowcase.com/instructions after uploading the metadata file generated locally. <https://lh3.googleusercontent.com/-NVA435Of-Lw/WtmH752aYVI/AB8/PUCeCO-TD3wOq3t4yTDuAKPPm8aroebBACLcBGAs/s1600/Capture.PNG> On Thursday, April 19, 2018 at 6:58:16 AM UTC-5, David Curry wrote: > > Just this week I discovered https://sptest.iamshowcase.com/ that lets > you set up a custom SP to talk to your IdP for testing. You download their > metadata, save it somewhere on your server > (/etc/cas/saml/sp-metadata/iamshowcase.xml or something), upload your CAS > IdP metadata to them, create a service definition, and you're done. Takes > like 5 minutes. > > You can also use testshib.org of course, but personally I find it to be > pretty cumbersome, both generally and because it's very > Shibboleth/InCommon-centric (it's their site, so that's okay, but it's a > hassle when you're wanting to use it for something else). > > --Dave > > > > -- > > DAVID A. CURRY, CISSP > *DIRECTOR OF INFORMATION SECURITY* > INFORMATION TECHNOLOGY > > 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003 > +1 212 229-5300 x4728 • david.cu...@newschool.edu > > [image: The New School] > > On Thu, Apr 19, 2018 at 12:52 AM, Jay <sjayanth@lifetouch.com > > wrote: > >> Hi Matt, >> >> Thank you so much, that helped in setting up the Local CAS application as >> IDP and was able to see the metadata generated carefully by invoking the >> idp url (/idp/metadata). >> >> To test it I was looking at setting up a local Shibboleth SP application >> but couldn't since I use Windows and Apache Tomcat to run the CAS >> application. Any info in this regard would really help. >> >> Thank you, >> Jay >> >> On Thursday, April 12, 2018 at 2:47:40 PM UTC-5, Matthew Uribe wrote: >>> >>> Jay, >>> >>> I just recently went through an upgrade from CAS 3.5.2 to 5.2.0 and this >>> documentation was immeasurably helpful: >>> >>> >>> https://dacurry-tns.github.io/deploying-apereo-cas/building_server_saml_overview.html >>> >>> >>> On Thursday, April 12, 2018 at 10:40:21 AM UTC-6, Jay wrote: >>>> >>>> Hello everyone, >>>> >>>> We are recently in process of upgrading from CAS3.5 to CAS5.2 as part >>>> of this effort we need to provide support of SAML authentication to an >>>> external application (say 'abc' application). >>>> >>>> Here 'abc' will be the SP and new CAS5.x will be the identity provider. >>>> >>>> Could someone guide us or tell how to achieve since we are new to >>>> CAS5.x framework, it would be very helpful the achieve this implementation. >>>> >>>> Thanks, >>>> Jay >>>> >>> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to cas-user+u...@apereo.org . >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/fe87891a-9508-42d3-a044-207b6f3e31ac%40apereo.org >> >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/fe87891a-9508-42d3-a044-207b6f3e31ac%40apereo.org?utm_medium=email_source=footer> >> . >> > > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/acf02555-d016-446c-a162-3c6015c62c3f%40apereo.org.
[cas-user] Re: CAS 5.2.x as IDP using SAML 2.0
Hi Matt, Thank you so much, that helped in setting up the Local CAS application as IDP and was able to see the metadata generated carefully by invoking the idp url (/idp/metadata). To test it I was looking at setting up a local Shibboleth SP application but couldn't since I use Windows and Apache Tomcat to run the CAS application. Any info in this regard would really help. Thank you, Jay On Thursday, April 12, 2018 at 2:47:40 PM UTC-5, Matthew Uribe wrote: > > Jay, > > I just recently went through an upgrade from CAS 3.5.2 to 5.2.0 and this > documentation was immeasurably helpful: > > > https://dacurry-tns.github.io/deploying-apereo-cas/building_server_saml_overview.html > > > On Thursday, April 12, 2018 at 10:40:21 AM UTC-6, Jay wrote: >> >> Hello everyone, >> >> We are recently in process of upgrading from CAS3.5 to CAS5.2 as part of >> this effort we need to provide support of SAML authentication to an >> external application (say 'abc' application). >> >> Here 'abc' will be the SP and new CAS5.x will be the identity provider. >> >> Could someone guide us or tell how to achieve since we are new to CAS5.x >> framework, it would be very helpful the achieve this implementation. >> >> Thanks, >> Jay >> > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/fe87891a-9508-42d3-a044-207b6f3e31ac%40apereo.org.
[cas-user] CAS 5.2.x as IDP using SAML 2.0
Hello everyone, We are recently in process of upgrading from CAS3.5 to CAS5.2 as part of this effort we need to provide support of SAML authentication to an external application (say 'abc' application). Here 'abc' will be the SP and new CAS5.x will be the identity provider. Could someone guide us or tell how to achieve since we are new to CAS5.x framework, it would be very helpful the achieve this implementation. Thanks, Jay -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/2dfb8750-be37-4603-8621-5cc51142d6e4%40apereo.org.
[cas-user] CAS 5.1.0 not deploying in tomcat
I have created a war overlay project that I have deployed on my local eclipse IDE tomcat environment. When I try to deploy the same war to our production tomcat the war explodes and claims to start up. However the spring banner is never displayed and I receive a 404 for the cas url through the browser also. I have tried to use the default war file from maven and did not have any success with that. Here is my output INFO: Deploying web application archive /opt/tomcat-7.0.69/webapps/webservices#cas#entity.war Jul 26, 2017 11:07:21 AM org.apache.catalina.startup.TldConfig execute INFO: At least one JAR was scanned for TLDs yet contained no TLDs. Enable debug logging for this logger for a complete list of JARs that were scanned but no TLDs were found in them. Skipping unneeded JARs during scanning can improve startup time and JSP compilation time. 2017-07-26 11:07:22,111 localhost-startStop-1 ERROR GELF contains an invalid element or attribute "additionalFields" == on startup === == on startup Completed=== 2017-07-26 11:07:22,656 localhost-startStop-1 ERROR GELF contains an invalid element or attribute "additionalFields" Jul 26, 2017 11:09:25 AM org.apache.catalina.util.SessionIdGeneratorBase createSecureRandom INFO: Creation of SecureRandom instance for session ID generation using [SHA1PRNG] took [122,831] milliseconds. Jul 26, 2017 11:09:25 AM org.apache.catalina.startup.HostConfig deployWAR INFO: Deployment of web application archive /opt/tomcat-7.0.69/webapps/webservices#cas#entity.war has finished in 124,362 ms Jul 26, 2017 11:09:25 AM org.apache.catalina.startup.HostConfig deployDirectory INFO: Deploying web application directory /opt/tomcat-7.0.69/webapps/manager Jul 26, 2017 11:09:25 AM org.apache.catalina.startup.HostConfig deployDirectory INFO: Deployment of web application directory /opt/tomcat-7.0.69/webapps/manager has finished in 29 ms Jul 26, 2017 11:09:25 AM org.apache.coyote.AbstractProtocol start INFO: Starting ProtocolHandler ["http-apr-8080"] Jul 26, 2017 11:09:25 AM org.apache.coyote.AbstractProtocol start INFO: Starting ProtocolHandler ["ajp-apr-8009"] Jul 26, 2017 11:09:25 AM org.apache.catalina.startup.Catalina start INFO: Server startup in 124454 ms Environment info: Eclipse : oxygen Tomcat : 7.0.69 Jdk : 1.8.0_91 Any help is appreciated. Jay Peterson Senior Developer [cid:image001.png@01D2DF8C.BBC151F0] Digitize Your Mortgage Process 1800 West 213th Street Torrance, CA 90501 Office: (800) 649-1362 x6354 Fax: (310) 243-1454 j...@docmagic.com<mailto:j...@docmagic.com> www.DocMagic.com<http://www.DocMagic.com> Confidentiality Notice: This communication (including any attachments) may contain privileged or confidential information intended for a specific individual and purpose, and is protected by law. If you are not the intended recipient, you should delete this communication and/or shred the materials and any attachments and are hereby notified that any disclosure, copying, or distribution of this communication, or the taking of any action based on it, is strictly prohibited. Please consider the environment before printing this email. -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/dbad5e1f975a44f5840f20d1e7bc7eb3%40mailsrv.docmagic.com.
