Re: [cas-user] CAS Management 6.5.6 with JPA Service Registry is also writing JSON files
Hi Fotis,
I'm having the exact same issue with cas management application. I don't
see org.apereo.cas:cas-server-support-json-service-registry on
dependencies.gradle
https://github.com/apereo/cas-management/blob/6.6.x/gradle/dependencies.gradle
.
And I've added implementation
"org.apereo.cas:cas-server-support-jpa-service-registry:${project.'casVersion'}"
to webapp.gradle and did a clean build. I'm still seeing the services
duplicated from management app
Every time I add a service / modify a service, It added in DB and also see
a json file created under .../cas-management/WEB-INF/classes/services
Could you able to help on this?
Thanks
Thini
On Friday, September 30, 2022 at 5:38:04 AM UTC-4 Fotis Memis wrote:
> Hello Trevor,
>
> I just submitted a PR (https://github.com/apereo/cas-management/pull/247)
> that backports the fix to the 6.5 version. This should solve your problem
> in the long term, since the change will be eventually propagated to the
> management-overlay. If you do not want to wait, you can build the project
> from the cas-management repo (as you already tried). The process that I
> personally follow (without claiming it is optimal, it just works for me) is
> the following.
>
>1. git clone https://github.com/apereo/cas-management.git
>2. git checkout 6.5.6
>3. #edit the dependencies.gradle as shown in the PR.
>4. #edit the ./gradle/webapp.gradle to include the dependencies you
>need. (ex: implementation
>"org.apereo.cas:cas-server-support-jpa-service-registry:${casVersion}")
>5. cd webapp/cas-mgmt-webapp
>6. ../../gradlew clean build
>
> You will find the produced war in the webapp/cas-mgmt-webapp/build/libs
> folder.
>
> Hope it helps,
>
> Fotis
>
> Until then,
> On 30/9/22 08:37, Trevor Fong wrote:
>
>
> Hi Ray,
>
> Thanks a lot for your reply.
> > Versioned branches are current for cas-management-overlay.
> Aha - thanks for pointing that out! Looking at the 6.5 version at
> https://github.com/apereo/cas-management-overlay/tree/6.5, there is a
> note:
> "This repository is always automatically generated from the CAS
> Initializr. Do NOT submit pull requests here as the change-set will be
> overwritten on the next sync.To learn more, please visit the CAS
> documentation."
> so it appears this is the same project as can be generated via "getcas
> --directory cas-management-overlay-6.5.6 --type cas-management-overlay
> --casVersion 6.5.6" and then you need to manually add in whatever
> dependencies you need in build.gradle.
> But as pointed out by Fotis, it looks like the base code that provides
> the cas-management-overlay-6.5.6 wrongly
> includes cas-server-support-json-service-registry, preconfigured, so I'll
> need to figure out how to create my own custom cas-management-overlay from
> that case code.
>
> Thanks,
> Trev
> On Thursday, September 29, 2022 at 6:22:40 PM UTC-7 Ray Bon wrote:
>
>> Trevor,
>>
>> Only the 'main' branch is not updated. Versioned branches are current for
>> cas-management-overlay.
>>
>> Ray
>>
>> On Thu, 2022-09-29 at 17:26 -0700, Trevor Fong wrote:
>>
>> Notice: This message was sent from outside the University of Victoria
>> email system. Please be cautious with links and sensitive information.
>>
>> Hi Fotis,
>>
>> Thanks a lot for your reply. How do I remove
>> the org.apereo.cas:cas-server-support-json-service-registry dependency if
>> I'm using the CAS Initializr? Is this possible?'
>> This is what I'm doing so far:
>> getcas --directory cas-management-overlay-6.5.6 --type
>> cas-management-overlay --casVersion 6.5.6 --modules
>> support-jpa-service-registry
>> Problem is that cas-management-overlay-6.5.6/gradle does not contain
>> dependencies.gradle.
>> Copying one in from
>> https://github.com/apereo/cas-management/blob/6.5.x/gradle/dependencies.gradle
>>
>> and removing the reference to
>> org.apereo.cas:cas-server-support-json-service-registry and then doing a
>> "./gradlew clean build" still produces a cas-management.war that
>> contains org.apereo.cas:cas-server-support-json-service-registry-6.5.6.jar
>> I'm guessing the starter project is prebuilt with
>> the cas-server-support-json-service-registry already configured?
>>
>> I've tried building from the code from github but It doesn't seem to
>> output a "cas-management.war" file like the output from CAS Initilizr:
>> git clone https://github.com/apereo/cas-management.git
>> git checkout v6.5.6
>> #edit cas-management/gradle/dependencies.gradle
>>
>> I haven't been able to compile a working cas-management webapp this way
>> so far: running "./gradlew clean build" doesn't produce a
>> cas-management.war file like the project from "getcas", rather it produces
>> build/libs/cas-mgmt-6.5.6.jar which is not deployable to tomcat. Does
>> anyone know how to produce the war file this way?
>>
>> Upgrading to cas-6.6.0/cas-mangement-6.6.0 via getcas doesn't work for me
>> - cas-mangement seems to login OK,
[cas-user] Re: cas/p3/login ?
I've ended up with the situation same as yours when I was configuring libauth with CAS v5. Have you find the way to solve this? Thanks On Thursday, September 14, 2017 at 9:02:55 AM UTC-4, atilling wrote: > I'm configuring an application that was designed to work with version 2 > protocol but with the modification to release attributes. > > The application has one location to add the cas context path if I set the > path to /cas the application logs in fine but can't get the attributes, if > I set the path to /cas/p3 the application tries to redirect to > /cas/p3/login?service=xxx which fails because that path isn't right for the > login page. > > Is there a way to make /cas/p3/login, /cas/p3/logout etc redirect to the > correct URL? It looks like I could change the URL in CasProtocolConstants > but that would break other applications. > > I would suggest to make the redirect or some sort of alias standard to > support these applications because I believe there are a lot of them. > > > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/45fc12c0-aae1-4edf-b9c1-673e34003401%40apereo.org.
Re: [cas-user] Point CAS apps at different Duo protected applications (group policies)
Thanks Travis -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/2a9c8d0b-9cc7-40f5-b103-0b9e3c93c937%40apereo.org.
Re: [cas-user] Point CAS apps at different Duo protected applications (group policies)
Hi Travis, Does management webapp work with discovery endpoint only in cas 5.3? I'm using CAS 5,2,8 -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/f9a0185b-dd99-4ce1-ab52-efbb649df489%40apereo.org.
Re: [cas-user] Point CAS apps at different Duo protected applications (group policies)
There are 2 getopt jars, java-getopt looks good, the other one was corrupted.
Download getopt-1.0.13.jar from https://mvnreposit
ory.com/artifact/gnu-getopt/getopt/1.0.13, it worked
Thanks Ray.
Hi Travis,
Now I've the Discovery endpoint configured, I can see 2 mfa service provider
types but both mapped to "Duo security" in mgmt. webapp
mfa-duo2|mfa-duo":"Duo Security|Duo Security
https://cas-sever.com/cas/status/discovery
{"profile":{"registeredServiceTypes":{"SAML2 Service
Provider":"org.apereo.cas.support.saml.services.SamlRegisteredService","CAS
Client":"org.apereo.cas.services.RegexRegisteredService"},"multifactorAuthenticationProviderTypes":{"mfa-duo2|mfa-duo":"Duo
Security|Duo Security"},"registeredServiceTypesSupported":{"SAML2 Service
Provider":"org.apereo.cas.support.saml.services.SamlRegisteredService","WS
Federation Relying
Party":"org.apereo.cas.ws.idp.services.WSFederationRegisteredService","OpenID
Connect Relying Party":"org.apereo.cas.services.OidcRegisteredService","OAuth2
Client":"org.apereo.cas.support.oauth.services.OAuthRegisteredService","CAS
Client":"org.apereo.cas.services.RegexRegisteredService"},"multifactorAuthenticationProviderTypesSupported":{"mfa-gauth":"Google
Authenticator","mfa-swivel":"Swivel
Secure","mfa-yubikey":"YubiKey","mfa-authy":"Authy","mfa-radius":"RADIUS
(RSA,WiKID)","mfa-u2f":"FIDO U2F","mfa-duo":"Duo
Security","mfa-azure":"Microsoft Azure"}}}
Here is the mfa provider config
cas.authn.mfa.duo[0].id=mfa-duo
cas.authn.mfa.duo[0].name=Duo_Allow
cas.authn.mfa.duo[0].duoApiHost=api-dcc11a82.duosecurity.com
cas.authn.mfa.duo[0].duoIntegrationKey=xxx
cas.authn.mfa.duo[0].duoSecretKey=x
cas.authn.mfa.duo[0].duoApplicationKey=xxx
cas.authn.mfa.duo[1].id=mfa-duo2
cas.authn.mfa.duo[1].name=Duo_Deny
cas.authn.mfa.duo[1].duoApiHost=api-dcc11a82.duosecurity.com
cas.authn.mfa.duo[1].duoIntegrationKey=xx
cas.authn.mfa.duo[1].duoSecretKey=xxxff
cas.authn.mfa.duo[1].duoApplicationKey=x
Any config required on management properties to map those profiles?
Thanks
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/54269b50-8ed2-4f25-b035-630870bfd59b%40apereo.org.
Re: [cas-user] Point CAS apps at different Duo protected applications (group policies)
Hi, I've tried deleting getopt folder and even tried delete the whole repository : /root/.m2/repository, didn't help This error only appear if I add the discovery profile dependency, If I remove I don't see it. Thanks -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/8f77ca31-78d3-4e26-9960-06a7766f6d0a%40apereo.org.
Re: [cas-user] Point CAS apps at different Duo protected applications (group policies)
I've tried deleting getopt folder and the whole repository download dir /root/.m2/repository, didn't help. If I remove the dependency 'cas-server-support-discovery-profile", the build works. Thanks -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/70818ece-26fa-49e7-9042-b93a58359d98%40apereo.org.
Re: [cas-user] Point CAS apps at different Duo protected applications (group policies)
Hi Travis,
When I add the dependency in pom.xml for discovery profile
(https://apereo.github.io/cas/5.2.x/installation/Configuration-Discovery.html),
got issues on maven build.
org.apereo.cas
cas-server-support-discovery-profile
${cas.version}
here is the error/warning I'm getting
[WARNING] The POM for gnu-getopt:getopt:jar:1.0.13 is invalid, transitive
dependencies (if any) will not be available: 1 problem was encountered
while building the effective model
[FATAL] Non-parseable POM
/root/.m2/repository/gnu-getopt/getopt/1.0.13/getopt-1.0.13.pom: end tag
name must match start tag name from line 888 (position:
START_TAG seen ... 08-Nov-2014 19:04
207\r\n... @888:18) @ line 888, column 18
Thanks
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/25772321-92d9-4f14-adf9-932d0cb13bb4%40apereo.org.
Re: [cas-user] Point CAS apps at different Duo protected applications (group policies)
Hi Travis, I've all the monitoring endpoints enabled already in cas properties. cas.monitor.endpoints.enabled: true endpoints.enabled: true # Mark the endpoints not sensitive cas.monitor.endpoints.sensitive:false endpoints.sensitive:false I've tried to enable discovery endpoints specifically , didn't work either. cas.monitor.endpoints.discovery.enabled:true cas.monitor.endpoints.discovery.sensitive: false here are the 2 duo profiles I have, cas.authn.mfa.duo[0].id=mfa-duo cas.authn.mfa.duo[0].name=Duo_Allow cas.authn.mfa.duo[0].duoApiHost=api-dcc11a82.duosecurity.com cas.authn.mfa.duo[0].duoIntegrationKey=xxx cas.authn.mfa.duo[0].duoSecretKey=xxx cas.authn.mfa.duo[0].duoApplicationKey=xxx cas.authn.mfa.duo[1].id=mfa-duo2 cas.authn.mfa.duo[1].name=Duo_Deny cas.authn.mfa.duo[1].duoApiHost=api-dcc11a82.duosecurity.com cas.authn.mfa.duo[1].duoIntegrationKey= cas.authn.mfa.duo[1].duoSecretKey= cas.authn.mfa.duo[1].duoApplicationKey=x Anything need to be added in management properties? Thanks -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/87190504-b92d-4f25-ae62-20051736b425%40apereo.org.
Re: [cas-user] Point CAS apps at different Duo protected applications (group policies)
Other recipients: Hi Travis, I'm in the same situation trying to configure multiple duo instances to apply different duo group policies. I've configured cas.properties with 2 duo instances and those are not showing up on management webapp to select as Multifactor Hi Travis, I'm in the same situation trying to configure multiple duo instances to apply different duo group policies. I've configured cas.properties with 2 duo instances and those are not showing up on management webapp to select as Multifactor Provider. I'm using cas 5.2.8 and JPA service registry. Thanks Thini -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/fc8e6c4e-c953-4811-8470-ca49985b0a4c%40apereo.org.
Re: [cas-user] Point CAS apps at different Duo protected applications (group policies)
Hi Travis,
I'm in the same situation trying to configure multiple duo instances to
apply different duo group policies. I've configured cas.properties with 2
duo instances and those are not showing up on management webapp to select
as Multifactor Provider. I'm using cas 5.2.8 and JPA service registry.
Thanks
Thini
On Friday, September 7, 2018 at 4:00:44 PM UTC-4, Travis Schmidt wrote:
> The first entry is what is used as the name for the auth context. You
> most likely Iikely authed against the second Duo, but it will just return
> the first one. I also think that the two are treated equally in an sso
> situation. So one fills MFA requirement for the other and vice versa.
>
> On Fri, Sep 7, 2018 at 12:41 PM Brian Gibson > wrote:
>
>> Thanks Travis,
>>
>> Moving to a newer version of CAS 5 is not an option for us now. Our Duo
>> rep said that he has customers doing what I asked but before I bug him for
>> help I was hoping someone on this list had this scenario working in a 5.1
>> environment?
>>
>>
>>
>>
>>
>> On 9/7/2018 2:48 PM, Travis Schmidt wrote:
>>
>> This PR https://github.com/apereo/cas/pull/3498, against 5.3.x addresses
>> this issue.
>>
>>
>> On Fri, Sep 7, 2018 at 11:42 AM Brian Gibson <
>> gibson...@wheatoncollege.edu > wrote:
>>
>>> Hi all,
>>>
>>> We have Duo working in our test CAS 5.1.2 environment. Now we'd like to
>>> point different CAS-protected services at different Duo Protected
>>> Applications so we can set different group policies for each. I created 2
>>> CAS applications inside Duo's admin portal, I called them
>>>
>>> "CAS ID=mfa-duo"
>>> "CAS ID=mfa-duo2"
>>>
>>> I then edited my cas.properties file and created a second set of Duo
>>> settings, here is what it looks like with the important data scrubbed out
>>>
>>> cas.authn.mfa.duo[0].duoSecretKey=**
>>> cas.authn.mfa.duo[0].duoApplicationKey=*<40 character random string>*
>>> cas.authn.mfa.duo[0].duoIntegrationKey=*>> ID=mfa-duo>*
>>> cas.authn.mfa.duo[0].duoApiHost=**
>>> cas.authn.mfa.duo[0].id=*mfa-duo*
>>> cas.authn.mfa.duo[0].name=Duo_Profile1
>>>
>>> cas.authn.mfa.duo[1].duoSecretKey=**
>>> cas.authn.mfa.duo[1].duoApplicationKey=*>> string>*
>>> cas.authn.mfa.duo[1].duoIntegrationKey=*>> ID=mfa-duo2>*
>>> cas.authn.mfa.duo[1].duoApiHost=**
>>> cas.authn.mfa.duo[1].id=*mfa-duo2*
>>> cas.authn.mfa.duo[1].name=Duo_Profile2
>>>
>>>
>>> I then edited the .json files for 2 services and added these sections
>>> for multifactor authentication, note the duo ID I am referencing
>>> differently in each...
>>>
>>> === Service 1
>>> multifactorPolicy:
>>> {
>>> @class:
>>> org.apereo.cas.services.DefaultRegisteredServiceMultifactorPolicy
>>> multifactorAuthenticationProviders:
>>> [
>>> java.util.HashSet
>>> [
>>> *mfa-duo*
>>> ]
>>> ]
>>> failureMode: CLOSED
>>> principalAttributeNameTrigger: memberOf
>>> principalAttributeValueToMatch: **
>>> bypassEnabled: false
>>> }
>>> ===
>>> === Service 2
>>> multifactorPolicy:
>>> {
>>> @class:
>>> org.apereo.cas.services.DefaultRegisteredServiceMultifactorPolicy
>>> multifactorAuthenticationProviders:
>>> [
>>> java.util.HashSet
>>> [
>>> *mfa-duo2*
>>> ]
>>> ]
>>> failureMode: CLOSED
>>> principalAttributeNameTrigger: memberOf
>>> principalAttributeValueToMatch: **
>>> bypassEnabled: false
>>> }
>>> ===
>>>
>>> When I log into both services I do get prompted to do 2 factor auth but
>>> when I authenticate on my phone app they both list the protected app named
>>>
>>> *"CAS ID=mfa-duo"*
>>>
>>> How do you get different CAS-protected services to point to different
>>> CAS instances in Duo (and therefore different group policies)?
>>>
>>> Thanks!
>>> --
>>> - Website: https://apereo.github.io/cas
>>> - Gitter Chatroom: https://gitter.im/apereo/cas
>>> - List Guidelines: https://goo.gl/1VRrw7
>>> - Contributions: https://goo.gl/mh7qDG
>>> ---
>>> You received this message because you are subscribed to the Google
>>> Groups "CAS Community" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to cas-user+u...@apereo.org .
>>> To view this discussion on the web visit
>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/6a4c87cd-8bda-58b7-d38f-04ef16532366%40wheatoncollege.edu
>>>
>>>
>>> .
>>>
>> --
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community"
Re: [cas-user] Cannot retrieve user attributes from PHP application behind mod_auth_cas
Thanks dhawes.
I'm using the php code to print the values retuned in the header
$value) {
echo "$name: $value\n";
}
?>
I've no issues if I use serviceValidate, but I'm only getting the username,
I do not see the rest of the attributes released
CASValidateURL https://:8443/cas/serviceValidate
CASValidateSAML Off
if I use SAML then I get error
CASValidateURL https://:8443/cas/samlValidate
CASValidateSAML On
I already built CAS with SAML 1.1 by adding cas-server-support-saml,
Thanks
Thini
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/293644e5-5f4f-4f26-a812-08aeb5f07603%40apereo.org.
Re: [cas-user] Cannot retrieve user attributes from PHP application behind mod_auth_cas
Hi
I'm seeing the same error even If I use /serviceValidate endpoint. As soon
as I turn on CASValidateSAML, I'm getting the error
Here is my mod_auth_cas. (I've used David Curry's Guide )
LoadModule auth_cas_module modules/mod_auth_cas.so
AuthType CAS
CASAuthNHeader On
Require valid-user
AuthTypeCAS
CASAuthNHeader On
Require valid-user
CASCertificatePath /etc/pki/tls/certs/
CASCookiePath /var/lib/cas/
CASValidateURL https://:8443/cas/serviceValidate
#CASValidateURL https://:8443/cas/samlValidate
CASLoginURL https://:8443/cas/login
CASSSOEnabled On
CASDebug On
CASValidateSAML On
LogLevel debug
>From the CAS Server, I do see the SERVICE_TICKET_CREATED but I don't see
the Service Validation
But I'm seeing the following warning.
2018-02-09 15:55:50,016 WARN [org.springframework.web.servlet.PageNotFound]
-
I'm using CAS 5.2.2 and mod_auth_cas from github
9https://github.com/apereo/mod_auth_cas)
And I've added support for SAML when I build the CAS
org.apereo.cas
cas-server-support-saml
${cas.version}
Thanks
Thini
>
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/49e89131-1f58-42b6-b311-7d8c5480d3c8%40apereo.org.
Re: [cas-user] Cannot retrieve user attributes from PHP application behind mod_auth_cas
Hi dhawes,
With the debug on,
[Thu Feb 08 16:07:44 2018] [debug] mod_auth_cas.c(2076): [client
129.100.6.30] Entering cas_authenticate(), referer:
https://:8443/cas/login?service=https%3a%2f%2f%2freturn-mapped%2findex.php
[Thu Feb 08 16:07:44 2018] [debug] mod_auth_cas.c(654): [client
129.100.6.30] Modified r->args (now ''), referer:
https://:8443/cas/login?service=https%3a%2f%2f%2freturn-mapped%2findex.php
[Thu Feb 08 16:07:44 2018] [debug] mod_auth_cas.c(1779): [client
129.100.6.30] entering getResponseFromServer(), referer:
https://:8443/cas/login?service=https%3a%2f%2f%2freturn-mapped%2findex.php
[Thu Feb 08 16:07:44 2018] [debug] mod_auth_cas.c(584): [client
129.100.6.30] CAS Service
'https%3a%2f%2f%2freturn-mapped%2findex.php', referer:
https://:8443/cas/login?service=https%3a%2f%2f%2freturn-mapped%2findex.php
[Thu Feb 08 16:07:44 2018] [debug] mod_auth_cas.c(1856): [client
129.100.6.30] Validation response: HTTP Status 406 \xe2\x80\x93 Not
Acceptableh1
{font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;}
h2
{font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;}
h3
{font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;}
body
{font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} b
{font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;}
p
{font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}
a {color:black;} a.name {color:black;} .line
{height:1px;background-color:#525D76;border:none;}HTTP
Status 406 \xe2\x80\x93 Not AcceptableType Status ReportDescription The target resource
does not have a current representation that would be acceptable to the user
agent, according to the proactive negotiation header fields received in the
request, and the server is unwilling to supply a default
representation.Apache
Tomcat/8.5.23, referer:
https://:8443/cas/login?service=https%3a%2f%2f%2freturn-mapped%2findex.php
[Thu Feb 08 16:07:44 2018] [debug] mod_auth_cas.c(1440): [client
129.100.6.30] entering isValidCASTicket(), referer:
https://:8443/cas/login?service=https%3a%2f%2f%2freturn-mapped%2findex.php
[Thu Feb 08 16:07:44 2018] [debug] mod_auth_cas.c(1446): [client
129.100.6.30] MOD_AUTH_CAS: response = HTTP Status 406 \xe2\x80\x93 Not
Acceptableh1
{font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;}
h2
{font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;}
h3
{font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;}
body
{font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} b
{font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;}
p
{font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}
a {color:black;} a.name {color:black;} .line
{height:1px;background-color:#525D76;border:none;}HTTP
Status 406 \xe2\x80\x93 Not AcceptableType Status ReportDescription The target resource
does not have a current representation that would be acceptable to the user
agent, according to the proactive negotiation header fields received in the
request, and the server is unwilling to supply a default
representation.Apache
Tomcat/8.5.23, referer:
https://:8443/cas/login?service=https%3a%2f%2f%2freturn-mapped%2findex.php
[Thu Feb 08 16:07:44 2018] [error] [client 129.100.6.30] MOD_AUTH_CAS:
error parsing CASv2 response: XML parser error code: syntax error (2),
referer:
https://:8443/cas/login?service=https%3a%2f%2f%2freturn-mapped%2findex.php
MOD_AUTH_CAS: error parsing CASv2 response: XML parser error code:
syntax error (2), referer:
https://:8443/cas/login?service=https%3a%2f%2f%2freturn-mapped%2findex.php
Thanks
Thini
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/8020e24a-fa21-4a35-af09-5eb5a2a274dd%40apereo.org.
Re: [cas-user] Cannot retrieve user attributes from PHP application behind mod_auth_cas
Hi David, I'm using mod_auth_cas configured to use the "samlValidate" endpoint. When I turn on CASValidateSAML and configure saml endpoint I'm getting the following error Authorization Required This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required. But I was able to get the principal user id without SAML endpoint I'm using CAS 5.2.2 Thanks Thini >> > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/2b1892e8-e858-459a-9107-6b1b93d46ac2%40apereo.org.
Re: [cas-user] Cas - Unauthorized
Hi, I'm getting the error only if I turn on CASValidateSAML and using the CASValidateURL with samilValidate endpoint. Authorization Required This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required. Thanks Thini > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/950eaed6-3748-4dd2-bcbc-8b5faf7c2b98%40apereo.org.
Re: [cas-user] Cas - Unauthorized
Hi Ramakrishna, have you find the way to resolve the issue? I'm having the same Thanks Thini Other recipients: Ramakrishna, Perhaps there is something not right with your client application config? Is it running on https://192.168.111.118:8443 or is that CAS? Multiple service tickets in the URL suggests that the request is being redirected to CAS multiple -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/cf0f4046-95d5-40a1-870e-492fca9db3fd%40apereo.org.
Re: [cas-user] CAS 5.2.2 Management webapp Attribute Release Policy issue
Hi Ray, It worked. Thanks so much Thini -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1c77bb99-7774-4c8c-8132-c086694af08e%40apereo.org.
[cas-user] CAS 5.2.2 Management webapp Attribute Release Policy issue
I'm using CAS 5.2.2 CAS and management webapp. When I add a service using management webapp, the Attribute Release Policy 'Return Allowed" option only shows "eppn", "givenname" and "uid". I do not defined them anywhere in cas.properties file. How Can I update this list of attributes ? Thanks Thini -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/c1d7a8d0-17fc-4764-941e-7b0bff3f664c%40apereo.org.
