Re: [cas-user] Application Not Authorized to Use CAS, After authentication.

2019-11-17 Thread mohamed gamal 
Maybe this is what is causing your config not to work with us, we are using
version 6.1.0-RC4.

On Sun, Nov 17, 2019 at 2:33 PM Abdelrahman Halawa 
wrote:

> CAS v5.3.x
>
>
>
>
> On Sun, 17 Nov 2019 at 09:44, mohamed gamal 
> wrote:
>
>> Mr Abdelrahman, thanks for your support.
>> which version are you using ?
>>
>> --
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to cas-user+unsubscr...@apereo.org.
>> To view this discussion on the web visit
>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/d2798992-7c7e-469d-9283-6a2ba279aef1%40apereo.org
>> 
>> .
>>
>
>
> --
> Best regards,
> 
>
> ​
>
> *Abdelrahman Halawa*
> Teacher Assistant, Computer and Systems Department, Al-Azhar University
> +2 01008131693 <+2+01008131693> | abdelrahmanhal...@gmail.com | Skype:
> abdelrahmanhalawa  | Maadi, Cairo,
> Egypt
> 
> 
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to a topic in the
> Google Groups "CAS Community" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/a/apereo.org/d/topic/cas-user/PysooL5aXXs/unsubscribe
> .
> To unsubscribe from this group and all its topics, send an email to
> cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAHr-WtbVeSNdQa8i52iVKoUYeSGbfXS9xR%2BGsFDGcePtzrEMWw%40mail.gmail.com
> 
> .
>


-- 
Mohamed Ahmed Moursi
Computer Engineer.
Al-kharj, Saudi Arabia.
Mobile SA: +966555192325
Skype: live:b155f044caf1b8b6

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CABB5vGfNvxi1anm%3DjxGYG_-iO1exgBdUg_PUzKuqxTqcjOVRpg%40mail.gmail.com.

Re: [cas-user] Application Not Authorized to Use CAS, After authentication.

2019-11-17 Thread Abdelrahman Halawa 
CAS v5.3.x




On Sun, 17 Nov 2019 at 09:44, mohamed gamal 
wrote:

> Mr Abdelrahman, thanks for your support.
> which version are you using ?
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/d2798992-7c7e-469d-9283-6a2ba279aef1%40apereo.org
> 
> .
>


-- 
Best regards,


​

*Abdelrahman Halawa*
Teacher Assistant, Computer and Systems Department, Al-Azhar University
+2 01008131693 <+2+01008131693> | abdelrahmanhal...@gmail.com | Skype:
abdelrahmanhalawa  | Maadi, Cairo, Egypt



-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAHr-WtbVeSNdQa8i52iVKoUYeSGbfXS9xR%2BGsFDGcePtzrEMWw%40mail.gmail.com.

Re: [cas-user] Application Not Authorized to Use CAS, After authentication.

2019-11-16 Thread mohamed gamal 
Mr Abdelrahman, thanks for your support.
which version are you using ?

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/d2798992-7c7e-469d-9283-6a2ba279aef1%40apereo.org.

Re: [cas-user] Application Not Authorized to Use CAS, After authentication.

2019-11-14 Thread Abdelrahman Halawa 
Hi Mohammed,

below is my JSON file, you are free to use it and try. but you must
configure the SharePoint to use UPN and mail claims as the JSON shows.
Hint: It is a must to use the *realmcas *certificate as the signing
certificate for SharePoint config.

{
  "@class" : "org.apereo.cas.ws.idp.services.WSFederationRegisteredService",
  "serviceId" : "https://.xxx.xxx.*;,
  "realm" : "urn:org:apereo:cas:ws:idp:realm-CAS",
  "name" : "Simple WS fed test application",
  "id" : "101",
  "description" : "SharePoint",
  "evaluationOrder" : 1,
  "tokenType" : "
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1;,
  "attributeReleasePolicy" : {
"@class" :
"org.apereo.cas.ws.idp.services.WSFederationClaimsReleasePolicy",
"allowedAttributes" : {
  "@class" : "java.util.TreeMap",
 "USER_PRINCIPAL_NAME_2005" : "upn",
 "EMAIL_ADDRESS_2005" : "mail"
   }
  }
}




On Wed, 13 Nov 2019 at 16:09, mohamed gamal 
wrote:

> Unfortunatly Mr Abdelrahman,
>>
>> we are still facing the same error
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/82015f25-f74b-46d6-8504-8c85c1f28a2e%40apereo.org
> 
> .
>


-- 
Best regards,


​

*Abdelrahman Halawa*
Teacher Assistant, Computer and Systems Department, Al-Azhar University
+2 01008131693 <+2+01008131693> | abdelrahmanhal...@gmail.com | Skype:
abdelrahmanhalawa  | Maadi, Cairo, Egypt



-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAHr-WtYcRMjViow_DSnge9CdL9zBr6WGgVxx0%2B71FUT8uuzGBg%40mail.gmail.com.

Re: [cas-user] Application Not Authorized to Use CAS, After authentication.

2019-11-13 Thread mohamed gamal 
Unfortunatly Mr Abdelrahman, 
>
> we are still facing the same error 

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/82015f25-f74b-46d6-8504-8c85c1f28a2e%40apereo.org.

Re: [cas-user] Application Not Authorized to Use CAS, After authentication.

2019-11-12 Thread Abdelrahman Halawa 
Hi Mohammed,

Everything looks good except you need to set the token type in JSON file to
be SAMLV1.1.
SharePoint supports SAMLV1.1 only and the default in CAS is SAMLv2.
Change your JSON file as below and try again

..
"evaluationOrder" : 2,
"tokenType" : "
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1;,
..
.








On Tue, 12 Nov 2019 at 13:25, mohamed gamal 
wrote:

> Dear Abdelrahman,
> Below you can find the configuration  and ther service json.
> Thanks for your support
>
>
> cas.authn.wsfedIdp.idp.realm=urn:org:apereo:cas:ws:idp:realm-CAS
> cas.authn.wsfedIdp.idp.realmName=CAS
> cas.authn.wsfedIdp.sts.subjectNameIdFormat=unspecified
> cas.authn.wsfedIdp.sts.encryptTokens=false
> cas.authn.wsfedIdp.sts.signingKeystoreFile=file
> :/etc/cas/config/signing.jks
> cas.authn.wsfedIdp.sts.signingKeystorePassword=changeit
> cas.authn.wsfedIdp.sts.encryptionKeystoreFile=file
> :/etc/cas/config/encryption.jks
> cas.authn.wsfedIdp.sts.encryptionKeystorePassword=changeit
> cas.authn.wsfedIdp.sts.realm.keystoreFile=file
> :/etc/cas/config/realmcas.jks
> cas.authn.wsfedIdp.sts.realm.keystorePassword=changeit
> cas.authn.wsfedIdp.sts.realm.keystoreAlias=realmcas
> cas.authn.wsfedIdp.sts.realm.keyPassword=changeit
> cas.authn.wsfedIdp.sts.realm.issuer=CAS
> cas.authn.wsfedIdp.sts.crypto.signing.key=xx
> cas.authn.wsfedIdp.sts.crypto.signing.keySize=xxx
> cas.authn.wsfedIdp.sts.crypto.encryption.key=xx
> cas.authn.wsfedIdp.sts.crypto.encryption.keySize=xxx
> cas.authn.wsfedIdp.sts.crypto.enabled=true
>
>
> {
> "@class" : "org.apereo.cas.ws.idp.services.WSFederationRegisteredService",
> "serviceId" : "https://devsp.xxx.xxx.xxx/.*;,
> "realm" : "urn:org:apereo:cas:ws:idp:realm-CAS",
> "name" : "Simple WS fed test application",
> "id" : 101,
> "evaluationOrder" : 2,
> "attributeReleasePolicy" : {
> "@class" : "org.apereo.cas.services.ReturnAllAttributeReleasePolicy"
> },
> "accessStrategy" : {
> "@class" :
> "org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy",
> "enabled" : true,
> "ssoEnabled":true,
> "caseInsensitive":true
> }
> }
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/4795c1da-9100-4bdd-a3c3-d22be3a5c0ca%40apereo.org
> 
> .
>


-- 
Best regards,


​

*Abdelrahman Halawa*
Teacher Assistant, Computer and Systems Department, Al-Azhar University
+2 01008131693 <+2+01008131693> | abdelrahmanhal...@gmail.com | Skype:
abdelrahmanhalawa  | Maadi, Cairo, Egypt



-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAHr-WtYUNPBcs6yuxnB6GaaokWGBf_0BMRy88GFkZMdiA9gndw%40mail.gmail.com.

Re: [cas-user] Application Not Authorized to Use CAS, After authentication.

2019-11-12 Thread mohamed gamal 
Dear Abdelrahman,
Below you can find the configuration  and ther service json.
Thanks for your support


cas.authn.wsfedIdp.idp.realm=urn:org:apereo:cas:ws:idp:realm-CAS
cas.authn.wsfedIdp.idp.realmName=CAS
cas.authn.wsfedIdp.sts.subjectNameIdFormat=unspecified
cas.authn.wsfedIdp.sts.encryptTokens=false
cas.authn.wsfedIdp.sts.signingKeystoreFile=file:/etc/cas/config/signing.jks
cas.authn.wsfedIdp.sts.signingKeystorePassword=changeit
cas.authn.wsfedIdp.sts.encryptionKeystoreFile=file
:/etc/cas/config/encryption.jks
cas.authn.wsfedIdp.sts.encryptionKeystorePassword=changeit
cas.authn.wsfedIdp.sts.realm.keystoreFile=file:/etc/cas/config/realmcas.jks
cas.authn.wsfedIdp.sts.realm.keystorePassword=changeit
cas.authn.wsfedIdp.sts.realm.keystoreAlias=realmcas
cas.authn.wsfedIdp.sts.realm.keyPassword=changeit
cas.authn.wsfedIdp.sts.realm.issuer=CAS
cas.authn.wsfedIdp.sts.crypto.signing.key=xx
cas.authn.wsfedIdp.sts.crypto.signing.keySize=xxx
cas.authn.wsfedIdp.sts.crypto.encryption.key=xx
cas.authn.wsfedIdp.sts.crypto.encryption.keySize=xxx
cas.authn.wsfedIdp.sts.crypto.enabled=true


{
"@class" : "org.apereo.cas.ws.idp.services.WSFederationRegisteredService",
"serviceId" : "https://devsp.xxx.xxx.xxx/.*;,
"realm" : "urn:org:apereo:cas:ws:idp:realm-CAS",
"name" : "Simple WS fed test application",
"id" : 101,
"evaluationOrder" : 2,
"attributeReleasePolicy" : {
"@class" : "org.apereo.cas.services.ReturnAllAttributeReleasePolicy"
},
"accessStrategy" : {
"@class" : "org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy",
"enabled" : true,
"ssoEnabled":true,
"caseInsensitive":true
}
}

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/4795c1da-9100-4bdd-a3c3-d22be3a5c0ca%40apereo.org.

Re: [cas-user] Application Not Authorized to Use CAS, After authentication.

2019-11-12 Thread mohamed gamal 
Dear Abdelrahman,
Below you can find the configuration  and ther service json.
Thanks for your support

cas.authn.wsfedIdp.idp.realm=urn:org:apereo:cas:ws:idp:realm-CAS
cas.authn.wsfedIdp.idp.realmName=CAS
cas.authn.wsfedIdp.sts.subjectNameIdFormat=unspecified
cas.authn.wsfedIdp.sts.encryptTokens=false
cas.authn.wsfedIdp.sts.signingKeystoreFile=file:/etc/cas/config/signing.jks
cas.authn.wsfedIdp.sts.signingKeystorePassword=changeit
cas.authn.wsfedIdp.sts.encryptionKeystoreFile=file
:/etc/cas/config/encryption.jks
cas.authn.wsfedIdp.sts.encryptionKeystorePassword=changeit
cas.authn.wsfedIdp.sts.realm.keystoreFile=file:/etc/cas/config/realmcas.jks
cas.authn.wsfedIdp.sts.realm.keystorePassword=changeit
cas.authn.wsfedIdp.sts.realm.keystoreAlias=realmcas
cas.authn.wsfedIdp.sts.realm.keyPassword=changeit
cas.authn.wsfedIdp.sts.realm.issuer=CAS
cas.authn.wsfedIdp.sts.crypto.signing.key=xx
cas.authn.wsfedIdp.sts.crypto.signing.keySize=xxx
cas.authn.wsfedIdp.sts.crypto.encryption.key=xx
cas.authn.wsfedIdp.sts.crypto.encryption.keySize=xxx
cas.authn.wsfedIdp.sts.crypto.enabled=true


{
"@class" : "org.apereo.cas.ws.idp.services.WSFederationRegisteredService",
"serviceId" : "https://devsp.xxx.xxx.xxx/.*;,
"realm" : "urn:org:apereo:cas:ws:idp:realm-CAS",
"name" : "Simple WS fed test application",
"id" : 101,
"evaluationOrder" : 2,
"attributeReleasePolicy" : {
"@class" : "org.apereo.cas.services.ReturnAllAttributeReleasePolicy"
},
"accessStrategy" : {
"@class" : "org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy",
"enabled" : true,
"ssoEnabled":true,
"caseInsensitive":true
}
}

On Tuesday, November 12, 2019 at 11:40:40 AM UTC+3, Abdelrahman Halawa 
wrote:
>
> Hi Mohammed,
>
> Could you share your WS-Fed configuration with the CAS and JSON file of 
> the service as well may I help you.
>
>
>
>
> On Tue, Nov 12, 2019 at 7:39 AM mohamed gamal  > wrote:
>
>> Hello Steve,
>> Thanks for your support. 
>> but now I am getting this error 
>>  DEBUG [org.apereo.cas.support.realm.UriRealmParser] - > [CAS]>  
>> │
>> │2019-11-11 13:22:51,868 WARN 
>> [org.apache.cxf.sts.token.provider.SAMLTokenProvider] - <>  
>> 
>> │
>> │java.lang.ClassCastException: class java.lang.String cannot be cast to 
>> class java.net.URI (java.lang.String and java.net.URI are in module 
>> java.base of loader 'bootstrap')  │
>> │   at 
>> org.apereo.cas.support.claims.CustomNamespaceWSFederationClaimsClaimsHandler$CustomNamespaceWSFederationClaimsList.contains(CustomNamespaceWSFederationClaimsClaimsHandler.java:58)
>>  
>> ~[cas-server-suppor│
>> │   at 
>> org.apache.cxf.sts.claims.ClaimsManager.filterHandlerClaims(ClaimsManager.java:286)
>>  
>> ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2]  
>>│
>> │   at 
>> org.apache.cxf.sts.claims.ClaimsManager.handleClaims(ClaimsManager.java:191) 
>> ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2]  
>>   │
>> │   at 
>> org.apache.cxf.sts.claims.ClaimsManager.retrieveClaimValues(ClaimsManager.java:149)
>>  
>> ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2]  
>>│
>> │   at 
>> org.apache.cxf.sts.claims.ClaimsManager.retrieveClaimValues(ClaimsManager.java:110)
>>  
>> ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2]  
>>│
>> │   at 
>> org.apache.cxf.sts.claims.ClaimsUtils.processClaims(ClaimsUtils.java:57) 
>> ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2]  
>>   │
>> │   at 
>> org.apache.cxf.sts.claims.ClaimsAttributeStatementProvider.getStatement(ClaimsAttributeStatementProvider.java:38)
>>  
>> ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2]  
>>  │
>> │   at 
>> org.apache.cxf.sts.token.provider.SAMLTokenProvider.createCallbackHandler(SAMLTokenProvider.java:336)
>>  
>> ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2]  
>>  │
>> │   at 
>> org.apache.cxf.sts.token.provider.SAMLTokenProvider.createSamlToken(SAMLTokenProvider.java:307)
>>  
>> ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2]  
>>│
>> │   at 
>> org.apache.cxf.sts.token.provider.SAMLTokenProvider.createToken(SAMLTokenProvider.java:121)
>>  
>> ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2]  
>>│
>> │   at 
>>

Re: [cas-user] Application Not Authorized to Use CAS, After authentication.

2019-11-12 Thread Abdelrahman Halawa 
Hi Mohammed,

Could you share your WS-Fed configuration with the CAS and JSON file of the
service as well may I help you.




On Tue, Nov 12, 2019 at 7:39 AM mohamed gamal 
wrote:

> Hello Steve,
> Thanks for your support.
> but now I am getting this error
>  DEBUG [org.apereo.cas.support.realm.UriRealmParser] -  [CAS]>
> │
> │2019-11-11 13:22:51,868 WARN
> [org.apache.cxf.sts.token.provider.SAMLTokenProvider] - <>
>
> │
> │java.lang.ClassCastException: class java.lang.String cannot be cast to
> class java.net.URI (java.lang.String and java.net.URI are in module
> java.base of loader 'bootstrap')  │
> │   at
> org.apereo.cas.support.claims.CustomNamespaceWSFederationClaimsClaimsHandler$CustomNamespaceWSFederationClaimsList.contains(CustomNamespaceWSFederationClaimsClaimsHandler.java:58)
> ~[cas-server-suppor│
> │   at
> org.apache.cxf.sts.claims.ClaimsManager.filterHandlerClaims(ClaimsManager.java:286)
> ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2]
>│
> │   at
> org.apache.cxf.sts.claims.ClaimsManager.handleClaims(ClaimsManager.java:191)
> ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2]
>   │
> │   at
> org.apache.cxf.sts.claims.ClaimsManager.retrieveClaimValues(ClaimsManager.java:149)
> ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2]
>│
> │   at
> org.apache.cxf.sts.claims.ClaimsManager.retrieveClaimValues(ClaimsManager.java:110)
> ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2]
>│
> │   at
> org.apache.cxf.sts.claims.ClaimsUtils.processClaims(ClaimsUtils.java:57)
> ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2]
>   │
> │   at
> org.apache.cxf.sts.claims.ClaimsAttributeStatementProvider.getStatement(ClaimsAttributeStatementProvider.java:38)
> ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2]
>  │
> │   at
> org.apache.cxf.sts.token.provider.SAMLTokenProvider.createCallbackHandler(SAMLTokenProvider.java:336)
> ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2]
>  │
> │   at
> org.apache.cxf.sts.token.provider.SAMLTokenProvider.createSamlToken(SAMLTokenProvider.java:307)
> ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2]
>│
> │   at
> org.apache.cxf.sts.token.provider.SAMLTokenProvider.createToken(SAMLTokenProvider.java:121)
> ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2]
>│
> │   at
> org.apache.cxf.sts.operation.TokenIssueOperation.issueSingle(TokenIssueOperation.java:172)
> ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2]
> │
> │   at
> org.apache.cxf.sts.operation.TokenIssueOperation.issue(TokenIssueOperation.java:85)
> ~[cxf-services-sts-core-3.3.2.jar!/:3.3.2]
>│
> │   at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native
> Method) ~[?:?]
>   │
> │   at
> jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> ~[?:?]
> │
> │   at
> jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> ~[?:?]
> │
> │   at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?]
>
> │
> │   at
> org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider.invoke(SecurityTokenServiceProvider.java:244)
> ~[cxf-rt-ws-security-3.3.2.jar!/:3.3.2]
>
>
> and this
>
>   at
> org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:836)
> ~[tomcat-coyote-9.0.20.jar!/:9.0.20]
>│
> │   at
> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1839)
> ~[tomcat-coyote-9.0.20.jar!/:9.0.20]
>│
> │   at
> org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
> ~[tomcat-coyote-9.0.20.jar!/:9.0.20]
>│
> │   at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
> ~[?:?]
>│
> │   at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
> ~[?:?]
>│
> │   at
> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
> ~[tomcat-embed-core-9.0.20.jar!/:9.0.20]
> │
> │   at java.lang.Thread.run(Thread.java:834) [?:?]
>
> │
> │2019-11-11 13:22:51,868 WARN
>

Re: [cas-user] Application Not Authorized to Use CAS, After authentication.

2019-11-11 Thread mohamed gamal 
Hello Steve,
Thanks for your support. 
but now I am getting this error 
 DEBUG [org.apereo.cas.support.realm.UriRealmParser] -   
│
│2019-11-11 13:22:51,868 WARN 
[org.apache.cxf.sts.token.provider.SAMLTokenProvider] - <>  

│
│java.lang.ClassCastException: class java.lang.String cannot be cast to 
class java.net.URI (java.lang.String and java.net.URI are in module 
java.base of loader 'bootstrap')  │
│   at 
org.apereo.cas.support.claims.CustomNamespaceWSFederationClaimsClaimsHandler$CustomNamespaceWSFederationClaimsList.contains(CustomNamespaceWSFederationClaimsClaimsHandler.java:58)
 
~[cas-server-suppor│
│   at 
org.apache.cxf.sts.claims.ClaimsManager.filterHandlerClaims(ClaimsManager.java:286)
 
~[cxf-services-sts-core-3.3.2.jar!/:3.3.2]  
   │
│   at 
org.apache.cxf.sts.claims.ClaimsManager.handleClaims(ClaimsManager.java:191) 
~[cxf-services-sts-core-3.3.2.jar!/:3.3.2]  
  │
│   at 
org.apache.cxf.sts.claims.ClaimsManager.retrieveClaimValues(ClaimsManager.java:149)
 
~[cxf-services-sts-core-3.3.2.jar!/:3.3.2]  
   │
│   at 
org.apache.cxf.sts.claims.ClaimsManager.retrieveClaimValues(ClaimsManager.java:110)
 
~[cxf-services-sts-core-3.3.2.jar!/:3.3.2]  
   │
│   at 
org.apache.cxf.sts.claims.ClaimsUtils.processClaims(ClaimsUtils.java:57) 
~[cxf-services-sts-core-3.3.2.jar!/:3.3.2]  
  │
│   at 
org.apache.cxf.sts.claims.ClaimsAttributeStatementProvider.getStatement(ClaimsAttributeStatementProvider.java:38)
 
~[cxf-services-sts-core-3.3.2.jar!/:3.3.2]  
 │
│   at 
org.apache.cxf.sts.token.provider.SAMLTokenProvider.createCallbackHandler(SAMLTokenProvider.java:336)
 
~[cxf-services-sts-core-3.3.2.jar!/:3.3.2]  
 │
│   at 
org.apache.cxf.sts.token.provider.SAMLTokenProvider.createSamlToken(SAMLTokenProvider.java:307)
 
~[cxf-services-sts-core-3.3.2.jar!/:3.3.2]  
   │
│   at 
org.apache.cxf.sts.token.provider.SAMLTokenProvider.createToken(SAMLTokenProvider.java:121)
 
~[cxf-services-sts-core-3.3.2.jar!/:3.3.2]  
   │
│   at 
org.apache.cxf.sts.operation.TokenIssueOperation.issueSingle(TokenIssueOperation.java:172)
 
~[cxf-services-sts-core-3.3.2.jar!/:3.3.2]  
│
│   at 
org.apache.cxf.sts.operation.TokenIssueOperation.issue(TokenIssueOperation.java:85)
 
~[cxf-services-sts-core-3.3.2.jar!/:3.3.2]  
   │
│   at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native 
Method) ~[?:?]  
  │
│   at 
jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
 
~[?:?]  
│
│   at 
jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
 
~[?:?]  
│
│   at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?]  

  │
│   at 
org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider.invoke(SecurityTokenServiceProvider.java:244)
 
~[cxf-rt-ws-security-3.3.2.jar!/:3.3.2] 


and this

  at 
org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:836)
 
~[tomcat-coyote-9.0.20.jar!/:9.0.20]
   │
│   at 
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1839)
 
~[tomcat-coyote-9.0.20.jar!/:9.0.20]
   │
│   at 
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) 
~[tomcat-coyote-9.0.20.jar!/:9.0.20]
   │
│   at

[cas-user] Application Not Authorized to Use CAS, After authentication.

2019-11-09 Thread mohamed gamal 
Hello everyone, 
I am trying to integrate cas with  a share point application using WS-FED I 
added the service file and the application connects normally to cas. the 
app redirects the user to cas for authentication, the user is authenticated 
by cas and I can see in logs that the user is authenticated and everything 
looks fine. But after the authentication the user is shown a message 
"Application Not Authorized to Use CAS". I am using the git service 
registry could this be the problem ? any idea how to solve this ? 
kindest regards.

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/8b7414a7-b714-400d-a1ea-16ee001b7f56%40apereo.org.