I've gone through several simple example service configurations for both 6.1.5 and 6.2.0-RC5, and I'm currently trying:
{ "@class" : "org.apereo.cas.support.oauth.services.OAuthRegisteredService", "clientId": "client", "clientSecret": "secret", "serviceId" : "https://example.net/dashboard", "name" : "OAUTH", "id" : 1, "attributeReleasePolicy" : { "@class" : "org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy", "allowedAttributes" : [ "java.util.ArrayList", [ "cn", "mail", "sn" ] ] }, "supportedGrantTypes": [ "java.util.HashSet", [ "password" ] ] } When a password grant request is made, CAS cannot find a valid authentication handler. A UsernamePasswordCredential is extracted, but the DelegatedClientAuthenticationHandler will only accept ClientCredentials. Honestly after stepping though the code for days I don't see how this ever worked. I assume it does however, so I must be missing something. curl "[my server]/oauth2.0/token?grant_type=password&client_id=client&client_secret=secret&username=user&password=password" 2020-06-17 15:13:20,269 DEBUG [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <Authentication credentials provided for this transaction are [[UsernamePasswordCredential(username=user, source=null, customFields={})]]> 2020-06-17 15:13:20,270 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Candidate/Registered authentication handlers for this transaction are [[org.apereo.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler@20b9486d, org.apereo.cas.support.openid.authentication.handler.support.OpenIdCredentialsAuthenticationHandler@4b249051, org.apereo.cas.support.pac4j.authentication.handler.support.DelegatedClientAuthenticationHandler@7658ca71]]> 2020-06-17 15:13:20,270 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication handler resolvers for this transaction are [[org.apereo.cas.authentication.handler.RegisteredServiceAuthenticationHandlerResolver@7fa005d1]]> 2020-06-17 15:13:20,270 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Authentication handler resolvers produced no candidate authentication handler. Using the default handler resolver instead...> 2020-06-17 15:13:20,270 DEBUG [org.apereo.cas.authentication.AuthenticationHandlerResolver] - <Default authentication handlers used for this transaction are [HttpBasedServiceCredentialsAuthenticationHandler,OpenIdCredentialsAuthenticationHandler,DelegatedClientAuthenticationHandler]> 2020-06-17 15:13:20,270 DEBUG [org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan] - <Resolved and finalized authentication handlers to carry out this authentication transaction are [[org.apereo.cas.authentication.handler.RegisteredServiceAuthenticationHandlerResolver@7fa005d1]]> 2020-06-17 15:13:20,270 DEBUG [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <Candidate resolved authentication handlers for this transaction are [[org.apereo.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler@20b9486d, org.apereo.cas.support.openid.authentication.handler.support.OpenIdCredentialsAuthenticationHandler@4b249051, org.apereo.cas.support.pac4j.authentication.handler.support.DelegatedClientAuthenticationHandler@7658ca71]]> 2020-06-17 15:13:20,270 DEBUG [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <Attempting to authenticate credential [UsernamePasswordCredential(username=user, source=null, customFields={})]> 2020-06-17 15:13:20,270 DEBUG [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <Authentication handler [HttpBasedServiceCredentialsAuthenticationHandler] does not support the credential type [UsernamePasswordCredential(username=user, source=null, customFields={})]. Trying next...> 2020-06-17 15:13:20,270 DEBUG [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <Authentication handler [OpenIdCredentialsAuthenticationHandler] does not support the credential type [UsernamePasswordCredential(username=user, source=null, customFields={})]. Trying next...> 2020-06-17 15:13:20,270 DEBUG [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <Authentication handler [DelegatedClientAuthenticationHandler] does not support the credential type [UsernamePasswordCredential(username=user, source=null, customFields={})]. Trying next...> Any working password grant configuration or insight would be appreciated. Thanks, -Gary -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/abd91b30-3194-4f92-9e2b-92277660dc77o%40apereo.org.