We are evaluating using MFA on campus, and I've setup CAS to authenticate
with duo. I'm able to login via CAS, and then successfully navigate the
duo page and get logged into my service.
Now I'd like to test what happens if we can't communicate with duo.
In my service definition,
Has anyone enabled restrictions on Client IP by service?
I think I should be able to at the service level use requiredAttributes to
evaluate the Client IP is within a defined value, but I can’t find anything on
how to access Client IP as an attribute.
Any help?
Thanks.
Ted Fisher
Bowling
Did you create an entry in your service registry to allow the service? It
should look something like this:
{
"@class" : "org.apereo.cas.support.saml.services.SamlRegisteredService",
"serviceId" : "IAMShowcase",
"name" : "Test SP",
"id" : 123456789,
"description" : "IAMShowcase test SP",
It looks like you need to create a service for the application. I don't
think the wild card service applies to SAML applications, so you need a
service specifically for this new application.
On Fri, Apr 20, 2018, 12:26 AM Jay
wrote:
> Thank you Dave.
>
> I
Hi,
I'm resuming on your latest message.
Yes, you do need a callback URL for your application.
This is the doc you are looking for:
https://apereo.github.io/cas/5.2.x/installation/Service-Management.html
Every time you want an application to log in to the CAS server, the CAS
server must know
Morning All,
First, thanks to Dave from the New School for producing the
deployment guide it was a great help for us migrating
from CAS 3 -> CAS 5 which we’ve recently done.
I’ve a couple of issues with logging I wouldn’t mind throwing out here.
1/.
I set a
Thank you Dave.
I guess it worked out for me, it was able to hit the IDP successfully and I
think I am missing something in the CAS-Overlay. Can you help me here.
Below is the error message I see when I hit the url that was generated in
sptest.iamshowcase.com/instructions after uploading the