Re: [cas-user] CAS 5.2.3 / JWT Service Ticket not working

2018-04-26 Thread Man H
See https://groups.google.com/a/apereo.org/d/msgid/cas-user/fd5502dd-f0bc-46b4-bedb-942d162ab5ff%40apereo.org El jueves, 26 de abril de 2018, Michael JOIGNY escribió: > *correction : CAS keeps returning ST-xxx ticket instead of > ticket=eyxxyyyzzz when i use curl to

[cas-user] CAS 5.2.3 / JWT Service Ticket not working

2018-04-26 Thread Man H
Attach cas.properties & dependencias. Check 3 4 5 org.apereo.cas cas-server-support-token ${cas.version} El jueves, 26 de abril de 2018, Michael JOIGNY escribió: > Hi everybody, > > I'm trying to configure my CAS server (5.2.3) with JWT Service

Re: [cas-user] [SSO] Is it possible to make a service completely separated from other SSO services without require login every time (i.e. renew=true)

2018-04-26 Thread Andy Ng
Hi all, Thanks for all your replies! To Carl: Last time I check, using both cas.example.net and cas.special.example.net, one of them will not work (sso will be broken for that domain). We need to specified the cas.host.name=cas.example.net, hence cas.special.example.net will have no SSO

Re: [cas-user] [SSO] Is it possible to make a service completely separated from other SSO services without require login every time (i.e. renew=true)

2018-04-26 Thread Misagh Moayyed
It's unlikely that you can build this correctly in CAS without pain without accepting a few caveats that deal general session management. That said, you want to start reviewing what is called "SSO Participation" strategy components that basically decide how a service may opt in or out of SSO, a

Re: [cas-user] [SSO] Is it possible to make a service completely separated from other SSO services without require login every time (i.e. renew=true)

2018-04-26 Thread Carl Waldbieser
There are probably a bunch of other problems associated with this idea, but couldn't you just serve the CAS service from 2 distinct domains? E.g. cas.example.net and cas.special.example.net? Since the TGT is scoped to a particular domain, if you point A's CAS client to the special domain, it

[cas-user] CAS 5.2 Can't restrict access to service by two LDAP attributes

2018-04-26 Thread Viacheslav Babanin
Hello, I am using CAS 5.2 and I am trying to restrict access to a service in such fashion that it is only accessible for *full time students*. I am using LDAP and person record has 2 attributes: "role" which can have value "*student*", "teacher", "worker" etc. "type" which can be

[cas-user] Re: CAS 5.2.3 / JWT Service Ticket not working

2018-04-26 Thread Michael JOIGNY
*correction : CAS keeps returning ST-xxx ticket instead of ticket=eyxxyyyzzz when i use curl to my service.* Le jeudi 26 avril 2018 12:14:43 UTC+2, Michael JOIGNY a écrit : > > Hi everybody, > > I'm trying to configure my CAS server (5.2.3) with JWT Service Ticket in > order to let CAS

[cas-user] CAS 5.2.3 / JWT Service Ticket not working

2018-04-26 Thread Michael JOIGNY
Hi everybody, I'm trying to configure my CAS server (5.2.3) with JWT Service Ticket in order to let CAS generates my jwt tokens but it's not working. CAS keeps returning ST-xxx ticket instead of token=eyxxyyyzzz when i use curl to my service. I've followed this links below :