Re: [cas-user] Re: SPNEGO Client Selection Strategy

Hi Christian, Did you achieved to make IP based SPNEGO client selection works on CAS 5.x ? In that case, is there any other configuration to setup in addition to cas.properties configuration ? Regards, Charles 12, impasse du Malrigou, 31140 Montberon cont...@amoae.com |

[cas-user] Re: Attribute Release on CAS Management Services: 5.2.4

Can you tell me how you got attributes working with JDBC? I'm having a hell of a time. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because

Re: [cas-user] Re: SPNEGO Client Selection Strategy

Thanks Charles & Christian. It sounds like getting this working is going to be a bit more involved than I imaged! I will have to try and have a better look at it when we have a bit more time. On Friday, May 18, 2018 at 10:14:12 PM UTC+10, Christian Poirier wrote: > > Hi Charles > > I am using t

Re: [cas-user] User Attributes for SAML 2.0

Is there any way to show the sql used to get user attributes? -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the

Re: [cas-user] Failed to get nested archive for entry /WEB-INF/lib/getopt-1.0.13.jar

Thanks David :) Please tell me if u have something I can try Thanks again :) On Monday, May 21, 2018 at 4:24:47 PM UTC+7, David Curry wrote: > > CAS 5 requires Tomcat 8 or better. That may not be the cause (or only > cause) of your problem, but I would start there. > > > David A. Curry, CISSP

[cas-user] Re: Failed to get nested archive for entry /WEB-INF/lib/getopt-1.0.13.jar

Thanks David :) Please tell me if u have something I can try Thanks again :) On Monday, May 21, 2018 at 2:00:47 PM UTC+7, Willem Pattiwael wrote: > > Hi, > I'm trying to build cas 5.2.3 using cas-overlay-template-master, when > using command "./build run", its run perfectly. So, I start add Rad

RE: [cas-user] Service Manager question

>Is this the intended replacement service manager? Yes --- for management via a UI >I could imagine just adding the war to the work directory of the cas tomcat >build, but the build folder doesn't contain cas.war, or any tomcat config >files, Drop in the WAR file after build --- default name i

[cas-user] Responsive Design Fix for Duo

There has been a responsive design fix for Duo --- link below. When will this make it into the Duo plug-in for CAS? https://github.com/apereo/cas/commit/470a26804827f7b5342f541bc1c463992af0d582#diff-1e47138dc0567c4c4266a34b7a7d66af -- - Website: https://apereo.github.io/cas - Gitter Chatroom: h

[cas-user] Service Manager question

I am attempting to recreate my university's cas installation from version 3.5 currently in production to the new 5.2. The service manager in use now uses j_acegi_cas_security_check. As far as I can tell from the documentation this has been separated into a new webapp, which I am currently exploring

Re: [cas-user] User Attributes for SAML 2.0

Could be, but as I don't use the jdbc stuff, I can't help you with that. The {0} gets replaced with some dynamic value generated by the Java code. My guess would be it's some condition like column=value, but that's pretty a guess. I would suggest if you haven't yet to see the CAS log level to debu

Re: [cas-user] User Attributes for SAML 2.0

Same error. Do you think that maybe my select statement is wrong? Specifically the `WHERE {0}` That just seems wrong to me. What is {0}? -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://go

Re: [cas-user] User Attributes for SAML 2.0

Based on the SELECT, I think these definitions are flipped: cas.authn.attributeRepository.jdbc[0].attributes.uid=id cas.authn.attributeRepository.jdbc[0].attributes.givenName=first_name cas.authn.attributeRepository.jdbc[0].attributes.emailaddress=email cas.authn.attributeRepository.jdbc[0].attrib

Re: [cas-user] User Attributes for SAML 2.0

cas.authn.accept.users= cas.authn.jdbc.query[0].ddlAuto=none cas.authn.jdbc.query[0].dialect=org.hibernate.dialect.MySQLDialect cas.authn.jdbc.query[0].driverClass=com.mysql.cj.jdbc.Driver cas.authn.jdbc.query[0].fieldPassword=password cas.authn.jdbc.query[0].password= cas.authn.jdbc.query[0].pa

Re: [cas-user] User Attributes for SAML 2.0

Can you attach the relevant section of cas.properties (the part where you define which attributes you're going to resolve) and the service definition for the SAML SP? -- DAVID A. CURRY, CISSP *DIRECTOR OF INFORMATION SECURITY* INFORMATION TECHNOLOGY 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003 +1

Re: [cas-user] User Attributes for SAML 2.0

The error I see on the CAS server is the following: 2018-05-21 20:15:07,348 INFO [org.apereo.cas.support.saml.web.idp.profile.sso.SSOSamlProfileCallbackHandlerController] - 2018-05-21 20:15:07,656 WARN [org.apereo.cas.services.ReturnMappedAttributeReleasePolicy] - http://schemas.xmlsoap.org/w

Re: [cas-user] User Attributes for SAML 2.0

Someone smarter than me may need to weigh in on this... but I'll try. As I understand it, SAML SPs will accept two forms of attribute names. One form is that "urn" notation that Shibboleth seems to like: The other form is the "friendly name," which is basically just a string, like "cn" or

Re: [cas-user] User Attributes for SAML 2.0

David, I'm still trying to understand how user attributes are supposed to work. Let's say I'm using JDBC as my source for user data and credentials. If I'm writing the JSON service to map datasource fields to SAML attributes, how is this done? Is it naming convention? Do I need to include a cus

[cas-user] Re: Size of maven cas-overlay-template

Hi Sam I think, there was "improvement" incorporated in overlay process from 5.2 version that includes redundant complete cas-server-something.war into the result. Therefore I am still using pom.xml from 5.1 branch with updated versions for cas and springboot and resulting artifact is half siz

Re: [cas-user] Failed to get nested archive for entry /WEB-INF/lib/getopt-1.0.13.jar

CAS 5 requires Tomcat 8 or better. That may not be the cause (or only cause) of your problem, but I would start there. David A. Curry, CISSP Director of Information Security The New School - Information Technology 71 Fifth Ave., 9th Fl. ~ New York, NY 10003 +1 212 229-5300 x4728 ~ david.cu...@ne

[cas-user] how to support stored procedure in CAS5.1

Hello everyone. I want to support "stored procedure" authentication when login at CAS , and successful in CAS4.2 but do not know how to do in CAS5.1? What I did is modified the CAS 4.2 'S source code and added cooresponse java bean in deployerConfigContext.xml files ,add th