Hi all,
During migration from CAS 5 to CAS 6, I encountered an issue:
- My consent table, originally called `ConsentDecision` , is now renamed
to `Consent_Decision`
- Moreover, the fields name is also changed, same pattern
We have found a solution and want to share here:
- it is
Folks,
Needing to look into Radius and 2FA support. In my case it is a token
based authentication where the PIN is entered in the token and a code is
generated which is the OTP. So there is no second challenge needed.
However if the provided OTP is stale or out of sync then the Radius
Score! Looks like another blog that I need to be following. :) That MFA
REFEDS post looks exactly like what was being discussed at yesterday’s
office hours webinar.
Good catch on the REFEDS Assurance profiles. I got the gist of what it was
being discussed, but the requirements seemed a little
Bartosz,
Are you using the overlay, https://github.com/apereo/cas-management-overlay?
The properties file is etc/cas/config/management.properties.
Start with cas as the auth source. This way you can log in without any other
configuration.
Then copy the properties for the service registry from
I'm running my InCommon membership through Shibboleth, so I'm not looking for a
CAS solution. However, here is what I know:
1) R is documented as you point out. If you are going to provide REFEDS R
to REFEDS R SPs, you probably want to go into the InCommon Federation Manager
and assert that
Hello,
In case it helps others, to encrypt/sign the "clientSecret" in an OIDC
service, you have to use the following command in the CAS Shell :
cipher-text --value secret --encryption-key --encryption-key-size
--signing-key
--signing-key-size
Then you can use the produced "encoded value"
I have fixed mgmt.xxx to cas.mgmt.xxx but now I have other error.
https://dpaste.com/7WYTYWLQL
My config entries in management.properties looks like this:
# Enable authorization based on groups
cas.mgmt.ldap.ldapAuthz.groupAttribute=memberOf
cas.mgmt.ldap.ldapAuthz.groupPrefix=
