[cas-user] Re: Error parsing incommon metadata

This is an attempt to use "serviceId": ".+" as per the blog post. because it needs to be able to match any service it would need to load the whole metadata I would think. I can try to add the {0} but I was going off the example in https://fawnoos.com/2019/01/18/cas61-saml2-idp-incommon/ On

Re: [cas-user] CAS v7.0.0 Performance issue.

Please check the indexes, we have had similar issues with CAS 6.6.10 , find operation was with ticket id and no index was created for it causing full collection scan in mongo db. No idea if it was fixed or not with the newer version. On Fri, Feb 23, 2024, 8:12 PM Łukasz Woźniak wrote: > Same

Re: [cas-user] CAS v7.0.0 Performance issue.

Same happend to Us. We have CAS on AWS in kubernetes. We have git for services and redis for tickets and mfa. We have 2 pod running with Horizontal Pod Autoscaling enabled. Autoscale never grow higher than 3 pods. When we deploy CAS from version 6.5 to 7.0, CPU is always almost 100%. HPA scaled

[cas-user] Re: Error parsing incommon metadata

Rather than fetching the entire (huge) InCommon metadata aggregate for each service, it might work better to use the metadata query capability in your service definitions to do a dynamic query for just

Re: [cas-user] Re: Multiple SAML Federated SP

We're running cas 6.6.12 and we've tried "serviceId" : ".+" with that service id if we attempt to authenticate a service we don't have a specific service.json for we get errors in the log indicating the metadata can't be processed and the login fails with service not authorized response to the

Re: [cas-user] CAS v7.0.0 Performance issue.

Hi Ray and Team, We have an enterprise application, cannot change the backend. But Could you please suggest what would be the impact if the indexing is stopped from this piece of code. Another point we are using hazelcast registry, is there any specific setting or property that needs to be

Re: [cas-user] Re: Multiple SAML Federated SP

David, You are right. All services is too heavy weight. In Shibboleth we create filters for the services we support, which does create on going work. Our policies are very particular about the release of user attributes, providing only the minimum for each service and controlling user groups

Re: [cas-user] CAS v7.0.0 Performance issue.

Shavi, Could this be related to the storage mechanism you use for services? Are you able to try a different back end? Ray On Fri, 2024-02-23 at 00:09 -0800, Shavi Teotia wrote: Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and

Re: [cas-user] Re: Multiple SAML Federated SP

Στις Παρασκευή 23 Φεβρουαρίου 2024 στις 3:42:51 μ.μ. UTC+2, ο χρήστης David Gelhar έγραψε: I don't think auto-generating individual service definitions for every SP in a large federation is the right approach - why clutter CAS with thousands of (mostly) unused service definitions? Because

Re: [cas-user] Re: Multiple SAML Federated SP

I don't think auto-generating individual service definitions for every SP in a large federation is the right approach - why clutter CAS with thousands of (mostly) unused service definitions? In any case, at least for InCommon, best practice is use the metadata query service to query individual

Re: [cas-user] Re: Multiple SAML Federated SP

We've had good success with wildcard service definitions for a single federation (InCommon), using a definition like: "@class" : "org.apereo.cas.support.saml.services.SamlRegisteredService", "serviceId" : ".+", "name" : "InCommon", "evaluationOrder" : , "metadataLocation" :

[cas-user] OIDC: userinfo enpoint oidc/oidcProfile does not retun user attribuets

Hi everyone, we are using CAS with OIDC. We have custom attributes that are returned also in the id_token, which works fine. However, when getting the response from the userinfo endpoint at /oidc/oidcProfile, there is just an empty filed "attributes". { "sub": "XXX", "service": "XXX",

[cas-user] CAS v7.0.0 Performance issue.

I have recently updated the cas version on my application from 6.6.2 to 7.0.0. There is some performance issue, that usually occurs when there is no load on the server. My CPU utilization graph goes up till 98% and application goes down, start giving 503, we have to restart it or redeploy it.