I recommend to use hazelcast cas ticket registry. In this case all nodes
will have information about all tickets. So you don't need sticky sessions
in this case.
On Thursday, April 23, 2020 at 3:30:25 PM UTC+3, Сергей Степанов wrote:
>
> Hello! I need your help.
>
>
>
> I have several nodes
gt; https://github.com/spring-cloud/spring-cloud-commons/issues/633
>
> <https://github.com/spring-cloud/spring-cloud-commons/issues/633>
> D <https://github.com/spring-cloud/spring-cloud-commons/issues/633>.
>
> On February 25, 2020 at 05:32:53, 'Maksim Kopeyka' via CAS Comm
Hi Bob,
Workaround with modification of
CasServiceRegistryInitializationConfiguration.java works fine, thank you.
Is it possible to fix this issue via adding some additional dependency
to build.gradle?
On Thursday, April 2, 2020 at 6:35:51 PM UTC+3, Bob wrote:
>
> Hi Maksim,
>
> I had a
Hi Guys,
I used CAS 6.0.3 with jpa service registry and I have seen records in
database according to content of json files from /etc/cas/services.
After migration to CAS 6.1.3 I don't see any records in DB.
I tried
cas.serviceRegistry.jpa.ddlAuto=create-drop
and
I think ma ajax call doesn't use cookies because of CORS. So logout doesn't
work.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you
Hi Guys,
I have environment with Keycloak and CAS 6.1.3 and I have a problem with
logout from CAS in case I have load balancer with SSL in front of CAS.
Keycloak sends server-to-server logout request to CAS and it works
perfectly without SSL so I have had an idea to solve issue with SSL via
, March 17, 2020 at 5:44:35 PM UTC+2, rbon wrote:
>>>
>>> Maksim,
>>>
>>> Could this be a certificate issue?
>>>
>>> If this is self signed certificate, you will need to add it to the java
>>> keystore (trust store).
>>> http
Hi Ramakrishna,
Did you solve your issue? I have the same problem with SSL session which is
alive after backchannel logout.
On Wednesday, May 23, 2018 at 2:32:41 PM UTC+3, Ramakrishna G wrote:
>
> Ok Ray. Thanks for your help!!
>
> Anyone who has worked on Mod_auth_cas along with CAS server pls
gt; If this is self signed certificate, you will need to add it to the java
>> keystore (trust store).
>> https://www.digitalocean.com/community/tutorials/java-keytool-essentials-working-with-java-keystores
>>
>> Ray
>>
>> On Mon, 2020-03-16 at 16:46 -0700, 'Maksim Kopeyk
t; If this is self signed certificate, you will need to add it to the java
> keystore (trust store).
> https://www.digitalocean.com/community/tutorials/java-keytool-essentials-working-with-java-keystores
>
> Ray
>
> On Mon, 2020-03-16 at 16:46 -0700, 'Maksim Kopeyka' vi
That's interesting. Backchannel logout works in case load balancer of CAS
(nginx) doesn't use SSL however backchannel doesn't work in case nginx uses
SSL.
I see the same output in console of CAS server in both cases (with SSL and
without SSL)
--
- Website: https://apereo.github.io/cas
-
Still have this problem even on my local PC. It worked fine with 6.0.3 but
doesn't work with 6.1.3. Looks like a bug...
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
Hi Guys,
The *cas/actuator/health* endpoint returns json with "Discovery Client not
initialized" status after updating from CAS 6.0.3 to 6.1.3 . Does it mean I
should use additional properties to fix it or it's related to network
configuration?
{
"description":"Discovery Client not
Hi Jay,
Did you solve problem with Null input buffer? I have the same exception.
On Friday, May 18, 2018 at 7:19:07 PM UTC+3, Jay wrote:
>
> Ray,
> To answer your question.
> Yes there are two tomcat servers running the application and load balancer
> switches between the servers. I will check
Hi M.Pedis,
Did you solve problem with Null input buffer? I have the same exception.
On Thursday, November 7, 2019 at 1:40:54 PM UTC+2, M.Pedis wrote:
>
> Hi Dave ,
>
> 2019-11-07 06:02:21,471 ERROR
> [org.apereo.cas.web.flow.executor.EncryptedTranscoder] -
>
, CISSP
> *DIRECTOR • INFORMATION SECURITY & PRIVACY*
> THE NEW SCHOOL • INFORMATION TECHNOLOGY
>
> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
> +1 646 909-4728 • david...@newschool.edu
>
>
> On Thu, Feb 6, 2020 at 4:36 PM 'Maksim Kop
the list.
>> https://apereo.github.io/cas/6.1.x/configuration/Configuration-Properties.html#hazelcast-ticket-registry
>>
>> and the link to common settings.
>>
>> There are some hazelcast loggers in log4j2.xml
>>
>> > level="${sys:haze
have not tried.
>
> Ray
>
> P.S. you have two node3s in your config.
>
> On Fri, 2020-01-31 at 11:51 -0800, 'Maksim Kopeyka' via CAS Community
> wrote:
>
> Hi Andy,
>
> Your example is very helpful. Thank you.
> I see how hazelcast tickets registry works o
Hi Andy,
Your example is very helpful. Thank you.
I see how hazelcast tickets registry works on my local env. I turned off
active container and another container continues to work with my active
session without relogin.
However on my remote env. with CAS 6.1.3 it doesn't work in this way. Load
I found a reason of this exception.
My 6.0.3 version of CAS uses application.properties from
*src\main\resources*. This exception disappears if I copy-paste content of
this file to *etc\cas\config\cas.properties* and delete
*application.properties* file.
--
- Website:
Hello,
I have a strange problem after upgrading CAS from 6.0.3 to 6.1.3: I don't
use any *cas.authn.mfa.** properties. Should I add some additional
dependency to my list to fix this exception?
This exception appears after big STOP label in console:
Caused by:
It doesn't make sense for me, see Andy's answer above.
On Wednesday, January 22, 2020 at 4:05:10 PM UTC+2, Roger Yerbanga wrote:
>
> So change it to false and let us know if it works.
>
> On Wed, Jan 22, 2020 at 5:38 AM 'Maksim Kopeyka' via CAS Community <
> cas-...@apereo.org
Same problem with CAS 6.0.3 and JPA ticket registry.
And yes, I have this
property: cas.authn.samlIdp.attributeQueryProfileEnabled=true
On Friday, October 19, 2018 at 11:58:55 PM UTC+3, Roger Yerbanga wrote:
>
> Hello all,
>
> With Cas 5.3.4.
>
> Has someone already gotten something like this :
Hello,
I have a problems with configuration of ticket registry in my env.
This env contains several VMs and each VM has a docker container with CAS
6.0.3. The multicast doesn't work on this env.
I have similar env with keycloak and I configured JDBC_PING to use
distributed cache over all nodes.
ngle CAS node.
>> See,
>> https://dacurry-tns.github.io/deploying-apereo-cas/introduction_overview.html,
>>
>> for an approach to getting things set up.
>>
>> Ray
>>
>> On Tue, 2020-01-14 at 12:14 -0800, 'Maksim Kopeyka' via CAS Community
>> w
Ray,
We didn't setup any registry configuration yet. We have several nodes of
CAS with load balancer.
I don't see any *cas.ticket.registry* properties in our config.
Maksim
On Tuesday, January 14, 2020 at 7:29:52 PM UTC+2, rbon wrote:
>
> Maksim,
>
> Most (all) of the ticket registries should
The main problem on multi-node environment is keycloak sends a POST request
to SLO endpoint of CAS but CAS won't ask username/password next time i.e.
previous session is alive.
What the best practice to solve such problem? We have tried to do a
broadcast of POST request to SLO endpoint to all
I tried this functionality in keycloak. I see a POST request to CAS after
logout from keycloak and I see this request in CAS access log but my CAS
session still active.
Did I miss something? How to logout from CAS too?
DEBUG [org.apache.http.impl.execchain.MainClientExec] (default task-17)
Hi Guys,
I have a 1 instance of CAS and 1 instance of CAS ADMIN on localhost.
I see in cas admin "sessionCount" value is incremented after each login to
CAS. However value won't be changed if I click "log out".
I don't see any errors in CAS console. Is it a bug in CAS?
--
- Website:
n/Logout-Single-Signout.html#back-channel
>
> Ray
>
> On Wed, 2019-12-04 at 13:23 -0800, 'Maksim Kopeyka' via CAS Community
> wrote:
>
> Hi Guys,
>
> I use CAS as IDP in keycloak.
> IDP has option "Backchannel Logout". This is a description:
>
> Backchannel logou
Hi Guys,
I use CAS as IDP in keycloak.
IDP has option "Backchannel Logout". This is a description:
Backchannel logout is a background, out-of-band, REST invocation to the IDP
to logout the user. Some IDPs can only perform logout through browser
redirects as they may only be able to identity
Hi Steve,
https://apereo.github.io/cas/6.1.x/ux/User-Interface-Customization-Themes.html#dynamic-themes
https://apereo.github.io/cas/6.1.x/configuration/Configuration-Properties.html#themes
https://groups.google.com/a/apereo.org/forum/#!topic/cas-user/k-yfoou7Zy0
On Tuesday, November 12, 2019 at
My bad, I didn't set theme prefix for this line in casLoginView.html:
http://www.ultraq.net.nz/thymeleaf/layout;
layout:decorate="~{layout}">
So with prefix everything works as expected:
http://www.ultraq.net.nz/thymeleaf/layout;
layout:decorate="~{test/layout}">
--
- Website:
Hi Guys,
I have to create a custom theme. According to documentation this task is
simple enough. However CAS ignores 2 of 3 fragments of my theme. I see my
login form but header and footer is ignored and CAS shows default header
and footer.
This is my folders structure:
-
Problem has been resolved by adding a header "Accept: text/plain".
Seems to me It should be added to documentation.
On Saturday, October 12, 2019 at 1:29:47 AM UTC+3, Maksim Kopeyka wrote:
>
> Hi Guys,
>
> I'm trying to request a service ticket according to documentation
>
Hi Guys,
I'm trying to request a service ticket according to documentation
https://apereo.github.io/cas/6.0.x/protocol/REST-Protocol.html#request-a-service-ticket
but I don't see it in the response however I see it in the log file and
this ticket is validated without problems. How to obtain
36 matches
Mail list logo