Re: [cas-user] CAS 7.1 Configuration Issue: Denied Access to Moodle Service

Goto regex101.com, punch your pattern there, and give it the service URL. You'll see the failure. Your pattern forces a port number. On Thu, May 30, 2024 at 10:13 PM Agnieszka Żywiec wrote: > > Hi, > > I am trying to set up federated login for Moodle using CAS 7.1. However, I am > encountering

[cas-user] CAS OAuth/OpenID Connect Vulnerability Disclosure

Please see: https://apereo.github.io/2024/05/18/oauth-vuln/ -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the

[cas-user] Open Forum Europe presentation

>From Apereo Foundation. -- Forwarded message - Hi All, I just wanted to share a free Open Forum Europe presentation today. Focusing on the EU's Cyber Resilience Act, this session will discuss the new requirements, guidance for adherence, and perspectives from European open

Re: [cas-user] CAS 7 views

Come to think of it, I suppose the mustache-backed pages should also be listed somewhere in the docs. That should help clarify. On Thu, Oct 12, 2023 at 6:25 PM Misagh wrote: > > Yes. > > On Thu, Oct 12, 2023 at 6:24 PM atilling wrote: > > > > So the user interface views

Re: [cas-user] CAS 7 views

Yes. On Thu, Oct 12, 2023 at 6:24 PM atilling wrote: > > So the user interface views like login, logout, etc are still managed with > Thymeleaf? > > On Thursday, October 12, 2023 at 10:15:09 AM UTC-4 Misagh wrote: >> >> > But the documents at >> > http

Re: [cas-user] CAS 7 views

> But the documents at > https://apereo.github.io/cas/development/ux/User-Interface-Customization-Views.html > and the jars still show Thymeleaf Do you see anything in the list that might be categorized as "CAS Protocol view and response"? This is mainly talking about something that produces a

[cas-user] CAS Security Releases/Patches

Please see https://apereo.github.io/2023/09/14/oauth-vuln/ -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the

[cas-user] CAS Security Releases

Please see: https://apereo.github.io/2023/08/30/groovy-vuln/ -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the

[cas-user] CAS Security Releases

Please see https://apereo.github.io/2023/07/21/oidc-vuln/ -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the

Re: [cas-user] cas-server-support-saml-idp missing from dependency choices in cas initializr

Most likely an oversight. On Tue, Mar 14, 2023 at 7:56 AM Jammy Sprangus wrote: > > Our calls to the initializr have been failing, and we have found the reason > to be that the saml idp package no longer is seen as valid by the initializr. > > This package is still referenced in the docs >

[cas-user] CAS X.509 Vulnerability Initial Disclosure

Please see https://apereo.github.io/2023/02/20/x509-vuln/ -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the

Re: [cas-user] Using git on multiple repos

> > On 12/22/22 07:50, Misagh wrote: > > Did you mean this? > > https://apereo.github.io/cas/6.6.x/installation/Configuring-SAML2-DynamicMetadata-Git.html > > > > On Thu, Dec 22, 2022 at 4:52 AM 'Richard Frovarp' via CAS Community > > wrote: > >> Is it p

Re: [cas-user] Using git on multiple repos

Did you mean this? https://apereo.github.io/cas/6.6.x/installation/Configuring-SAML2-DynamicMetadata-Git.html On Thu, Dec 22, 2022 at 4:52 AM 'Richard Frovarp' via CAS Community wrote: > > Is it possible to have CAS use two different repos, with one of them > NOT being services in 6.6? I have a

Re: [cas-user] Apereo CAS Deployer Survey: 2022 Edition

Anonymous requests are not allowed. You need a google account. On Mon, Dec 5, 2022 at 10:49 PM Ray Bon wrote: > > I am being asked to sign in! > > Ray > > On Mon, 2022-12-05 at 11:23 +0400, Misagh wrote: > > Notice: This message was sent from outside the University of

[cas-user] Apereo CAS Deployer Survey: 2022 Edition

will be anonymized, aggregated and published accordingly for wider community's review on the Apereo blog. Details to follow. Thank you! On behalf of the CAS project management committee, Misagh P.S. If you are not able to pull up the link or have questions, please reach out to the PMC or me directly

Re: [cas-user] 7.0.0-SNAPSHOT - cas-initializr - Questions on resulting overlay

> I have two questions: > > 1) I'm unclear on the impact of including the "core" and "webapp" > dependencies i.e. to I need to the specify them? No. They are implicitly included. > 2) In reviewing the gradle.properties file generated by cas-initializ, how to > I get it to generate the line

[cas-user] Fwd: Apereo CAS Deployer Survey: 2022 Edition

project management committee, Misagh P.S. If you are not able to pull up the link or have questions, please reach out to the PMC or me directly. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https

[cas-user] Apereo CAS Deployer Survey: 2022 Edition

management committee, Misagh P.S. If you are not able to pull up the link or have questions, please reach out to the PMC or me directly. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl

Re: [cas-user] Re: cas initializr latest build using wrong springboot version?

8, 2022 at 8:52 AM Misagh wrote: >> >> > Is this intended behaviour? It appears that one has to specify the >> > bootVersion in order to get the correct version. >> >> No, this is a problem for sure. One should never have to specify the >> boot v

Re: [cas-user] Re: cas initializr latest build using wrong springboot version?

> Is this intended behaviour? It appears that one has to specify the > bootVersion in order to get the correct version. No, this is a problem for sure. One should never have to specify the boot version. Looks like it might be defaulting to the latest boot version, as opposed to using what is

Re: [cas-user] renew=true, risk of bypassing?

When you validate the ticket, specify "renew=true". Review this: https://apereo.github.io/cas/6.5.x/protocol/CAS-Protocol-Specification.html#251-parameters On Tue, Aug 16, 2022 at 9:30 PM 'Richard Frovarp' via CAS Community wrote: > > Part of the response metadata coming back is if the

Re: [cas-user] Re: cas initializr latest build using wrong springboot version?

ializr, > and it's happy now. Let me know if you need another set of eyeballs to test > something, if you end up needing to make a change. > > Thanks for all your hard work. > > On Tue, Aug 16, 2022, 10:15 AM Misagh wrote: >> >> That is not your bad, if it is as you report

Re: [cas-user] Re: cas initializr latest build using wrong springboot version?

That is not your bad, if it is as you report it. I am sure I messed something up. Will look into it a bit later. Thanks for sharing. On Tue, Aug 16, 2022 at 6:06 PM Nathan Lewan wrote: > > sorry, that was not welll written > > "I noticed that the gradle.properties file for both cas and

Re: [cas-user] Is there an official `Single Logout Flow` diagram

There is not. -- Misagh On Fri, Jul 8, 2022, 8:25 AM JiangYing wrote: > Hello all, is there an official Single Logout flow diagram in CAS doc? I > can not find one now. > like this one > https://apereo.github.io/cas/6.5.x/images/cas_flow_diagram.png > > -- > - Website: htt

Re: [cas-user] General cause of "action execution attributes were 'map[[empty]]'"

It is not an error. If you see this, usually it means the problem is something or somewhere else and this is not the root cause. -- Misagh On Thu, May 26, 2022, 12:10 AM Pablo Vidaurri wrote: > On occasion I'm seeing a login error with this in my logs: > > in state 'xxxCheck' of fl

Re: [cas-user] cas-overlay-template empty repo for 6.4 and 6.5

you. I triggered the sync job again; the repo should > be sync'ed again shortly. I'll keep an eye on it to see what might > fail. > > On Fri, May 20, 2022 at 8:44 PM John wrote: > > > > I think they are referring to the fact that the 6.4 and 6.5 branch of > > https://g

Re: [cas-user] cas-overlay-template empty repo for 6.4 and 6.5

pereo/cas-overlay-template is empty > > On Friday, May 20, 2022 at 11:18:24 AM UTC-5 Misagh Moayyed wrote: >> >> Your question does not make sense. The overlay has never contained >> "source files". You are looking at the wrong place or operating based >> on the

Re: [cas-user] cas-overlay-template empty repo for 6.4 and 6.5

Your question does not make sense. The overlay has never contained "source files". You are looking at the wrong place or operating based on the wrong assumption. On Fri, May 20, 2022 at 6:25 PM wrote: > > Hi, > I have just discovered that the GIT repo for "cas-overlay-template" does not >

[cas-user] Fwd: [apereo-open] Apereo Board Nominations Now Open

See below. -- Forwarded message - Dear Apereo Community, (Please redistribute and share with your project and community.) Nominations are now open for the Apereo Board of Directors. This year, four (4) seats are open for Organizational-Member Representatives and one (1) for

Re: [cas-user] Client IP via Reverse Proxy

Sorry. Didn't realize you are on 6.3.x. Use: cas.audit.alternate-client-addr-header-name=X-Forwarded-For On Fri, Mar 11, 2022, 8:40 AM Misagh wrote: > >- cas.audit.engine.alternate-client-addr-header-name= > > >- > >Request header to use to identi

Re: [cas-user] Client IP via Reverse Proxy

would be X-Forwarded-For to glean the client address from the request, assuming the load balancer is configured correctly to pass that header along. -- Misagh On Fri, Mar 11, 2022, 4:54 AM Colin Ryan wrote: > Folks, > > I know there's lots of info on this but I just can't see

Re: [cas-user] Security Response Headers Question

> If I browse to one of our CAS endpoints (e.g. /cas/login), I see the Strict > Transport Security response header. > However, if I browse to an invalid endpoint, e.g. /, I don't see the Strict > Transport Security response header. This gets flagged in security scans. Headers are inserted into

Re: [cas-user] CAS JDK version question

> Is JDK 11 an exact requirement? Or are later versions of the JDK also > acceptable? 6.4, JDK 16: https://apereo.github.io/cas/6.4.x/release_notes/RC3.html#jdk-16-compatibility 6.5, JDK 17: https://apereo.github.io/cas/development/release_notes/RC1.html#jdk-17-compatibility Also 6.5 now

Re: [cas-user] proper way to upgrade CAS using cas-overlay-template

Yes you can. -- Misagh On Tue, Dec 14, 2021, 12:35 AM Pablo Vidaurri wrote: > We currently have 6.3.7 deployed. I see cas project v6.3.7.2 has the fix > for the log4j vulnerability (using log4j-core v2.15.0). So what is the > proper way to upgrade CAS template? Looking at the cas proj

Re: [cas-user] CAS 6.4.2 cas.google-apps.*key-* unspoorted?

On Wed, Nov 24, 2021 at 8:42 PM Rod wrote: > Thanks Mike! > > I was hoping we would have a little more time with this feature. > You do. It's not removed. https://apereo.github.io/cas/6.4.x/integration/Google-Apps-Integration.html -- - Website: https://apereo.github.io/cas - Gitter Chatroom:

Re: [cas-user] Clarification on ADFS/CAS integration possibilities

> Is it possible if USER-A logs into an ADFS application, and then tries to log > into a CAS application, CAS can check to see if they are already > authenticated with ADFS and if so, let them in, SSO-style? What you likely want to do, as most organizations do, is to make CAS invisible and a

Re: [cas-user] gradlew run OK - tomcat FAIL

Your deployment is crashing. That's why you get no logs from CAS. Look into Tomcat/Catalina logs and you'll find a stacktrace or an indication of what the problem may be. On Wed, Oct 20, 2021 at 9:52 AM Vittore Zen wrote: > > It was my own conclusion, so > first I checked files with: > diff

[cas-user] Re: CAS Subs: New mailing list details

pe) fairly low traffic and, needless to > say, membership is entirely optional. I will be sending this message > periodically as a reminder for anyone who might have missed it, so > apologies for the noise beforehand. If you have any other questions or > concerns, please fe

[cas-user] CAS Security Releases/Patches

Please see: https://apereo.github.io/2021/10/18/restvuln/ -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the

[cas-user] Re: Finally Finish My College

>> On April 20, 2021. I finally finished my final project. The image below >> is of me holding a monitor that says "Terimakasih". In Indonesian >> "Terimakasih" means "Thank you". And I want to thank all of you who have >> helped me in solving the

[cas-user] Re: CAS Subs: New mailing list details

riodically as a reminder for anyone who might have missed it, so apologies for the noise beforehand. If you have any other questions or concerns, please feel free to contact me all the same. Thank you, Misagh Moayyed, on behalf of CAS PMC -- - Website: https://apereo.github.io/cas - Gitte

Re: [cas-user] Bug: cas 6.3 webflow with Duo

On Fri, Apr 30, 2021 at 5:28 AM Ray Bon wrote: > > It works as expected with cas-overlay-template master. (Details below.) > > Any idea what is the hangup? https://github.com/apereo/cas/pull/5073 Request is missing the content-type. > > cas.version=6.4.0-SNAPSHOT This works too but you didn't

Re: [cas-user] Bug: cas 6.3 webflow with Duo

Have you tried this with the next patch release? -- Misagh On Thu, Apr 29, 2021, 10:49 PM Ray Bon wrote: > cas-overlay-template > cas.version=6.3.2 > > git log -1 > > commit 995813b85141124952fdc362fefebd3b9dead061 (vendor/6.3) > Author: Misagh Moayyed > Date: 2

Re: [cas-user] Bug: cas 6.3 webflow with Duo

On Thu, Apr 29, 2021 at 2:36 AM Ray Bon wrote: > > Setup: > Given a fresh 6.3 install, I configured Duo MFA integration and have a > service definition that requires it. Could you be more specific please? What exact CAS version are you using? -- - Website: https://apereo.github.io/cas -

Re: [cas-user] Parameters for signing certificate algorithm

Or generate everything manually, if the software can't do it for you, yet. On Thu, Mar 25, 2021 at 8:26 PM Misagh wrote: > > > Can anyone tell me what values are allowed for that parameter? > > Not the relevant setting. The setting you want to modify should > cont

Re: [cas-user] Parameters for signing certificate algorithm

> Can anyone tell me what values are allowed for that parameter? Not the relevant setting. The setting you want to modify should control the generation of the certificate; not what algorithms should be allowed/used during the metadata resolution process. ...and that setting is supported by

[cas-user] Re: Per Service Ticket Expiration in 5.2.x?

> Instructure's Canvas (LMS) oddly links session timeouts to CAS' Ticket > Expiration Policy. So, as I understand it, with the default Ticket > Expiration Policy of 2 hours, Canvas sessions are automatically logging out > users because Instructure chose to tie their Canvas-user session limits

[cas-user] Re: CAS 5.3.x WebUI to support login history, remote logout, etc.?

There is none AFAIK. There are projects like Spring Boot Admin that present UI over standard Spring Boot actuator endpoints. You could use that as a baseline and build your own. On Wednesday, February 10, 2021 at 6:53:46 PM UTC+4 Yan Zhou wrote: > Hi there, > > I am aware of the CAS dashboard

[cas-user] Re: CAS 6.2.x - Impersonate Mechanism Question

If by possible you mean OOTB, then no. The session established via impersonation is scoped to the surrogate user. On Monday, February 1, 2021 at 12:22:17 PM UTC+4 Marcel Fromkorth wrote: > Hello CAS-Community, > > I'm using the CAS-Version 6.2.5 and have a question about the surrogate >

[cas-user] Re: Initializr pulling a target version

Initializr always produces a build for the latest cas version. This might become configurable at some point but I wouldn't count on it. If you want to change the version, go into the properties for the build and change the version. Might work for versions prior to 6.3 but YMMV. On

[cas-user] Re: Per Service Ticket Expiration in 5.2.x?

There exists no such thing. What do you ultimately wish to accomplish with this setting? Often what you really should be doing is modifying the application itself to manage its own session for 8 hours. CAS is not a session manager, and generally has no say when it comes to the application

[cas-user] Release Announcement: CAS Security Patches

Please see: https://apereo.github.io/2021/02/13/gauthvuln/ -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the

[cas-user] Re: CAS Subs: New mailing list details

riodically as a reminder for anyone who might have missed it, so apologies for the noise beforehand. If you have any other questions or concerns, please feel free to contact me all the same. Thank you, Misagh Moayyed, on behalf of CAS PMC -- - Website: https://apereo.github.io/cas - Gitte

[cas-user] Re: Memcache exception after restart cas 6.3.1 & 6.4.0-RC1

Could you reproduce this with a unit test? On Thursday, February 4, 2021 at 8:00:07 PM UTC+4 John Bond wrote: > > Hello all, > > We are currently using memcached to store store tickets using the > following configuration > > ``` > cas.ticket.registry.memcached.servers=localhost:11213 >

Re: [cas-user] Re: Specifying TLS protocols and ciphers?

we are using this external Tomcat. Yet > we still get the logs provided previously, and I don't think we've done > anything to explicitly enable or disable any internal Tomcat. Where would I > find information on doing so? > > On Thu, Feb 4, 2021 at 9:12 PM Misagh Moayyed > wrote: >

[cas-user] Re: Convert ADFS service to CAS??

Could you share an example for one that does cause headaches? On Wednesday, February 3, 2021 at 2:24:41 AM UTC+4 Keith Alston (Staff) wrote: > I've got services I want to convert from ADFS to CAS. Many are simple but > a few give me nothing but headaches. > Anyone have a methodology(or tool)

[cas-user] Re: CAS 6.3.x, WebAuthn - How to set residentKey option?

On Monday, February 1, 2021 at 9:06:50 PM UTC+4 thorste...@gmail.com wrote: > Can you guys tell me, if it is possible to set this option and how? > Hello, if by possible you mean out of the box, then no and not yet. -- - Website: https://apereo.github.io/cas - Gitter Chatroom:

[cas-user] Re: Specifying TLS protocols and ciphers?

That depends on whether you are running embedded or external. If external, you should be changes to tomcat yourself and manually and you should review the tomcat documentation. If embedded, then you should consider using `server.ssl.enabled-protocols=` which is a setting provided by Spring Boot

[cas-user] Apereo Paris 21 & ESUP-Days 31

The ESUP-Portail Consortium and the Apereo Foundation are pleased to invite you to the eighth edition of the ESUP-Days/Apereo Paris event that will take place on February 2, 2021. Due to the pandemic situation, we have no other choice but to go fully online for this edition. The "good" thing about

Re: [cas-user] [CAS] Automatically updated Time-based access strategy extension to current date

Probably not "less custom", but I would either write my own access strategy or use the one based on aan external groovy script to embed logic in there. On Thu, Jan 21, 2021 at 7:54 PM Davide Malacrida wrote: > > Hello everyone, > > Lately we have been working on a locally deployed instance of

[cas-user] Re: Help with AbstractJdbcUsernamePasswordAuthenticationHandler

You need to include the module that contains `AbstractJdbcUsernamePasswordAuthenticationHandler` in your build, and the module must be tagged and available for compile-time access. Look up the class in the repo, find the module and include it in the build. On Saturday, October 24, 2020 at

[cas-user] Re: What am I missing.?...Exclusive Authentication Source for a Service...bonus for Attribute Repository Answer ;-)

What I suspect you're missing is that you are running (as you report) CAS 6.2.3, and yet the "excludedAuthenticationHandlers" piece is only available in 6.3.x Compare: https://apereo.github.io/cas/6.2.x/services/Configuring-Service-AuthN-Policy.html With:

[cas-user] Re: Suppres DDL

See https://apereo.github.io/cas/6.1.x/configuration/Configuration-Properties-Common.html#ddl-configuration and cas.ticket.registry.jpa.ddl-auto=none On Monday, November 2, 2020 at 8:12:05 PM UTC+4 joeman...@gmail.com wrote: > Using CAS 6.1 with cas.authn.pac4j.oauth2 and jpa registry with

[cas-user] Re: Custom 403 page for unauthorized access to service

You would be better off just setting up an external web page somewhere. On Wednesday, November 4, 2020 at 1:43:14 AM UTC+4 waldbiec wrote: > I want to use the accessStrategy -> unauthorizedRedirectUrl in my service > registry if a user authenticates but doesn't have the required > entitlement.

[cas-user] Fwd: [apereo-open] Help Organise Open Apereo 2021 Online

Hello, The Open Apereo conference will again be online next year. If you would like to help shape this conference by being on the planning committee, please read the invitation below and let Ian Dolphin know. -- Forwarded message - From: Ian Dolphin (apereo) Date: Mon, Oct 19,

[cas-user] CAS Subs: New mailing list details

might have missed it, so apologies for the noise beforehand. If you have any other questions or concerns, please feel free to contact me all the same. Thank you, Misagh Moayyed, on behalf of CAS PMC -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List

Re: [cas-user] [java-cas-client] Reactive (Webflux) CAS client support

Hello, > There's a comment that summarized missing features: > https://github.com/spring-projects/spring-security/issues/5887#issuecomment-627169437 > Is there any development in that direction? No. > Should a relevant ticket be submitted somewhere? No. A relevant pull request can be

Re: [cas-user] Re: Cas-management-Overlay archived

This was an obvious mistake; sorry about that. The repo status is restored. On Thu, Sep 10, 2020 at 6:31 PM randomuser878 wrote: > > Greetings > > Can not add anything concrete to your observation. > This looks promising >

[cas-user] Re: groovyScript: expecting String concatenation, getting array?

Try: "groovy { return attributes['wcWhitmanId'][0] + '@whitman.edu' }" "wcWhitmanId'" is resolved internally as a multi-valued attribute. On Thursday, May 7, 2020 at 6:03:11 AM UTC+4:30, Mike Osterman wrote: > > Hi all, > > I'm setting up a SAML2 service and running into unexpected behavior

[cas-user] Re: cas with Office 365

Have you looked at this? https://apereo.github.io/2018/12/06/cas53-office365-saml2-integration/ On Thursday, January 30, 2020 at 9:14:55 AM UTC+4, Mahmoud Elnahrawy wrote: > > hi everybody > > i have oracle access manager implemented with Azure office 365 . i need to > implement azure office

[cas-user] Re: webflowcrypto release

Release schedule is, and has always been, on Github: https://github.com/apereo/cas/milestones On Wednesday, February 12, 2020 at 5:35:17 PM UTC+4, John Bond wrote: > > Hi All, > > after the blog post below i was hoping to see a 6.5.1 release to fix the > webflowcrypto issues. I see releases

[cas-user] Re: Jackson Kotlin Warning on Startup

You need not be concerned about this. On Friday, February 14, 2020 at 1:44:36 AM UTC+4, jeremy.wickham wrote: > > I am looking upgrade our CAS environment to 6.1.x and I am currently > ironing out all of my errors/warnings. There is one warning I’m receiving > > > > WARN

[cas-user] Re: SAML Delegation in 6.2.0-RC2

> > I don't know what to look for. I know there's a tag on the > request standard for SAML, but the documentation is not clear about this > subject. > > Can you guys give me some advice or point me in the right direction? > There is no issuer tag in the saml2 response you get back from the

[cas-user] Re: Adding cas.properties file to source control

> > I would like to add my cas.properties file for a standalone deployment to > source control. I'd like to know if there is a way to put certain settings > that would necessarily be different between our dev & prod environments > someplace external to the main properties file so I don't need

[cas-user] Re: How to unpack the cas war (5.3.x) with Jetty

> > > Does any one know how to make CAS unpack the war file to the temp > directory with embedded Jetty ? > That is not how "embedded" works. An "embedded" container is not a repackaged version of the server distribution stuffed into the CAS web application artifact. You won't find a "real

[cas-user] Re: [CAS 6.1.3]: OAuth2 Implict Grant - Passed state isn't returned correctly

Just wanted to note the patch/fix is now merged. Thank you David! On Friday, January 24, 2020 at 1:06:47 PM UTC+4, David Albrecht wrote: > > Hi all, > > when using the implict grant and passing a state parameter which contains > special characters the state parameter in the returned redirect

[cas-user] Re: Trying to determine why CAS is returning an encoded attribute to SAML SP

> > > None of this would be a big deal if we hadn't run into a bizarre problem > that the encoded attribute being sent *CHANGED*. > It would be helpful to describe the steps you took to create/duplicate this scenario. > > So my two questions: > 1) Is there any chance that the google apps

[cas-user] Re: CAS 6.1.3 PM password reset link question.

> > Not sure the service needs to be on this link. As I understand it, the > transient service ticket is a one shot directed at the password reset > component, so I am uncertain why the service would be necessary as the link > also works with the ?service portion removed. > > Is this something

Re: [cas-user] Service Registry - Store in MySQL database

Something along the following lines should work: cas.serviceRegistry.initFromJson=true cas.serviceRegistry.json.location=file:/etc/cas/config/services - Then, make sure your JSON files are in the above noted directory. - Then, make sure your overlay contains a reference to the JPA service

[cas-user] Re: private git Service Registry authentication not working

Are you still seeing this with 6.1.0? On Saturday, October 12, 2019 at 12:07:47 AM UTC+4, Robert Bond wrote: > > Getting an error when using a private git repo for cas service registry. > It works correctly if I remove the username and password config options are > use a public repo. > > Here

[cas-user] Re: 6.1.0: Cannot find state with id 'casExpiredPassView' in flow 'login'

Consider switching to 6.1.0 to see if you experience the same behavior. On Thursday, October 17, 2019 at 10:57:12 PM UTC+4, Michael Lazar wrote: > > Hello all, > > I just updated my war overlay project from master, and going through my > testing an exception is being thrown with expired

[cas-user] Re: CAS 6.0.5.1 and RADIUS Auth.

> > > > When I look at the build.gradle of the CAS source I seem to see an > directive in there that switches from using standard getopt libraries to > java-getopt but since the overlay just pulls that I’m not sure if that is > doing anything, is a red herring or whatever. > You likely need

[cas-user] Re: remove MFA DUO Monitoring from CAS 6.0.5 heath check actuator url

I realize you're on 6.0.5 but, this *might* work for you: https://apereo.github.io/2019/02/07/cas61-healthstatus-springboot/#health-indicators Otherwise, switch to 6.1.0 or port back. On Monday, October 28, 2019 at 8:55:00 PM UTC+4, n99 wrote: > > Hello > > We have enabled MFA using Duo at the

[cas-user] CAS 6.1.0 Release Annoucement

CAS 6.1.0 is released: https://github.com/apereo/cas/releases/tag/v6.1.0 -- Misagh -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because

[cas-user] Re: Apereo CAS Deployer Survey: 2019 Edition

Survey results are now published: https://apereo.github.io/2019/10/09/cas-survey-results2019/ On Tuesday, September 3, 2019 at 9:10:41 PM UTC+4, Misagh Moayyed wrote: > > Survey is now closed. Thank you all for participating. Aggregated, > anonymized results as well as a brief po

[cas-user] CAS 6.1 RC6 Release Announcement

CAS 6.1 RC6 is released: https://github.com/apereo/cas/releases/tag/v6.1.0-RC6 -- Misagh -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message

[cas-user] Release Announcement: CAS Security Patches

Please see https://apereo.github.io/2019/09/27/numvulndisc/ -- *- Misagh* -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you

[cas-user] Re: About SP metadata generation in CAS

> > > So my question is: > 1) can we generate the SP metadata from CAS itself without using any Idp > metadata? > Yes. Modify it by hand, or create your own. CAS does not "need" the IdP metadata to generate the SP metadata. > 2) do you think we need to change our current pac4j

[cas-user] Re: About CAS flow diagram

No, they represent application cookie/session. One/First app is a Java application, presumably protected by the Java CAS client, and the second application is one protected by mod-auth-cas. On Thursday, September 19, 2019 at 7:35:56 AM UTC+4:30, Jeff Wang wrote: > > I start to study CAS

[cas-user] Re: Inquiring CAS commercial support

ew years now. > Misagh, who I consider the main CAS developer, works for them. We're happy > with their support. > > -William > > > On Monday, September 9, 2019 at 1:38:05 PM UTC-5, Yan Zhou wrote: >> >> Hi, >> >> We use CAS 4.1.9 and CAS 5.3. It has been

[cas-user] CAS 6.0.5 Release Announcement

CAS 6.0.5 is released: https://github.com/apereo/cas/releases/tag/v6.0.5 -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG

[cas-user] Re: SAML Response Destination

Can you try this with 5.3.12? On Thursday, September 5, 2019 at 6:46:44 PM UTC+4:30, Josh G wrote: > > Apologies for the bump - just wanted to see if anyone else has run into > this before? > > On Wednesday, August 21, 2019 at 11:44:03 AM UTC, Josh G wrote: >> >> Hi all - >> >> We are working on

[cas-user] Re: Apereo CAS Deployer Survey: 2019 Edition

Survey is now closed. Thank you all for participating. Aggregated, anonymized results as well as a brief post-mortem analysis will be posted on the Apereo blog shortly, with a link to follow-up here. On Wednesday, August 28, 2019 at 2:10:35 PM UTC+4:30, Misagh Moayyed wrote: > > Final re

[cas-user] CAS 6.1 RC5 Release Announcement

CAS 6.1 RC5 is released: https://github.com/apereo/cas/releases/tag/v6.1.0-RC5 -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are

[cas-user] Re: Apereo CAS Deployer Survey: 2019 Edition

:19 AM UTC+3, Misagh Moayyed wrote: > CAS Community, > > > The CAS project management committee has prepared a survey to request > feedback from CAS deployers: > > > http://bit.ly/2XJAJRh > > > The intention is to help clarify specific areas in the CAS

Re: [cas-user] CAS 6.1-RC4 OIDC configuration

.authn.oidc.dynamicClientRegistrationMode=PROTECTED > > cas.authn.oidc.subjectTypes=public,pairwise > > Erik Mallory > Server Analyst > Wichita State University > 316.978.3502 > > > From: mailto:cas-user@apereo.org>> on behalf of Misagh > Moayyed mailto:misagh.moay...@gma

Re: [cas-user] Seamless login

Wouldn't step 1 and 2 also be handled using the rest protocol? On Tue, Aug 27, 2019, 6:48 PM Petr Gašparík - AMI Praha a.s. < petr.gaspa...@ami.cz> wrote: > Hi, > in my proof of concept, I want piece of code (program library) to *log in > user to CASified application without user's password.* >

Re: [cas-user] CAS 6.1-RC4 OIDC configuration

Have you defined an issuer? https://apereo.github.io/cas/development/configuration/Configuration-Properties.html#openid-connect > On Aug 27, 2019, at 2:23 AM, 'Mallory, Erik' via CAS Community

[cas-user] Re: Apereo CAS Deployer Survey: 2019 Edition

Another gentle biweekly reminder; If you have not participated in the survey, please consider doing so in the next couple of weeks. On Monday, July 15, 2019 at 12:06:19 PM UTC+4:30, Misagh Moayyed wrote: > > CAS Community, > > The CAS project management committee has prepared a surve

Re: [cas-user] Return uid in attribute list?

Apologies for the rather quick response; I realize you have certainly looked at that flag and relevant page in the docs. I think you're only missing that construct in your release policy. My example should help, I hope. On Thursday, August 15, 2019 at 10:32:28 AM UTC+4:30, Misagh Moayyed wrote

  1   2   3   4   5   6   7   >