Re: [cas-user] CAS 5.2 Passing LDAP Attributes to Application

;> "givenName", >> "surname" >> ] >> ] >> }, >> >> The "attributeReleasePolicy" is used to filer the "memberOf" attribute >> down to a specific value (because he attribute is multi-valued, and you >> usua

Re: [cas-user] CAS 5.2/5.3 cas.util.LdapUtils try connect to localhost for LDAP

The problem solved! with remove cas-server-support-ldap-service-registry from pom.xml On Thursday, July 30, 2020 at 11:53:00 PM UTC+4:30 mohsen saeedi wrote: > I think i added cas-server-support-ldap-service-registry as dependency. > and i don't have any configuration parameter for that on

Re: [cas-user] CAS 5.2/5.3 cas.util.LdapUtils try connect to localhost for LDAP

I think i added cas-server-support-ldap-service-registry as dependency. and i don't have any configuration parameter for that on cas.properties. maybe the problem caused for that!!! I will test again and send result here On Thursday, July 30, 2020 at 9:03:25 PM UTC+4:30 mohsen saeedi wrote: >

Re: [cas-user] CAS 5.2/5.3 cas.util.LdapUtils try connect to localhost for LDAP

The problem occur when it try to connect to ldap and finally failed to start. for example i defined 192.168.250.71 as ldapUrl but it try to connect to localhost! Jul 30 20:58:38 SSO1 server[10311]: 2020-07-30 20:58:38,797 DEBUG [org.apereo.cas.util.LdapUtils] - ldap://localhost:389]> Jul 30

Re: [cas-user] CAS 5.2/5.3 cas.util.LdapUtils try connect to localhost for LDAP

On Thu, Jul 30, 2020 at 3:23 AM mohsen saeedi wrote: > Jul 30 11:24:40 SSO1 server[4213]: 2020-07-30 11:24:40,315 ERROR > [org.ldaptive.pool.BlockingConnectionPool] > What error is reported here? --Daniel Fisher -- - Website: https://apereo.github.io/cas - Gitter Chatroom:

[cas-user] CAS 5.2/5.3 cas.util.LdapUtils try connect to localhost for LDAP

Hi I have experience more than 7 years on apereo CAS. after we updated our cas overlay version to 5.2.3 (test with 5.3.6 too) one problem occur during tomcat starting. We define ldapUrl, bindDn, bindCredential in cas configuration file. this config was working for older build (with 5.2.2

Re: [cas-user] CAS 5.2 - OIDC and attribute release

I use apache module mod_auth_openidc to my test. My apache conf is : OIDCProviderMetadataURL https://my-url.com/cas/oidc/.well-known/openid-configuration OIDCClientID applicationQLA-testPHP OIDCClientSecret x #OIDCMetadataDir /var/cache/apache2/mod_auth_openidc/metadata OIDCScope

Re: [cas-user] CAS 5.2 - OIDC and attribute release

So, what is your client OIDC application configuration ? Have you configured the scope ? Le lun. 8 juin 2020 à 18:23, qla3fa a écrit : > Thanks for your response. > > sn and mail are attributes I extract from my LDAP. I use it with CAS > services and it works... I configured Oauth2.0 module too

Re: [cas-user] CAS 5.2 - OIDC and attribute release

Thanks for your response. sn and mail are attributes I extract from my LDAP. I use it with CAS services and it works... I configured Oauth2.0 module too and I use and map these attributes with success... So I think it's ok with these attributes. It's only with OIDC services it doesn't work...

Re: [cas-user] CAS 5.2 - OIDC and attribute release

Hi, Your OIDC configuration look good. You map your claims like this : cas.authn.oidc.claimsMap.name=sn cas.authn.oidc.claimsMap.email=mail Maibe you don't have sn and email in your attribute repository ? Le lun. 8 juin 2020 à 16:37, qla3fa a écrit : > Hi, > > I try to configure OIDC with

[cas-user] CAS 5.2 - OIDC and attribute release

Hi, I try to configure OIDC with CAS 5.2. I added module "cas-server-support-oidc" and the config with lines : # Configuration OIDC cas.authn.oidc.issuer=https://my-url.com/cas/oidc cas.authn.oidc.skew=5 cas.authn.oidc.jwksFile=file:/etc/cas/keystore.jwks cas.authn.oidc.jwksCacheInMinutes=60

Re: [cas-user] cas 5.2.x leaking connections

On Mon, Jan 13, 2020 at 11:26 AM Trenton D. Adams wrote: > We are using Java 8 though, and we are using the UnboundIDProvider. > Can you post some logs that demonstrate the problem? Both application logs and OS netstat logs would be useful. --Daniel Fisher -- - Website:

Re: [cas-user] cas 5.2.x leaking connections

We are using Java 8 though, and we are using the UnboundIDProvider. On 2020-01-11 8:25 a.m., Daniel Fisher wrote: On Fri, Jan 10, 2020 at 5:40 PM Trenton D. Adams mailto:tre...@athabascau.ca>> wrote: Below is the configuration we're using for both LDAP and the password manager. We were

Re: [cas-user] cas 5.2.x leaking connections

On Fri, Jan 10, 2020 at 5:40 PM Trenton D. Adams wrote: > Below is the configuration we're using for both LDAP and the password > manager. We were hoping someone understand why this could be happening, as > the CAS documentation is not very good for these settings, and neither are > the javadoc

Re: [cas-user] cas 5.2.x leaking connections

Those docs appear to imply that passivators are essentially require, or authenticated state information gets shared, no? From: cas-user@apereo.org on behalf of David Curry Sent: January 10, 2020 5:15 PM To: CAS Community Subject: Re: [cas-user] cas 5.2.x

Re: [cas-user] cas 5.2.x leaking connections

You might want to experiment with turning the passivator off, or changing its setting. Not sure that's it, but it might help? https://apereo.github.io/cas/5.2.x/installation/Configuration-Properties.html#why-passivators -- DAVID A. CURRY, CISSP *DIRECTOR • INFORMATION SECURITY & PRIVACY* THE

[cas-user] cas 5.2.x leaking connections

Good day, We are having some problems with CAS 5.2.x leaking connections in our production environment. We're not sure how or why this is happening. What we do know is that they are no longer part of the pool, because if they were we'd run out of connections in the pool. However, there is

Re: [cas-user] CAS 5.2.x OAuth2 Server support

Hi Rao, Can you share the sample request? It would be helpful for me. Thanks, Gandhi Reddy P. On Thu, Oct 17, 2019 at 9:57 PM Mr Rao wrote: > Hi Gandhi, > > Thank you for your quick response. Actually its working when you pass in > the body instead of params. I tried using Postman to test it.

Re: [cas-user] CAS 5.2.x OAuth2 Server support

Hi Gandhi, Thank you for your quick response. Actually its working when you pass in the body instead of params. I tried using Postman to test it. Rao On Wednesday, October 16, 2019 at 9:50:42 PM UTC-7, Gandhi wrote: > > Hi Rao, > > Yes, I faced the same issue as the sensitive information is

Re: [cas-user] CAS 5.2.x OAuth2 Server support

Hi Rao, Yes, I faced the same issue as the sensitive information is passed over request params. You can configure Tomcat to not log the request params as below: In tomcat server.xml, at the end of the file, find the below entry and update it to Hope this helps. Thanks,

[cas-user] CAS 5.2.x OAuth2 Server support

Hi, Currently we use CAS for SSO between web applications, now I'm trying to use for restful webservices token based authentication using OAuth2/JWT tokens. When I was playing with it I noticed that for accessing token we need to pass client_id, client_secret for Grant type client

Re: [cas-user] CAS 5.2 and AD - Auth fail for just one OU

Thanks David. After getting someone from the AD side to sit down and look at it with me, we were able to find in the logs on the DC the following error for the affected users: "The user has not been granted the requested logon type (aka logon right) at this machine" It looks like the issue

Re: [cas-user] CAS 5.2 and AD - Auth fail for just one OU

Just a quick off the cuff thought, but could there be a syntax error in the properties file somewhere before the dn setting that's causing that line to be misread? David A. Curry, CISSP Director of Information Security The New School - Information Technology 71 Fifth Ave., 9th Fl. ~ New York,

[cas-user] CAS 5.2 and AD - Auth fail for just one OU

Hi everyone, I'm only just beginning to use AD with my CAS 5.2 deployment, and with the information in many previous posts here, I've been successful in authenticating users in CAS with their AD accounts. There is one exception, however, and that is the Active Students OU. Accounts in that OU

[cas-user] CAS 5.2 PAC4J SAML 2.0 Delegation Behavior

Hi All, I am troubleshooting application integration and looking for some insight. We have a CAS 5.2 instance with the PAC4J module, which is being used to delegate authentication to an IdP using SAML 2.0. Based on some testing, it seems like the CAS server is delegating authentication to the

[cas-user] CAS 5.2 OAuth 2 Redirect to root - not regularly

Hi, we have a problem with cas 5.2.x using *OAuth 2*. The problem is like following and it happens not all the time: cas : www.example.com/cas/ app: www.example.com/app/ with that said, the usual approach is after correct login, cas will redirect to

Re: [cas-user] CAS 5.2 Passing LDAP Attributes to Application

"surname" >> ] >> ] >> }, >> >> The "attributeReleasePolicy" is used to filer the "memberOf" attribute >> down to a specific value (because he attribute is multi-valued, and you >> usually

Re: [cas-user] CAS 5.2 Passing LDAP Attributes to Application

> }, > > The "attributeReleasePolicy" is used to filer the "memberOf" attribute > down to a specific value (because he attribute is multi-valued, and you > usually only want to release only one or a few of the values to a service). > The "all

Re: [cas-user] CAS 5.2 Passing LDAP Attributes to Application

> }, > > The "attributeReleasePolicy" is used to filer the "memberOf" attribute > down to a specific value (because he attribute is multi-valued, and you > usually only want to release only one or a few of the values to a service). > The "all

Re: [cas-user] CAS 5.2 Passing LDAP Attributes to Application

service). The "allowedAttributes" section specifies what attributes from the principal will be released at all. Thanks, Carl Waldbieser ITS Identity Management Lafayette College - Original Message - From: "Bill Scully" To: "cas-user" Sent: Friday, 31 August,

Re: [cas-user] CAS 5.2 Passing LDAP Attributes to Application

Bill, Service config: https://apereo.github.io/cas/5.2.x/integration/Attribute-Release-Policies.html CAS config: https://apereo.github.io/cas/5.2.x/installation/Configuration-Properties.html#passivators in particular, cas.authn.ldap[0].principalAttributeList Ray On Fri, 2018-08-31 at 12:00

[cas-user] CAS 5.2 Passing LDAP Attributes to Application

Hi, I'm having a hard time getting my head around where to start configuring CAS to provide LDAP attributes to the "RegisteredService" / application after authentication. I'm assuming there are 2 areas that I need to configure, cas.properties and service JSON files, but navigating the

[cas-user] CAS 5.2.x does not support Oracle DB for service registry, specially in case of SAML?

We are trying to setup CAS 5.2.x using oracle DB as service registry storage. We are not using SAML as of now for CAS Server so it seems to be working fine. But cas-management server on start up tries to load some properties from RegexRegisteredService which are way long more that permitted

[cas-user] CAS 5.2 Can't restrict access to service by two LDAP attributes

Hello, I am using CAS 5.2 and I am trying to restrict access to a service in such fashion that it is only accessible for *full time students*. I am using LDAP and person record has 2 attributes: "role" which can have value "*student*", "teacher", "worker" etc. "type" which can be

Re: [cas-user] CAS 5.2 single sign out does not work for SAML 1.1 phpCAS clients

I have checked apache access.log on web server where client is placed and there is no POST requests on logout. 0 messages or requests completely. Thats while logging out with my cas 5.2.3 I have checked same log when i issue logout from cas 4.1.9 where SLO works on same client, and I can see

Re: [cas-user] CAS 5.2 single sign out does not work for SAML 1.1 phpCAS clients

This shouldn't matter since cas 4.1.9 sends same request and SAME client, placed in same directory on the same server handles it correctly. >From phpCAS.log SAML REQUEST: @NOT_USED@ST-149-YAFlxnMQjDojiStFG4eN-cas.uek.krakow.pl [Client.php:1752] вторник, 24 апреля 2018 г., 19:09:17 UTC+2

Re: [cas-user] CAS 5.2 single sign out does not work for SAML 1.1 phpCAS clients

Yes, and it releases attributes via saml with no issues. Only SLO doesn't work. вторник, 24 апреля 2018 г., 15:16:32 UTC+2 пользователь Manfredo Hopp написал: > > Do you have saml support dependency > > El martes, 24 de abril de 2018, Viacheslav Babanin > escribió: >

Re: [cas-user] CAS 5.2 single sign out does not work for SAML 1.1 phpCAS clients

from your log 2018-04-24 08:59:48,360 DEBUG [org.apereo.cas.logout.SamlCompliantLogoutMessageCreator] - @NOT_USED@ST-3-PppjmWz1yAHPFrZwFNMCRW5wsvI-v-cas-1]> its SAML2 whereas your client is SAML1 2018-04-24 7:27 GMT-03:00 Viacheslav Babanin : > It seems like I have a

Re: [cas-user] CAS 5.2 single sign out does not work for SAML 1.1 phpCAS clients

Check your Apache access.log to see if the request is getting through. I see this when CAS sends logout request: 2018-04-24T09:32:57.816-07:00 lo...@z.comp.uvic.ca local2.notice httpd[2310]: access: coursespaces2d.uvic.ca: 111.104.118.193 - -

Re: [cas-user] CAS 5.2 single sign out does not work for SAML 1.1 phpCAS clients

See https://github.com/apereo/cas/tree/5.2.x/core/cas-server-core-logout/src/main/java/org/apereo/cas/logout El martes, 24 de abril de 2018, Viacheslav Babanin escribió: > It seems like I have a problem witch CAS 5.2.3 and SAML logout requests. > Single logout

Re: [cas-user] CAS 5.2 single sign out does not work for SAML 1.1 phpCAS clients

Do you have saml support dependency El martes, 24 de abril de 2018, Viacheslav Babanin escribió: > It seems like I have a problem witch CAS 5.2.3 and SAML logout requests. > Single logout doesn't work and from the logs it seems like CAS constructs > SAML logout request

Re: [cas-user] CAS 5.2 single sign out does not work for SAML 1.1 phpCAS clients

It seems like I have a problem witch CAS 5.2.3 and SAML logout requests. Single logout doesn't work and from the logs it seems like CAS constructs SAML logout request but not actually sends it. I am using examplary phpCAS client from docs and when i go to ${cas-server}/cas/logout endpoint in

Re: [cas-user] CAS 5.2 single sign out does not work for SAML 1.1 phpCAS clients

Ray, I have set handleLogoutRequests(true) and added those Loggers to CAS log4j2.xml, restarted CAS server in tomcat and nothing changes, and it seems in log like its publishing logout request but no details. That's exactyly what I did: 1. Added Loggers to CAS log4j2.xml 2. Restarted CAS in

Re: [cas-user] CAS 5.2 single sign out does not work for SAML 1.1 phpCAS clients

Viacheslav, You will want to have handleLogoutRequests(true) so that logout is handled. While testing, skip the CAS server array, just in case the network config changes the apparent source of the request. Put this in your CAS log4j2.xml to see what happens on CAS side of things:

Re: [cas-user] CAS 5.2 single sign out does not work for SAML 1.1 phpCAS clients

That's how phpCAS.log looks if i provide it with phpCAS::handleLogoutRequests(false); DA64 .=> phpCAS::client('S1', 'cas-1.server.test.pl', 443, '/cas') [index.php:13] DA64 .|=> CAS_Client::__construct('S1', false, 'cas-1.server.test.pl', 443, '/cas', true) [CAS.php:360] DA64 .||

Re: [cas-user] CAS 5.2 single sign out does not work for SAML 1.1 phpCAS clients

Could you elaborate, please? Quoting official documentation at https://wiki.jasig.org/display/casc/phpcas+examples "By default phpCAS by default only handles requests that emanate from the CAS host exclusively (declared in phpCAS::client() or phpCAS::proxy()). Failure to restrict SAML logout

Re: [cas-user] CAS 5.2 single sign out does not work for SAML 1.1 phpCAS clients

Logout requests are handled by clients. .=> CAS_Client::handleLogoutRequests(true, array ( 0 => ' cas-1.server.test.pl',)) [CAS.php:1276] D0EE .|Not a logout request [Client.php:1739] See phpcas El lunes, 23 de abril de 2018, Viacheslav Babanin escribió: > Hello,

[cas-user] CAS 5.2 single sign out does not work for SAML 1.1 phpCAS clients

Hello, I have encountered issue with SSO for SAML 1.1 clients with CAS 5.2 I am rather new cas user and probably i am missing something obvious. I am using folowing phpCAS client: Advanced SAML 1.1 example Advanced SAML 1.1 example Authentication succeeded for user .

[cas-user] CAS 5.2.x as IDP using SAML 2.0

Hello everyone, We are recently in process of upgrading from CAS3.5 to CAS5.2 as part of this effort we need to provide support of SAML authentication to an external application (say 'abc' application). Here 'abc' will be the SP and new CAS5.x will be the identity provider. Could someone

Re: [cas-user] CAS 5.2 return JWT for service

Rhfbc On Thu, Apr 12, 2018, 01:40 William E. wrote: > Hi all, > > > I am trying to follow the CAS docs to configure a service to return jwt's > but not having much success. > > Docs I am reading on this: > > >

[cas-user] CAS 5.2 return JWT for service

Hi all, I am trying to follow the CAS docs to configure a service to return jwt's but not having much success. Docs I am reading on this: https://apereo.github.io/cas/5.2.x/installation/Configure-ServiceTicket-JWT.html https://apereo.github.io/2017/10/17/cas-jwt-authn-with-duo/ (JWT

[cas-user] CAS 5.2 login with UPN removing domain

Hi all, I've configured Apereo CAS 5.2, and it's running fine using UPN. However is there any parameter to include in cas.properties config file to allow authenticacion through UPN without typing the domain name? Thanks in advance. Regards. -- - Website: https://apereo.github.io/cas -

Re: [cas-user] CAS 5.2 delegate authentication to custom CAS 3

I've already read that but it doesn't explain how it works. I saw on cas properties four parameters that I've set to several values and nothing changes. In other versions, we have to (I found it on

Re: [cas-user] CAS 5.2 delegate authentication to custom CAS 3

Hi, after I read at documentation on 'Delegate Authentication' : User Interface All available clients are automatically displayed on the login page as clickable buttons. CAS does allow options for

Re: [cas-user] CAS 5.2 delegate authentication to custom CAS 3

see https://apereo.github.io/cas/5.2.x/installation/Trusted-Authentication.html 2018-03-22 17:52 GMT-03:00 Diego Henrique Pagani : > Hello, > > I have a problem guys: > We have an legacy CAS3, witch has some customizations inside the source > code and some application that

[cas-user] CAS 5.2.x oauth property set doesn't work

Hi I'm trying to set the grant types and response types but something is wrong I put the bellow configuration in my OAuthRegisteredService json: "supported_grants" : ["authorization_code", "password", "client_credentials", "refresh_token"], "supported_responses" : ["code", "token",

[cas-user] CAS 5.2 WS-Federation IDP

Hello, I'am trying to use CAS as idp with WS-Federation protocol. Does someone know why this service is created by default Name : RegexRegisteredService Service URL : /ws/idp/federationcallback.+ Descritpion : WS-Federation Authentication Request I cant make it desapeared? Any idea? Thank

Re: [cas-user] [CAS 5.2.x] [OAuth] [Theme] How to make custom theme for OAuth sp

Try with https://mysite.example.com:443/cas/oauth2.0/callbackAuthorize ? client_name=XXX& client_id=OAuthApp& redirect_uri=http://www.example.com/sp; response_type=code as serviceId El miércoles, 28 de febrero de 2018, Andy Ng

Re: [cas-user] Cas 5.2 OpenLDap notworking: authentication failure and sucess

Log says - escribió: > I config Cas 5.2 Authen user login by OpenLDap, but not working > My cas.properties: > cas.authn.accept.users= > cas.authn.ldap[0].type=AUTHENTICATED > cas.authn.ldap[0].ldapUrl=ldap://localhost:389 > cas.authn.ldap[0].useSsl=false >

[cas-user] Cas 5.2 OpenLDap notworking: authentication failure and sucess

I config Cas 5.2 Authen user login by OpenLDap, but not working My cas.properties: cas.authn.accept.users= cas.authn.ldap[0].type=AUTHENTICATED cas.authn.ldap[0].ldapUrl=ldap://localhost:389 cas.authn.ldap[0].useSsl=false cas.authn.ldap[0].baseDn=ou=Users,dc=xx-cas,dc=com

Re: [cas-user] [CAS 5.2.x] [OAuth] [Theme] How to make custom theme for OAuth sp

open browser developper tool to see if itheme gets loaded El miércoles, 28 de febrero de 2018, Man H escribió: > Cant you just build a simple webapp with index.html > > El miércoles, 28 de febrero de 2018, Andy Ng escribió: > >> Thanks Manfedo, >> >>

Re: [cas-user] [CAS 5.2.x] [OAuth] [Theme] How to make custom theme for OAuth sp

Cant you just build a simple webapp with index.html El miércoles, 28 de febrero de 2018, Andy Ng escribió: > Thanks Manfedo, > > Do you mean that I should: > - Redirect user to login using Non Oauth Service first (with theme) > - Then redirect user to login using Oauth

Re: [cas-user] [CAS 5.2.x] [OAuth] [Theme] How to make custom theme for OAuth sp

Thanks Manfedo, Do you mean that I should: - Redirect user to login using Non Oauth Service first (with theme) - Then redirect user to login using Oauth Service for actual Oauth login Am I correct? I would prefer not to do the above, since that mean the service provider need to change their

[cas-user] [CAS 5.2.x] [OAuth] [Theme] How to make custom theme for OAuth sp

Hi all, I am using CAS 5.2.x, and using OAuth for one service provider. The provider now would like to have a custom theme. I thought I can just do this: { "@class" : "org.apereo.cas.support.oauth.services.OAuthRegisteredService", "clientId": "OAuthApp", "clientSecret": "xx",

[cas-user] CAS 5.2 Password Variable

Does anyone know how to reference the login page password in cas.properties? I know for username, you use %s but what about the password? -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions:

[cas-user] CAS 5.2 LDAP Quert and Output

Hello All, Is there a way to see the response that CAS gets back from LDAP? Also is there a tutorial anywhere for specific LDAP queries from CAS? For example, if I need to check to see if a member is part of a specific OU? Thanks, Kevin -- - Website: https://apereo.github.io/cas - Gitter

[cas-user] CAS 5.2 - SAML2 SLO

I am trying to use SAML2 with CAS 5.2. I have it setup as the idp and I have two services connected to it. Everything works as expected with one service - but the second service does not receive a POST to its logout url when signing out of CAS. Steps: Sign in to both applications. Only first

Re: [cas-user] CAS 5.2 -- Custom Authenticator and UserDetailsService

ot; <mmaceach...@gmail.com> > To: "CAS Community" <cas-user@apereo.org> > Sent: Friday, February 23, 2018 12:55:45 PM > Subject: [cas-user] CAS 5.2 -- Custom Authenticator and UserDetailsService > It's been a few years since my last CAS deployment, and oh d

[cas-user] CAS 5.2 -- Custom Authenticator and UserDetailsService

It's been a few years since my last CAS deployment, and oh dear have things changed! I need to use my own AuthenticationManager and UserDetailsService. I see there is no more .xml configuration. So how do I add by own custom beans now? -- - Website: https://apereo.github.io/cas - Gitter

Re: [cas-user] CAS 5.2

gt; >> >> === >> >> Thank You; >> >> Chris Cheltenham >> Technology Services >> The School District of Philadelphia >> >> Work # 215-400-5025 >> Cell # 215-301-6571 >> From: cas-user@apereo.org [mailto

Re: [cas-user] CAS 5.2

] On Behalf Of Ray Bon Sent: Friday, February 23, 2018 12:36 PM To: cas-user@apereo.org Subject: Re: [cas-user] CAS 5.2 Chris, cas.view.defaultRedirectUrl= Ray On Fri, 2018-02-23 at 08:36 -0500, Cheltenham, Chris wrote: Hello Everyone, I am sure most folks change the default landing page AFTER

RE: [cas-user] CAS 5.2

Sent: Friday, February 23, 2018 12:36 PM To: cas-user@apereo.org Subject: Re: [cas-user] CAS 5.2 Chris, cas.view.defaultRedirectUrl= Ray On Fri, 2018-02-23 at 08:36 -0500, Cheltenham, Chris wrote: Hello Everyone, I am sure most folks change the default landing page AFTER you get login

Re: [cas-user] CAS 5.2

Chris, cas.view.defaultRedirectUrl= Ray On Fri, 2018-02-23 at 08:36 -0500, Cheltenham, Chris wrote: Hello Everyone, I am sure most folks change the default landing page AFTER you get login to work. It looks like it lands on a page called casGenericSuccessView.html. My question is how do

Re: [cas-user] CAS 5.2

In theory, people shouldn't ever see that page, because they should be hitting the CAS server from an application, which they then get sent back to after authenticating. The only time you'll see this page is if go to "/cas/login" with no "?service=" parameter. And if you set the CAS server to

[cas-user] CAS 5.2

Hello Everyone, I am sure most folks change the default landing page AFTER you get login to work. It looks like it lands on a page called casGenericSuccessView.html. My question is how do you change that page? === Thank You; Chris Cheltenham

Re: [cas-user] CAS 5.2 and Ellucian Banner 9 (XE)

My thanks to all who have responded. I finally spotted the issue. In the logs, I found this: https://testssbxe.aims.edu:8444/Ba nnerGeneralSsb/j_spring_cas_security_check] does not match supplied service

Re: [cas-user] CAS 5.2 and Ellucian Banner 9 (XE)

Matthew, Here is our service definition: { @class: org.apereo.cas.services.RegexRegisteredService id: name: Banner description: Self-Service logo: https://www.mtu.edu/images/mtu-logo.png serviceId: https://(www\.)?bannerweb.mtu.edu(:443)?/.* attributeReleasePolicy: {

Re: [cas-user] CAS 5.2 and Ellucian Banner 9 (XE)

Thanks Greg. I've got all the following attributes listed in by cas.properties. When I look in /cas/status/ssosessions I see all of these attributes in the TGT. That's why I was thinking it must be something to do with the way the attributes are released in the service definition.

Re: [cas-user] CAS 5.2 and Ellucian Banner 9 (XE)

Thanks Travis. That's the track I've been on. Can you tell me whether this service definition looks anything like what you ended up with? { @class: org.apereo.cas.services.RegexRegisteredService serviceId:

Re: [cas-user] CAS 5.2 and Ellucian Banner 9 (XE)

Specifically, in cas.properties: cas.authn.attributeRepository.ldap[0].attributes.udcid=UDC_IDENTIFIER On Wed, Feb 21, 2018 at 7:48 PM, Greg Booth wrote: > We also had to map UDC_IDENTIFIER to get it to work, although we are on > CAS 5.1.5. > > On Wed, Feb 21, 2018 at 7:18 PM,

Re: [cas-user] CAS 5.2 and Ellucian Banner 9 (XE)

We also had to map UDC_IDENTIFIER to get it to work, although we are on CAS 5.1.5. On Wed, Feb 21, 2018 at 7:18 PM, Travis Schmidt wrote: > I am helping a team with this exact issue right now. Don't know anything > about the banner side of things, but I had to map the

Re: [cas-user] CAS 5.2 and Ellucian Banner 9 (XE)

I am helping a team with this exact issue right now. Don't know anything about the banner side of things, but I had to map the attribute they were looking for to UDC_IDENTIFIER in the Service Registry for it to work. On Wed, Feb 21, 2018 at 3:46 PM Matthew Uribe wrote:

[cas-user] CAS 5.2 and Ellucian Banner 9 (XE)

Hello Community, I am wondering whether anyone has had success with Banner 9 and CAS 5.2.x We have been using the Luminis delivered CAS 3.5.2, but are interested in the features available in 5, such as SAML2 IdP, and MFA using Duo. I have deployed CAS 5.2.0, included cas-server-support-ldap

Re: [SOLVED] Re: [cas-user] CAS 5.2.x SAML IdP Issues

Cc: "Misagh Moayyed" <mmoay...@unicon.net> > Sent: Thursday, February 15, 2018 11:46:57 AM > Subject: Re: [SOLVED] Re: [cas-user] CAS 5.2.x SAML IdP Issues > I'm writing a SAML authentication extension for the Guacamole Project > (http://guacamole.apache.org). > -Ni

Re: [SOLVED] Re: [cas-user] CAS 5.2.x SAML IdP Issues

> > *From: *"vnick" <nick.e@gmail.com > > *To: *"CAS Community" <cas-...@apereo.org > > *Cc: *"Misagh Moayyed" <mmoa...@unicon.net > > *Sent: *Thursday, February 15, 2018 10:48:25 AM > *Subject: *[SOLVED] Re: [cas-user] CAS

Re: [SOLVED] Re: [cas-user] CAS 5.2.x SAML IdP Issues

Cool. Who exactly is the SP in this scenario? --Misagh > From: "vnick" <nick.e.couch...@gmail.com> > To: "CAS Community" <cas-user@apereo.org> > Cc: "Misagh Moayyed" <mmoay...@unicon.net> > Sent: Thursday, February 15, 2018 10:48

[SOLVED] Re: [cas-user] CAS 5.2.x SAML IdP Issues

; > --Misagh > > -- > > *From: *"vnick" <nick.e@gmail.com > > *To: *"CAS Community" <cas-...@apereo.org > > *Sent: *Thursday, February 15, 2018 10:15:40 AM > *Subject: *[cas-user] CAS 5.2.x SAML IdP Issues > > Hey, everyone, > I

Re: [cas-user] CAS 5.2.x SAML IdP Issues

*"CAS Community" <cas-...@apereo.org > > *Sent: *Thursday, February 15, 2018 10:15:40 AM > *Subject: *[cas-user] CAS 5.2.x SAML IdP Issues > > Hey, everyone, > I'm trying to get SAML2 authentication working against my CAS server. > I've got CAS protocol authent

Re: [cas-user] CAS 5.2.x SAML IdP Issues

uary 15, 2018 10:15:40 AM > Subject: [cas-user] CAS 5.2.x SAML IdP Issues > Hey, everyone, > I'm trying to get SAML2 authentication working against my CAS server. I've got > CAS protocol authentications working just fine, but am struggling getting the > SAML IdP configured correc

[cas-user] CAS 5.2.x SAML IdP Issues

Hey, everyone, I'm trying to get SAML2 authentication working against my CAS server. I've got CAS protocol authentications working just fine, but am struggling getting the SAML IdP configured correctly. I have the following items configured in my main CAS configuration: ## SAML Provider

[cas-user] CAS 5.2.x Could not update the account password

I am using CAS 5.2.x. For reset password, I get the reset password email and from the link I can get to the reset password page where I enter my new password and retype it but I get this error on the browser "Could not update the account password" and nothing in the server log. I am using LDAP

Re: [cas-user] CAS 5.2.x

District of Philadelphia Work # 215-400-5025 Cell # 215-301-6571 From: "David Curry" <david.cu...@newschool.edu> To: "cas-user" <cas-user@apereo.org> Sent: Thursday, February 8, 2018 12:31:22 PM Subject: Re: [cas-user] CAS 5.2.x It's a pain in the butt, mostl

Re: [cas-user] CAS 5.2.x

du> To: "cas-user" <cas-user@apereo.org> Sent: Thursday, February 8, 2018 11:38:10 AM Subject: Re: [cas-user] CAS 5.2.x All we do to build just the cas.war file is run this command in the directory with the pom.xml file & our src overlay directory: mvn clean packag

Re: [cas-user] CAS 5.2.x

chool.edu> > *To: *"cas-user" <cas-user@apereo.org> > *Sent: *Thursday, February 8, 2018 12:13:48 PM > > *Subject: *Re: [cas-user] CAS 5.2.x > > These could probably be shortened up in a couple of ways by: > >- combining the [0] and [2] Active Dire

Re: [cas-user] CAS 5.2.x

d Curry" <david.cu...@newschool.edu> > *To: *"cas-user" <cas-user@apereo.org> > *Sent: *Thursday, February 8, 2018 12:13:48 PM > > *Subject: *Re: [cas-user] CAS 5.2.x > > These could probably be shortened up in a couple of ways by: > >

Re: [cas-user] CAS 5.2.x

of Philadelphia Work # 215-400-5025 Cell # 215-301-6571 From: "David Curry" <david.cu...@newschool.edu> To: "cas-user" <cas-user@apereo.org> Sent: Thursday, February 8, 2018 12:13:48 PM Subject: Re: [cas-user] CAS 5.2.x These could probably be

Re: [cas-user] CAS 5.2.x

<david.cu...@newschool.edu> To: "cas-user" <cas-user@apereo.org> Sent: Thursday, February 8, 2018 12:13:48 PM Subject: Re: [cas-user] CAS 5.2.x These could probably be shortened up in a couple of ways by: * combining the [0] and [2] Active Directory configs, which go ag

Re: [cas-user] CAS 5.2.x

phia > > Work # 215-400-5025 > Cell # 215-301-6571 > > -- > *From: *"David Curry" <david.cu...@newschool.edu> > *To: *"cas-user" <cas-user@apereo.org> > *Sent: *Thursday, February 8, 2018 11:27:48 AM > > *Sub

Re: [cas-user] CAS 5.2.x

: "David Curry" <david.cu...@newschool.edu> To: "cas-user" <cas-user@apereo.org> Sent: Thursday, February 8, 2018 11:27:48 AM Subject: Re: [cas-user] CAS 5.2.x I'm afraid Gradle is a complete mystery to me. Hopefully someone else can jump in. --Dave --

Re: [cas-user] CAS 5.2.x

; Technology Services > The School District of Philadelphia > > Work # 215-400-5025 > Cell # 215-301-6571 > > -- > *From: *"David Curry" <david.cu...@newschool.edu> > *To: *"cas-user" <cas-user@apereo.org> > *Sent: *Thursd

  1   2   >