Re: [cas-user] cas 5.2.x leaking connections

On Mon, Jan 13, 2020 at 11:26 AM Trenton D. Adams wrote: > We are using Java 8 though, and we are using the UnboundIDProvider. > Can you post some logs that demonstrate the problem? Both application logs and OS netstat logs would be useful. --Daniel Fisher -- - Website:

Re: [cas-user] cas 5.2.x leaking connections

We are using Java 8 though, and we are using the UnboundIDProvider. On 2020-01-11 8:25 a.m., Daniel Fisher wrote: On Fri, Jan 10, 2020 at 5:40 PM Trenton D. Adams mailto:tre...@athabascau.ca>> wrote: Below is the configuration we're using for both LDAP and the password manager. We were

Re: [cas-user] cas 5.2.x leaking connections

On Fri, Jan 10, 2020 at 5:40 PM Trenton D. Adams wrote: > Below is the configuration we're using for both LDAP and the password > manager. We were hoping someone understand why this could be happening, as > the CAS documentation is not very good for these settings, and neither are > the javadoc

Re: [cas-user] cas 5.2.x leaking connections

Those docs appear to imply that passivators are essentially require, or authenticated state information gets shared, no? From: cas-user@apereo.org on behalf of David Curry Sent: January 10, 2020 5:15 PM To: CAS Community Subject: Re: [cas-user] cas 5.2.x

Re: [cas-user] cas 5.2.x leaking connections

You might want to experiment with turning the passivator off, or changing its setting. Not sure that's it, but it might help? https://apereo.github.io/cas/5.2.x/installation/Configuration-Properties.html#why-passivators -- DAVID A. CURRY, CISSP *DIRECTOR • INFORMATION SECURITY & PRIVACY* THE

[cas-user] cas 5.2.x leaking connections

Good day, We are having some problems with CAS 5.2.x leaking connections in our production environment. We're not sure how or why this is happening. What we do know is that they are no longer part of the pool, because if they were we'd run out of connections in the pool. However, there is

Re: [cas-user] CAS 5.2.x OAuth2 Server support

Hi Rao, Can you share the sample request? It would be helpful for me. Thanks, Gandhi Reddy P. On Thu, Oct 17, 2019 at 9:57 PM Mr Rao wrote: > Hi Gandhi, > > Thank you for your quick response. Actually its working when you pass in > the body instead of params. I tried using Postman to test it.

Re: [cas-user] CAS 5.2.x OAuth2 Server support

Hi Gandhi, Thank you for your quick response. Actually its working when you pass in the body instead of params. I tried using Postman to test it. Rao On Wednesday, October 16, 2019 at 9:50:42 PM UTC-7, Gandhi wrote: > > Hi Rao, > > Yes, I faced the same issue as the sensitive information is

Re: [cas-user] CAS 5.2.x OAuth2 Server support

Hi Rao, Yes, I faced the same issue as the sensitive information is passed over request params. You can configure Tomcat to not log the request params as below: In tomcat server.xml, at the end of the file, find the below entry and update it to Hope this helps. Thanks,

[cas-user] CAS 5.2.x OAuth2 Server support

Hi, Currently we use CAS for SSO between web applications, now I'm trying to use for restful webservices token based authentication using OAuth2/JWT tokens. When I was playing with it I noticed that for accessing token we need to pass client_id, client_secret for Grant type client

[cas-user] CAS 5.2.x does not support Oracle DB for service registry, specially in case of SAML?

We are trying to setup CAS 5.2.x using oracle DB as service registry storage. We are not using SAML as of now for CAS Server so it seems to be working fine. But cas-management server on start up tries to load some properties from RegexRegisteredService which are way long more that permitted

[cas-user] CAS 5.2.x as IDP using SAML 2.0

Hello everyone, We are recently in process of upgrading from CAS3.5 to CAS5.2 as part of this effort we need to provide support of SAML authentication to an external application (say 'abc' application). Here 'abc' will be the SP and new CAS5.x will be the identity provider. Could someone

[cas-user] CAS 5.2.x oauth property set doesn't work

Hi I'm trying to set the grant types and response types but something is wrong I put the bellow configuration in my OAuthRegisteredService json: "supported_grants" : ["authorization_code", "password", "client_credentials", "refresh_token"], "supported_responses" : ["code", "token",

Re: [cas-user] [CAS 5.2.x] [OAuth] [Theme] How to make custom theme for OAuth sp

Try with https://mysite.example.com:443/cas/oauth2.0/callbackAuthorize ? client_name=XXX& client_id=OAuthApp& redirect_uri=http://www.example.com/sp; response_type=code as serviceId El miércoles, 28 de febrero de 2018, Andy Ng

Re: [cas-user] [CAS 5.2.x] [OAuth] [Theme] How to make custom theme for OAuth sp

open browser developper tool to see if itheme gets loaded El miércoles, 28 de febrero de 2018, Man H escribió: > Cant you just build a simple webapp with index.html > > El miércoles, 28 de febrero de 2018, Andy Ng escribió: > >> Thanks Manfedo, >> >>

Re: [cas-user] [CAS 5.2.x] [OAuth] [Theme] How to make custom theme for OAuth sp

Cant you just build a simple webapp with index.html El miércoles, 28 de febrero de 2018, Andy Ng escribió: > Thanks Manfedo, > > Do you mean that I should: > - Redirect user to login using Non Oauth Service first (with theme) > - Then redirect user to login using Oauth

Re: [cas-user] [CAS 5.2.x] [OAuth] [Theme] How to make custom theme for OAuth sp

Thanks Manfedo, Do you mean that I should: - Redirect user to login using Non Oauth Service first (with theme) - Then redirect user to login using Oauth Service for actual Oauth login Am I correct? I would prefer not to do the above, since that mean the service provider need to change their

[cas-user] [CAS 5.2.x] [OAuth] [Theme] How to make custom theme for OAuth sp

Hi all, I am using CAS 5.2.x, and using OAuth for one service provider. The provider now would like to have a custom theme. I thought I can just do this: { "@class" : "org.apereo.cas.support.oauth.services.OAuthRegisteredService", "clientId": "OAuthApp", "clientSecret": "xx",

Re: [SOLVED] Re: [cas-user] CAS 5.2.x SAML IdP Issues

Cc: "Misagh Moayyed" <mmoay...@unicon.net> > Sent: Thursday, February 15, 2018 11:46:57 AM > Subject: Re: [SOLVED] Re: [cas-user] CAS 5.2.x SAML IdP Issues > I'm writing a SAML authentication extension for the Guacamole Project > (http://guacamole.apache.org). > -Ni

Re: [SOLVED] Re: [cas-user] CAS 5.2.x SAML IdP Issues

> > *From: *"vnick" <nick.e@gmail.com > > *To: *"CAS Community" <cas-...@apereo.org > > *Cc: *"Misagh Moayyed" <mmoa...@unicon.net > > *Sent: *Thursday, February 15, 2018 10:48:25 AM > *Subject: *[SOLVED] Re: [cas-user] CAS

Re: [SOLVED] Re: [cas-user] CAS 5.2.x SAML IdP Issues

Cool. Who exactly is the SP in this scenario? --Misagh > From: "vnick" <nick.e.couch...@gmail.com> > To: "CAS Community" <cas-user@apereo.org> > Cc: "Misagh Moayyed" <mmoay...@unicon.net> > Sent: Thursday, February 15, 2018 10:48

[SOLVED] Re: [cas-user] CAS 5.2.x SAML IdP Issues

; > --Misagh > > -- > > *From: *"vnick" <nick.e@gmail.com > > *To: *"CAS Community" <cas-...@apereo.org > > *Sent: *Thursday, February 15, 2018 10:15:40 AM > *Subject: *[cas-user] CAS 5.2.x SAML IdP Issues > > Hey, everyone, > I

Re: [cas-user] CAS 5.2.x SAML IdP Issues

*"CAS Community" <cas-...@apereo.org > > *Sent: *Thursday, February 15, 2018 10:15:40 AM > *Subject: *[cas-user] CAS 5.2.x SAML IdP Issues > > Hey, everyone, > I'm trying to get SAML2 authentication working against my CAS server. > I've got CAS protocol authent

Re: [cas-user] CAS 5.2.x SAML IdP Issues

uary 15, 2018 10:15:40 AM > Subject: [cas-user] CAS 5.2.x SAML IdP Issues > Hey, everyone, > I'm trying to get SAML2 authentication working against my CAS server. I've got > CAS protocol authentications working just fine, but am struggling getting the > SAML IdP configured correc

[cas-user] CAS 5.2.x SAML IdP Issues

Hey, everyone, I'm trying to get SAML2 authentication working against my CAS server. I've got CAS protocol authentications working just fine, but am struggling getting the SAML IdP configured correctly. I have the following items configured in my main CAS configuration: ## SAML Provider

[cas-user] CAS 5.2.x Could not update the account password

I am using CAS 5.2.x. For reset password, I get the reset password email and from the link I can get to the reset password page where I enter my new password and retype it but I get this error on the browser "Could not update the account password" and nothing in the server log. I am using LDAP

Re: [cas-user] CAS 5.2.x

District of Philadelphia Work # 215-400-5025 Cell # 215-301-6571 From: "David Curry" <david.cu...@newschool.edu> To: "cas-user" <cas-user@apereo.org> Sent: Thursday, February 8, 2018 12:31:22 PM Subject: Re: [cas-user] CAS 5.2.x It's a pain in the butt, mostl

Re: [cas-user] CAS 5.2.x

du> To: "cas-user" <cas-user@apereo.org> Sent: Thursday, February 8, 2018 11:38:10 AM Subject: Re: [cas-user] CAS 5.2.x All we do to build just the cas.war file is run this command in the directory with the pom.xml file & our src overlay directory: mvn clean packag

Re: [cas-user] CAS 5.2.x

chool.edu> > *To: *"cas-user" <cas-user@apereo.org> > *Sent: *Thursday, February 8, 2018 12:13:48 PM > > *Subject: *Re: [cas-user] CAS 5.2.x > > These could probably be shortened up in a couple of ways by: > >- combining the [0] and [2] Active Dire

Re: [cas-user] CAS 5.2.x

d Curry" <david.cu...@newschool.edu> > *To: *"cas-user" <cas-user@apereo.org> > *Sent: *Thursday, February 8, 2018 12:13:48 PM > > *Subject: *Re: [cas-user] CAS 5.2.x > > These could probably be shortened up in a couple of ways by: > >

Re: [cas-user] CAS 5.2.x

of Philadelphia Work # 215-400-5025 Cell # 215-301-6571 From: "David Curry" <david.cu...@newschool.edu> To: "cas-user" <cas-user@apereo.org> Sent: Thursday, February 8, 2018 12:13:48 PM Subject: Re: [cas-user] CAS 5.2.x These could probably be

Re: [cas-user] CAS 5.2.x

<david.cu...@newschool.edu> To: "cas-user" <cas-user@apereo.org> Sent: Thursday, February 8, 2018 12:13:48 PM Subject: Re: [cas-user] CAS 5.2.x These could probably be shortened up in a couple of ways by: * combining the [0] and [2] Active Directory configs, which go ag

Re: [cas-user] CAS 5.2.x

phia > > Work # 215-400-5025 > Cell # 215-301-6571 > > -- > *From: *"David Curry" <david.cu...@newschool.edu> > *To: *"cas-user" <cas-user@apereo.org> > *Sent: *Thursday, February 8, 2018 11:27:48 AM > > *Sub

Re: [cas-user] CAS 5.2.x

: "David Curry" <david.cu...@newschool.edu> To: "cas-user" <cas-user@apereo.org> Sent: Thursday, February 8, 2018 11:27:48 AM Subject: Re: [cas-user] CAS 5.2.x I'm afraid Gradle is a complete mystery to me. Hopefully someone else can jump in. --Dave --

Re: [cas-user] CAS 5.2.x

; Technology Services > The School District of Philadelphia > > Work # 215-400-5025 > Cell # 215-301-6571 > > -- > *From: *"David Curry" <david.cu...@newschool.edu> > *To: *"cas-user" <cas-user@apereo.org> > *Sent: *Thursd

Re: [cas-user] CAS 5.2.x

ay, February 8, 2018 10:49:08 AM Subject: Re: [cas-user] CAS 5.2.x Try changing what you have: org.apereo.cas cas-server-support-ldap to this: org.apereo.cas cas-server-support-ldap ${cas.version} I'm pretty sure you have to have a version in there, so Maven knows

Re: [cas-user] CAS 5.2.x

> > Work # 215-400-5025 > Cell # 215-301-6571 > > -- > *From: *"Man H" <info.ings...@gmail.com> > *To: *"cas-user" <cas-user@apereo.org> > *Sent: *Thursday, February 8, 2018 10:37:01 AM > > *Subject: *Re: [ca

Re: [cas-user] CAS 5.2.x

-- > *From: *"Man H" <info.ings...@gmail.com> > *To: *"cas-user" <cas-user@apereo.org> > *Sent: *Thursday, February 8, 2018 10:17:57 AM > > *Subject: *Re: [cas-user] CAS 5.2.x > > this is an Ldap error check your properties pr

Re: [cas-user] CAS 5.2.x

Work # 215-400-5025 Cell # 215-301-6571 From: "Man H" <info.ings...@gmail.com> To: "cas-user" <cas-user@apereo.org> Sent: Thursday, February 8, 2018 10:17:57 AM Subject: Re: [cas-user] CAS 5.2.x this is an Ldap error check your properties probably baseDn 20

Re: [cas-user] CAS 5.2.x

------------ > *From: *"David Curry" <david.cu...@newschool.edu> > *To: *"cas-user" <cas-user@apereo.org> > *Sent: *Thursday, February 8, 2018 7:54:21 AM > *Subject: *Re: [cas-user] CAS 5.2.x > > > $ jar tvf cas.war | grep ldap >

Re: [cas-user] CAS 5.2.x

gt; ------------------ > *From: *"David Curry" <david.cu...@newschool.edu> > *To: *"cas-user" <cas-user@apereo.org> > *Sent: *Thursday, February 8, 2018 7:54:21 AM > *Subject: *Re: [cas-user] CAS 5.2.x > > > $ jar tvf cas.war |

Re: [cas-user] CAS 5.2.x

"David Curry" <david.cu...@newschool.edu> To: "cas-user" <cas-user@apereo.org> Sent: Thursday, February 8, 2018 7:54:21 AM Subject: Re: [cas-user] CAS 5.2.x $ jar tvf cas.war | grep ldap WEB-INF/lib/cas-server-support-ldap-5.2.2.jar WEB-INF/lib/cas-server-suppo

Re: [cas-user] CAS 5.2.x

r@apereo.org> Sent: Thursday, February 8, 2018 7:54:21 AM Subject: Re: [cas-user] CAS 5.2.x $ jar tvf cas.war | grep ldap WEB-INF/lib/cas-server-support-ldap-5.2.2.jar WEB-INF/lib/cas-server-support-ldap-core-5.2.2.jar WEB-INF/lib/ldaptive-1.2.3.jar WEB-INF/lib/ldaptive-beans-1.2.3.jar WEB-

Re: [cas-user] CAS 5.2.x

$ jar tvf cas.war | grep ldap WEB-INF/lib/cas-server-support-ldap-5.2.2.jar WEB-INF/lib/cas-server-support-ldap-core-5.2.2.jar WEB-INF/lib/ldaptive-1.2.3.jar WEB-INF/lib/ldaptive-beans-1.2.3.jar WEB-INF/lib/ldaptive-unboundid-1.2.3.jar WEB-INF/lib/unboundid-ldapsdk-4.0.1.jar

Re: [cas-user] CAS 5.2.x

If you are using UNIX-like, do: $ 7z l cas_without_ldap_support.war >cas_without_ldap_support_listing $ 7z l cas_supposedly_with_ldap_support.war >cas_supposedly_with_ldap_support_listing $ diff cas_*_listing > [...]ldap[...] $ _ If you are not, you can easily get a Cygwin equivalent of that.

Re: [cas-user] CAS 5.2.x Password management

That is only achieved through extending CA's functionality which means development. This could be an enhancement for future versions if Cas people agree its worth. El martes, 6 de febrero de 2018, casuser escribió: > thanks for the answer but I am not sure how to do

Re: [cas-user] CAS 5.2.x Password management

thanks for the answer but I am not sure how to do that? is there any example that I can follow? _Fazla On Tuesday, February 6, 2018 at 10:41:40 AM UTC+8, Manfredo Hopp wrote: > > I think this would be posible only if you include pm properties as part of > LDAP properties > > El lunes, 5 de

Re: [cas-user] CAS 5.2.x Password management

I think this would be posible only if you include pm properties as part of LDAP properties El lunes, 5 de febrero de 2018, casuser escribió: > How to set a LDAP password management for 2 different OU's? Using the > current documentation password management can be

[cas-user] CAS 5.2.x Password management

How to set a LDAP password management for 2 different OU's? Using the current documentation password management can be configured for one OU and it works. but like the authentication there is an option LDAP[0], LDAP[1] there is no such option for password management. So the authentication

Re: [cas-user] CAS 5.2.x

k You; > > Chris Cheltenham > Technology Services > The School District of Philadelphia > > Work # 215-400-5025 > Cell # 215-301-6571 > > *From:* cas-user@apereo.org [mailto:cas-user@apereo.org] *On Behalf Of *David > Curry > *Sent:* Monday, February 5, 2018 1:57 PM >

RE: [cas-user] CAS 5.2.x

Curry Sent: Monday, February 5, 2018 1:57 PM To: cas-user@apereo.org Subject: Re: [cas-user] CAS 5.2.x Chris, Are you using the Gradle overlay because you need to, or because you don't know which one to use. IMHO, unless you're going to be building CAS from source, the Maven overlay is easier

RE: [cas-user] CAS 5.2.x

Technology Services The School District of Philadelphia Work # 215-400-5025 Cell # 215-301-6571 From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of Man H Sent: Monday, February 5, 2018 1:38 PM To: cas-user@apereo.org Subject: Re: [cas-user] CAS 5.2.x dee https://github.com/apereo

RE: [cas-user] CAS 5.2.x

-6571 From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of Man H Sent: Monday, February 5, 2018 1:21 PM To: cas-user@apereo.org Subject: Re: [cas-user] CAS 5.2.x just add org.apereo.cas cas-server-support-ldap 2018-02-05 15:14 GMT-03:00 Chris

[cas-user] CAS 5.2.x

Hello, I am not understanding how to bundle the LDAP authentication handler into the cas.war file. Any suggestions? -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG ---

[cas-user] CAS 5.2.X service theme workaround

"theme" : "classpath:apereo", The solution is very simple, add “classpath:” as theme name prefix. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this