Re: [cas-user] cas 5.2.x leaking connections

On Mon, Jan 13, 2020 at 11:26 AM Trenton D. Adams wrote: > We are using Java 8 though, and we are using the UnboundIDProvider. > Can you post some logs that demonstrate the problem? Both application logs and OS netstat logs would be useful. --Daniel Fisher -- - Website:

Re: [cas-user] cas 5.2.x leaking connections

We are using Java 8 though, and we are using the UnboundIDProvider. On 2020-01-11 8:25 a.m., Daniel Fisher wrote: On Fri, Jan 10, 2020 at 5:40 PM Trenton D. Adams mailto:tre...@athabascau.ca>> wrote: Below is the configuration we're using for both LDAP and the password manager. We were

Re: [cas-user] cas 5.2.x leaking connections

On Fri, Jan 10, 2020 at 5:40 PM Trenton D. Adams wrote: > Below is the configuration we're using for both LDAP and the password > manager. We were hoping someone understand why this could be happening, as > the CAS documentation is not very good for these settings, and neither are > the javadoc

Re: [cas-user] cas 5.2.x leaking connections

Those docs appear to imply that passivators are essentially require, or authenticated state information gets shared, no? From: cas-user@apereo.org on behalf of David Curry Sent: January 10, 2020 5:15 PM To: CAS Community Subject: Re: [cas-user] cas 5.2.x

Re: [cas-user] cas 5.2.x leaking connections

You might want to experiment with turning the passivator off, or changing its setting. Not sure that's it, but it might help? https://apereo.github.io/cas/5.2.x/installation/Configuration-Properties.html#why-passivators -- DAVID A. CURRY, CISSP *DIRECTOR • INFORMATION SECURITY & PRIVACY* THE

Re: [cas-user] CAS 5.2.x OAuth2 Server support

Hi Rao, Can you share the sample request? It would be helpful for me. Thanks, Gandhi Reddy P. On Thu, Oct 17, 2019 at 9:57 PM Mr Rao wrote: > Hi Gandhi, > > Thank you for your quick response. Actually its working when you pass in > the body instead of params. I tried using Postman to test it.

Re: [cas-user] CAS 5.2.x OAuth2 Server support

Hi Gandhi, Thank you for your quick response. Actually its working when you pass in the body instead of params. I tried using Postman to test it. Rao On Wednesday, October 16, 2019 at 9:50:42 PM UTC-7, Gandhi wrote: > > Hi Rao, > > Yes, I faced the same issue as the sensitive information is

Re: [cas-user] CAS 5.2.x OAuth2 Server support

Hi Rao, Yes, I faced the same issue as the sensitive information is passed over request params. You can configure Tomcat to not log the request params as below: In tomcat server.xml, at the end of the file, find the below entry and update it to Hope this helps. Thanks,

Re: [cas-user] [CAS 5.2.x] [OAuth] [Theme] How to make custom theme for OAuth sp

Try with https://mysite.example.com:443/cas/oauth2.0/callbackAuthorize ? client_name=XXX& client_id=OAuthApp& redirect_uri=http://www.example.com/sp; response_type=code as serviceId El miércoles, 28 de febrero de 2018, Andy Ng

Re: [cas-user] [CAS 5.2.x] [OAuth] [Theme] How to make custom theme for OAuth sp

open browser developper tool to see if itheme gets loaded El miércoles, 28 de febrero de 2018, Man H escribió: > Cant you just build a simple webapp with index.html > > El miércoles, 28 de febrero de 2018, Andy Ng escribió: > >> Thanks Manfedo, >> >>

Re: [cas-user] [CAS 5.2.x] [OAuth] [Theme] How to make custom theme for OAuth sp

Cant you just build a simple webapp with index.html El miércoles, 28 de febrero de 2018, Andy Ng escribió: > Thanks Manfedo, > > Do you mean that I should: > - Redirect user to login using Non Oauth Service first (with theme) > - Then redirect user to login using Oauth

Re: [cas-user] [CAS 5.2.x] [OAuth] [Theme] How to make custom theme for OAuth sp

Thanks Manfedo, Do you mean that I should: - Redirect user to login using Non Oauth Service first (with theme) - Then redirect user to login using Oauth Service for actual Oauth login Am I correct? I would prefer not to do the above, since that mean the service provider need to change their

Re: [SOLVED] Re: [cas-user] CAS 5.2.x SAML IdP Issues

Cc: "Misagh Moayyed" <mmoay...@unicon.net> > Sent: Thursday, February 15, 2018 11:46:57 AM > Subject: Re: [SOLVED] Re: [cas-user] CAS 5.2.x SAML IdP Issues > I'm writing a SAML authentication extension for the Guacamole Project > (http://guacamole.apache.org). > -Ni

Re: [SOLVED] Re: [cas-user] CAS 5.2.x SAML IdP Issues

> > *From: *"vnick" <nick.e@gmail.com > > *To: *"CAS Community" <cas-...@apereo.org > > *Cc: *"Misagh Moayyed" <mmoa...@unicon.net > > *Sent: *Thursday, February 15, 2018 10:48:25 AM > *Subject: *[SOLVED] Re: [cas-user] CAS

Re: [SOLVED] Re: [cas-user] CAS 5.2.x SAML IdP Issues

Cool. Who exactly is the SP in this scenario? --Misagh > From: "vnick" <nick.e.couch...@gmail.com> > To: "CAS Community" <cas-user@apereo.org> > Cc: "Misagh Moayyed" <mmoay...@unicon.net> > Sent: Thursday, February 15, 2018 10:48

[SOLVED] Re: [cas-user] CAS 5.2.x SAML IdP Issues

Well, this put me on the right path - turns out the number of services the log file told me was loading just happened to match what was in the services directory, but the CAS configuration was not pointing at anything but the default location, so it wasn't actually loading my services.

Re: [cas-user] CAS 5.2.x SAML IdP Issues

There are other service definitions in the registry, yes, but none that should overlap with this definition. There are only two other service definitions - one is the OAuth Callback, which is automatically generated by CAS, and the other is one for the server on which CAS is running, which is

Re: [cas-user] CAS 5.2.x SAML IdP Issues

Do you have other JSON service definitions in the registry? Anything with a lower evaluation order or a more relaxed regex pattern? --Misagh > From: "vnick" > To: "CAS Community" > Sent: Thursday, February 15, 2018 10:15:40 AM > Subject:

Re: [cas-user] CAS 5.2.x

District of Philadelphia Work # 215-400-5025 Cell # 215-301-6571 From: "David Curry" <david.cu...@newschool.edu> To: "cas-user" <cas-user@apereo.org> Sent: Thursday, February 8, 2018 12:31:22 PM Subject: Re: [cas-user] CAS 5.2.x It's a pain in the butt, mostl

Re: [cas-user] CAS 5.2.x

du> To: "cas-user" <cas-user@apereo.org> Sent: Thursday, February 8, 2018 11:38:10 AM Subject: Re: [cas-user] CAS 5.2.x All we do to build just the cas.war file is run this command in the directory with the pom.xml file & our src overlay directory: mvn clean packag

Re: [cas-user] CAS 5.2.x

chool.edu> > *To: *"cas-user" <cas-user@apereo.org> > *Sent: *Thursday, February 8, 2018 12:13:48 PM > > *Subject: *Re: [cas-user] CAS 5.2.x > > These could probably be shortened up in a couple of ways by: > >- combining the [0] and [2] Active Dire

Re: [cas-user] CAS 5.2.x

d Curry" <david.cu...@newschool.edu> > *To: *"cas-user" <cas-user@apereo.org> > *Sent: *Thursday, February 8, 2018 12:13:48 PM > > *Subject: *Re: [cas-user] CAS 5.2.x > > These could probably be shortened up in a couple of ways by: > >

Re: [cas-user] CAS 5.2.x

of Philadelphia Work # 215-400-5025 Cell # 215-301-6571 From: "David Curry" <david.cu...@newschool.edu> To: "cas-user" <cas-user@apereo.org> Sent: Thursday, February 8, 2018 12:13:48 PM Subject: Re: [cas-user] CAS 5.2.x These could probably be

Re: [cas-user] CAS 5.2.x

<david.cu...@newschool.edu> To: "cas-user" <cas-user@apereo.org> Sent: Thursday, February 8, 2018 12:13:48 PM Subject: Re: [cas-user] CAS 5.2.x These could probably be shortened up in a couple of ways by: * combining the [0] and [2] Active Directory configs, which go ag

Re: [cas-user] CAS 5.2.x

phia > > Work # 215-400-5025 > Cell # 215-301-6571 > > -- > *From: *"David Curry" <david.cu...@newschool.edu> > *To: *"cas-user" <cas-user@apereo.org> > *Sent: *Thursday, February 8, 2018 11:27:48 AM > > *Sub

Re: [cas-user] CAS 5.2.x

: "David Curry" <david.cu...@newschool.edu> To: "cas-user" <cas-user@apereo.org> Sent: Thursday, February 8, 2018 11:27:48 AM Subject: Re: [cas-user] CAS 5.2.x I'm afraid Gradle is a complete mystery to me. Hopefully someone else can jump in. --Dave --

Re: [cas-user] CAS 5.2.x

; Technology Services > The School District of Philadelphia > > Work # 215-400-5025 > Cell # 215-301-6571 > > -- > *From: *"David Curry" <david.cu...@newschool.edu> > *To: *"cas-user" <cas-user@apereo.org> > *Sent: *Thursd

Re: [cas-user] CAS 5.2.x

ay, February 8, 2018 10:49:08 AM Subject: Re: [cas-user] CAS 5.2.x Try changing what you have: org.apereo.cas cas-server-support-ldap to this: org.apereo.cas cas-server-support-ldap ${cas.version} I'm pretty sure you have to have a version in there, so Maven knows

Re: [cas-user] CAS 5.2.x

nfig]# cat cas.properties | grep basedn >> [root@devcas5 config]# cat cas.properties | grep -i basedn >> *cas.authn.ldap[0].baseDn=dc=philasd,dc=org* >> >> === >> >> Thank You; >> >> Chris Cheltenham >> Technology Serv

Re: [cas-user] CAS 5.2.x

-- > *From: *"Man H" <info.ings...@gmail.com> > *To: *"cas-user" <cas-user@apereo.org> > *Sent: *Thursday, February 8, 2018 10:17:57 AM > > *Subject: *Re: [cas-user] CAS 5.2.x > > this is an Ldap error check your properties pr

Re: [cas-user] CAS 5.2.x

Work # 215-400-5025 Cell # 215-301-6571 From: "Man H" <info.ings...@gmail.com> To: "cas-user" <cas-user@apereo.org> Sent: Thursday, February 8, 2018 10:17:57 AM Subject: Re: [cas-user] CAS 5.2.x this is an Ldap error check your properties probably baseDn 20

Re: [cas-user] CAS 5.2.x

on handler that > supports [ccheltenham-ext] of type [UsernamePasswordCredential].> > > === > > Thank You; > > Chris Cheltenham > Technology Services > The School District of Philadelphia > > Work # 215-400-5025 > Cell # 215-301-6571 > > --

Re: [cas-user] CAS 5.2.x

gt; ---------------------- > *From: *"David Curry" <david.cu...@newschool.edu> > *To: *"cas-user" <cas-user@apereo.org> > *Sent: *Thursday, February 8, 2018 7:54:21 AM > *Subject: *Re: [cas-user] CAS 5.2.x > > > $ jar tvf cas.war |

Re: [cas-user] CAS 5.2.x

"David Curry" <david.cu...@newschool.edu> To: "cas-user" <cas-user@apereo.org> Sent: Thursday, February 8, 2018 7:54:21 AM Subject: Re: [cas-user] CAS 5.2.x $ jar tvf cas.war | grep ldap WEB-INF/lib/cas-server-support-ldap-5.2.2.jar WEB-INF/lib/cas-server-suppo

Re: [cas-user] CAS 5.2.x

r@apereo.org> Sent: Thursday, February 8, 2018 7:54:21 AM Subject: Re: [cas-user] CAS 5.2.x $ jar tvf cas.war | grep ldap WEB-INF/lib/cas-server-support-ldap-5.2.2.jar WEB-INF/lib/cas-server-support-ldap-core-5.2.2.jar WEB-INF/lib/ldaptive-1.2.3.jar WEB-INF/lib/ldaptive-beans-1.2.3.jar WEB-

Re: [cas-user] CAS 5.2.x

$ jar tvf cas.war | grep ldap WEB-INF/lib/cas-server-support-ldap-5.2.2.jar WEB-INF/lib/cas-server-support-ldap-core-5.2.2.jar WEB-INF/lib/ldaptive-1.2.3.jar WEB-INF/lib/ldaptive-beans-1.2.3.jar WEB-INF/lib/ldaptive-unboundid-1.2.3.jar WEB-INF/lib/unboundid-ldapsdk-4.0.1.jar

Re: [cas-user] CAS 5.2.x

If you are using UNIX-like, do: $ 7z l cas_without_ldap_support.war >cas_without_ldap_support_listing $ 7z l cas_supposedly_with_ldap_support.war >cas_supposedly_with_ldap_support_listing $ diff cas_*_listing > [...]ldap[...] $ _ If you are not, you can easily get a Cygwin equivalent of that.

Re: [cas-user] CAS 5.2.x Password management

That is only achieved through extending CA's functionality which means development. This could be an enhancement for future versions if Cas people agree its worth. El martes, 6 de febrero de 2018, casuser escribió: > thanks for the answer but I am not sure how to do

Re: [cas-user] CAS 5.2.x Password management

thanks for the answer but I am not sure how to do that? is there any example that I can follow? _Fazla On Tuesday, February 6, 2018 at 10:41:40 AM UTC+8, Manfredo Hopp wrote: > > I think this would be posible only if you include pm properties as part of > LDAP properties > > El lunes, 5 de

Re: [cas-user] CAS 5.2.x Password management

I think this would be posible only if you include pm properties as part of LDAP properties El lunes, 5 de febrero de 2018, casuser escribió: > How to set a LDAP password management for 2 different OU's? Using the > current documentation password management can be

Re: [cas-user] CAS 5.2.x

k You; > > Chris Cheltenham > Technology Services > The School District of Philadelphia > > Work # 215-400-5025 > Cell # 215-301-6571 > > *From:* cas-user@apereo.org [mailto:cas-user@apereo.org] *On Behalf Of *David > Curry > *Sent:* Monday, February 5, 2018 1:57 PM >

RE: [cas-user] CAS 5.2.x

Curry Sent: Monday, February 5, 2018 1:57 PM To: cas-user@apereo.org Subject: Re: [cas-user] CAS 5.2.x Chris, Are you using the Gradle overlay because you need to, or because you don't know which one to use. IMHO, unless you're going to be building CAS from source, the Maven overlay is easier

RE: [cas-user] CAS 5.2.x

Technology Services The School District of Philadelphia Work # 215-400-5025 Cell # 215-301-6571 From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of Man H Sent: Monday, February 5, 2018 1:38 PM To: cas-user@apereo.org Subject: Re: [cas-user] CAS 5.2.x dee https://github.com/apereo

RE: [cas-user] CAS 5.2.x

-6571 From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of Man H Sent: Monday, February 5, 2018 1:21 PM To: cas-user@apereo.org Subject: Re: [cas-user] CAS 5.2.x just add org.apereo.cas cas-server-support-ldap 2018-02-05 15:14 GMT-03:00 Chris