Re: [cas-user] Problem integrating CAS 5.2.0 with ORCID and FACEBOOK.

Hi, In pac4j, you can set the scope of the Orcid client. It doesn't seem possible within the CAS server: https://apereo.github.io/cas/5.2.x/installation/Configuration-Properties.html#orcid That said, this is easy to change: don't hesitate to submit a PR for that in the CAS project. What would

[cas-user] Inspektr audit says AUTHENTICATION_SUCCESS on authentication failures

There is a bug in the module inspektr-audit-1.7.1.GA when an Exception is thrown on an authentication process that ends logging the authentication as successfully: Logs: 2018-01-23 11:18:18,583 ERROR > [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - > has failed.

Re: [cas-user] Inspektr audit says AUTHENTICATION_SUCCESS on authentication failures

Thanks! El martes, 23 de enero de 2018, 12:50:29 (UTC+1), Dmitriy Kopylenko escribió: > > https://github.com/apereo/inspektr > > D. > > > > > On Tue, Jan 23, 2018 at 5:38 AM -0500, "Oscar del Pozo" < > oscard...@gmail.com > wrote: > > There is a bug in the module inspektr-audit-1.7.1.GA when an

[cas-user] Re: pac4j Google2Client auth delegation: How to unauthorize a profile?

Hello Oscar, This is an example of one possible solution: Our cas project (based on cas-4.0.x), uses Delegated Authentication (Facebook/Google/Twitter) to perform "one click" SignUp/SignIn. We use a custom auth handler that uses the attributes (email, first_name, surname) returned by

Re: [cas-user] Using CAS 5.2.0 is it possible to force users to configure their custom security questions when the user login for the 1st time?

You can modify the login webflow, https://apereo.github.io/cas/5.2.x/installation/Webflow-Customization.html to add custom security questions page. There is a section on password management, https://apereo.github.io/cas/5.2.x/installation/Password-Management.html There are also various aspects

Re: [cas-user] Management webapp 5.3.0-RC1/RC2-SNAPSHOT hates my management.properties file?

Hi Travis, The advantage to the overlay is that you don't have to clone the whole repo and build from source. I'm trying to build 5.3.0-RC2-SNAPSHOT because I'm working on fixing MongoDbConnectionFactory.java to correctly handle client connection strings (URIs), which is needed to support a

Re: [cas-user] Allowing alternate identifiers for username

If your backend is ldap you can do some tricks with ldap filter. For example: cas.authn.ldap[0].userFilter=(|(uid={user})(&(!(uid=*))(|(mail={user}@mail2.domain)(mail={user}@mail.domain   -Original Message- From: "Dusty Edenfield" To: "CAS Community"

[cas-user] Management webapp 5.3.0-RC1/RC2-SNAPSHOT hates my management.properties file?

I am building the management webapp with the current Maven WAR overlay, and set to either 5.3.0-RC1 or 5.3.0-RC2-SNAPSHOT. In both cases, all of a sudden the webapp is unhappy with my *management.properties* file that has been working just fine with 5.1.x and 5.2.x. Specifically, I get:

Re: [cas-user] Management webapp 5.3.0-RC1/RC2-SNAPSHOT hates my management.properties file?

Hi David, Not exactly sure what is going on, but I have to confess that I have not tried building the management app with the Maven overlay. I can say for sure that to be compatible with the last release of the management app that the cas.version needs to be 5.3.0-RC1, since that is what it is

[cas-user] ZenDesk JWT integration

Greetings! I'm trying to integrate our CAS 5.1 instance with Zendesk's JWT login flow. I have solved this in previous CAS versions using an ArgumentExtractor and an extension of AbstractWebApplicationService. Two main issues are incoming parametes need to be mapped to expected ones (ie:

[cas-user] Re: ZenDesk JWT integration

Also, it looks like org.apereo.cas.util.EncodingUtils only allows HS512, (line232). ZenDesk uses HS256. One more thing to override... -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions:

[cas-user] pac4j Google2Client auth delegation: How to unauthorize a profile?

Hi! I'm migrating from CAS 4.0.5 to 5.2.1 and everything has gone perfect but I'm facing a problem with the Google OAuth authentication. I have configured a delegate authentication to Google with pac4j successfully but I need to make a modification, only allow the emails which end with

Re: [cas-user] CAS 5.2.1 report failed authentications as AUTHENTICATION_SUCCESS

Hi, I've made a pull request solving this issue: https://github.com/apereo/inspektr/pull/10. It has been already approved. El viernes, 19 de enero de 2018, 16:47:02 (UTC+1), Ben Howell-Thomas escribió: > > Might have solved it. > > To confirm what Mohsen said, seems fine in 5.2.0. > >

[cas-user] Ip changed to Host name

Hello all,, I am using mod_auth_cas. While i hit cas url I give ip and cas automatically change it to host name. Can anyone suggest how to stop this? Eg: my url: https://192.168.111.XX => It redirets to my cas url as

[cas-user] MFA Google Authenticator persistence issue?

CAS Experts, I am trying to setup Google Authenticator for MFA purposes. It works fine in memory mode. So now we want to install persistence for it on MariaDB. So here is what we did. 1. We installed Mariadb and initiated it. 2. We created a database named "mfa" to store the registries. 3.