You might want to look into and configure attribute caching policy such that it
will basically re-resolve them from attribute sources every time ST gets
validated, hence you’ll get a fresh set of attributes every time CAS ST
validation protocol dance happens:
Possible the date compare with the different timezones is off somehow?
-
Maybe dev CAS and dev ADFS are same timezone and only prod is different?
On Wed, Oct 31, 2018 at 12:06 PM Toby Archer wrote:
> So I've got a mysterious problem. This morning we were going to go live
> with our new cas 5
So I've got a mysterious problem. This morning we were going to go live
with our new cas 5 servers, but when I tried to login to them, through
ADFS, my login got redirected five times and landed on an ADFS error page.
The logs looked like this:
2018-10-31 11:47:57,680 INFO
>
I just typed "date" into both the dev cas and prod cas. Both gave the same
time. So that doesn't seem to be the case. Unless you have a better
suggestion on how to check. Thanks for the suggestion, I hadn't thought of
that.
On Wednesday, October 31, 2018 at 2:14:54 PM UTC-5, Travis Schmidt
I can't recall specifically, but I do know this has been fixed in later
versions of 5.3.x.
On Tuesday, October 30, 2018 at 7:48:43 PM UTC+3:30, Alexi Pascual wrote:
>
> hi,
>
> We have a SAML 2.0 integration with Coursera and it works well. However,
> when I add an access rule, the following
If you mean the SP metadata, can you not modify that manually with the
right URLs to match your proxy?
On Wednesday, October 31, 2018 at 12:09:52 PM UTC+3:30, Fabio Martelli
wrote:
>
> Dear All, I have to ask for your help in order to achieve a specific
> requirement.
>
> I have *2 **CAS 5.2
Hi Misagh, thanks for your reply.
I'm not saying about metadata. That wasn't a problem at all.
AssertionConsumerServiceURL into AuthnRequest is the problem. The fact is that
the proxy can be called in two different ways.
Do you have suggestions?
Thank in advance.
Best regards,
F.
Il 31 ottobre
Hi all,
*Server Info:*
CAS 5.2.x
*Background:*
Recently our CAS is going to join up with an identity federation as an SAML
idp, and I am in charge of *checking the compliance* in order for us to
join.
Most of the items can be check off quickly and I understand the
requirements, however I
Dear All, I have to ask for your help in order to achieve a specific
requirement.
I have *2 **CAS 5.2 **instances behind a proxy*. Unfortunately, *this
proxy could be referenced with two different names*.
No problem in general as you can imagine except for *SAML delegated
administration*:
Hey guys,
I would like to understand if CAS already provides a configuration based
approach to map the SSO provider specific attributes in the payload to CAS
attributes map sent to the CAS service so that the services do not have to
take care about it.
Cheers,
Paul
--
- Website:
Hey guys,
as I am on it already:
What is the best approach to use CAS in conjunction with a command line
tool to login to a secured service? I read through the documentation and
the first problem seems to be that I am not in a browser context. Am I
forced to talk to the CAS REST API? Or are
Some update, I have look into some other organizations SAML2 metadata
(which is also registered to the Identity Federation we want to join),
and basically nobody brother adding the
"urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" entry despite the
requirement.
So in this case, I would
12 matches
Mail list logo