Looks like I'm generating the response but it's not being sent:
Action] - https://regent-team.myfreshwo
rks.com/sp/SAML/26912657608931/callback, originalUrl=https://regent-team.myf
reshworks.com/sp/SAML/26912657608931/callback, artifactId=null, principal=ke
ithal,
replaced the serviceid with the entityid from the sp metadata
which is:
https://regent-team.myfreshworks.com/sp/SAML/26912657608931/metadata
yes, this is the entityid in the sp metadata!
now I'm getting this:
2021-04-12 16:27:27,481 WARN [org.apereo.cas.web.flow.ServiceAuthorizationCheck]
-
Hi,
I am trying to use cas as SP with delegated authentication towards a
SAML2 IDP.
The authnrequest that I need to replicate has the `Scoping` XML key,
like this:
https://myid.myservice.org/sp/metadata
In the documentation I don't see any reference to this key, so I tried
to take
I’m pretty sure the serviced is supposed to be a regular expression, no?. *
after an ‘h’ means repeat the ‘h’. Put ‘.*’ and you’ll repeat anything, but
that wouldn’t be what you want either, as that would allow any domain with a
DNS prefix of ‘regent-team.myfresh’, to authenticate against
Try using /*
On Mon, Apr 12, 2021 at 1:53 PM Trenton Adams wrote:
> I’m pretty sure the serviced is supposed to be a regular expression, no?.
> * after an ‘h’ means repeat the ‘h’. Put ‘.*’ and you’ll repeat anything,
> but that wouldn’t be what you want either, as that would allow any domain
Any ideas on what might be going on here?
I get the "Application Not Authorized to Use CAS" page when redirected to CAS.
2021-04-12 14:21:32,474 WARN
[org.apereo.cas.services.web.RegisteredServiceThemeResolver] - https://regent-team.myfreshworks.com/sp/SAML/269126576089314274/callback,
Don't do a regex for the serviceId for SAML2. Do the entityId instead.
On Mon, 2021-04-12 at 18:46 +, Keith Alston (Staff) wrote:
Any ideas on what might be going on here?
I get the "Application Not Authorized to Use CAS" page when redirected to CAS.
2021-04-12 14:21:32,474 WARN
Or rather
serviceId :
instead of the regex you have there.
On Mon, 2021-04-12 at 18:50 +, 'Richard Frovarp' via CAS Community wrote:
Don't do a regex for the serviceId for SAML2. Do the entityId instead.
On Mon, 2021-04-12 at 18:46 +, Keith Alston (Staff) wrote:
Any ideas on what
Oops, I had meant to paste this. This should allow anything with domain.com
and prefix regent-team.myfresh to authenticate against your CAS server.
^(https|http):\/\/regent-team\.myfresh.*domain\.com(:[0-9]{1,5})?\/.*$"
From: on behalf of Trenton Adams
Reply-To: "cas-user@apereo.org"
Date:
I've configured a SAML 2.0 service using CAS 5.3.
Using SAML trace I see a SAML request to CAS,
I get the login page, authenticate successfully
I'm redirected but I never see a SAML response to the SP.
"Error in processing saml response" at the SP.
Does anyone have any idea why this might be
Keith,
Check your cas logs, perhaps on debug, to see why it did not generate a SAML
response.
Ray
On Mon, 2021-04-12 at 20:57 +, Keith Alston (Staff) wrote:
Notice: This message was sent from outside the University of Victoria email
system. Please be cautious with links and sensitive
If I'm reading your message correctly about the SP displaying an exception,
you might also want to ask the SP to check their logs as well. I've had
cases where I did everything I could to debug on my end, and it ended up
that the SP had misconfigured our IdP registration on their end.
Good luck!
12 matches
Mail list logo