Re: [cas-user] CAS5.3.x: Error getting flow information for URL

Hi Ray, Yes, it does not allow the user to be validated and login successfully. It redirects back to login page only. Any suggestion to look into specifically. We see this issue when we hit the load balance url but not when we directly access the server url. Thanks, Jay On Thursday, May

[cas-user] Re: CAS5.3.x: Error getting flow information for URL

Hi Ray, https://groups.google.com/a/apereo.org/d/msg/cas-user/FqJW4gS3lCI/y9W-63-nCgAJ Yes, it does allow use to be validated and login. It redirects back to login page only. Any suggestion to look into. We see this issue when we hit the load balance url but not when we directly access the

Re: [cas-user] CAS Logout Issue

Ray, Let me explain you my architecture. I have a CAS client (mod_auth_cas) which redirects to NGINX Load Balancer. The nginx forwards to one of the active CAS Server. Do I need to install certificates on all CAS Server? User request to Mod_auth_cas via HTTPS but I am doing ssl stripping for

Re: [cas-user] Re: SPNEGO Client Selection Strategy

Hi Christian, Which version of CAS do you use ? It seems to be a version below CAS 5.0.x (org.jasig packages and XML spring configurations). SPNEGO client selection strategy was working on 4.x version, but I cannot make it work after having upgrade to CAS 5.1.x Regards, Charles

Re: [cas-user] Logout using delegated authentication to another CAS server

Aaah, and I also have to configure a service on CAS5, allowing CAS3 to redirect. Em qui, 17 de mai de 2018 às 17:20, Diego Henrique Pagani < dhpag...@gmail.com> escreveu: > But I need to change the url of the logout on oauth2app. Is there someway > to do it on cas5 configuration ? > > Em qui, 17

Re: [cas-user] Logout using delegated authentication to another CAS server

But I need to change the url of the logout on oauth2app. Is there someway to do it on cas5 configuration ? Em qui, 17 de mai de 2018 às 15:59, Misagh Moayyed escreveu: > > How can I configure CAS5, when the user is logging out, to tell CAS3 to > end its session or redirects

Re: [cas-user] Re: cas-management question

Jen, I think you mean a cas-management error and not 'CAS error'. Are CAS and cas-management running on the same tomcat? Logging config for cas-management is in log4j2-management.xml which also introduces cas-management.log. Ray On Thu, 2018-05-17 at 12:55 -0700, Jennifer LaVoie wrote:

Re: [cas-user] Re: cas-management question

Sorry, not cas.log cas-management.log. If still nothing, try setting cas.log.level to debug in log4j2-management.xml. -- DAVID A. CURRY, CISSP *DIRECTOR OF INFORMATION SECURITY* INFORMATION TECHNOLOGY 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003 +1 212 229-5300 x4728 •

Re: [cas-user] Re: cas-management question

nothing helpful in cas.log or catalina.out that I can see it seems to be CAS error because the leaf is on the tab and above the error that I posted it says Cas Service Management Jen On Thursday, May 17, 2018 at 3:44:27 PM UTC-4, David Curry wrote: > > Haven't seen that one, that I can

Re: [cas-user] Re: cas-management question

Haven't seen that one, that I can recall. Is that a CAS error (shows in a CAS-branded web page) or a Tomcat error? Do the logs (cas.log and/or catalina.out) say anything helpful? -- DAVID A. CURRY, CISSP *DIRECTOR OF INFORMATION SECURITY* INFORMATION TECHNOLOGY 71 FIFTH AVE., 9TH FL., NEW

[cas-user] Re: cas-management question

I updated the management.properties file with some ports specifically defined. And that is now working as expected... However, I get this The CAS management webapp is unavailable. There was an error trying to complete your request. Please notify your support desk or try again. On

Re: [cas-user] cas-management question

Not sure if you copy-n-pasted this: https://cashost/cas/login?service=https%3A%2F%2Fcashost%3A8443%2Fcas-management%2Fmanage.html or typed it by hand, but I see both "cashost" and "cashost:8443". Normally they'd both be the same (since Tomcat is usually only listening on the one port). --Dave

Re: [cas-user] cas-management question

Thanks Matt and Dave Ok, so once I fixed my stupid typo, I get the correct url https://cashost/cas/login?service=https%3A%2F%2Fcashost%3A8443%2Fcas-management%2Fmanage.html But i also get ERR_Connection_refused. not sure why On Thu, May 17, 2018 at 3:31 PM, Matthew Uribe

Re: [cas-user] cas-management question

Sorry, after sending this response, my email refreshed and I saw the other helpful posts. Disregard. On Thursday, May 17, 2018 at 1:28:06 PM UTC-6, Matthew Uribe wrote: > > What's the cas.server.name in your management.properties? > > [image: Aims Community College Top Work Places 2018 - The

Re: [cas-user] cas-management question

What's the cas.server.name in your management.properties? [image: Aims Community College Top Work Places 2018 - The Denver Post] Matt Uribe Programmer Analyst II Information Technology Aims Community College 970.339.6375 matthew.ur...@aims.edu 5401 W. 20th Street

Re: [cas-user] Re: cas-management question

You have "server.name" instead of "cas.server.name" (oops) -- DAVID A. CURRY, CISSP *DIRECTOR OF INFORMATION SECURITY* INFORMATION TECHNOLOGY 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003 +1 212 229-5300 x4728 • david.cu...@newschool.edu [image: The New School] On Thu, May 17, 2018 at 3:23

Re: [cas-user] cas-management question

etc/cas/config/management.properties --Dave -- DAVID A. CURRY, CISSP *DIRECTOR OF INFORMATION SECURITY* INFORMATION TECHNOLOGY 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003 +1 212 229-5300 x4728 • david.cu...@newschool.edu [image: The New School] On Thu, May 17, 2018 at 3:18 PM, Jennifer

[cas-user] Re: cas-management question

Here is my management.properties file # CAS server that management app will authenticate with # This server will authenticate for any app (service) and you can login as casuser/Mellon server.name: https://cashost cas.server.prefix: ${cas.server.name}/cas cas.mgmt.adminRoles[0]=ROLE_ADMIN

[cas-user] cas-management question

So I have followed all the steps here https://dacurry-tns.github.io/deploying-apereo-cas/building_svcmgmt_configure-webapp-properties.html (awesome site) And when I try to go to https://cashost:8443/cas-management I am redirected to here

Re: [cas-user] Logout using delegated authentication to another CAS server

> How can I configure CAS5, when the user is logging out, to tell CAS3 to end > its > session or redirects to CAS 3 to logout, and get back to the login screen? https://cas5/cas/logout?service=https://cas3/cas/logout?service=wherever-you-need-to-go with the proper encoding of the parameters.

[cas-user] Logout using delegated authentication to another CAS server

Hi guys, I have the structure: [Oauth2 application] -> [cas5] -> [cas3]. The CAS5 server is configured to delegate authentication, using CAS30 protocol (pac4j) to cas3 and it's working fine. The problem that I'm trying to solve is when the user asks for logout. I need that the user ends its

Re: [cas-user] Application Not Authorized to Use CAS

FYI --- this post is old and resolved via great assistance from David (fThe New School). The filters are holding back emails sent to the list. On Mon, May 14, 2018 at 10:43 AM, Jann Malenkoff wrote: > Hello: > > I have been tacking with the JSON enabling of

Re: [cas-user] Re: Size of maven cas-overlay-template

Sam, There is an install requirements section in the docs, https://apereo.github.io/cas/5.2.x/planning/Installation-Requirements.html Ray On Thu, 2018-05-17 at 08:46 -0800, Sam Erie wrote: Thank you sir. That is how it seemed, just wanted to make sure I have done everything possible before

Re: [cas-user] Re: Size of maven cas-overlay-template

Thank you sir. That is how it seemed, just wanted to make sure I have done everything possible before requesting more space on the server. On Wed, May 16, 2018 at 10:40 PM, Andy Ng wrote: > Hi Sam, > > Since the default CAS 5 server already included so many components, the >

Re: [cas-user] CAS Logout Issue

Ramakrishna, Add this to the log config: The above may produce a lot of messages. It looks to be a problem with CAS contacting your client. It could be a certificate issue. I guess you created a certificate since it is on a 192 ip. Did you add the certificate to the java key store?

[cas-user] Re: CAS 5.2.3 IpAddress blocking& Password expiry messages & Service Maintenance notifications

Hi, Any one has ideas on this? Rao On Wednesday, May 16, 2018 at 10:12:13 PM UTC-7, Mr Rao wrote: > > Hi, > I've been migrating from CAS 3.2.5 to CAS 5.2.3. We have below > requirements in current code and need help on how to implement these in new > version of CAS. > > 1) IP address

[cas-user] Re: (Ask) CAS 5.2 Basic Installation Step by Step

All will try https://dacurry-tns.github.io/deploying-apereo-cas guides. Thanks Matthew Uribe. Pada Kamis, 17 Mei 2018 21.36.19 UTC+7, Matthew Uribe menulis: > > Maybe have a look here > https://groups.google.com/a/apereo.org/forum/#!searchin/cas-user/guide/cas-user/LgZzuXvh3OY/T6XXmVvcCQAJ >

[cas-user] Re: (Ask) CAS 5.2 Basic Installation Step by Step

Maybe have a look here https://groups.google.com/a/apereo.org/forum/#!searchin/cas-user/guide/cas-user/LgZzuXvh3OY/T6XXmVvcCQAJ or https://groups.google.com/a/apereo.org/forum/#!searchin/cas-user/CAS$20documentation$20for$20a$20new$20user$20is$20terrible/cas-user/BwI6_qU612c/sPx1lAaQBgAJ

[cas-user] (Ask) CAS 5.2 Basic Installation Step by Step

Hello, I started a cas installation through https://github.com/apereo/cas-overlay-template. After that I confused how the next configuration. I have read the CAS documentation, but I do not understand that. Please help him to the authentication process succeed. How can I set up service and

Re: [cas-user] cas-overlay-template sutck with warnings

Did you create a keystore file 'thekeystore' under '/etc/cas'? I don't see any reference to it in your cas.properties. If you are using the embedded Tomcat, you need to include the keystore properties in the cas.properties file. Check out the README.md file that comes with the overlay. On

[cas-user] Re: SPNEGO Client Selection Strategy

Hi Nicolas, In our organization, we need to let the user choose between the default login and SPNEGO upon a list of criteria and sometimes we need to go directly to the SPNEGO authentication upon other criteria. For this feature, I extended the SPNEGO module. I show a button with the label

[cas-user] Application Not Authorized to Use CAS

Hello: I have been tacking with the JSON enabling of 'http://localhost:8080/cas-management' over the weekend. Wondering if I can change approach and tackle this by entering SQL to the DB tables (screenshot attached). Would there be a resource with instruction on which tables to update?

[cas-user] Re: SPNEGO Client Selection Strategy

Hi Nicholas, It's seems to me that Kerberos / SPNEGO client selection strategy is broken since Alfresco 5.0.x. Indeed, there are several other messages in this discussion list referring to this problem : here ,

[cas-user] CAS5.3.x: Error getting flow information for URL

Hello everyone, We have CAS application running in Tomcat in two different instances and load balanced by a F5 url. Any application is configured with the F5 url for login authentication and authorization. We have customized the url to *https:///las/v3/login* (Naming the war file as

[cas-user] Re: Size of maven cas-overlay-template

Hi Sam, Since the default CAS 5 server already included so many components, the large size is to be expected I think, and I also tried but failed to find any way to shrink down the size of CAS 5. However, my previous blockage is actually *I hit tomcat default max-file-size*, and actually I

Re: [cas-user] CAS Logout Issue

Hi Ray, As said by you, I enabled logs and this is the output 2018-05-17 11:50:46,479 INFO [org.apereo.cas.logout.DefaultLogoutManager] - 2018-05-17 11:50:46,501 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] -