Re: [cas-user] Service Registry -- Getting the 1st Application Entered

2019-05-19 Thread Va Sja 
Hmm...
..looks really like "Security through obscurity" :((
Guys - how many peoples use CAS worldwide? 
looks like nobody?

SRC: https://mvnrepository.com/artifact/org.apereo.cas/cas-server-webapp



Am Freitag, 31. August 2018 13:05:02 UTC+2 schrieb 党田力:
>
> I had test on 5.2.6 adn 5.2.7 version
> Only append `cas-server-support-json-service-registry` to pom.xml, the '
> cas.serviceRegistry.initFromJson=true' is worked.
> Only append `cas-server-support-jpa-service-registry` to pom.xml, the 
> database is worked.
> But I append both them, the services defined in json is not loaded.
>
> On 5.1.9 version works.
>
>
> 在 2018年5月15日星期二 UTC+8下午8:15:55,David Curry写道:
>>
>> Lionel and Jann,
>>
>> Did you ever have the JSON service registry working? If not, I recommend 
>> that you take all the JPA stuff out of pom.xml and cas.properties and get 
>> that working correctly first, so that you're only trying to debug one thing 
>> at a time. Once you have the JSON service registry working correctly, for 
>> both the main server and the management webapp, then it's time to move 
>> things to JPA.
>>
>> The basic steps for moving to JPA *should* be this:
>>
>> 1. REMOVE the "cas-server-support-json-service-registry" dependency from 
>> pom.xml (server and management webapp)
>>
>> 2. Add the "cas-server-support-jpa-service-registry" dependency and 
>> whatever other dependencies go with it to pom.xml (server and management 
>> webapp)
>>
>> 3. Rebuild the server and management webapp
>>
>> 4. In the server's cas.properties file, include BOTH of these lines:
>>
>> cas.serviceRegistry.json.location: file:/etc/cas/services
>> cas.serviceRegistry.initFromJson:  true
>>
>>
>> The first line should already be there (since before you start these 
>> steps you're using the JSON service registry), but you must add the second 
>> line.
>>
>> 5. Add all the lines you need to configure the JPA service registry to 
>> the server's cas.properties file.
>>
>> 6. Start the CAS server (do not start the management webapp). You should 
>> see it load the services from the JSON files (again, this should already be 
>> working before you start) and then it will magically save them into the JPA 
>> registry.
>>
>> 7. Shut the server down.
>>
>> 8. Check the database to see that the services actually got loaded there. 
>> If not, this is where you need to start debugging. And the first step of 
>> that would be setting the log level to "debug" in log4j2.xml, and adding 
>> whatever Logger configuration you need to make the Oracle JDBC library log 
>> for you as well.
>>
>> Once you've got the services loaded into the database
>>
>> 9. Remove the "cas.serviceRegistry.json.location" and 
>> "cas.serviceRegistry.initFromJson" properties from the server's 
>> cas.properties file.
>>
>> 10. Remove the "cas.serviceRegistry.json.location" property from, and add 
>> all the JPA properties to, the management webapp's management.properties 
>> file.
>>
>> At least, that's the procedure I followed to get the MongoDB service 
>> registry working (see 
>> https://dacurry-tns.github.io/deploying-apereo-cas/high-avail_service-registry_overview.html).
>>  
>> I've not used the JPA stuff at all, so no guarantees, but I don't see why 
>> it should be any different.
>>
>> --Dave
>>
>>
>> --
>>
>> DAVID A. CURRY, CISSP
>> *DIRECTOR OF INFORMATION SECURITY*
>> INFORMATION TECHNOLOGY
>>
>> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
>> +1 212 229-5300 x4728 • david.cu...@newschool.edu
>>
>> [image: The New School]
>>
>> On Tue, May 15, 2018 at 12:14 AM, Lionel Samuel  
>> wrote:
>>
>>> Changing in "cas.properties"  
>>> 'cas.serviceRegistry.json.location:file:/etc/cas/services' to 
>>> 'cas.serviceRegistry.json.location:foobar:/etc/cas/services'
>>>
>>> The above does not generate an error message --- is that a sign it's not 
>>> loaded?
>>>
>>>
>>> On Monday, May 14, 2018 at 8:25:37 PM UTC-7, Lionel Samuel wrote:

 I'm working with Jann -- attached is our pom file (we call the jar 
 my-cas -- which is reflected in the URLs).

 It does not look like the JSON file is loaded -- I don't think it's pom 
 related --- but at the moment we are both stumped so anything goes.

 2018-05-14 20:23:17,715 WARN 
 [org.apereo.cas.services.web.ServiceThemeResolver] - >>> service 
 is found to match 
 [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@330c1ecf[id=
 http://localhost:8080/cas-management/manage.html,originalUrl=http://localhost:8080/cas-management/manage.html,artifactId=,principal=,loggedOutAlready=false,format=XML]]
  
 or service access is disallowed. Using default theme [cas-theme-default]>

 On Monday, May 14, 2018 at 5:42:35 PM UTC-7, Jann Malenkoff wrote:
>
>
> Attached is my 'cas.properties' file ---  in case I may be missing 
> something there (very likely)
>
>
> On Monday, May 14, 2018 at 5:09:12 PM UTC-7, Jann Malenkoff wrote:
>>

Re: [cas-user] Service Registry -- Getting the 1st Application Entered

2019-05-19 Thread Va Sja 
What about 5.3.x? :-D

Am Dienstag, 15. Mai 2018 00:47:36 UTC+2 schrieb Man H:
>
>
> where are these pointing to:
>
> cas.serviceRegistry.json.location for 5.2.x 
> or 
> cas.serviceRegistry.config.location for 5.1.x
>
> 2018-05-14 19:41 GMT-03:00 Jann Malenkoff  >:
>
>> FYI --- the following appears in 'catalina.out' when attempting to access 
>> 'http://localhost:8080/cas-management/manage.html,'.
>>
>> 2018-05-14 15:39:09,152 WARN 
>> [org.apereo.cas.services.web.ServiceThemeResolver] - > is found to match 
>> [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@13eed7a6[id=
>> http://localhost:8080/cas-management/manage.html,originalUrl=http://localhost:8080/cas-management/manage.html,artifactId=,principal=,loggedOutAlready=false,format=XML]]
>>  
>> or service access is disallowed. Using default theme [cas-theme-default]>
>>
>>
>> On Monday, May 14, 2018 at 3:37:31 PM UTC-7, Jann Malenkoff wrote:
>>>
>>> Hi Richard:
>>>
>>> I have the following in 'cas.properties':
>>>
>>> cas.serviceRegistry.initFromJson=true
>>>
>>> Is that correct to enable the first read from JSON? I have been staring 
>>> at the screen for so long and begining to doubt myself w.r.t true/false 
>>> flags.
>>>
>>> On Monday, May 14, 2018 at 3:30:38 PM UTC-7, richard.frovarp wrote:

 Do you have initialization on from JSON? Not sure if it will use your 
 file or just the defaults. Either way, it should get you into the manager. 
 Then you configure the manager service, and turn that property off.

 # Auto-initialize the registry from default JSON service definitions
 # cas.serviceRegistry.initFromJson=false



 On 05/14/2018 05:13 PM, Jann Malenkoff wrote:

 Hi All:

 I'm trying to get the 'http://localhost:8080/cas-management/manage.html' 
 loaded up --- but hitting the error message: 
 ' 
 Application Not Authorized to Use CAS 

 The services registry of CAS is empty and has no service definitions. 
 Applications that wish to authenticate with CAS must explicitly be defined 
 in the services registry.'


 I am hoping to have a JPA service registry --- and have configured the 
 dependencies below in the 'cas-overlay-template' pom.xml.


 To enable the access to '
 http://localhost:8080/cas-management/manage.html, I have added  the 
 JASON entry as below --- but do not see it in the database table 
 REGEXREGISTEREDSERVICE (I have cas.serviceRegistry.config.location:
 file:/etc/cas/services in 'cas.properties).


 What could I have missed (or more likely misunderstood)?


 *JSON File in /etc/cas/services (copied -- slightly adjusted -- from an 
 earlier post):*

 {
   /*
* Wildcard service definition that applies to any https or imaps url.
* Do not use this definition in a production environment.
*/
   "@class" :
 "org.apereo.cas.services.RegexRegisteredService",
   "serviceId" : "^(http)://.*",
   "name" :  "HTTP wildcard",
   "id" :20180514,
   "evaluationOrder" :   9
 }


 *pom.xml -- for cas-overlay-template*

 
 
 org.apereo.cas
 
 cas-server-webapp${app.server}
 ${cas.version}
 war
 runtime
 
 
 org.apereo.cas
 
 cas-server-support-json-service-registry
 ${cas.version}
 
 
 org.apereo.cas
 cas-server-support-ldap
 ${cas.version}
 
 
 org.apereo.cas
 
 cas-server-support-jpa-service-registry
 ${cas.version}
 
 
 org.apereo.cas
 
 cas-server-support-jpa-ticket-registry
 ${cas.version}
 
 
 org.apereo.cas
 
 cas-server-support-jdbc-drivers
 ${cas.version}
 
 
 com.oracle
 ojdbc7.jar
 12.1.0.1
 
 
 org.apereo.cas
 cas-server-support-saml
 ${cas.version}
 
 
 org.apereo.cas
 cas-server-support-duo
 ${cas.version}