Re: [cas-user] CAS + Azure AD Auth Delegation

2023-05-25 Thread Rod B 
Hello Ray and Bartosz!
Thanks for posting your configs, I think I'm close to getting CAS working 
with Azure (going into detail to maybe help the next person)

For CAS 6.6.7

I added this module to build.gradle and built the cas.war:

// Azure support
implementation 
"org.apereo.cas:cas-server-support-pac4j-webflow:${project.'cas.version'}"

This is what my cas.properties is, on azure I made an app called "cas"

cas.authn.pac4j.oidc[0].azure.display-name= cas
cas.authn.pac4j.oidc[0].azure.auto-redirect-type= SERVER
cas.authn.pac4j.oidc[0].azure.client-name= cas
cas.authn.pac4j.oidc[0].azure.enabled= true
cas.authn.pac4j.oidc[0].azure.id= [client ap id of cas app]
cas.authn.pac4j.oidc[0].azure.response-mode= form_post
cas.authn.pac4j.oidc[0].azure.response-type= id_token
cas.authn.pac4j.oidc[0].azure.scope= openid
cas.authn.pac4j.oidc[0].azure.secret= [cas client app secret]
cas.authn.pac4j.oidc[0].azure.tenant= [tenant id]
cas.authn.pac4j.oidc[0].azure.use-nonce= true
cas.authn.pac4j.oidc[0].azure.discovery-uri= 
https://login.microsoftonline.com/[tenant 
id]/oauth2/v2.0/cas.authn.pac4j.oidc[0].azure.logout-url= 
https://login.microsoftonline.com/common/oauth2/logout

On Azure, I enabled id_token and set the redirect url to: 

https://cas.dev.schoolname.ca/cas/login?client_name= 
cas

service fiile for CasTest-1.json

{
  "@class" : "org.apereo.cas.services.CasRegisteredService",
  "serviceId" : "http://cas-test.dev.ecuad.ca/wp-login.php*;,
   "name" : "CasTest"
   "id" : 1,
   "evaluationOrder" : 1,

}

Catalina.out when I go to the Cas Test page (word press site):

2023-05-25 15:25:02,294 INFO 
[org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - http://cas-test.dev.schoolname.ca/wp-login.php, client=cas, 
registeredService=CasTest:http://cas-test.dev.ecuad.ca/wp-login.php*}

ACTION: DELEGATED_CLIENT_SUCCESS

APPLICATION: CAS

WHEN: Thu May 25 15:25:02 PDT 2023

CLIENT IP ADDRESS: xxx

SERVER IP ADDRESS: unknown

=


The problem I'm having is the web page will go to:

https://cas.dev.schoolname.ca/cas/login?client_name= 
cas

and time out. I'm not sure what I need to set so CAS (or Azure) will 
redirect to the WordPress site.

Any help is appreciated.

Thank you,

Rod
On Friday, 23 April 2021 at 00:30:51 UTC-7 Bartosz Nitkiewicz wrote:

> Ray, 
>
> Thank You. Now its working as expected.
>
> Regards 
> Bartek
>
> czwartek, 22 kwietnia 2021 o 22:58:02 UTC+2 Ray Bon napisał(a):
>
>> Bartosz,
>>
>> The only cas properties I have that you do not are:
>> cas.authn.pac4j.oidc[0].azure.discoveryUri= 
>> 
>> https://login.microsoftonline.com/[tenant id goes here]/oauth2/v2.0/
>> cas.authn.pac4j.oidc[0].azure.logoutUrl=
>> https://login.microsoftonline.com/common/oauth2/logout
>>
>> When I go from cas to azure, this is the link (from developer tools):
>>
>> 
>> https://login.microsoftonline.com/[tenant id goes 
>> here]/oauth2/authorize?response_type=code_uri=
>> https://local.uvic.ca/cas/login?client_name=CasAsAClient=TST-1-..._id=[client
>>  id 
>> goes here]=openid profile email
>>
>> In azure I added an app registration called CasAsAClient. In this 
>> application I have a web redirect url, 
>> https://local.uvic.ca/cas/login?client_name=CasAsAClient
>>
>> I do not have specific notes on the steps I took. I did read a lot of MS 
>> documentation and web tutorials.
>>
>> Ray
>>
>>
>> On Thu, 2021-04-22 at 11:27 -0700, Bartosz Nitkiewicz wrote:
>>
>> Notice: This message was sent from outside the University of Victoria 
>> email system. Please be cautious with links and sensitive information. 
>>
>> I want to setup Azure as default auth for all services. But it gives me 
>> this error  AADSTS900971: No reply address provided. 
>> There are no logs on CAS server side.
>> I think that I have missconfigure something during Azure app 
>> registration. I don't know how it shoud be configure. I want to delagate 
>> auth to Azure through OIDC.
>> I've read that You have it working :)
>>
>> czwartek, 22 kwietnia 2021 o 20:18:08 UTC+2 Ray Bon napisał(a):
>>
>> Bartosz,
>>
>> After successful login on azure, cas will redirect to your intended 
>> service.
>>
>> Are there any error messages in the logs?
>>
>> Ray
>>
>> On Thu, 2021-04-22 at 10:18 -0700, Bartosz Nitkiewicz wrote:
>>
>> Notice: This message was sent from outside the University of Victoria 
>> email system. Please be cautious with links and sensitive information. 
>>
>>
>> Hi. I got stucked. I've managed to delegate auth to

Re: [cas-user] The import org.springframework.security.cas cannot be resolved

2023-05-25 Thread Ray Bon 
Cas (cas-overlay-template) is a stand alone application that handles 
authentication.

For a client application, you 'front' it with some kind of authentication 
client. Different clients will handle different and sometimes multiple 
protocols: for the protocols Cas supports 
https://apereo.github.io/cas/6.6.x/protocol/Protocol-Overview.html

Cas protocol clients: 
https://apereo.github.io/cas/6.6.x/integration/CAS-Clients.html
pac4j handles multiple protocols: https://www.pac4j.org/
There is shibboleth service provider: 
https://shibboleth.atlassian.net/wiki/spaces/SP3/overview

I am sure there are others.

Ray

On Thu, 2023-05-25 at 03:38 -0700, fasr favk wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

I was trying to setup my cas client application java classes inside the cas war 
overlay which now i think it is not possible and i need another Spring project 
for cas client to get work, am i wrong ? Am newbie btw.
Thanks.
On Wednesday, May 24, 2023 at 10:37:21 PM UTC Ray Bon wrote:
Just checked my build. Those three spring packages are already included by cas.

Are you setting up a client application or the cas overlay (authentication 
server)?

The gradle file looks to be from cas overlay. The only time you need to add non 
cas imports is if you are planning to customize cas (which should be done only 
after much deliberation - and then should be done on the main project).

Ray

On Wed, 2023-05-24 at 14:39 -0700, fasr favk wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

I'm trying to configure my cas authentication with spring security, so 'am 
creating a configuration classes where i need to import this package
Example : the public ServiceProperties serviceProperties() that needsthe 
package org.springframework.security.cas.ServiceProperties; to be imported.

On Wednesday, May 24, 2023 at 9:11:24 PM UTC Ray Bon wrote:
You should not need to import those spring-security packages.

What are you trying to accomplish with those packages?

Ray

On Wed, 2023-05-24 at 04:42 -0700, fasr favk wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

Hello, I'am using the latest cas server + spring security and am having this 
error while importing org.springframework.security.cas.*;

Error : The import org.springframework.security.cas cannot be resolved
i tried  this commands but nothing worked :
gradle clean build
gradle clean build --refresh-dependencies

My build.gradle code :

import org.apache.tools.ant.taskdefs.condition.*
import org.gradle.internal.logging.text.*
import org.apereo.cas.metadata.*
import java.nio.file.*
import static org.gradle.internal.logging.text.StyledTextOutput.Style

buildscript {
repositories {
if (project.privateRepoUrl) {
  maven {
url project.privateRepoUrl
credentials {
  username = project.privateRepoUsername
  password = System.env.PRIVATE_REPO_TOKEN
}
  }
}
mavenLocal()
mavenCentral()
gradlePluginPortal()
maven {
url 'https://oss.sonatype.org/content/repositories/snapshots'
mavenContent { snapshotsOnly() }
}
maven {
url "https://repo.spring.io/milestone;
mavenContent { releasesOnly() }
}
}
dependencies {
classpath 
"org.springframework.boot:spring-boot-gradle-plugin:${project.springBootVersion}"
classpath 
"io.freefair.gradle:maven-plugin:${project.gradleFreeFairPluginVersion}"
classpath 
"io.freefair.gradle:lombok-plugin:${project.gradleFreeFairPluginVersion}"
classpath 
"io.spring.gradle:dependency-management-plugin:${project.gradleDependencyManagementPluginVersion}"
classpath 
"com.google.cloud.tools:jib-gradle-plugin:${project.jibVersion}"

classpath 
"de.undercouch:gradle-download-task:${project.gradleDownloadTaskVersion}"
classpath 
"org.apereo.cas:cas-server-core-api-configuration-model:${project.'cas.version'}"
classpath 
"org.apereo.cas:cas-server-core-configuration-metadata-repository:${project.'cas.version'}"
}
}

repositories {
if (project.privateRepoUrl) {
  maven {
url project.privateRepoUrl
credentials {
  username = project.privateRepoUsername
  password = System.env.PRIVATE_REPO_TOKEN
}
  }
}
mavenLocal()
mavenCentral()
maven { url 'https://oss.sonatype.org/content/repositories/releases' }
maven {
url 'https://oss.sonatype.org/content/repositories/snapshots'
mavenContent { snapshotsOnly() }
}
maven {
url "https://repository.apache.org/content/repositories/snapshots;
mavenContent {

Re: [cas-user] Cas connexion with ldap

2023-05-25 Thread Baba Ndiaye 
Hello Mokoko
You can add first
*implemntation "org.apereo.cas:cas-server-support-ldap" *
After create a file in /etc/cas/config/cas.properties and paste your CAS
config

Le jeu. 25 mai 2023 à 13:36, Coeurcy Mokoko  a
écrit :

> Hello, can someone please tell me why I can't authenticate to cas server
> with the user I configured in the "cas.properties", this user is the one I
> created in ldap with the same information I entered in "cas.properties"
>
> Here is cas.properties:
>
>
> cas.server.name=http://acsi.cg:8443
> cas.server.prefix=${cas.server.name}/cas
>
> logging.config: file:/etc/cas/config/log4j2.xml
>
> cas.authn.accept.users=
> ### Connexion LDAP
>
> cas.authn.ldap[0].providerClass=org.ldaptive.provider.unboundid.UnboundIDProvid>
> cas.authn.ldap[0].type=AUTHENTICATED
> cas.authn.ldap[0].useSsl=false
> cas.authn.ldap[0].ldapUrl=ldap://acsi.cg:389
> cas.authn.ldap[0].baseDn=dc= acsi,dc=cg
> cas.authn.ldap[0].subtreeSearch=true
> cas.authn.ldap[0].searchFilter=sAMAccountName={user}
> cas.authn.ldap[0].principalAttributeList=cn,givenName,mail
> # Credential to connect to LDAP
> cas.authn.ldap[0].bindDn=CN=admin,DC= acsi,DC=cg
> cas.authn.ldap[0].bindCredential=@Debian453
> -
>
> My user for ldap is:
>
> username: admin
> password: @Debian453
>
>
> Thanks !
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/3dcf346c-8592-412c-b7f0-fab661577427n%40apereo.org
> 
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAFu1ZRu2qeVVW%3DYHFZcttO1zdHgGzx6KDf8YErV0G89zpkBERg%40mail.gmail.com.

[cas-user] Cas connexion with ldap

2023-05-25 Thread Coeurcy Mokoko 
Hello, can someone please tell me why I can't authenticate to cas server 
with the user I configured in the "cas.properties", this user is the one I 
created in ldap with the same information I entered in "cas.properties"

Here is cas.properties:
 
  
cas.server.name=http://acsi.cg:8443
cas.server.prefix=${cas.server.name}/cas

logging.config: file:/etc/cas/config/log4j2.xml

cas.authn.accept.users=
### Connexion LDAP
cas.authn.ldap[0].providerClass=org.ldaptive.provider.unboundid.UnboundIDProvid>
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].useSsl=false
cas.authn.ldap[0].ldapUrl=ldap://acsi.cg:389
cas.authn.ldap[0].baseDn=dc= acsi,dc=cg
cas.authn.ldap[0].subtreeSearch=true
cas.authn.ldap[0].searchFilter=sAMAccountName={user}
cas.authn.ldap[0].principalAttributeList=cn,givenName,mail
# Credential to connect to LDAP
cas.authn.ldap[0].bindDn=CN=admin,DC= acsi,DC=cg
cas.authn.ldap[0].bindCredential=@Debian453
-

My user for ldap is:

username: admin
password: @Debian453


Thanks !

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/3dcf346c-8592-412c-b7f0-fab661577427n%40apereo.org.

Re: [cas-user] The import org.springframework.security.cas cannot be resolved

2023-05-25 Thread fasr favk 
I was trying to setup my cas client application java classes inside the cas 
war overlay which now i think it is not possible and i need another Spring 
project for cas client to get work, am i wrong ? Am newbie btw.
Thanks.
On Wednesday, May 24, 2023 at 10:37:21 PM UTC Ray Bon wrote:

> Just checked my build. Those three spring packages are already included by 
> cas.
>
> Are you setting up a client application or the cas overlay (authentication 
> server)?
>
> The gradle file looks to be from cas overlay. The only time you need to 
> add non cas imports is if you are planning to customize cas (which should 
> be done only after much deliberation - and then should be done on the main 
> project).
>
> Ray
>
> On Wed, 2023-05-24 at 14:39 -0700, fasr favk wrote:
>
> Notice: This message was sent from outside the University of Victoria 
> email system. Please be cautious with links and sensitive information.
>
> I'm trying to configure my cas authentication with spring security, so 'am 
> creating a configuration classes where i need to import this package 
> Example : the *public ServiceProperties serviceProperties() *that needsthe 
> package *org.springframework.security.cas.ServiceProperties*; to be 
> imported.
>
> On Wednesday, May 24, 2023 at 9:11:24 PM UTC Ray Bon wrote:
>
> You should not need to import those spring-security packages.
>
> What are you trying to accomplish with those packages?
>
> Ray
>
> On Wed, 2023-05-24 at 04:42 -0700, fasr favk wrote:
>
> Notice: This message was sent from outside the University of Victoria 
> email system. Please be cautious with links and sensitive information.
>
>
> Hello, I'am using the latest cas server + spring security and am having 
> this error while importing org.springframework.security.cas.*; 
>
> *Error* : The import org.springframework.security.cas cannot be resolved
> i tried  this commands but nothing worked : 
> gradle clean build
> gradle clean build --refresh-dependencies  
>
> My *build.gradle* code : 
>
> import org.apache.tools.ant.taskdefs.condition.*
> import org.gradle.internal.logging.text.*
> import org.apereo.cas.metadata.*
> import java.nio.file.*
> import static org.gradle.internal.logging.text.StyledTextOutput.Style
>
> buildscript {
> repositories {
> if (project.privateRepoUrl) {
>   maven {
> url project.privateRepoUrl
> credentials {
>   username = project.privateRepoUsername
>   password = System.env.PRIVATE_REPO_TOKEN
> }
>   }
> }
> mavenLocal()
> mavenCentral()
> gradlePluginPortal()
> maven {
> url 'https://oss.sonatype.org/content/repositories/snapshots'
> mavenContent { snapshotsOnly() }
> }
> maven {
> url "https://repo.spring.io/milestone;
> mavenContent { releasesOnly() }
> }
> }
> dependencies {
> classpath 
> "org.springframework.boot:spring-boot-gradle-plugin:${project.springBootVersion}"
> classpath 
> "io.freefair.gradle:maven-plugin:${project.gradleFreeFairPluginVersion}"
> classpath 
> "io.freefair.gradle:lombok-plugin:${project.gradleFreeFairPluginVersion}"
> classpath 
> "io.spring.gradle:dependency-management-plugin:${project.gradleDependencyManagementPluginVersion}"
> classpath 
> "com.google.cloud.tools:jib-gradle-plugin:${project.jibVersion}"
>
> classpath 
> "de.undercouch:gradle-download-task:${project.gradleDownloadTaskVersion}"
> classpath 
> "org.apereo.cas:cas-server-core-api-configuration-model:${project.'cas.version'}"
> classpath 
> "org.apereo.cas:cas-server-core-configuration-metadata-repository:${project.'cas.version'}"
> }
> }
>
> repositories {
> if (project.privateRepoUrl) {
>   maven {
> url project.privateRepoUrl
> credentials {
>   username = project.privateRepoUsername
>   password = System.env.PRIVATE_REPO_TOKEN
> }
>   }
> }
> mavenLocal()
> mavenCentral()
> maven { url 'https://oss.sonatype.org/content/repositories/releases' }
> maven {
> url 'https://oss.sonatype.org/content/repositories/snapshots'
> mavenContent { snapshotsOnly() }
> }
> maven {
> url "https://repository.apache.org/content/repositories/snapshots;
> mavenContent { snapshotsOnly() }
> }
> maven {
> url '
> https://build.shibboleth.net/nexus/content/repositories/releases/'
> mavenContent { releasesOnly() }
> }
> maven {
> url "
> https://build.shibboleth.net/nexus/content/repositories/snapshots;
> mavenContent { snapshotsOnly() }
> }
> maven {
> url "https://repo.spring.io/milestone;
> mavenContent { releasesOnly() }
> }
> maven {
> url "https://jitpack.io;
> content {
> includeGroupByRegex ".*wss4j.*"
> }
>

Re: [cas-user] The import org.springframework.security.cas cannot be resolved

2023-05-25 Thread fasr favk 
I'm trying to configure my cas authentication with spring security, so 'am 
creating a configuration classes where i need to import this package
Example : the *public ServiceProperties serviceProperties() *that needs the 
package *org.springframework.security.cas.ServiceProperties*; to be 
imported.

On Wednesday, May 24, 2023 at 9:11:24 PM UTC Ray Bon wrote:

> You should not need to import those spring-security packages.
>
> What are you trying to accomplish with those packages?
>
> Ray
>
> On Wed, 2023-05-24 at 04:42 -0700, fasr favk wrote:
>
> Notice: This message was sent from outside the University of Victoria 
> email system. Please be cautious with links and sensitive information.
>
>
> Hello, I'am using the latest cas server + spring security and am having 
> this error while importing org.springframework.security.cas.*; 
>
> *Error* : The import org.springframework.security.cas cannot be resolved
> i tried  this commands but nothing worked : 
> gradle clean build
> gradle clean build --refresh-dependencies  
>
> My *build.gradle* code : 
>
> import org.apache.tools.ant.taskdefs.condition.*
> import org.gradle.internal.logging.text.*
> import org.apereo.cas.metadata.*
> import java.nio.file.*
> import static org.gradle.internal.logging.text.StyledTextOutput.Style
>
> buildscript {
> repositories {
> if (project.privateRepoUrl) {
>   maven {
> url project.privateRepoUrl
> credentials {
>   username = project.privateRepoUsername
>   password = System.env.PRIVATE_REPO_TOKEN
> }
>   }
> }
> mavenLocal()
> mavenCentral()
> gradlePluginPortal()
> maven {
> url 'https://oss.sonatype.org/content/repositories/snapshots'
> mavenContent { snapshotsOnly() }
> }
> maven {
> url "https://repo.spring.io/milestone;
> mavenContent { releasesOnly() }
> }
> }
> dependencies {
> classpath 
> "org.springframework.boot:spring-boot-gradle-plugin:${project.springBootVersion}"
> classpath 
> "io.freefair.gradle:maven-plugin:${project.gradleFreeFairPluginVersion}"
> classpath 
> "io.freefair.gradle:lombok-plugin:${project.gradleFreeFairPluginVersion}"
> classpath 
> "io.spring.gradle:dependency-management-plugin:${project.gradleDependencyManagementPluginVersion}"
> classpath 
> "com.google.cloud.tools:jib-gradle-plugin:${project.jibVersion}"
>
> classpath 
> "de.undercouch:gradle-download-task:${project.gradleDownloadTaskVersion}"
> classpath 
> "org.apereo.cas:cas-server-core-api-configuration-model:${project.'cas.version'}"
> classpath 
> "org.apereo.cas:cas-server-core-configuration-metadata-repository:${project.'cas.version'}"
> }
> }
>
> repositories {
> if (project.privateRepoUrl) {
>   maven {
> url project.privateRepoUrl
> credentials {
>   username = project.privateRepoUsername
>   password = System.env.PRIVATE_REPO_TOKEN
> }
>   }
> }
> mavenLocal()
> mavenCentral()
> maven { url 'https://oss.sonatype.org/content/repositories/releases' }
> maven {
> url 'https://oss.sonatype.org/content/repositories/snapshots'
> mavenContent { snapshotsOnly() }
> }
> maven {
> url "https://repository.apache.org/content/repositories/snapshots;
> mavenContent { snapshotsOnly() }
> }
> maven {
> url '
> https://build.shibboleth.net/nexus/content/repositories/releases/'
> mavenContent { releasesOnly() }
> }
> maven {
> url "
> https://build.shibboleth.net/nexus/content/repositories/snapshots;
> mavenContent { snapshotsOnly() }
> }
> maven {
> url "https://repo.spring.io/milestone;
> mavenContent { releasesOnly() }
> }
> maven {
> url "https://jitpack.io;
> content {
> includeGroupByRegex ".*wss4j.*"
> }
> mavenContent { releasesOnly() }
> }
> }
>
> apply plugin: "io.freefair.war-overlay"
> apply plugin: "war"
> apply plugin: "org.springframework.boot"
> apply plugin: "io.freefair.lombok"
>
> apply from: rootProject.file("gradle/springboot.gradle")
> apply from: rootProject.file("gradle/jib.gradle")
> apply from: rootProject.file("gradle/tasks.gradle")
>
>
> configurations.all {
> resolutionStrategy {
> cacheChangingModulesFor 0, "seconds"
> cacheDynamicVersionsFor 0, "seconds"
> preferProjectModules()
> def failIfConflict = project.hasProperty("failOnVersionConflict") 
> && Boolean.valueOf(project.getProperty("failOnVersionConflict"))
> if (failIfConflict) {
> failOnVersionConflict()
> }
> }
> exclude(group: "cglib", module: "cglib")
> exclude(group: "cglib", module: "cglib-full")
> exclude(group: "org.slf4j", module: "slf4j-log4j12")
>

Re: [cas-user] Potential new features

2023-05-25 Thread Petr Fišer 

Hello,

Feature 1
IMO, this will break a lot of things. Also, if you are logged in as one 
user, why would you need another login sesison as different user in 
another tab? Is there any specific use-case you are pursuing?

BTW user can open separate (anonymous) browser window if they want.
I can say, for myself, that I sometimes even need to use CAS as a domain 
SSO solution. Some legacy applications do not have, say, OAuth support 
but they can understand good ol' "domain-wide" SSO cookie.


If this gets implemented, please, make it configurable.


Feature 2
Probably a configurable thing too.
My two cents are: SLO may not be necessary, just because some /specific/ 
site needs you to have sufficiently fresh login session (like... Github 
when you try to actually change some project-related settings). Other 
sites need not even know that some re-login happenned.


Cheers,
Fiisch

On 05/25/2023 11:08 AM, Jérôme LELEU wrote:

Hi,

I'd like to make some kind of poll to know if some people might be 
interested by the two following new features:


Feature 1: I open the login page in two tabs of my browser and log in 
in the first tab and then in the second tab: the second authentication 
currently just erases the first one. Should we have better behavior? 
Like displaying a warning to indicate that we keep the existing 
authentication or replace it by a new one?


Feature 2: I call the login page with the renew parameter. If the new 
logged user is different from the old one, should I perform a SLO?


Feedback will be welcome.

Thanks.
Best regards,
Jérôme

--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google 
Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send 
an email to cas-user+unsubscr...@apereo.org 
.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAP279Lz8jH970S%3D-7J1fw1BcgP%3DYv%3DnnZ9QRXhOtdBzY8WGOFQ%40mail.gmail.com 
.


--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS Community" group.

To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/42b4f18e-5bde-301a-1314-5ab8616c7756%40gmail.com.

[cas-user] Potential new features

2023-05-25 Thread Jérôme LELEU 
Hi,

I'd like to make some kind of poll to know if some people might be
interested by the two following new features:

Feature 1: I open the login page in two tabs of my browser and log in in
the first tab and then in the second tab: the second authentication
currently just erases the first one. Should we have better behavior? Like
displaying a warning to indicate that we keep the existing authentication
or replace it by a new one?

Feature 2: I call the login page with the renew parameter. If the new
logged user is different from the old one, should I perform a SLO?

Feedback will be welcome.

Thanks.
Best regards,
Jérôme

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAP279Lz8jH970S%3D-7J1fw1BcgP%3DYv%3DnnZ9QRXhOtdBzY8WGOFQ%40mail.gmail.com.