[cas-user] (Ask) CAS 5.2 Basic Installation Step by Step
Hello, I started a cas installation through https://github.com/apereo/cas-overlay-template. After that I confused how the next configuration. I have read the CAS documentation, but I do not understand that. Please help him to the authentication process succeed. How can I set up service and users, as well as user data stored in MySQL. Thanks. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/2feeab6e-ee50-431b-9659-8f59c54eeaef%40apereo.org.
[cas-user] Re: (Ask) CAS 5.2 Basic Installation Step by Step
All will try https://dacurry-tns.github.io/deploying-apereo-cas guides. Thanks Matthew Uribe. Pada Kamis, 17 Mei 2018 21.36.19 UTC+7, Matthew Uribe menulis: > > Maybe have a look here > https://groups.google.com/a/apereo.org/forum/#!searchin/cas-user/guide/cas-user/LgZzuXvh3OY/T6XXmVvcCQAJ > > or > https://groups.google.com/a/apereo.org/forum/#!searchin/cas-user/CAS$20documentation$20for$20a$20new$20user$20is$20terrible/cas-user/BwI6_qU612c/sPx1lAaQBgAJ > > > > > On Thursday, May 17, 2018 at 8:23:23 AM UTC-6, Fahmi L. Ramdhani wrote: >> >> Hello, >> >> I started a cas installation through >> https://github.com/apereo/cas-overlay-template. After that I confused >> how the next configuration. I have read the CAS documentation, but I do not >> understand that. Please help him to the authentication process succeed. >> >> How can I set up service and users, as well as user data stored in MySQL. >> >> Thanks. >> > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/e5c92144-f12c-4eb2-818d-af7f843881d9%40apereo.org.
[cas-user] Re: (Ask) CAS 5.2 Basic Installation Step by Step
Okay. I will try again and will share the results on this topic. Thank you. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/4e6e9174-4b28-4f99-9a24-52afd2ece61f%40apereo.org.
[cas-user] Re: (Ask) CAS 5.2 Basic Installation Step by Step
Hello, After I tried the guide from https://dacurry-tns.github.io/deploying-apereo-cas, overall setup no problem. My virtual address at https://cas.example.org:8443/cas/login # cd mycas # ./mvnw clean package # sudo sh ./cassrv-tarball.sh (result is success) # sudo sh ./cassrv-install.sh (result is"installation completed") After that I open my virtual address url https://cas.example.org:8443/cas/login, but not accessible (It seems port is not active). Why does tomcat service not run port 8443? Though tomcat service active (green). Thanks for help -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/69dd68d6-5c93-4074-8ebf-b2fc1b5f63b4%40apereo.org.
Re: [cas-user] Re: (Ask) CAS 5.2 Basic Installation Step by Step
Okay. I will try again and will share the results on this topic. Thank you. Pada Rabu, 23 Mei 2018 05.33.37 UTC+7, David Curry menulis: > > Check the Tomcat log file (catalina.out) for errors. You should see it > starting up the CAS service, etc. Also check the CAS log file. > > > David A. Curry, CISSP > Director of Information Security > The New School - Information Technology > 71 Fifth Ave., 9th Fl. ~ New York, NY 10003 > +1 212 229-5300 x4728 ~ david...@newschool.edu > Sent from my phone; please excuse typos and inane auto-corrections. > > > On Tue, May 22, 2018, 18:28 Fahmi L. Ramdhani <fahmilesti...@gmail.com > > wrote: > >> Hello, >> >> After I tried the guide from >> https://dacurry-tns.github.io/deploying-apereo-cas, overall setup no >> problem. My virtual address at https://cas.example.org:8443/cas/login >> >> # cd mycas >> # ./mvnw clean package >> # sudo sh ./cassrv-tarball.sh (result is success) >> # sudo sh ./cassrv-install.sh (result is"installation completed") >> >> After that I open my virtual address url >> https://cas.example.org:8443/cas/login, but not accessible (It seems >> port is not active). Why does tomcat service not run port 8443? Though >> tomcat service active (green). >> >> Thanks for help >> >> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to cas-user+u...@apereo.org . >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/69dd68d6-5c93-4074-8ebf-b2fc1b5f63b4%40apereo.org >> >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/69dd68d6-5c93-4074-8ebf-b2fc1b5f63b4%40apereo.org?utm_medium=email_source=footer> >> . >> > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/369ddc26-9cbc-4a76-8faa-fc6f0a58067e%40apereo.org.
Re: [cas-user] Re: (Ask) CAS 5.2 Basic Installation Step by Step
Okay. I will try again and will share the results on this topic. Thank you. 2018-05-23 5:33 GMT+07:00 David Curry <david.cu...@newschool.edu>: > Check the Tomcat log file (catalina.out) for errors. You should see it > starting up the CAS service, etc. Also check the CAS log file. > > > David A. Curry, CISSP > Director of Information Security > The New School - Information Technology > 71 Fifth Ave., 9th Fl. ~ New York, NY 10003 > <https://maps.google.com/?q=71+Fifth+Ave.,+9th+Fl.+~+New+York,+NY+10003=gmail=g> > +1 212 229-5300 x4728 ~ david.cu...@newschool.edu > Sent from my phone; please excuse typos and inane auto-corrections. > > > On Tue, May 22, 2018, 18:28 Fahmi L. Ramdhani <fahmilestianramdhani@gmail. > com> wrote: > >> Hello, >> >> After I tried the guide from https://dacurry-tns.github.io/ >> deploying-apereo-cas, overall setup no problem. My virtual address at >> https://cas.example.org:8443/cas/login >> >> # cd mycas >> # ./mvnw clean package >> # sudo sh ./cassrv-tarball.sh (result is success) >> # sudo sh ./cassrv-install.sh (result is"installation completed") >> >> After that I open my virtual address url https://cas.example.org:8443/ >> cas/login, but not accessible (It seems port is not active). Why does >> tomcat service not run port 8443? Though tomcat service active (green). >> >> Thanks for help >> >> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to cas-user+unsubscr...@apereo.org. >> To view this discussion on the web visit https://groups.google.com/a/ >> apereo.org/d/msgid/cas-user/69dd68d6-5c93-4074-8ebf- >> b2fc1b5f63b4%40apereo.org >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/69dd68d6-5c93-4074-8ebf-b2fc1b5f63b4%40apereo.org?utm_medium=email_source=footer> >> . >> > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cas-user+unsubscr...@apereo.org. > To view this discussion on the web visit https://groups.google.com/a/ > apereo.org/d/msgid/cas-user/CA%2Bd9XAObWo20yTT0jo%2BLAikxOnVq- > boV9wy43zNocv7Vr0Tbwg%40mail.gmail.com > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XAObWo20yTT0jo%2BLAikxOnVq-boV9wy43zNocv7Vr0Tbwg%40mail.gmail.com?utm_medium=email_source=footer> > . > -- *Sentrasoft* www.sentrasoft.com -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CALQ5%3DGftRa-6Mw6PR3k71T%2BzYvJ7Cni46JDjY8wy7b7%2BHok_xg%40mail.gmail.com.
[cas-user] Re: (Ask) CAS 5.2 Basic Installation Step by Step
In addition to the above guides, is there a specific guide for deploying CAS 5.x Ubuntu Server 16.04? -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/457f793c-b2cd-4477-8538-9d9f2c04b30c%40apereo.org.
[cas-user] Re: (Ask) CAS 5.2 Basic Installation Step by Step
Yes, I am currently following the guidelines written by David carefully, so that all components work properly. I will describe here when it is done. Thanks. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/a9f2d747-b138-49e1-a07c-129098aa609b%40apereo.org.
[cas-user] Re: (Ask) CAS 5.2 Basic Installation Step by Step
Yes, I am currently following the guide written by David. I need to be careful that all components work properly. I will describe here when it is done. Thanks. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/df708309-31e0-4fb6-964a-98799a2e2c90%40apereo.org.
[cas-user] Re: Unable to Retrieve CAS User Attributes (CAS 5.3.x)
Hi,
Continued with attribute problems.
*cas.properties*
cas.authn.attributeRepository.jdbc[0].sql = SELECT * FROM user_attributes
WHERE {$
cas.authn.attributeRepository.jdbc[0].healthQuery = SELECT 1
cas.authn.attributeRepository.jdbc[0].driverClass = com.mysql.jdbc.Driver
cas.authn.attributeRepository.jdbc[0].url =
jdbc:mysql://localhost:3306/cas?useUn$
cas.authn.attributeRepository.jdbc[0].user = root
cas.authn.attributeRepository.jdbc[0].password = Taraibak24
cas.authn.attributeRepository.jdbc[0].dialect =
org.hibernate.dialect.MySQLDialect
cas.authn.attributeRepository.jdbc[0].singleRow = false
cas.authn.attributeRepository.jdbc[0].username = email
cas.authn.attributeRepository.jdbc[0].columnMappings.key = value
cas.authn.attributeRepository.attributes.firstname = firstname
cas.authn.attributeRepository.defaultAttributesToRelease = firstname
*Error Log:*
Error creating bean with name 'casBeanValidationPostProcessor' defined in
class path resource [org/apereo/cas/config/CasCoreUtilConfiguration.class]:
BeanPostProcessor before instantiation of bean failed; nested exception is
org.springframework.beans.factory.UnsatisfiedDependencyException: Error
creating bean with name
'org.springframework.transaction.annotation.ProxyTransactionManagementConfiguration':
Unsatisfied dependency expressed through method 'setConfigurers' parameter
0; nested exception is
org.springframework.beans.factory.UnsatisfiedDependencyException: Error
creating bean with name 'casCoreTicketsConfiguration': Unsatisfied
dependency expressed through field 'casProperties'; nested exception is
org.springframework.beans.factory.BeanCreationException: Error creating
bean with name
'cas-org.apereo.cas.configuration.CasConfigurationProperties': Could not
bind properties to CasConfigurationProperties (prefix=cas,
ignoreInvalidFields=false, ignoreUnknownFields=false,
ignoreNestedProperties=false); nested exception is
org.springframework.beans.NotWritablePropertyException: Invalid property
'authn.attributeRepository.attributes[firstname]' of bean class
[org.apereo.cas.configuration.model.core.authentication.AuthenticationProperties]:
Cannot access indexed value in property referenced in indexed property path
'attributes[firstname]'; nested exception is
org.springframework.beans.NotReadablePropertyException: Invalid property
'authn.attributeRepository.attributes[firstname]' of bean class
[org.apereo.cas.configuration.model.core.authentication.AuthenticationProperties]:
Bean property 'authn.attributeRepository.attributes[firstname]' is not
readable or has an invalid getter method: Does the return type of the
getter match the parameter type of the setter?>
2018-10-12 04:07:36,527 ERROR [org.springframework.boot.SpringApplication]
-
I followed the guide from
https://apereo.github.io/2017/02/22/cas51-dbauthn-tutorial/ but it didn't
work. Error as above. Please give me solution. Thank you.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/d3b5c886-2d4e-44b2-9d12-4932e64602ee%40apereo.org.
[cas-user] JDBC User Attributes Table Relation
Hi, I use JDBC as database authentication. I want to retrieve user attributes based on ID (int, not uid login ex: u...@example.com), after logging in with u...@example.com, I hope CAS takes the user id (int). With the following relationships: *users (table)* - id (PK, int) - email - password idemailpassword == *1* o...@example.com ** *2* t...@example.com ** *user_attributes** (table)* - id (PK, int) - user_id (FK, int) - attr_name - attr_value iduser_idattr_nameattr_value == 1 *1* first_name One 2 *1* last_nameExample 3 *2* first_name One 4 *2* last_nameExample How to solve this? Thank you. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/0f66f6e7-fa85-4105-a4ca-db83d907f49d%40apereo.org.
[cas-user] Re: Unable to Retrieve CAS User Attributes (CAS 5.3.x)
my *cas.properties*:
## Database Authentication
##
cas.authn.accept.users=
cas.authn.jdbc.query[0].sql = SELECT * FROM users WHERE email=?
cas.authn.jdbc.query[0].healthQuery = SELECT 1
cas.authn.jdbc.query[0].driverClass = com.mysql.jdbc.Driver
cas.authn.jdbc.query[0].url = jdbc:mysql:
//localhost:3306/casdb?useUnicode=true=true=false=UTC
cas.authn.jdbc.query[0].user = root
cas.authn.jdbc.query[0].password = **
cas.authn.jdbc.query[0].dialect = org.hibernate.dialect.MySQLDialect
cas.authn.jdbc.query[0].fieldPassword = password
cas.authn.jdbc.query[0].passwordEncoder.type = DEFAULT
cas.authn.jdbc.query[0].passwordEncoder.encodingAlgorithm = MD5
cas.authn.jdbc.query[0].passwordEncoder.characterEncoding = UTF-8
cas.authn.attributeRepository.jdbc[0].sql = SELECT * FROM user_attributes
WHERE {0}
cas.authn.attributeRepository.jdbc[0].healthQuery = SELECT 1
cas.authn.attributeRepository.jdbc[0].driverClass = com.mysql.jdbc.Driver
cas.authn.attributeRepository.jdbc[0].url = jdbc:mysql:
//localhost:3306/casdb?useUnicode=true=true=false=UTC
cas.authn.attributeRepository.jdbc[0].user = root
cas.authn.attributeRepository.jdbc[0].password = **
cas.authn.attributeRepository.jdbc[0].dialect = org.hibernate.dialect.
MySQLDialect
cas.authn.attributeRepository.jdbc[0].singleRow = false
cas.authn.attributeRepository.jdbc[0].username = email
cas.authn.attributeRepository.jdbc[0].columnMappings.key=value
cas.authn.attributeRepository.jdbc[0].attributes.firstname=firstname
cas.authn.attributeRepository.defaultAttributesToRelease=firstname
my *pom.xml*
org.apereo.cas
cas-server-support-json-service-registry
${cas.version}
org.apereo.cas
cas-server-support-jdbc
${cas.version}
org.apereo.cas
cas-server-support-jdbc-drivers
${cas.version}
When use Laravel with *phpCAS*
@foreach(cas()->getAttributes() as $attribute)
{{ $attribute }}
@endforeach
HTML Result is:
UsernamePasswordCredential
false
2018-10-12T11:32:35.265+07:00[Asia/Jakarta]
QueryDatabaseAuthenticationHandler
QueryDatabaseAuthenticationHandler
false
Based on the configuration above, the attribute does not display data.
Please give me a solution about this problem. Thank you.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/23a9e25d-849f-4881-b0ca-7cb068743c15%40apereo.org.
[cas-user] Re: Unable to Retrieve CAS User Attributes (CAS 5.3.x)
Thanks dhawes, I have a little trouble about this, even though it should be able to. I configure it according to the documentation about attributes. Below are logs from mod_auth_cas: [Tue Oct 02 05:03:25.025216 2018] [:debug] [pid 21981] mod_auth_cas.c(1753): [client 32.254.11.127:65177] Entering cas_authenticate(), referer: https: //login.domain.com/cas/login?service=https%3a%2f%2fdomain.com%2f%2f [Tue Oct 02 05:03:25.025224 2018] [:debug] [pid 21981] mod_auth_cas.c(1473): [client 32.254.11.127:65177] entering isValidCASCookie(), referer: https: //login.domain.com/cas/login?service=https%3a%2f%2fdomain.com%2f%2f [Tue Oct 02 05:03:25.025229 2018] [:debug] [pid 21981] mod_auth_cas.c(791): [client 32.254.11.127:65177] entering readCASCacheFile(), referer: https: //login.domain.com/cas/login?service=https%3a%2f%2fdomain.com%2f%2f [Tue Oct 02 05:03:25.025328 2018] [:debug] [pid 21981] mod_auth_cas.c(1044): [client 32.254.11.127:65177] entering writeCASCacheEntry(), referer: https: //login.domain.com/cas/login?service=https%3a%2f%2fdomain.com%2f%2f [Tue Oct 02 05:03:25.025484 2018] [authz_core:debug] [pid 21981] mod_authz_core.c(809): [client 32.254.11.127:65177] AH01626: authorization result of Require valid-user : granted, referer: https: //login.domain.com/cas/login?service=https%3a%2f%2fdomain.com%2f%2f [Tue Oct 02 05:03:25.025493 2018] [authz_core:debug] [pid 21981] mod_authz_core.c(809): [client 32.254.11.127:65177] AH01626: authorization result of : granted, referer: https: //login.domain.com/cas/login?service=https%3a%2f%2fdomain.com%2f%2f [Tue Oct 02 05:03:25.02 2018] [authz_core:debug] [pid 21981] mod_authz_core.c(809): [client 32.254.11.127:65177] AH01626: authorization result of Require valid-user : denied (no authenticated user yet), referer: https://login.domain.com/cas/login?service=https%3a%2f%2fdomain.com%2f%2f [Tue Oct 02 05:03:25.025563 2018] [authz_core:debug] [pid 21981] mod_authz_core.c(809): [client 32.254.11.127:65177] AH01626: authorization result of : denied (no authenticated user yet), referer: https: //login.domain.com/cas/login?service=https%3a%2f%2fdomain.com%2f%2f [Tue Oct 02 05:03:25.025590 2018] [:debug] [pid 21981] mod_auth_cas.c(1753): [client 32.254.11.127:65177] Entering cas_authenticate(), referer: https: //login.domain.com/cas/login?service=https%3a%2f%2fdomain.com%2f%2f [Tue Oct 02 05:03:25.025597 2018] [:debug] [pid 21981] mod_auth_cas.c(1852): [client 32.254.11.127:65177] recycling user 'u...@domain.com' from initial request for sub request, referer: https: //login.domain.com/cas/login?service=https%3a%2f%2fdomain.com%2f%2f [Tue Oct 02 05:03:25.025603 2018] [authz_core:debug] [pid 21981] mod_authz_core.c(809): [client 32.254.11.127:65177] AH01626: authorization result of Require valid-user : granted, referer: https: //login.domain.com/cas/login?service=https%3a%2f%2fdomain.com%2f%2f [Tue Oct 02 05:03:25.025607 2018] [authz_core:debug] [pid 21981] mod_authz_core.c(809): [client 32.254.11.127:65177] AH01626: authorization result of : granted, referer: https: //login.domain.com/cas/login?service=https%3a%2f%2fdomain.com%2f%2f [Tue Oct 02 05:03:25.025646 2018] [authz_core:debug] [pid 21981] mod_authz_core.c(809): [client 32.254.11.127:65177] AH01626: authorization result of Require valid-user : denied (no authenticated user yet), referer: https://login.domain.com/cas/login?service=https%3a%2f%2fdomain.com%2f%2f [Tue Oct 02 05:03:25.025653 2018] [authz_core:debug] [pid 21981] mod_authz_core.c(809): [client 32.254.11.127:65177] AH01626: authorization result of : denied (no authenticated user yet), referer: https: //login.domain.com/cas/login?service=https%3a%2f%2fdomain.com%2f%2f [Tue Oct 02 05:03:25.025658 2018] [:debug] [pid 21981] mod_auth_cas.c(1753): [client 32.254.11.127:65177] Entering cas_authenticate(), referer: https: //login.domain.com/cas/login?service=https%3a%2f%2fdomain.com%2f%2f [Tue Oct 02 05:03:25.025663 2018] [:debug] [pid 21981] mod_auth_cas.c(1852): [client 32.254.11.127:65177] recycling user 'u...@domain.com' from initial request for sub request, referer: https: //login.domain.com/cas/login?service=https%3a%2f%2fdomain.com%2f%2f [Tue Oct 02 05:03:25.025668 2018] [authz_core:debug] [pid 21981] mod_authz_core.c(809): [client 32.254.11.127:65177] AH01626: authorization result of Require valid-user : granted, referer: https: //login.domain.com/cas/login?service=https%3a%2f%2fdomain.com%2f%2f [Tue Oct 02 05:03:25.025673 2018] [authz_core:debug] [pid 21981] mod_authz_core.c(809): [client 32.254.11.127:65177] AH01626: authorization result of : granted, referer: https: //login.domain.com/cas/login?service=https%3a%2f%2fdomain.com%2f%2f [Tue Oct 02 05:03:25.025700 2018] [authz_core:debug] [pid 21981] mod_authz_core.c(809): [client 32.254.11.127:65177] AH01626: authorization result of Require valid-user : denied (no authenticated user yet), referer: https://login.domain.com/cas/login?service=https%3a%2f%2fdomain.com%2f%2f
[cas-user] Re: Unable to Retrieve CAS User Attributes (CAS 5.3.x)
I use the mysql database. The point is that the attributes in the database are displayed. Or do I have to use SAML? -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/ed6951df-a75d-4887-b3dc-c82b770265b3%40apereo.org.
[cas-user] Unable to Retrieve CAS User Attributes (CAS 5.3.x)
Hi,
I'am unable to retrieves CAS User Attributes using mod_auth_cas. Below is
my configuration:
*100-domain.com.conf*
ServerName domain.com
ServerAlias www.domain.com
ServerAdmin ad...@domain.com
DocumentRoot /home/user/www/sites/domain.com
CASAuthNHeader On
AuthType CAS
# Options Indexes FollowSymLinks
# AllowOverride All
# Require all granted
Require valid-user
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLCertificateFile /etc/letsencrypt/live/domain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/domain.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
CASLoginUrl https://login.domain.com/cas/login
CASValidateUrlhttps://login.domain.com/cas/serviceValidate
CASValidateServer off
CASCookiePath /var/cache/apache2/mod_auth_cas/
CASSSOEnabled On
CASDebug Off
And this is my *cas.properties*:
## ATTRIBUTES
cas.authn.attributeRepository.jdbc[0].sql = SELECT * FROM user_attributes
WHERE {0}
cas.authn.attributeRepository.jdbc[0].healthQuery = SELECT 1
cas.authn.attributeRepository.jdbc[0].driverClass = com.mysql.jdbc.Driver
cas.authn.attributeRepository.jdbc[0].url = jdbc:mysql://localhost:3306/cas
cas.authn.attributeRepository.jdbc[0].user = root
cas.authn.attributeRepository.jdbc[0].password = xxx
cas.authn.attributeRepository.jdbc[0].dialect = org.hibernate.dialect.
MySQLDialect
cas.authn.attributeRepository.jdbc[0].singleRow = false
cas.authn.attributeRepository.jdbc[0].username = email
cas.authn.attributeRepository.jdbc[0].columnMappings.key = value
cas.authn.attributeRepository.defaultAttributesToRelease=first_name,
last_name,company_name
Loging has successfuly but HTML output is:
Secured Content
This is some secure content. You should not be able to see it until you
have entered your username and password.
Attributes Returned by CAS
REMOTE_USER = u...@domain.com
HostConnectionCache-ControlUpgrade-Insecure-RequestsUser-AgentAcceptRefererAccept-EncodingAccept-LanguageCookieOn
Attributes not showing. Does anyone have a solution to this problem? Thanks.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/f3b5da87-1254-4155-998c-ad868cca%40apereo.org.
[cas-user] Re: Unauthorized After Login
*/var/log/apache2/error.log*
[Sun Sep 23 06:19:08.233925 2018] [mpm_prefork:notice] [pid 10058] AH00163:
Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g configured -- resuming normal
operations
[Sun Sep 23 06:19:08.233996 2018] [core:notice] [pid 10058] AH00094: Command
line: '/usr/sbin/apache2'
[Sun Sep 23 06:38:04.951561 2018] [mpm_prefork:notice] [pid 10058] AH00169:
caught SIGTERM, shutting down
[Sun Sep 23 06:38:05.901907 2018] [mpm_prefork:notice] [pid 10929] AH00163:
Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g configured -- resuming normal
operations
[Sun Sep 23 06:38:05.901987 2018] [core:notice] [pid 10929] AH00094: Command
line: '/usr/sbin/apache2'
[Sun Sep 23 06:39:44.189688 2018] [mpm_prefork:notice] [pid 10929] AH00169:
caught SIGTERM, shutting down
[Sun Sep 23 06:39:45.322707 2018] [mpm_prefork:notice] [pid 11082] AH00163:
Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g configured -- resuming normal
operations
[Sun Sep 23 06:39:45.322779 2018] [core:notice] [pid 11082] AH00094: Command
line: '/usr/sbin/apache2'
[Sun Sep 23 16:12:04.527041 2018] [mpm_prefork:notice] [pid 11082] AH00169:
caught SIGTERM, shutting down
[Sun Sep 23 16:12:05.522623 2018] [mpm_prefork:notice] [pid 14519] AH00163:
Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g configured -- resuming normal
operations
[Sun Sep 23 16:12:05.522717 2018] [core:notice] [pid 14519] AH00094: Command
line: '/usr/sbin/apache2'
[Sun Sep 23 16:16:25.455612 2018] [mpm_prefork:notice] [pid 14519] AH00171:
Graceful restart requested, doing restart
[Sun Sep 23 16:16:25.561815 2018] [mpm_prefork:notice] [pid 14519] AH00163:
Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g configured -- resuming normal
operations
[Sun Sep 23 16:16:25.561830 2018] [core:notice] [pid 14519] AH00094: Command
line: '/usr/sbin/apache2'
[Sun Sep 23 16:16:28.182116 2018] [mpm_prefork:notice] [pid 14519] AH00169:
caught SIGTERM, shutting down
[Sun Sep 23 16:16:29.316901 2018] [mpm_prefork:notice] [pid 14633] AH00163:
Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g configured -- resuming normal
operations
[Sun Sep 23 16:16:29.316968 2018] [core:notice] [pid 14633] AH00094: Command
line: '/usr/sbin/apache2'
[Sun Sep 23 16:25:26.228347 2018] [mpm_prefork:notice] [pid 14633] AH00169:
caught SIGTERM, shutting down
[Sun Sep 23 16:25:27.365960 2018] [mpm_prefork:notice] [pid 14718] AH00163:
Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g configured -- resuming normal
operations
[Sun Sep 23 16:25:27.366032 2018] [core:notice] [pid 14718] AH00094: Command
line: '/usr/sbin/apache2'
[Sun Sep 23 16:25:42.492144 2018] [mpm_prefork:notice] [pid 14718] AH00169:
caught SIGTERM, shutting down
[Sun Sep 23 16:25:54.046819 2018] [mpm_prefork:notice] [pid 1528] AH00163:
Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g configured -- resuming normal
operations
[Sun Sep 23 16:25:54.047599 2018] [core:notice] [pid 1528] AH00094: Command
line: '/usr/sbin/apache2'
*/var/log/cas/cas-2018-09-24-03-1.log*
I don't understand, why is there a log /wp-content/uploads/alternative.jpg.
Even though the content of the website is only index.php.
=
WHO: audit:unknown
WHAT: [event=success,timestamp=Mon Sep 24 03:56:34 UTC 2018,source=
RankedAuthenticationProviderWebflowEventResolver]
ACTION: AUTHENTICATION_EVENT_TRIGGERED
APPLICATION: CAS
WHEN: Mon Sep 24 03:56:34 UTC 2018
CLIENT IP ADDRESS: 115.79.6.253
SERVER IP ADDRESS: 159.65.11.13
=
>
2018-09-24 03:56:34,032 WARN [org.apereo.cas.web.flow.
ServiceAuthorizationCheck] - http://cas.domain.com/wp-content/uploads/alternative.jpg] is not found in
service registry.>
2018-09-24 03:56:34,035 WARN [org.apereo.cas.services.web.
RegisteredServiceThemeResolver] - http://cas.domain.com/wp-content/uploads/alternative.jpg,
originalUrl=http://cas.domain.com/wp-content/uploads/alternative.jpg,
artifactId=null, principal=null, source=service, loggedOutAlready=false,
format=XML, attributes={})] or access is denied. Using default theme
[cas-theme-default]>
2018-09-24 03:56:34,103 WARN [org.apereo.cas.services.web.
RegisteredServiceThemeResolver] - http://cas.domain.com/wp-content/uploads/alternative.jpg,
originalUrl=http://cas.domain.com/wp-content/uploads/alternative.jpg,
artifactId=null, principal=null, source=service, loggedOutAlready=false,
format=XML, attributes={})] or access is denied. Using default theme
[cas-theme-default]>
2018-09-24 03:57:11,895 WARN [org.apereo.cas.services.resource.
BaseResourceBasedRegisteredServiceWatcher] -
2018-09-24 03:58:11,896 WARN [org.apereo.cas.services.resource.
BaseResourceBasedRegisteredServiceWatcher] -
2018-09-24 03:59:11,898 WARN [org.apereo.cas.services.resource.
BaseResourceBasedRegisteredServiceWatcher] -
Please help me on this issue. Thank you.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this
[cas-user] Re: Unauthorized After Login
*/var/log/apache2/error.log*
[Sun Sep 23 06:19:08.233925 2018] [mpm_prefork:notice] [pid 10058] AH00163:
Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g configured -- resuming normal
operations
[Sun Sep 23 06:19:08.233996 2018] [core:notice] [pid 10058] AH00094: Command
line: '/usr/sbin/apache2'
[Sun Sep 23 06:38:04.951561 2018] [mpm_prefork:notice] [pid 10058] AH00169:
caught SIGTERM, shutting down
[Sun Sep 23 06:38:05.901907 2018] [mpm_prefork:notice] [pid 10929] AH00163:
Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g configured -- resuming normal
operations
[Sun Sep 23 06:38:05.901987 2018] [core:notice] [pid 10929] AH00094: Command
line: '/usr/sbin/apache2'
[Sun Sep 23 06:39:44.189688 2018] [mpm_prefork:notice] [pid 10929] AH00169:
caught SIGTERM, shutting down
[Sun Sep 23 06:39:45.322707 2018] [mpm_prefork:notice] [pid 11082] AH00163:
Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g configured -- resuming normal
operations
[Sun Sep 23 06:39:45.322779 2018] [core:notice] [pid 11082] AH00094: Command
line: '/usr/sbin/apache2'
[Sun Sep 23 16:12:04.527041 2018] [mpm_prefork:notice] [pid 11082] AH00169:
caught SIGTERM, shutting down
[Sun Sep 23 16:12:05.522623 2018] [mpm_prefork:notice] [pid 14519] AH00163:
Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g configured -- resuming normal
operations
[Sun Sep 23 16:12:05.522717 2018] [core:notice] [pid 14519] AH00094: Command
line: '/usr/sbin/apache2'
[Sun Sep 23 16:16:25.455612 2018] [mpm_prefork:notice] [pid 14519] AH00171:
Graceful restart requested, doing restart
[Sun Sep 23 16:16:25.561815 2018] [mpm_prefork:notice] [pid 14519] AH00163:
Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g configured -- resuming normal
operations
[Sun Sep 23 16:16:25.561830 2018] [core:notice] [pid 14519] AH00094: Command
line: '/usr/sbin/apache2'
[Sun Sep 23 16:16:28.182116 2018] [mpm_prefork:notice] [pid 14519] AH00169:
caught SIGTERM, shutting down
[Sun Sep 23 16:16:29.316901 2018] [mpm_prefork:notice] [pid 14633] AH00163:
Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g configured -- resuming normal
operations
[Sun Sep 23 16:16:29.316968 2018] [core:notice] [pid 14633] AH00094: Command
line: '/usr/sbin/apache2'
[Sun Sep 23 16:25:26.228347 2018] [mpm_prefork:notice] [pid 14633] AH00169:
caught SIGTERM, shutting down
[Sun Sep 23 16:25:27.365960 2018] [mpm_prefork:notice] [pid 14718] AH00163:
Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g configured -- resuming normal
operations
[Sun Sep 23 16:25:27.366032 2018] [core:notice] [pid 14718] AH00094: Command
line: '/usr/sbin/apache2'
[Sun Sep 23 16:25:42.492144 2018] [mpm_prefork:notice] [pid 14718] AH00169:
caught SIGTERM, shutting down
[Sun Sep 23 16:25:54.046819 2018] [mpm_prefork:notice] [pid 1528] AH00163:
Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g configured -- resuming normal
operations
[Sun Sep 23 16:25:54.047599 2018] [core:notice] [pid 1528] AH00094: Command
line: '/usr/sbin/apache2'
*/var/log/cas/cas-2018-09-24-03-1.log*
I don't understand, why is there a log /wp-content/uploads/alternative.jpg.
Even though the content of the website is only index.php.
=
WHO: audit:unknown
WHAT: [event=success,timestamp=Mon Sep 24 03:56:34 UTC 2018,source=
RankedAuthenticationProviderWebflowEventResolver]
ACTION: AUTHENTICATION_EVENT_TRIGGERED
APPLICATION: CAS
WHEN: Mon Sep 24 03:56:34 UTC 2018
CLIENT IP ADDRESS: 115.79.6.253
SERVER IP ADDRESS: 159.65.11.13
=
>
2018-09-24 03:56:34,032 WARN [org.apereo.cas.web.flow.
ServiceAuthorizationCheck] - http://cas.sentrasoft.com/wp-content/uploads/alternative.jpg] is not found
in service registry.>
2018-09-24 03:56:34,035 WARN [org.apereo.cas.services.web.
RegisteredServiceThemeResolver] - http://cas.sentrasoft.com/wp-content/uploads/alternative.jpg,
originalUrl=http://cas.sentrasoft.com/wp-content/uploads/alternative.jpg,
artifactId=null, principal=null, source=service, loggedOutAlready=false,
format=XML, attributes={})] or access is denied. Using default theme
[cas-theme-default]>
2018-09-24 03:56:34,103 WARN [org.apereo.cas.services.web.
RegisteredServiceThemeResolver] - http://cas.sentrasoft.com/wp-content/uploads/alternative.jpg,
originalUrl=http://cas.sentrasoft.com/wp-content/uploads/alternative.jpg,
artifactId=null, principal=null, source=service, loggedOutAlready=false,
format=XML, attributes={})] or access is denied. Using default theme
[cas-theme-default]>
2018-09-24 03:57:11,895 WARN [org.apereo.cas.services.resource.
BaseResourceBasedRegisteredServiceWatcher] -
2018-09-24 03:58:11,896 WARN [org.apereo.cas.services.resource.
BaseResourceBasedRegisteredServiceWatcher] -
2018-09-24 03:59:11,898 WARN [org.apereo.cas.services.resource.
BaseResourceBasedRegisteredServiceWatcher] -
Please help me on this issue. Thank you.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
[cas-user] Re: Unauthorized After Login
I don't know why wp-content is loaded, even though the web content is only
index.php. There is no link that points to the wp-content.
The following is apache web settings:
ServerName cas.domain.com
ServerAdmin ad...@domain.com
AuthType CAS
# Options Indexes FollowSymLinks
# AllowOverride All
# Require all granted
Require valid-user
CASLoginUrl https://cas.domain.com:8443/cas/login
CASValidateUrl
https://cas.domain.com:8443/cas/serviceValidate
CASCookiePath /var/cache/apache2/mod_auth_cas/
CASCertificatePath/etc/pki/tls/certs/cas.crt
CASSSOEnabled On
CASDebug On
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLCertificateFile /etc/pki/tls/certs/cas.crt
SSLCertificateKeyFile /etc/pki/tls/private/cas.key
The main problem with this topic is *error Unauthorized* content after
logging in using the static user: *casuser*, *Mellon*. Can anyone help
Unauthorized problems?
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/c4317599-bf00-45b3-9f81-86160dd487ea%40apereo.org.
Re: [cas-user] Re: Unauthorized After Login
I don't know why wp-content is loaded, even though the web content is only
index.php. There is no link that points to the wp-content.
The following is apache web settings:
ServerName cas.domain.com
ServerAdmin ad...@domain.com
AuthType CAS
# Options Indexes FollowSymLinks
# AllowOverride All
# Require all granted
Require valid-user
CASLoginUrl https://cas.domain.com:8443/cas/login
CASValidateUrl
https://cas.domain.com:8443/cas/serviceValidate
CASCookiePath /var/cache/apache2/mod_auth_cas/
CASCertificatePath/etc/pki/tls/certs/cas.crt
CASSSOEnabled On
CASDebug On
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLCertificateFile /etc/pki/tls/certs/cas.crt
SSLCertificateKeyFile /etc/pki/tls/private/cas.key
The main problem with this topic is *error Unauthorized* content after
logging in using the static user: *casuser*, *Mellon*. Can anyone help
Unauthorized problems?
Pada Senin, 24 September 2018 12.40.24 UTC+7, Ramakrishna G menulis:
>
> Fahmi,
>
> I your *HTTPSandIMAPSwildcard-1503925297.json *you have specified https
> and trying to validate http. "http://
> cas.domain.com/wp-content/uploads/alternative.jpg"
>
> You can ignore js, css and images service validation by doing this in your
> ssl.conf
>
> "^/sso(/images/.*|/js/.*|/css/.*|/files/.*|/fonts/.*|/html/.*|/webjars/.*)*$">
> Require all granted
> ProxyPass http://localhost/sso/$1/
> ProxyPassReverse http://localhost/sso/$1/
>
>
> Thanks
> Ramakrishna G
> +91 8792114542
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/f95c0586-c1ec-477f-b1e6-cdb87e01ef95%40apereo.org.
[cas-user] Re: Unauthorized After Login
It's disguised. Please try the actual url. Server: https://cas.sentrasoft.com:8443/cas/login Client: https://cas.sentrasoft.com/index.php Please help me if anyone can provide a solution. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/5f1b2a56-ff22-450f-8ca8-ebcaede076b3%40apereo.org.
[cas-user] Re: How to Remove Port: https://login.domain.com:8443/cas to https://login.domain.com
Thanks Curtis, the problem is resolved in the site configuration (nginx). -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/0c1b9b0c-3876-4239-9278-1448842dcaa8%40apereo.org.
[cas-user] Applying Custom Theme CAS 5.3.x
Hi, I tried to customize the display based on the guidelines from https://apereo.github.io/cas/5.3.x/installation/Configuration-Properties.html#views with the theme "*skeleton*" name stored in: *(workspace)* /opt/cas/workspace/cas-overlay-template etc/cas/config/skeleton_in_ID.properties -> Copy files from messages.properties but still error. etc/cas/config/skeleton.properties -> cas.standard.css.file=/themes/skeleton /css/cas.css ... etc *directory structures:* etc/cas/templates/skeleton/casViewLogin.html ... etc etc/cas/static/themes/skeleton/css etc/cas/static/themes/skeleton/js But after rebuilding and try new theme, there is an error message: 2018-09-26 20:33:29,502 WARN [org.springframework.context.support. ResourceBundleMessageSource] - 2018-09-26 20:33:29,848 WARN [org.springframework.context.support.ResourceBundleMessageSource] - Can some one help me on this issue? Thanks. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/4e4bef16-c25d-47d6-99cf-34f57ef15525%40apereo.org.
[cas-user] Re: Applying Custom Theme CAS 5.3.x
In etc/cas/config/cas.properties: cas.theme.paramName: theme cas.theme.defaultThemeName: skeleton spring.thymeleaf.cache=false cas.view.templatePrefixes[0]: file:///etc/cas/templates cas.messageBundle.baseNames=classpath:/skeleton_in_ID.properties,classpath: messages Help me on this issue. Thanks. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/a649ebd7-9a9a-4986-9695-9d17b6e14912%40apereo.org.
[cas-user] How to Remove Port: https://login.domain.com:8443/cas to https://login.domain.com
Hello, how to remove ports (to 443) while i use NGINX too. I want to like
*https://login.domain.com/*. Following cas configuration:
*etc/cas/config/cas.properties:*
cas.server.name: https://login.domain.com:8443
cas.server.prefix: ${cas.server.name}/cas
*nginx/sites-available/login.domain.com*
server {
listen [::]:443 ssl ipv6only=on;
listen 443 ssl;
server_name login.domain.com;
root /var/www/login.domain.com;
charset utf-8;
location / {
proxy_pass ???
}
ssl_certificate .;
ssl_certificate_key ;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}
Please help me to complete the configuration at cas.properties or nginx.
Thank you.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/ed074a70-3d26-4146-9954-9fb414405f7f%40apereo.org.
[cas-user] Re: Unauthorized After Login
Hi all, It is resolved. casuser# mkdir /opt/tomcat/keystore casuser# openssl pkcs12 -export -in /etc/letsencrypt/live/cas.domain.com/fullchain.pem -inkey /etc/letsencrypt/live/cas.domain.com/privkey.pem -out /opt/tomcat/keystore/cas.domain.com.p12 -password pass:changeit casuser# keytool -importkeystore -srckeystore /opt/tomcat/keystore/cas.sentrasoft.com.p12 -srcstoretype pkcs12 -srcstorepass changeit -destkeystore /opt/tomcat/keystore/cas.sentrasoft.com.keystore -deststoretype jks -deststorepass changeit *In /opt/tomcat/conf/server.xml *use this: Thank you all. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/fe339f3d-a455-459e-9d38-0e04129b15ab%40apereo.org.
Re: [cas-user] Unauthorized After Login
Thank you for the reply. There seems to be no influence after I try it. I creating a certificate from openssl then signed by Let's Encrypt. I took several steps to convert the certificate to * .jks (keystore.jks). I tried the above solution by adding *CASCertificatePath* to the */etc/apache2/mods-enabled/auth_cas.conf* configuration, the result remains the same (Unauthorized). Are there suggestions for the my configuration? Or does CAS not support the Let's Encrypt certificate? -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/6b8ed85b-2f8f-48bc-a9c2-474e1195c082%40apereo.org.
[cas-user] Re: Unauthorized After Login
I forgot to tell. I am logged in using the static cas user that is user: *casuser* and password: *Mellon*. Is there a problem from that? -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/8ef9424d-c357-4654-b9ec-0f5fc3dd9c68%40apereo.org.
[cas-user] Unauthorized After Login
Hello, all. I tried to build CAS server based on the guidelines from
https://dacurry-tns.github.io/deploying-apereo-cas. In the trial phase my
client application gets a problem:
> *Unauthorized*This server could not verify that you are authorized to
> access the document requested. Either you supplied the wrong credentials
> (e.g., bad password), or your browser doesn't understand how to supply the
> credentials required.
This problem appears after logging in. The following configuration of the
cas:
*etc/cas/config/cas.properties*
cas.server.name: https://cas.domain.com:8443
cas.server.prefix: https://cas.domain.com:8443/cas
cas.adminPagesSecurity.ip=127\.0\.0\.1
cas.tgc.secure: true
cas.tgc.crypto.signing.key:
cas.tgc.crypto.encryption.key:
cas.webflow.crypto.signing.key: x
cas.webflow.crypto.encryption.key: xx
cas.serviceRegistry.initFromJson: true
cas.serviceRegistry.json.location: file:/etc/cas/services
logging.config: file:/etc/cas/config/log4j2.xml
*etc/cas/services/**HTTPSandIMAPSwildcard-1503925297.json*
{
/*
* Wildcard service definition that applies to any https or imaps url.
* Do not use this definition in a production environment.
*/
"@class" :"org.apereo.cas.services.RegexRegisteredService",
"serviceId" : "^(https|imaps)://.*",
"name" : "HTTPS and IMAPS wildcard",
"id" :1503925297,
"evaluationOrder" : 9
}
*apache site virtualhost configuration*
ServerName cas.domain.com
ServerAdmin ad...@domain.com
AuthType CAS
Require valid-user
CASLoginUrl https://cas.domain.com:8443/cas/login
CASValidateUrlhttps://cas.domain
.com:8443/cas/serviceValidate
CASCookiePath /var/cache/apache2/mod_auth_cas/
CASSSOEnabled On
CASDebug Off
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLCertificateFile /etc/pki/tls/certs/cas.crt
SSLCertificateKeyFile /etc/pki/tls/private/cas.key
How to solve this problem? I hope anyone can provide a detailed solution
about this. Thank you.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/b7cf7903-1f56-40e0-b177-d2bd67ee1eb8%40apereo.org.
[cas-user] Re: Applying Custom Theme CAS 5.3.x
This customization is based on the link https://groups.google.com/a/apereo.org/forum/#!searchin/cas-user/themes/cas-user/k-yfoou7Zy0/BXry1PxgFAAJ. The directory structure is the same as the example you provided. But after rebuilding and try new theme, there is an error message: 2018-09-26 20:33:29,502 WARN [org.springframework.context.support. ResourceBundleMessageSource] - 2018-09-26 20:33:29,848 WARN [org.springframework.context.support.ResourceBundleMessageSource] - Can you help provide a solution to this problem? Thanks. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/2e24a32d-cf89-4c52-bd24-ca169377ff24%40apereo.org.
[cas-user] Re: Applying Custom Theme CAS 5.3.x
Thanks Doug and all. My files and directories structure is:
*/opt/workspace/cas-overlay*
- build.cmd
- build.sh
- *[etc]*
- [cas]
- [config]
- cas.properties
- log42j.xml
- *skeleton_in_ID.properties*
- *skeleton.properties*
- [services]
- HttpsAndImapsWildcard-x.json
- [static]
- [themes]
- *[skeleton]*
- [css]
- [js]
- [templates]
- *[skeleton]*
- *casLoginView.html*
- LICENSE.txt
- [maven]
- mvnw
- mvnw.bat
- pom.xml
- README.md
- [target]
Based on the structure above, *where is src/main/resources/* located? and
bellow my cas.properties configuration:
cas.server.name: https://login.domain.com:8443
cas.server.prefix: ${cas.server.name}/cas
cas.adminPagesSecurity.ip=127\.0\.0\.1
cas.tgc.secure: true
cas.tgc.crypto.signing.key:
cas.tgc.crypto.encryption.key:
cas.webflow.crypto.signing.key: xx
cas.webflow.crypto.encryption.key: xx==
cas.serviceRegistry.json.location: file:/etc/cas/services
cas.theme.paramName: theme
cas.theme.defaultThemeName: skeleton
spring.thymeleaf.cache: false
cas.view.templatePrefixes[0]: file:///etc/cas/templates
cas.messageBundle.baseNames: classpath:skeleton,classpath:messages
logging.config: file:/etc/cas/config/log4j2.xml
Please provide me solution. Thank you all.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/8aaf1c4f-932e-4fe8-b5ba-6e82fde99c5c%40apereo.org.
[cas-user] Re: Applying Custom Theme CAS 5.3.x
Thank you David. The problem is solved by *creating the src/main/resources* directory and *moving the template files*. Thank you very much to all. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/130a72ec-9771-42b4-a084-0faced8b2c51%40apereo.org.
[cas-user] Re: CAS Management Services JPA Registry (Success, but Unable to Save to MySQL Database)
Sorry, i am forget attachment. Strange, I added a service in service management, saved. But there is no database. But in service management appear. Where is the new service stored? -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/ce343483-e4ab-4bb6-93f3-245d716b2bcd%40apereo.org.
Re: [cas-user] Re: CAS Management Services JPA Registry (Success, but Unable to Save to MySQL Database)
Hello Ray, thank for your reply. I changed the configuration: - Adding cas.jdbc.showSql=true to cas.properties and management.properties - Adding healthQuery to cas.properties and management.properties - Change ddlAuto to update - Rebuilding project cas and management Log showing (*cas.log*) 2019-03-20 22:51:33,260 INFO [org.apereo.cas.services.AbstractServicesManager] - 2019-03-20 22:51:43,276 DEBUG [org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - 2019-03-20 22:51:43,314 DEBUG [org.apereo.cas.ticket.registry.support.JpaLockingStrategy] - 2019-03-20 22:51:43,364 DEBUG [org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - 2019-03-20 22:51:43,378 DEBUG [org.apereo.cas.ticket.DefaultTicketCatalog] - 1. Adding 2 initial service registry using MySQL Workbench 2. I am login successfully to Services Management (screen shoot in attachment). 3. I am try to add an service registry, then save it. 4. Successfully added an service registry, but it is not stored in the database. 5. The table still displays 2 rows (not 3 rows, 1 added in service management) Log show (*cas-management.log*, not showing SQL QUERIES) = WHO: superadmin WHAT: AbstractRegisteredService(serviceId=^https:\/\/portal. example.com(\\z|\/.*), name=Asia, theme=null, informationU... ACTION: SAVE_SERVICE_SUCCESS APPLICATION: CAS_Management WHEN: Wed Mar 20 23:03:24 EDT 2019 CLIENT IP ADDRESS: 103.xxx.1x8.xxx SERVER IP ADDRESS: 172.16.2.53 = 2019-03-20 23:04:04,149 ERROR [org.apereo.cas.mgmt.GitUtil] - Git repository not found/initialized at [/etc/cas/services-repo/.git] 2019-03-20 23:04:04,149 ERROR [org.apereo.cas.mgmt.services.web. ServiceRepositoryController] - repository not found: /etc/cas/services-repo /.git java.lang.RuntimeException: repository not found: /etc/cas/services-repo/. git at org.apereo.cas.mgmt.GitUtil.initializeGitRepository(GitUtil.java:1225) ~[ cas-management-webapp-support-5.3.6.jar:5.3.6] at org.apereo.cas.mgmt.GitUtil.(GitUtil.java:100) ~[cas-management- webapp-support-5.3.6.jar:5.3.6] at org.apereo.cas.mgmt.services.web.factory.RepositoryFactory.buildGitUtil( RepositoryFactory.java:81) ~[cas-management-webapp-support-5.3.6.jar:5.3.6] at org.apereo.cas.mgmt.services.web.factory.RepositoryFactory. masterRepository(RepositoryFactory.java:70) ~[cas-management-webapp-support- 5.3.6.jar:5.3.6] at org.apereo.cas.mgmt.services.web.factory.RepositoryFactory.from( RepositoryFactory.java:53) ~[cas-management-webapp-support-5.3.6.jar:5.3.6] at org.apereo.cas.mgmt.services.web.factory.RepositoryFactory.from( RepositoryFactory.java:40) ~[cas-management-webapp-support-5.3.6.jar:5.3.6] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_191 ] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java :62) ~[?:1.8.0_191] at sun.reflect.DelegatingMethodAccessorImpl.invoke( DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_191] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_191] at org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils. java:216) ~[spring-core-4.3.17.RELEASE.jar:4.3.17.RELEASE] at org.springframework.cloud.context.scope. GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:470) ~[ spring-cloud-context-1.3.0.RELEASE.jar:1.3.0.RELEASE] at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed( ReflectiveMethodInvocation.java:179) ~[spring-aop-4.3.18.RELEASE.jar:4.3. 18.RELEASE] at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor .intercept(CglibAopProxy.java:671) ~[spring-aop-4.3.18.RELEASE.jar:4.3. 18.RELEASE] at org.apereo.cas.mgmt.services.web.factory. RepositoryFactory$$EnhancerBySpringCGLIB$$892cee48.from() ~[cas- management-webapp-support-5.3.6.jar:5.3.6] at org.apereo.cas.mgmt.services.web.ServiceRepositoryController.gitStatus( ServiceRepositoryController.java:322) [cas-management-webapp-support-5.3. 6.jar:5.3.6] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_191 ] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java :62) ~[?:1.8.0_191] at sun.reflect.DelegatingMethodAccessorImpl.invoke( DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_191] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_191] at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke( InvocableHandlerMethod.java:205) [spring-web-4.3.18.RELEASE.jar:4.3. 18.RELEASE] at org.springframework.web.method.support.InvocableHandlerMethod. invokeForRequest(InvocableHandlerMethod.java:133) [spring-web-4.3.18.RELEASE .jar:4.3.18.RELEASE] at org.springframework.web.servlet.mvc.method.annotation. ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod. java:97) [spring-webmvc-4.3.17.RELEASE.jar:4.3.17.RELEASE] at org.springframework.web.servlet.mvc.method.annotation.
[cas-user] Re: How to Remove Port 8443 when login to CAS Service Managament
Can anyone help?
Pada Jumat, 22 Maret 2019 15.53.55 UTC+7, Fahmi L. Ramdhani menulis:
>
> Hello,
>
> I am try to visit CAS Service Management in
> https://sso.example.com/cas-management. Site redirected to
> https://sso.example.com/cas/login?service=*https://sso.example.com:8443
> <https://sso.example.com:8443>*/cas-management/manage.html for
> authenticate with CAS Server. Why does Service management direct URLs with
> Port 8443? How to remove the port when user visit
> https://sso.example.com/cas-management?
>
> *management.properties* configuration is
>
> cas.server.name = https://sso.example.com
> cas.server.prefix = ${cas.server.name}/cas
>
>
> mgmt.adminRoles[0] = ROLE_ADMIN
> mgmt.userPropertiesFile = file:/etc/cas/config/admusers-management.
> properties
> mgmt.serverName = https://sso.example.com
>
>
> Thank you
> Fahmi
>
>
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/de6a26aa-6f95-4b54-b9ed-25f27b649931%40apereo.org.
[cas-user] CAS Management - Collection of Attributes in Attribute Release Policy
Hello, How to configure the attribute list in the Attribute Release Policy (Return Allowed) in CAS Management? There only displays *uid, eppn *and *givenName*. While the attributes available in the database are *uid, email, username, nip, phone *and others. I want to display the array list based on the available attributes. Thank you. Fahmi -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/7575817d-2e4a-43dd-84f9-e051f17a8f73%40apereo.org.
Re: [cas-user] CAS Management - Collection of Attributes in Attribute Release Policy
Can the configuration be dynamic? The example in the settings has several attributes (Multi Row attribute resolution), I hope CAS Management can take attributes based on existing attributes (attribute key). Can it be like that? Thank you David Sent from my iPhone > On 5 Apr 2019, at 18.45, David Curry wrote: > > For CAS 5.2.x, you configure the "stub" attribute repository with all the > attribute names you want the management app to be able to work with (add > these to the management.properties file, not cas.properties): > > cas.authn.attributeRepository.stub.attributes.UDC_IDENTIFIER: UDC_IDENTIFIER > cas.authn.attributeRepository.stub.attributes.cn: cn > cas.authn.attributeRepository.stub.attributes.displayName: displayName > cas.authn.attributeRepository.stub.attributes.givenName:givenName > cas.authn.attributeRepository.stub.attributes.mail: mail > cas.authn.attributeRepository.stub.attributes.sn: sn > cas.authn.attributeRepository.stub.attributes.uid: uid > > I assume that's still the case with CAS 5.3.x and CAS 6.x, but it doesn't > seem to be documented any longer. > > -- > DAVID A. CURRY, CISSP > DIRECTOR OF INFORMATION SECURITY > THE NEW SCHOOL • INFORMATION TECHNOLOGY > 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003 > +1 212 229-5300 x4728 • david.cu...@newschool.edu > > >> On Fri, Apr 5, 2019 at 4:01 AM Fahmi L. Ramdhani >> wrote: >> Hello, >> >> How to configure the attribute list in the Attribute Release Policy (Return >> Allowed) in CAS Management? There only displays uid, eppn and givenName. >> While the attributes available in the database are uid, email, username, >> nip, phone and others. I want to display the array list based on the >> available attributes. >> >> Thank you. >> Fahmi >> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to cas-user+unsubscr...@apereo.org. >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/7575817d-2e4a-43dd-84f9-e051f17a8f73%40apereo.org. > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cas-user+unsubscr...@apereo.org. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XAMrzTdHjUdUBmhUe%2BesEx_gt5VN0MCksV3fGsCfRMkNMA%40mail.gmail.com. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/7BF37BB2-C0CC-47AC-8A2A-8606EEA34456%40gmail.com.
[cas-user] How to use REST Attribute Release Policy (Return Restful)?
Hello,
How to use REST Attribute Release Policy? REST Endpoint filled with? I
tried to do something stupid, I route (on my website) to give a JSON 200
response with a response:
*https://try.example.com/json-output* respon
{
"@class" : "org.apereo.cas.services.RegexRegisteredService",
"serviceId" : "^https://client.example.com(\\z|\/.*)",
"name" : "Return Restful",
"id" : 300,
"description" : "Test RESTful Attribute Release Policy",
"attributeReleasePolicy" : {
"@class" : "org.apereo.cas.services.ReturnMappedAttributeReleasePolicy",
"allowedAttributes" : {
"@class" : "java.util.TreeMap",
"email" : "email",
"name" : "name",
"phone" : "phone"
}
}
}
Oops! The test failed. I mean that the service releases attributes based on
the released attribute list (JSON). How to use the REST? Sorry if my
question is a little stupid.
Thankyou
Fahmi
*https://github.com/sentrasoft/laravel-cas*
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/c2829dfc-7eb5-46f4-97c0-898df8f07bed%40apereo.org.
[cas-user] Re: CAS Management - Collection of Attributes in Attribute Release Policy
I hope CAS Management can take attributes based on existing attributes (*attribute key*). Thank David! Pada Jumat, 05 April 2019 15.01.42 UTC+7, Fahmi L. Ramdhani menulis: > > Hello, > > How to configure the attribute list in the Attribute Release Policy > (Return Allowed) in CAS Management? There only displays *uid, eppn *and > *givenName*. While the attributes available in the database are *uid, > email, username, nip, phone *and others. I want to display the array list > based on the available attributes. > > Thank you. > Fahmi > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/978b15ff-3321-49e1-a2c1-5c01727e7ca7%40apereo.org.
[cas-user] Help CAS Management Error (CAS Server returned 502 status code from endpoint https://cas.example.com/cas/status/discovery. Using default FormData values)
Hello,
Anyone, please help me to solve the Attribute problem in CAS Management. I
want the dropdown to list the available attributes (dynamically) based on
the attribute repository (JDBC), the dropdown in CAS Management service
settings.
I added dependency to *pom.xml *(cas-server)
org.apereo.cas
cas-server-support-discovery-profile
${cas.version}
I access *https://cas.example.com/cas/status/discovery* successfully
displaying a list of attributes that are ready to be released.
{
"@class": "java.util.LinkedHashMap",
"profile": {
"@class": "org.apereo.cas.discovery.CasServerProfile",
"registeredServiceTypes": {
"@class": "java.util.HashMap",
"CAS Client": "org.apereo.cas.services.RegexRegisteredService"
},
"registeredServiceTypesSupported": {
"@class": "java.util.HashMap",
"SAML2 Service Provider":
"org.apereo.cas.support.saml.services.SamlRegisteredService",
"WS Federation Relying Party":
"org.apereo.cas.ws.idp.services.WSFederationRegisteredService",
"OpenID Connect Relying Party":
"org.apereo.cas.services.OidcRegisteredService",
"OAuth2 Client":
"org.apereo.cas.support.oauth.services.OAuthRegisteredService",
"CAS Client": "org.apereo.cas.services.RegexRegisteredService"
},
"multifactorAuthenticationProviderTypesSupported": {
"@class": "java.util.HashMap",
"mfa-gauth": "Google Authenticator",
"mfa-swivel": "Swivel Secure",
"mfa-authy": "Authy",
"mfa-radius": "RADIUS (RSA,WiKID)",
"mfa-u2f": "FIDO U2F",
"mfa-duo": "Duo Security",
"mfa-azure": "Microsoft Azure"
},
"delegatedClientTypesSupported": [
"java.util.HashSet",
[
"OAuth20Client",
"OAuth10Client",
"TwitterClient",
"FoursquareClient",
"QQClient",
"OrcidClient",
"FacebookClient",
"OkClient",
"FormClient",
"CasProxyReceptor",
"GitHubClient",
"BitbucketClient",
"KeycloakOidcClient",
"WordPressClient",
"WindowsLiveClient",
"OidcClient",
"VkClient",
"LinkedIn2Client",
"YahooClient",
"WechatClient",
"Google2Client",
"StravaClient",
"GenericOAuth20Client",
"AzureAdClient",
"GoogleOidcClient",
"CasOAuthWrapperClient",
"WeiboClient",
"PayPalClient",
"DropBoxClient",
"SAML2Client",
"IndirectBasicAuthClient",
"CasClient"
]
],
*"availableAttributes": [ "java.util.LinkedHashSet", [
"uid","username","name","phone" ]]*
}
}
But the data is not loaded in CAS Management. I see at *cas-management.log*
it appears like this:
> 019-04-07 00:32:01,567 INFO
> [org.apereo.cas.mgmt.web.CasManagementWebApplicationServletInitializer] -
> The following profiles are active: standalone
> 2019-04-07 00:32:07,489 DEBUG
> [org.apereo.cas.config.CasCoreUtilSerializationConfiguration] - Configuring
> component serialization plan [CasCoreUtilSerializationConfiguration]
> 2019-04-07 00:32:08,247 DEBUG
> [org.apereo.cas.mgmt.config.CasManagementAuthenticationConfiguration] -
> Configuring an authentication strategy based on CAS running at
> [https://cas.example.com]
> 2019-04-07 00:32:08,263 DEBUG
> [org.apereo.cas.mgmt.config.CasManagementAuthenticationConfiguration] -
> Skipping IP address authentication strategy configuration; no pattern is
> defined
> 2019-04-07 00:33:14,297 INFO
> *[org.apereo.cas.mgmt.services.web.factory.FormDataFactory]
> - CAS Server returned 502 status code from endpoint
> *https://cas.example.com/cas/status/discovery.
> Using default FormData values.
> 2019-04-07 00:33:17,369 DEBUG
> [org.apereo.cas.config.CasCoreServicesConfiguration] - Configuring service
> registry [JpaServiceRegistryConfiguration]
> 2019-04-07 00:33:17,402 DEBUG
> [org.apereo.cas.services.DefaultServiceRegistryExecutionPlan] - Registering
> service registry [JpaServiceRegistry] into the execution plan
> 2019-04-07 00:33:17,362 DEBUG
> [org.apereo.cas.services.AbstractServicesManager] - Registering service
> registry [JpaServiceRegistry] into the execution
> planorg.apereo.cas.services.ChainingServiceRegistry@35554139]
> 2019-04-07 00:33:17,807 DEBUG
> [org.apereo.cas.services.AbstractServicesManager] - Adding registered
> service [^https:\/\/app1.example.com(\\z|\/.*)]
> 2019-04-07 00:33:17,807 DEBUG
> [org.apereo.cas.services.AbstractServicesManager] - Adding registered
> service [^https:\/\/app2.example.com(\\z|\/.*)]
> 2019-04-07 00:33:17,807 DEBUG
> [org.apereo.cas.services.AbstractServicesManager] - Adding registered
> service [^https:\/\/app3.example.com(\\z|\/.*)]
> 2019-04-07 00:33:17,807 DEBUG
> [org.apereo.cas.services.AbstractServicesManager] - Adding registered
> service [^https:\/\/app4.example.com(\\z|\/.*)]
> 2019-04-07 00:33:17,807 DEBUG
>
[cas-user] Re: Configuration Discovery (/status/discovery) Not Return Attributes
I solved this problem. Add configuration to cas.properties:
cas.authn.jdbc.query[0].principalAttributeList = uid,username,name,email
Pada Sabtu, 06 April 2019 17.01.32 UTC+7, Fahmi L. Ramdhani menulis:
>
> Hello,
>
> I use CAS version 5.3. I added *cas-server-support-discovery-profile*
> dependency to pom.xml
>
>
> org.apereo.cas
> cas-server-support-discovery-profile
> ${cas.version}
>
>
>
> Then I tried calling https://cas.example.com/cas/status/discovery, but it
> does not display a list of available attributes for release. Only return
> like:
>
> {
> "@class": "java.util.LinkedHashMap",
> "profile": {
> "@class": "org.apereo.cas.discovery.CasServerProfile",
> "registeredServiceTypes": {
> "@class": "java.util.HashMap",
> "CAS Client": "org.apereo.cas.services.RegexRegisteredService"
> },
> "registeredServiceTypesSupported": {
> "@class": "java.util.HashMap",
> "SAML2 Service Provider":
> "org.apereo.cas.support.saml.services.SamlRegisteredService",
> "WS Federation Relying Party":
> "org.apereo.cas.ws.idp.services.WSFederationRegisteredService",
> "OpenID Connect Relying Party":
> "org.apereo.cas.services.OidcRegisteredService",
> "OAuth2 Client":
> "org.apereo.cas.support.oauth.services.OAuthRegisteredService",
> "CAS Client": "org.apereo.cas.services.RegexRegisteredService"
> },
> "multifactorAuthenticationProviderTypesSupported": {
> "@class": "java.util.HashMap",
> "mfa-gauth": "Google Authenticator",
> "mfa-swivel": "Swivel Secure",
> "mfa-authy": "Authy",
> "mfa-radius": "RADIUS (RSA,WiKID)",
> "mfa-u2f": "FIDO U2F",
> "mfa-azure": "Microsoft Azure",
> "mfa-duo": "Duo Security"
> },
> "delegatedClientTypesSupported": [
> "java.util.HashSet",
> [
> "OAuth20Client",
> "OAuth10Client",
> "FoursquareClient",
> "TwitterClient",
> "QQClient",
> "OrcidClient",
> "FacebookClient",
> "OkClient",
> "FormClient",
> "CasProxyReceptor",
> "GitHubClient",
> "BitbucketClient",
> "KeycloakOidcClient",
> "WordPressClient",
> "OidcClient",
> "WindowsLiveClient",
> "VkClient",
> "LinkedIn2Client",
> "YahooClient",
> "WechatClient",
> "Google2Client",
> "StravaClient",
> "GenericOAuth20Client",
> "AzureAdClient",
> "GoogleOidcClient",
> "CasOAuthWrapperClient",
> "WeiboClient",
> "PayPalClient",
> "DropBoxClient",
> "SAML2Client",
> "IndirectBasicAuthClient",
> "CasClient"
> ]
> ]
> }
> }
>
>
> How to configure so that the attributes available for release are
> displayed in */status/discovery*? I want to change the list of available
> drop-down attributes in CAS Management.
>
> Thank you
> Fahmi
>
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/cfa6cee0-c736-4488-9e9e-2f382d2b51a6%40apereo.org.
[cas-user] Configuration Discovery (/status/discovery) Not Return Attributes
Hello,
I use CAS version 5.3. I added *cas-server-support-discovery-profile*
dependency to pom.xml
org.apereo.cas
cas-server-support-discovery-profile
${cas.version}
Then I tried calling https://cas.example.com/cas/status/discovery, but it
does not display a list of available attributes for release. Only return
like:
{
"@class": "java.util.LinkedHashMap",
"profile": {
"@class": "org.apereo.cas.discovery.CasServerProfile",
"registeredServiceTypes": {
"@class": "java.util.HashMap",
"CAS Client": "org.apereo.cas.services.RegexRegisteredService"
},
"registeredServiceTypesSupported": {
"@class": "java.util.HashMap",
"SAML2 Service Provider":
"org.apereo.cas.support.saml.services.SamlRegisteredService",
"WS Federation Relying Party":
"org.apereo.cas.ws.idp.services.WSFederationRegisteredService",
"OpenID Connect Relying Party":
"org.apereo.cas.services.OidcRegisteredService",
"OAuth2 Client":
"org.apereo.cas.support.oauth.services.OAuthRegisteredService",
"CAS Client": "org.apereo.cas.services.RegexRegisteredService"
},
"multifactorAuthenticationProviderTypesSupported": {
"@class": "java.util.HashMap",
"mfa-gauth": "Google Authenticator",
"mfa-swivel": "Swivel Secure",
"mfa-authy": "Authy",
"mfa-radius": "RADIUS (RSA,WiKID)",
"mfa-u2f": "FIDO U2F",
"mfa-azure": "Microsoft Azure",
"mfa-duo": "Duo Security"
},
"delegatedClientTypesSupported": [
"java.util.HashSet",
[
"OAuth20Client",
"OAuth10Client",
"FoursquareClient",
"TwitterClient",
"QQClient",
"OrcidClient",
"FacebookClient",
"OkClient",
"FormClient",
"CasProxyReceptor",
"GitHubClient",
"BitbucketClient",
"KeycloakOidcClient",
"WordPressClient",
"OidcClient",
"WindowsLiveClient",
"VkClient",
"LinkedIn2Client",
"YahooClient",
"WechatClient",
"Google2Client",
"StravaClient",
"GenericOAuth20Client",
"AzureAdClient",
"GoogleOidcClient",
"CasOAuthWrapperClient",
"WeiboClient",
"PayPalClient",
"DropBoxClient",
"SAML2Client",
"IndirectBasicAuthClient",
"CasClient"
]
]
}
}
How to configure so that the attributes available for release are displayed
in */status/discovery*? I want to change the list of available drop-down
attributes in CAS Management.
Thank you
Fahmi
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/ec89ed8a-306b-42e6-8056-4958641ae787%40apereo.org.
[cas-user] Re: CAS Management Services JPA Registry (Success, but Unable to Save to MySQL Database)
Thanks Facundo for your reply. Regarding "cas.serviceRegistry.jpa.ddlAuto = create-drop" is only temporary, next time, I will change it to *none *or *update*. So, when I go to *https://sso.example.com/cas-management* (*successfully*), *then I make 1 new registry service*. *I think it will save new data to the MySQL registryDb.RegexRegisteredService table*, but the registry service does not add to the table. The thing that makes me confused is that the registry service that was added was still stored after I closed the browser (private mode). I don't know where the new registry service was stored. Then *after I tried accessing the registry service (https://portal.example.com/dashboard redirected to CAS Login), the CAS refused "Application Not Authorized to Use CAS"*, even though the registry service was added and stored (it doesn't know where it was stored). Is there a solution for this problem? *Please help*. Thank you. Pada Rabu, 20 Maret 2019 21.10.18 UTC+7, Facundo Mateo menulis: > > Hi Fahmi, > We faced the same issue with managment console. In our case, that error > is not related to the database configuration or the saving action itself > but the GIT versioning functionalitiy of management console ( > https://apereo.github.io/cas-management/5.3.x/installation/Installing-ServicesMgmt-Webapp.html#version-control > ). > > I noticed you have "cas.serviceRegistry.jpa.ddlAuto = create-drop" > > Using that configuration every time the server is stopped your DB schema > is dropped and of course your services. > Could this be your real issue? > > Regards, Facundo > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/cf224dea-a70d-4a83-8b86-64b3482fc242%40apereo.org.
[cas-user] Re: CAS Management Services JPA Registry (Success, but Unable to Save to MySQL Database)
Thanks for your replies. I added the service via CAS Service Manangement (https://sso.example.com/cas-management/manage.html), but it was not saved in the database. Please help review my CAS configuration (in attachment). Can you help me please. Thank you. Pada Rabu, 20 Maret 2019 23.01.06 UTC+7, Facundo Mateo menulis: > > I am assuming you don't have version control enabled. > > After you add the service through console, is your service shown in > Management console list? If so it should be in your service registry > database. > I have the same exception you describe if version control is not enabled > but I am still able to save the registry to database. > > May be you could increase console log level to debug and set > "cas.jdbc.showSql=true" to see whats really happening. > > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/dcd0aa1d-c671-4f4c-9a8f-bd790a17e1bb%40apereo.org. cas.properties Description: Binary data management.properties Description: Binary data
Re: [cas-user] Re: CAS Management Services JPA Registry (Success, but Unable to Save to MySQL Database)
*This problem has been Solved.*
I am forget to insert dependency to *pom.xml* in *management project*.
org.apereo.cas
cas-server-support-jdbc-drivers
${cas.version}
org.apereo.cas
cas-server-support-jpa-service-registry
${cas.version}
Thank you all.
Pada Kamis, 21 Maret 2019 23.12.56 UTC+7, rbon menulis:
>
> Fahmi,
>
> create-drop is used during initial development of a jpa project when
> database design might change regularly. Once database is set, then it gets
> changed to update. There is a create option but it will result in errors if
> the database already exists. create can be used once and then changed to
> update.
>
> Check catalina.out for logs.
>
> CAS is picking up one entry from the database. It reloads every 2 minutes.
> Does it show 2 entries when you add one manually?
>
> Are the null values in the workbench image from the cas-management created
> entry?
>
> Ray
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/788b65ed-9de4-4fd9-bea1-e6d9562de429%40apereo.org.
[cas-user] How to Remove Port 8443 when login to CAS Service Managament
Hello,
I am try to visit CAS Service Management in
https://sso.example.com/cas-management. Site redirected to
https://sso.example.com/cas/login?service=*https://sso.example.com:8443*/cas-management/manage.html
for authenticate with CAS Server. Why does Service management direct URLs
with Port 8443? How to remove the port when user visit
https://sso.example.com/cas-management?
*management.properties* configuration is
cas.server.name = https://sso.example.com
cas.server.prefix = ${cas.server.name}/cas
mgmt.adminRoles[0] = ROLE_ADMIN
mgmt.userPropertiesFile = file:/etc/cas/config/admusers-management.
properties
mgmt.serverName = https://sso.example.com
Thank you
Fahmi
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/bc02072f-1ea1-4f7a-9580-a964d9a2bc9b%40apereo.org.
Re: [cas-user] Re: Help CAS Management Error (CAS Server returned 502 status code from endpoint https://cas.example.com/cas/status/discovery. Using default FormData values)
CAS Management can't retrieve the list of attributes available on CAS Server?
I have added configuration to management.properties, but it didn't work. CAS
Management only contains the default attributes (uid, eppn, givenName).
I have tried adding the STUB configuration, unfortunately it is static.
> ... attributeRepository.stub.attributes.uid = uid
> .
I hope CAS Management can take available attributes based on the CAS Server
configuration.
Can anyone give me a suggestion for what i want?
Sent from my iPhone
> On 10 Apr 2019, at 23.03, Ray Bon wrote:
>
> Fahmi,
>
> Our management server is too old to have this feature.
> Start here,
> https://apereo.github.io/cas/5.3.x/integration/Attribute-Release.html
> You probably have to add properties to management service properties file.
>
> Ray
>
>> On Tue, 2019-04-09 at 17:57 -0700, Fahmi L. Ramdhani wrote:
>> Thank you for the quick reply.
>>
>> First I accessed via the browser
>> https://cas.example.com/cas/status/discovery, then CAS directed to login.
>> After successfully logging in, the results are like this:
>> {
>> "@class": "java.util.LinkedHashMap",
>> "profile": {
>> "@class": "org.apereo.cas.discovery.CasServerProfile",
>> "registeredServiceTypes": {
>> "@class": "java.util.HashMap",
>> "CAS Client": "org.apereo.cas.services.RegexRegisteredService"
>> },
>> "registeredServiceTypesSupported": {
>> "@class": "java.util.HashMap",
>> "SAML2 Service Provider":
>> "org.apereo.cas.support.saml.services.SamlRegisteredService",
>> "WS Federation Relying Party":
>> "org.apereo.cas.ws.idp.services.WSFederationRegisteredService",
>> "OpenID Connect Relying Party":
>> "org.apereo.cas.services.OidcRegisteredService",
>> "OAuth2 Client":
>> "org.apereo.cas.support.oauth.services.OAuthRegisteredService",
>> "CAS Client": "org.apereo.cas.services.RegexRegisteredService"
>> },
>> "multifactorAuthenticationProviderTypesSupported": {
>> "@class": "java.util.HashMap",
>> "mfa-gauth": "Google Authenticator",
>> "mfa-swivel": "Swivel Secure",
>> "mfa-authy": "Authy",
>> "mfa-radius": "RADIUS (RSA,WiKID)",
>> "mfa-u2f": "FIDO U2F",
>> "mfa-azure": "Microsoft Azure",
>> "mfa-duo": "Duo Security"
>> },
>> "delegatedClientTypesSupported": [
>> "java.util.HashSet",
>> [
>> "OAuth20Client",
>> "OAuth10Client",
>> "TwitterClient",
>> "FoursquareClient",
>> "QQClient",
>> "OrcidClient",
>> "FacebookClient",
>> "OkClient",
>> "FormClient",
>> "CasProxyReceptor",
>> "GitHubClient",
>> "KeycloakOidcClient",
>> "BitbucketClient",
>> "WordPressClient",
>> "OidcClient",
>> "WindowsLiveClient",
>> "VkClient",
>> "LinkedIn2Client",
>> "YahooClient",
>> "WechatClient",
>> "Google2Client",
>> "StravaClient",
>> "GenericOAuth20Client",
>> "AzureAdClient",
>> "GoogleOidcClient",
>> "CasOAuthWrapperClient",
>> "PayPalClient",
>> "WeiboClient",
>> "DropBoxClient",
>> "SAML2Client",
>> "CasClient",
>> "IndirectBasicAuthClient"
>> ]
>> ],
>> "availableAttributes": [
>> "java.util.LinkedHashSet",
>> [
>> "mail",
>> "eppn",
>> "displayName",
>> "givenName",
>> "uid"
>> ]
>> ]
>> }
>> }
>>
>> You can see the availableAttributes section? I need it to make
[cas-user] Re: Help CAS Management Error (CAS Server returned 502 status code from endpoint https://cas.example.com/cas/status/discovery. Using default FormData values)
I tried accessing the result curl like this: curl -v https://cas.example.com:8443/cas/status/discovery * Trying 103.60.182.9... * Connected to cas.example.com (103.60.182.9) port 8443 (#0) * found 148 certificates in /etc/ssl/certs/ca-certificates.crt * found 592 certificates in /etc/ssl/certs * ALPN, offering http/1.1 * SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256 *server certificate verification OK *server certificate status verification SKIPPED *common name: cas.example.com (matched) *server certificate expiration date OK *server certificate activation date OK *certificate public key: RSA *certificate version: #3 *subject: CN=cas.example.com *start date: Wed, 03 Apr 2019 09:32:48 GMT *expire date: Tue, 02 Jul 2019 09:32:48 GMT *issuer: C=US,O=XXX,CN=XX *compression: NULL * ALPN, server did not agree to a protocol > GET /cas/status/discovery HTTP/1.1 > Host: cas.example.com:8443 > User-Agent: curl/7.47.0 > Accept: */* > < HTTP/1.1 302 < Cache-Control: no-cache, no-store, max-age=0, must-revalidate < Pragma: no-cache < Expires: 0 < Strict-Transport-Security: max-age=15768000 ; includeSubDomains < X-Content-Type-Options: nosniff < X-Frame-Options: DENY < X-XSS-Protection: 1; mode=block < Set-Cookie: JSESSIONID=AECBB7BF899FAFB0B707CE228ECC19EC; Path=/cas; Secure; HttpOnly < Location: https://cas.example.com:8443/cas/login?service=https%3A%2F%2Fcas.example.com%3A8443%2Fcas%2Fstatus%2Fdiscovery < Transfer-Encoding: chunked < Date: Tue, 09 Apr 2019 23:34:01 GMT < * Connection #0 to host cas.example.com left intact Can anyone help please? -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/732296c2-e53a-40c8-aef7-4947b6ef1384%40apereo.org.
[cas-user] Re: Help CAS Management Error (CAS Server returned 502 status code from endpoint https://cas.example.com/cas/status/discovery. Using default FormData values)
I tried accessing the result curl like this: curl -v https://cas.example.com:8443/cas/status/discovery * Trying 2xx.60.112.9... * Connected to cas.example.com (2xx.60.112.9) port 8443 (#0) * found 148 certificates in /etc/ssl/certs/ca-certificates.crt * found 592 certificates in /etc/ssl/certs * ALPN, offering http/1.1 * SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256 *server certificate verification OK *server certificate status verification SKIPPED *common name: cas.example.com (matched) *server certificate expiration date OK *server certificate activation date OK *certificate public key: RSA *certificate version: #3 *subject: CN=cas.example.com *start date: Wed, 03 Apr 2019 09:32:48 GMT *expire date: Tue, 02 Jul 2019 09:32:48 GMT *issuer: C=US,O=XXX,CN=XX *compression: NULL * ALPN, server did not agree to a protocol > GET /cas/status/discovery HTTP/1.1 > Host: cas.example.com:8443 > User-Agent: curl/7.47.0 > Accept: */* > < HTTP/1.1 302 < Cache-Control: no-cache, no-store, max-age=0, must-revalidate < Pragma: no-cache < Expires: 0 < Strict-Transport-Security: max-age=15768000 ; includeSubDomains < X-Content-Type-Options: nosniff < X-Frame-Options: DENY < X-XSS-Protection: 1; mode=block < Set-Cookie: JSESSIONID=AECBB7BF899FAFB0B707CE228ECC19EC; Path=/cas; Secure; HttpOnly < Location: https://cas.example.com:8443/cas/login?service=https%3A%2F%2Fcas.example.com%3A8443%2Fcas%2Fstatus%2Fdiscovery < Transfer-Encoding: chunked < Date: Tue, 09 Apr 2019 23:34:01 GMT < * Connection #0 to host cas.example.com left intact Can anyone help please? -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/7a984890-2ceb-4557-a17b-8adfa65aa4b1%40apereo.org.
[cas-user] Re: Help CAS Management Error (CAS Server returned 502 status code from endpoint https://cas.example.com/cas/status/discovery. Using default FormData values)
I tried accessing the result curl like this curl -v https://cas.example.com/cas/status/discovery * Trying 103.60.182.9... * Connected to cas.example.com (xx.60.xxx.2) port 8443 (#0) * found 148 certificates in /etc/ssl/certs/ca-certificates.crt * found 592 certificates in /etc/ssl/certs * ALPN, offering http/1.1 * SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256 * server certificate verification OK * server certificate status verification SKIPPED * common name: cas.example.com (matched) * server certificate expiration date OK * server certificate activation date OK * certificate public key: RSA * certificate version: #3 * subject: CN=cas.example.com * start date: Wed, 03 Apr 2019 09:32:48 GMT * expire date: Tue, 02 Jul 2019 09:32:48 GMT * issuer: C=US,O=X,CN=XXX * compression: NULL * ALPN, server did not agree to a protocol > GET /cas/status/discovery HTTP/1.1 > Host: cas.example.com > User-Agent: curl/7.47.0 > Accept: */* > < HTTP/1.1 302 < Cache-Control: no-cache, no-store, max-age=0, must-revalidate < Pragma: no-cache < Expires: 0 < Strict-Transport-Security: max-age=15768000 ; includeSubDomains < X-Content-Type-Options: nosniff < X-Frame-Options: DENY < X-XSS-Protection: 1; mode=block < Set-Cookie: JSESSIONID=AECBB7BF899FAFB0B707CE228ECC19EC; Path=/cas; Secure; HttpOnly < Location: https://cas.example.com/cas/login?service=https%3A%2F%2Fcas.example.com%3A8443%2Fcas%2Fstatus%2Fdiscovery < Transfer-Encoding: chunked < Date: Tue, 09 Apr 2019 23:34:01 GMT < * Connection #0 to host cas.example.com left intact Can anyone help please? -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/8e14b1bb-0e7b-4eee-a614-60246aeabe91%40apereo.org.
[cas-user] Re: Help CAS Management Error (CAS Server returned 502 status code from endpoint https://cas.example.com/cas/status/discovery. Using default FormData values)
i have to configured like:
*cas.properties*
cas.adminPagesSecurity.ip = .*
cas.adminPagesSecurity.loginUrl = ${cas.server.prefix}/login
cas.adminPagesSecurity.service = ${cas.server.prefix}/status/dashboard
cas.adminPagesSecurity.users = file:/etc/cas/config/admusers.properties
cas.adminPagesSecurity.adminRoles[0] = ROLE_ADMIN
cas.adminPagesSecurity.actuatorEndpointsEnabled=true
cas.monitor.endpoints.enabled = true
cas.monitor.endpoints.sensitive = false
cas.monitor.endpoints.status.enabled = true
cas.monitor.endpoints.status.sensitive = false
cas.monitor.endpoints.discovery.enabled = true
cas.monitor.endpoints.discovery.sensitive = false
endpoints.enabled = true
endpoints.sensitive = true
endpoints.restart.enabled=true
endpoints.shutdown.enabled=true
endpoints.autoconfig.enabled=true
endpoints.beans.enabled=true
endpoints.bus.enabled=true
endpoints.configprops.enabled=true
endpoints.dump.enabled=true
endpoints.env.enabled=true
endpoints.health.enabled=true
endpoints.features.enabled=true
endpoints.info.enabled=true
endpoints.loggers.enabled=true
endpoints.logfile.enabled=true
endpoints.trace.enabled=true
endpoints.docs.enabled=true
endpoints.heapdump.enabled=true
Pada Minggu, 07 April 2019 00.48.55 UTC+7, Fahmi L. Ramdhani menulis:
>
> Hello,
>
> Anyone, please help me to solve the Attribute problem in CAS Management. I
> want the dropdown to list the available attributes (dynamically) based on
> the attribute repository (JDBC), the dropdown in CAS Management service
> settings.
>
> I added dependency to *pom.xml *(cas-server)
>
> org.apereo.cas
> cas-server-support-discovery-profile
> ${cas.version}
>
>
>
> I access *https://cas.example.com/cas/status/discovery
> <https://cas.example.com/cas/status/discovery>* successfully displaying a
> list of attributes that are ready to be released.
> {
> "@class": "java.util.LinkedHashMap",
> "profile": {
> "@class": "org.apereo.cas.discovery.CasServerProfile",
> "registeredServiceTypes": {
> "@class": "java.util.HashMap",
> "CAS Client": "org.apereo.cas.services.RegexRegisteredService"
> },
> "registeredServiceTypesSupported": {
> "@class": "java.util.HashMap",
> "SAML2 Service Provider":
> "org.apereo.cas.support.saml.services.SamlRegisteredService",
> "WS Federation Relying Party":
> "org.apereo.cas.ws.idp.services.WSFederationRegisteredService",
> "OpenID Connect Relying Party":
> "org.apereo.cas.services.OidcRegisteredService",
> "OAuth2 Client":
> "org.apereo.cas.support.oauth.services.OAuthRegisteredService",
> "CAS Client": "org.apereo.cas.services.RegexRegisteredService"
> },
> "multifactorAuthenticationProviderTypesSupported": {
> "@class": "java.util.HashMap",
> "mfa-gauth": "Google Authenticator",
> "mfa-swivel": "Swivel Secure",
> "mfa-authy": "Authy",
> "mfa-radius": "RADIUS (RSA,WiKID)",
> "mfa-u2f": "FIDO U2F",
> "mfa-duo": "Duo Security",
> "mfa-azure": "Microsoft Azure"
> },
> "delegatedClientTypesSupported": [
> "java.util.HashSet",
> [
> "OAuth20Client",
> "OAuth10Client",
> "TwitterClient",
> "FoursquareClient",
> "QQClient",
> "OrcidClient",
> "FacebookClient",
> "OkClient",
> "FormClient",
> "CasProxyReceptor",
> "GitHubClient",
> "BitbucketClient",
> "KeycloakOidcClient",
> "WordPressClient",
> "WindowsLiveClient",
> "OidcClient",
> "VkClient",
> "LinkedIn2Client",
> "YahooClient",
> "WechatClient",
> "Google2Client",
> "StravaClient",
> "GenericOAuth20Client",
> "AzureAdClient",
> "GoogleOidcClient",
> "CasOAuthWrapperClient",
> "WeiboClient",
> "PayPalClient",
> "DropBoxClient",
> "SAML2Client",
> "IndirectBasicAuthClient",
> "CasClient"
>
[cas-user] Re: Help CAS Management Error (CAS Server returned 502 status code from endpoint https://cas.example.com/cas/status/discovery. Using default FormData values)
i have to configured like:
*cas.properties*
cas.adminPagesSecurity.ip = .*
cas.adminPagesSecurity.loginUrl = ${cas.server.prefix}/login
cas.adminPagesSecurity.service = ${cas.server.prefix}/status/dashboard
cas.adminPagesSecurity.users = file:/etc/cas/config/admusers.properties
cas.adminPagesSecurity.adminRoles[0] = ROLE_ADMIN
cas.adminPagesSecurity.actuatorEndpointsEnabled=true
cas.monitor.endpoints.enabled = true
cas.monitor.endpoints.sensitive = false
cas.monitor.endpoints.status.enabled = true
cas.monitor.endpoints.status.sensitive = false
cas.monitor.endpoints.discovery.enabled = true
cas.monitor.endpoints.discovery.sensitive = false
endpoints.enabled = true
endpoints.sensitive = true
endpoints.restart.enabled=true
endpoints.shutdown.enabled=true
endpoints.autoconfig.enabled=true
endpoints.beans.enabled=true
endpoints.bus.enabled=true
endpoints.configprops.enabled=true
endpoints.dump.enabled=true
endpoints.env.enabled=true
endpoints.health.enabled=true
endpoints.features.enabled=true
endpoints.info.enabled=true
endpoints.loggers.enabled=true
endpoints.logfile.enabled=true
endpoints.trace.enabled=true
endpoints.docs.enabled=true
endpoints.heapdump.enabled=true
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/32e03b50-783f-456a-983e-e8e43f316615%40apereo.org.
Re: [cas-user] Re: Help CAS Management Error (CAS Server returned 502 status code from endpoint https://cas.example.com/cas/status/discovery. Using default FormData values)
Thank you for the quick reply.
First I accessed via the browser
https://cas.example.com/cas/status/discovery, then CAS directed to login.
After successfully logging in, the results are like this:
{
"@class": "java.util.LinkedHashMap",
"profile": {
"@class": "org.apereo.cas.discovery.CasServerProfile",
"registeredServiceTypes": {
"@class": "java.util.HashMap",
"CAS Client": "org.apereo.cas.services.RegexRegisteredService"
},
"registeredServiceTypesSupported": {
"@class": "java.util.HashMap",
"SAML2 Service Provider":
"org.apereo.cas.support.saml.services.SamlRegisteredService",
"WS Federation Relying Party":
"org.apereo.cas.ws.idp.services.WSFederationRegisteredService",
"OpenID Connect Relying Party":
"org.apereo.cas.services.OidcRegisteredService",
"OAuth2 Client":
"org.apereo.cas.support.oauth.services.OAuthRegisteredService",
"CAS Client": "org.apereo.cas.services.RegexRegisteredService"
},
"multifactorAuthenticationProviderTypesSupported": {
"@class": "java.util.HashMap",
"mfa-gauth": "Google Authenticator",
"mfa-swivel": "Swivel Secure",
"mfa-authy": "Authy",
"mfa-radius": "RADIUS (RSA,WiKID)",
"mfa-u2f": "FIDO U2F",
"mfa-azure": "Microsoft Azure",
"mfa-duo": "Duo Security"
},
"delegatedClientTypesSupported": [
"java.util.HashSet",
[
"OAuth20Client",
"OAuth10Client",
"TwitterClient",
"FoursquareClient",
"QQClient",
"OrcidClient",
"FacebookClient",
"OkClient",
"FormClient",
"CasProxyReceptor",
"GitHubClient",
"KeycloakOidcClient",
"BitbucketClient",
"WordPressClient",
"OidcClient",
"WindowsLiveClient",
"VkClient",
"LinkedIn2Client",
"YahooClient",
"WechatClient",
"Google2Client",
"StravaClient",
"GenericOAuth20Client",
"AzureAdClient",
"GoogleOidcClient",
"CasOAuthWrapperClient",
"PayPalClient",
"WeiboClient",
"DropBoxClient",
"SAML2Client",
"CasClient",
"IndirectBasicAuthClient"
]
],
*"availableAttributes": [*
* "java.util.LinkedHashSet",*
* [*
*"mail",*
*"eppn",*
*"displayName",*
*"givenName",*
*"uid"*
* ]*
*]*
}
}
You can see the availableAttributes section? I need it to make it easier
for CAS administrators to release attributes for each service. But when I
access *https://cas.example.com/cas-management* and try to add services,
the *"mail", "eppn", "displayName", "givenName", "uid"* attributes *not
show in the dropdown option* ( Attribute Release Policy). I hope the
dropdown option contains dynamic based on the attributes in JDBC
(Multi-Row), but I have not found a solution. How to solve this problem?
Thank you.
Pada Rabu, 10 April 2019 07.45.56 UTC+7, rbon menulis:
>
> Fahmi,
>
> I have not set up any of the status features for cas, so have no
> experience here.
> Can you access it with a browser (that is, have you verified it is working
> as expected)?
>
> What is your reason for using curl?
>
> Perhaps there is another alternative that others on the list have tried.
>
> Ray
>
> On Wed, 2019-04-10 at 07:34 +0700, Fahmi L. Ramdhani wrote:
>
> Please tell me how to unprotect? In cas.properties i have to set
>
> endpoints.status.discovery.enabled = true
> ..sensitive = false
>
> Sorry for my questions. Thank you Ray.
> Sent from my iPhone
>
> On 10 Apr 2019, at 07.05, Ray Bon > wrote:
>
> Fahmi,
>
> It looks like /cas/status/discovery is protected by cas and it redirects
> to cas/login (status code 302).
> Should the discovery page be protected?
>
> Ray
>
> On Tue, 2019-04-09 at 16:43 -0700, Fahmi L. Ramdhani wrote:
>
> I tried accessing the result curl like this:
>
> curl -v https://cas.example.com:8443/cas/status/discovery
> * Trying 2xx.60.
Re: [cas-user] Re: Help CAS Management Error (CAS Server returned 502 status code from endpoint https://cas.example.com/cas/status/discovery. Using default FormData values)
Please tell me how to unprotect? In cas.properties i have to set endpoints.status.discovery.enabled = true ..sensitive = false Sorry for my questions. Thank you Ray. Sent from my iPhone > On 10 Apr 2019, at 07.05, Ray Bon wrote: > > Fahmi, > > It looks like /cas/status/discovery is protected by cas and it redirects to > cas/login (status code 302). > Should the discovery page be protected? > > Ray > >> On Tue, 2019-04-09 at 16:43 -0700, Fahmi L. Ramdhani wrote: >> I tried accessing the result curl like this: >> >> curl -v https://cas.example.com:8443/cas/status/discovery >> * Trying 2xx.60.112.9... >> * Connected to cas.example.com (2xx.60.112.9) port 8443 (#0) >> * found 148 certificates in /etc/ssl/certs/ca-certificates.crt >> * found 592 certificates in /etc/ssl/certs >> * ALPN, offering http/1.1 >> * SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256 >> *server certificate verification OK >> *server certificate status verification SKIPPED >> *common name: cas.example.com (matched) >> *server certificate expiration date OK >> *server certificate activation date OK >> *certificate public key: RSA >> *certificate version: #3 >> *subject: CN=cas.example.com >> *start date: Wed, 03 Apr 2019 09:32:48 GMT >> *expire date: Tue, 02 Jul 2019 09:32:48 GMT >> *issuer: C=US,O=XXX,CN=XX >> *compression: NULL >> * ALPN, server did not agree to a protocol >> > GET /cas/status/discovery HTTP/1.1 >> > Host: cas.example.com:8443 >> > User-Agent: curl/7.47.0 >> > Accept: */* >> > >> < HTTP/1.1 302 >> < Cache-Control: no-cache, no-store, max-age=0, must-revalidate >> < Pragma: no-cache >> < Expires: 0 >> < Strict-Transport-Security: max-age=15768000 ; includeSubDomains >> < X-Content-Type-Options: nosniff >> < X-Frame-Options: DENY >> < X-XSS-Protection: 1; mode=block >> < Set-Cookie: JSESSIONID=AECBB7BF899FAFB0B707CE228ECC19EC; Path=/cas; >> Secure; HttpOnly >> < Location: >> https://cas.example.com:8443/cas/login?service=https%3A%2F%2Fcas.example.com%3A8443%2Fcas%2Fstatus%2Fdiscovery >> < Transfer-Encoding: chunked >> < Date: Tue, 09 Apr 2019 23:34:01 GMT >> < >> * Connection #0 to host cas.example.com left intact >> >> Can anyone help please? > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cas-user+unsubscr...@apereo.org. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/6865637d5002e54d38c2e2e619ff06ec63e45f0a.camel%40uvic.ca. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/C1E5AECD-202E-4422-9637-76BC09FBC661%40gmail.com.
[cas-user] Re: Help CAS Management Error (CAS Server returned 502 status code from endpoint https://cas.example.com/cas/status/discovery. Using default FormData values)
cas-management.log 2019-04-10 06:01:07,068 INFO [org.apereo.cas.mgmt.web.CasManagementWebApplicationServletInitializer] - The following profiles are active: standalone 2019-04-10 06:01:12,235 DEBUG [org.apereo.cas.config.CasCoreUtilSerializationConfiguration] - Configuring component serialization plan [CasCoreUtilSerializationConfiguration] 2019-04-10 06:01:12,932 DEBUG [org.apereo.cas.mgmt.config.CasManagementAuthenticationConfiguration] - Configuring an authentication strategy based on CAS running at [https://cas.example.com] 2019-04-10 06:01:12,948 INFO [org.apereo.cas.mgmt.config.CasManagementAuthenticationConfiguration] - Configuring an authentication strategy based on authorized IP addresses matching [.+] *2019-04-10 06:02:18,992 INFO [org.apereo.cas.mgmt.services.web.factory.FormDataFactory] - CAS Server returned 502 status code from endpoint https://cas.example.com/cas/status/discovery. Using default FormData values.* 2019-04-10 06:02:21,825 DEBUG [org.apereo.cas.config.CasCoreServicesConfiguration] - Configuring service registry [JpaServiceRegistryConfiguration] 2019-04-10 06:02:21,859 DEBUG [org.apereo.cas.services.DefaultServiceRegistryExecutionPlan] - Registering service registry [JpaServiceRegistry] into the execution plan 2019-04-10 06:02:21,819 DEBUG [org.apereo.cas.services.AbstractServicesManager] - Registering service registry [JpaServiceRegistry] into the execution planorg.apereo.cas.services.ChainingServiceRegistry@49652d83] 2019-04-10 06:02:22,209 DEBUG [org.apereo.cas.services.AbstractServicesManager] - Adding registered service [^https:\/\/ekinerja.tasikmalayakab.go.id(|:8443)(\\z|\/.*)] 2019-04-10 06:02:22,209 DEBUG [org.apereo.cas.services.AbstractServicesManager] - Adding registered service [^https:\/\/elakip.tasikmalayakab.go.id(|:8443)(\\z|\/.*)] 2019-04-10 06:02:22,209 DEBUG [org.apereo.cas.services.AbstractServicesManager] - Adding registered service [^https:\/\/hibah.tasikmalayakab.go.id(|:8443)(\\z|\/.*)] 2019-04-10 06:02:22,209 DEBUG [org.apereo.cas.services.AbstractServicesManager] - Adding registered service [^https:\/\/korelasi.tasikmalayakab.go.id(|:8443)(\\z|\/.*)] 2019-04-10 06:02:22,209 DEBUG [org.apereo.cas.services.AbstractServicesManager] - Adding registered service [^https:\/\/cas.example.com(|:8443)\/cas-management(|\\z|\/.*)] 2019-04-10 06:02:22,209 DEBUG [org.apereo.cas.services.AbstractServicesManager] - Adding registered service [^https:\/\/cas.example.com(|:8443)\/cas\/status(|\\z|\/.*)] 2019-04-10 06:02:22,209 DEBUG [org.apereo.cas.services.AbstractServicesManager] - Adding registered service [^https:\/\/localhost:8443(\\z|\/.*)] 2019-04-10 06:02:22,209 DEBUG [org.apereo.cas.services.AbstractServicesManager] - Adding registered service [^https:\/\/local.asiagroup.co.id:8443(\\z|\/.*)] 2019-04-10 06:02:22,215 INFO [org.apereo.cas.services.AbstractServicesManager] - Loaded [8] service(s) from [JpaServiceRegistry]. 2019-04-10 06:02:22,291 DEBUG [org.apereo.cas.util.io.PathWatcherService] - Created service registry watcher for events of type [ENTRY_CREATE] 2019-04-10 06:02:22,351 INFO [org.apereo.cas.mgmt.DefaultCasManagementEventListener] - 2019-04-10 06:02:22,354 INFO [org.apereo.cas.mgmt.DefaultCasManagementEventListener] - _ _ __ __ | _ \ | |/ \| _ \ \ \ / / | |_) | | _| / _ \ | | | | \ V / | _ < | |___ / ___ \ | |_| | | | |_| \_\ |_| /_/ \_\ |/|_| -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/9ee91026-07c8-4296-aae6-114d6d9cf411%40apereo.org.
Re: [cas-user] Re: Help CAS Management Error (CAS Server returned 502 status code from endpoint https://cas.example.com/cas/status/discovery. Using default FormData values)
Thanks Julien for your reply.
It looks like it's a static attribute. I once configured:
> ... principalAttributeList = uid, displayName, phoneNumber, emailAddress
Then I added the homeAddress attribute to database, the homeAddress attribute
is not registering (configured) to principalAttributeList, so that the option
in the CAS Management dropdown (Return Allowed Attributes) does not shown.
Note: I use JDBC in Multi-Row mode. So the CAS administrator can add attributes
to the database.
After you configure it, can you choose the attribute list in CAS Management
(the Attribute Release Policy, Return Allowed tab)?
How do you make principalAttributeList based on JDBC Multi-Row?
Thanks
Sent from my iPhone
> On 11 Apr 2019, at 15.53, Julien Gribonvald
> wrote:
>
> Hi,
>
> I have yesterday the same problem on a delegated auth and I needed to watch
> on cas properties (as it's not listed).
>
> On my case users can come from several auth systems, one is local from my
> LDAP, but users can use a delegated auth. So in my conf I have the basic auth
> from my local LDAP defined with cas.authn.ldap[0]. and as example
> for a delegated auth from a shibboleth IDP I defined
> cas.authn.pac4j.saml[0].
>
> But in the case of a delegated auth I need to chain this auth with a local
> LDAP request to obtain user's attributes and so I need to define such
> properties: cas.authn.attributeRepository.ldap[0].
>
> But this doesn't permit to merge users attributes from my local LDAP, and
> after search I've found this property that permit to share all attributes
> retrieved :
> cas.authn.attributeRepository.defaultAttributesToRelease=${cas.authn.ldap[0].principalAttributeList}
> where cas.authn.ldap[0].principalAttributeList is my default local LDAP auth
> user attributes list, and so I have the same list.
>
> Hope this will help you !
>
> Now on my case, as I have several delegated system, I'm looking for if it's
> possible to set something that tell to use one specific attributeRepository
> associated to a specific delegated auth (due to the LDAP filter won't be the
> same) instead of chaining all attributeRepository.
>
> Thanks
>
> Julien
>
>
>
>> Le 11/04/2019 à 02:58, Fahmi L. Ramdhani a écrit :
>> CAS Management can't retrieve the list of attributes available on CAS Server?
>>
>> I have added configuration to management.properties, but it didn't work. CAS
>> Management only contains the default attributes (uid, eppn, givenName).
>>
>> I have tried adding the STUB configuration, unfortunately it is static.
>>
>>> ... attributeRepository.stub.attributes.uid = uid
>>> .
>>
>> I hope CAS Management can take available attributes based on the CAS Server
>> configuration.
>>
>> Can anyone give me a suggestion for what i want?
>>
>> Sent from my iPhone
>>
>> On 10 Apr 2019, at 23.03, Ray Bon wrote:
>>
>>> Fahmi,
>>>
>>> Our management server is too old to have this feature.
>>> Start here,
>>> https://apereo.github.io/cas/5.3.x/integration/Attribute-Release.html
>>> You probably have to add properties to management service properties file.
>>>
>>> Ray
>>>
>>>> On Tue, 2019-04-09 at 17:57 -0700, Fahmi L. Ramdhani wrote:
>>>> Thank you for the quick reply.
>>>>
>>>> First I accessed via the browser
>>>> https://cas.example.com/cas/status/discovery, then CAS directed to login.
>>>> After successfully logging in, the results are like this:
>>>> {
>>>> "@class": "java.util.LinkedHashMap",
>>>> "profile": {
>>>> "@class": "org.apereo.cas.discovery.CasServerProfile",
>>>> "registeredServiceTypes": {
>>>> "@class": "java.util.HashMap",
>>>> "CAS Client": "org.apereo.cas.services.RegexRegisteredService"
>>>> },
>>>> "registeredServiceTypesSupported": {
>>>> "@class": "java.util.HashMap",
>>>> "SAML2 Service Provider":
>>>> "org.apereo.cas.support.saml.services.SamlRegisteredService",
>>>> "WS Federation Relying Party":
>>>> "org.apereo.cas.ws.idp.services.WSFederationRegisteredService",
>>>> "OpenID Connect Relying Party":
>>>> "org.apereo.cas.services.OidcRegisteredService",
>>>> "OAuth2 Clie
[cas-user] Re: Help CAS Management Error (CAS Server returned 502 status code from endpoint https://cas.example.com/cas/status/discovery. Using default FormData values)
*cas-management.log* 2019-04-10 06:01:07,068 INFO [org.apereo.cas.mgmt.web. CasManagementWebApplicationServletInitializer] - The following profiles are active: standalone 2019-04-10 06:01:12,235 DEBUG [org.apereo.cas.config. CasCoreUtilSerializationConfiguration] - Configuring component serialization plan [CasCoreUtilSerializationConfiguration] 2019-04-10 06:01:12,932 DEBUG [org.apereo.cas.mgmt.config. CasManagementAuthenticationConfiguration] - Configuring an authentication strategy based on CAS running at [https://cas.example.com] 2019-04-10 06:01:12,948 INFO [org.apereo.cas.mgmt.config. CasManagementAuthenticationConfiguration] - Configuring an authentication strategy based on authorized IP addresses matching [.+] *2019-04-10 06:02:18,992 INFO [org.apereo.cas.mgmt.services.web.factory.FormDataFactory] - CAS Server returned 502 status code from endpoint https://cas.example.com/cas/status/discovery. Using default FormData values.* 2019-04-10 06:02:21,825 DEBUG [org.apereo.cas.config. CasCoreServicesConfiguration] - Configuring service registry [ JpaServiceRegistryConfiguration] 2019-04-10 06:02:21,859 DEBUG [org.apereo.cas.services. DefaultServiceRegistryExecutionPlan] - Registering service registry [ JpaServiceRegistry] into the execution plan 2019-04-10 06:02:21,819 DEBUG [org.apereo.cas.services. AbstractServicesManager] - Registering service registry [JpaServiceRegistry] into the execution planorg.apereo.cas.services. ChainingServiceRegistry@49652d83] 2019-04-10 06:02:22,209 DEBUG [org.apereo.cas.services. AbstractServicesManager] - Adding registered service [^https:\/\/ekinerja. example.com(|:8443)(\\z|\/.*)] 2019-04-10 06:02:22,209 DEBUG [org.apereo.cas.services. AbstractServicesManager] - Adding registered service [^https:\/\/elakip. example.com(|:8443)(\\z|\/.*)] 2019-04-10 06:02:22,209 DEBUG [org.apereo.cas.services. AbstractServicesManager] - Adding registered service [^https:\/\/hibah. example.com(|:8443)(\\z|\/.*)] 2019-04-10 06:02:22,209 DEBUG [org.apereo.cas.services. AbstractServicesManager] - Adding registered service [^https:\/\/korelasi. example.com(|:8443)(\\z|\/.*)] 2019-04-10 06:02:22,209 DEBUG [org.apereo.cas.services. AbstractServicesManager] - Adding registered service [^https:\/\/cas.example .com(|:8443)\/cas-management(|\\z|\/.*)] 2019-04-10 06:02:22,209 DEBUG [org.apereo.cas.services. AbstractServicesManager] - Adding registered service [^https:\/\/cas.example .com(|:8443)\/cas\/status(|\\z|\/.*)] 2019-04-10 06:02:22,209 DEBUG [org.apereo.cas.services. AbstractServicesManager] - Adding registered service [^https:\/\/localhost: 8443(\\z|\/.*)] 2019-04-10 06:02:22,209 DEBUG [org.apereo.cas.services. AbstractServicesManager] - Adding registered service [^https:\/\/local. example.com:8443(\\z|\/.*)] 2019-04-10 06:02:22,215 INFO [org.apereo.cas.services. AbstractServicesManager] - Loaded [8] service(s) from [JpaServiceRegistry]. 2019-04-10 06:02:22,291 DEBUG [org.apereo.cas.util.io.PathWatcherService] - Created service registry watcher for events of type [ENTRY_CREATE] 2019-04-10 06:02:22,351 INFO [org.apereo.cas.mgmt. DefaultCasManagementEventListener] - 2019-04-10 06:02:22,354 INFO [org.apereo.cas.mgmt. DefaultCasManagementEventListener] - _ _ __ __ | _ \ | |/ \| _ \ \ \ / / | |_) | | _| / _ \ | | | | \ V / | _ < | |___ / ___ \ | |_| | | | |_| \_\ |_| /_/ \_\ |/|_| -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/9f46aab1-d1a0-4909-b6e7-7b827ce6c23b%40apereo.org.
[cas-user] Re: Help CAS Management Error (CAS Server returned 502 status code from endpoint https://cas.example.com/cas/status/discovery. Using default FormData values)
Anyone help please? -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/bc58a852-c472-48c2-92fc-5dd1fe126e23%40apereo.org.
