[cas-user] CAS 5.0.2 and customized theme
Hi, I am using CAS 5.0.2 and cas-maven-overlay. I am trying to create a custom theme named "ensam". In cas.properties, I added following lines in order to make my theme the default theme. cas.theme.paramName=theme cas.theme.defaultThemeName=ensam I create folder src/main/resources/templates/ensam and copied default views file in it. So that, I get src/main/resources/templates/ensam/casLoginView.html I changed this file. When I start CAS service (./build.sh run) and go to url /cas/login, I do not see my modification. In log, I got following : 2017-01-23 13:25:10,220 DEBUG [org.apereo.cas.services.web. RegisteredServiceThemeBasedViewResolver] - 2017-01-23 13:25:10,265 DEBUG [org.apereo.cas.services.web. ServiceThemeResolver] - https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/6804c6b2-c019-4a69-99d6-9c3d03881832%40apereo.org.
Re: [cas-user] Re: CAS 5.0.2 and customized theme
Hi, I tried cas.themeResolver without success. When I got the log, I didn't have my theme applied. I follow Jonathan Franzone explains, and modifying my theme file make it working. Just copying the default theme and adding a div do not work. We have to change fragments path I need now to understand how thymeleaf is working because change I made are not applyed as wanted. Cdly, Le vendredi 27 janvier 2017 18:17:39 UTC+1, HURTEVENT VINCENT a écrit : > > Hi, > > It seems that your cas.properties « cas.theme.defaultThemeName=ensam » > is not applied. > > I didn’t try the 5.0.x version yet, and the documentation says > cas.theme.deaultThemeName, but did you try the 4.x way with > : cas.themeResolver.defaultThemeName ? > > When you try to login into the service found as said in your log > > 2017-01-23 13:25:10,265 DEBUG [org.apereo.cas.services.web. >> ServiceThemeResolver] - > .] >> > > Do you get your ENSAM theme ? > > > > > > Le 27 janv. 2017 à 17:38, Jonathan Franzone <jonathan...@gmail.com > > a écrit : > > I'm trying to resolve this exact issue myself. If anyone has the answer or > finds it, can they please post for all? Thanks! > > On Monday, January 23, 2017 at 7:18:17 AM UTC-6, Matthieu Marc wrote: >> >> Hi, >> >> I am using CAS 5.0.2 and cas-maven-overlay. >> >> I am trying to create a custom theme named "ensam". >> >> In cas.properties, I added following lines in order to make my theme the >> default theme. >> >> cas.theme.paramName=theme >> cas.theme.defaultThemeName=ensam >> >> >> I create folder src/main/resources/templates/ensam and copied default >> views file in it. So that, I >> get src/main/resources/templates/ensam/casLoginView.html >> >> I changed this file. >> >> When I start CAS service (./build.sh run) and go to url /cas/login, I do >> not see my modification. >> >> In log, I got following : >> >> 2017-01-23 13:25:10,220 DEBUG [org.apereo.cas.services.web. >> RegisteredServiceThemeBasedViewResolver] - > > >> 2017-01-23 13:25:10,265 DEBUG [org.apereo.cas.services.web. >> ServiceThemeResolver] - > .] >> >> In my cas-overlay-template directory, I can find the file in theses >> places : >> >> find ./ -name casLoginView.html >> ./src/main/resources/templates/ensam/casLoginView.html [my original file] >> ./target/war/work/org.apereo.cas/cas-server-webapp/WEB-INF/classes/ >> templates/casLoginView.html [file without my changed] >> ./target/cas/WEB-INF/classes/templates/casLoginView.html [file from maven >> dependencies - without my changed] >> ./target/cas/WEB-INF/classes/templates/ensam/casLoginView.html [my file >> with changes] >> ./target/classes/templates/ensam/casLoginView.html [my file with changes] >> >> What I missed to make my theme working ? >> >> Thanks >> > > -- > - CAS gitter chatroom: https://gitter.im/apereo/cas > - CAS mailing list guidelines: > https://apereo.github.io/cas/Mailing-Lists.html > - CAS documentation website: https://apereo.github.io/cas > - CAS project website: https://github.com/apereo/cas > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cas-user+u...@apereo.org . > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/69640534-e1c9-4ea3-9e6f-7d9138f4b1d9%40apereo.org > > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/69640534-e1c9-4ea3-9e6f-7d9138f4b1d9%40apereo.org?utm_medium=email_source=footer> > . > > > -- > - CAS gitter chatroom: https://gitter.im/apereo/cas > - CAS mailing list guidelines: > https://apereo.github.io/cas/Mailing-Lists.html > - CAS documentation website: https://apereo.github.io/cas > - CAS project website: https://github.com/apereo/cas > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cas-user+u...@apereo.org . > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/E9A27987-9D1A-455B-B63D-BDBD5B8C4245%40univ-lyon1.fr > > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/E9A27987-9D1A-455B-B63D-BDBD5B8C4245%40univ-lyon1.fr?utm_medium=email_source=footer> > . > -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/f2313561-b41a-4f35-81c1-60a9e33e2aa4%40googlegroups.com.
[cas-user] Re: Error creating SamlRegisteredService_AttributeNameFormats Table
I had the same problem. The problem was the key column used a reserved keyword (key). But, according to https://stackoverflow.com/questions/2889871/how-do-i-escape-reserved-words-used-as-column-names-mysql-create-table (martin smith answer), it is possible to used reserved keyword for column name with back tick escaping. So using this configuration, it is working : cas.serviceRegistry.jpa.properties.hibernate.globally_quoted_identifiers= true It will configure the hibernate property globally_quoted_identifiers which will quoted all identifiers in the sql query (https://docs.jboss.org/hibernate/orm/5.2/userguide/html_single/appendices/Configurations.html#_quoting_options) create table `SamlRegisteredService_AttributeNameFormats` ( `SamlRegisteredService_id` bigint not null, `value` varchar(255), `key` varchar(255) not null, primary key (`SamlRegisteredService_id`, `key`) ) engine=InnoDB Le lundi 31 juillet 2017 22:58:45 UTC+2, maxwell_g a écrit : > > We are upgrading from 5.0.1 to 5.1.2 and receive an error when the > database is initialized. The following is set within the > management.properties to perform the initialization: > > > > cas.serviceRegistry.jpa.ddlAuto=create > > cas.serviceRegistry.initFromJson=true > > We are using mssql-jdbc version 6.2.0.jre8 and get the following error: > > > > Hibernate: create table SamlRegisteredService_AttributeNameFormats > (SamlRegisteredService_id bigint not null, value varchar(255), key > varchar(255) not null, primary key (SamlRegisteredService_id, key)) > > 2017-07-31 14:28:51,031 WARN > [org.hibernate.tool.schema.internal.ExceptionHandlerLoggedImpl] - > DDL via JDBC Statement> > > org.hibernate.tool.schema.spi.CommandAcceptanceException: Error executing > DDL via JDBC Statement > > > > Is SamlRegisteredService_AttributeNameFormats a new table? > > Is this table required? > > > > Thanks for any insight into this!! > > > > Thanks Gary > > > > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/02bd9844-ebbf-464e-9809-a9e5b94475e0%40apereo.org.
[cas-user] JPA Service Registry and MySQL (or Mariadb)
I was trying to make Service registry work with mysql (or mariadb). I am using CAS version 5.2.1. I had 2 problems : *Problem 1 *: Specified key was too long; max key length is 767 bytes when creating table RegisteredServiceImpl_Props *Solution* : use mysql 5.7 (need to be verified) or mariadb 10.2.2 *Problem 2* : table SamlRegisteredService_AttributeNameFormats is using a reserved keyword as column name : key. *Solution* : use this configuration to tell hibernate to quote identifiers cas.serviceRegistry.jpa.properties.hibernate.globally_quoted_identifiers= true I think the two solutions need to appear in documentation but don't know exactly where. Maybee in Installation > JPA Service Registry or in Installation > Service Management ? -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/9585088b-8494-41e4-81a1-9d2da37b47cf%40apereo.org.
[cas-user] CAS 6.1.6 and taskExecutor not found
Hello,
I am running CAS 6.1.6 (https://gitlab.ensam.eu/auth/cas-server.git branch
6.1) from gradle overlays with those dependencies :
dependencies {
compile "org.apereo.cas:cas-server-webapp-tomcat:${casServerVersion}"
compile "org.apereo.cas:cas-server-support-ldap:${casServerVersion}"
compile
"org.apereo.cas:cas-server-support-json-service-registry:${casServerVersion}"
compile
"org.apereo.cas:cas-server-support-memcached-ticket-registry:${casServerVersion}"
compile
"org.apereo.cas:cas-server-support-memcached-spy:${project.'cas.version'}"
compile
"org.apereo.cas:cas-server-support-audit-jdbc:${casServerVersion}"
compile
"org.apereo.cas:cas-server-support-jdbc-drivers:${casServerVersion}"
compile
"org.apereo.cas:cas-server-support-person-directory:${casServerVersion}"
compile
"org.apereo.cas:cas-server-core-events-configuration:${casServerVersion}"
}
I put my configuration in /etc/cas/config as expected, with all log4j level
to debug.
I build the archive and run it : java -jar build/libs/cas.war
Just after the "READY" message, I got this error :
2020-05-04 16:10:44,499 INFO [org.apereo.cas.web.CasWebApplication] -
2020-05-04 16:10:44,502 DEBUG
[org.springframework.scheduling.annotation.AnnotationAsyncExecutionInterceptor]
-
org.springframework.beans.factory.NoUniqueBeanDefinitionException: No
qualifying bean of type 'org.springframework.core.task.TaskExecutor'
available: expected single matching bean but found 2:
applicationTaskExecutor,taskScheduler
at
org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveNamedBean(DefaultListableBeanFactory.java:1180)
~[spring-beans-5.2.0.RELEASE.jar!/:5.2.0.RELEASE]
at
org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveBean(DefaultListableBeanFactory.java:416)
~[spring-beans-5.2.0.RELEASE.jar!/:5.2.0.RELEASE]
at
org.springframework.beans.factory.support.DefaultListableBeanFactory.getBean(DefaultListableBeanFactory.java:349)
~[spring-beans-5.2.0.RELEASE.jar!/:5.2.0.RELEASE]
at
org.springframework.beans.factory.support.DefaultListableBeanFactory.getBean(DefaultListableBeanFactory.java:342)
~[spring-beans-5.2.0.RELEASE.jar!/:5.2.0.RELEASE]
at
org.springframework.aop.interceptor.AsyncExecutionAspectSupport.getDefaultExecutor(AsyncExecutionAspectSupport.java:233)
~[spring-aop-5.2.0.RELEASE.jar!/:5.2.0.RELEASE]
at
org.springframework.aop.interceptor.AsyncExecutionInterceptor.getDefaultExecutor(AsyncExecutionInterceptor.java:157)
~[spring-aop-5.2.0.RELEASE.jar!/:5.2.0.RELEASE]
at
org.springframework.aop.interceptor.AsyncExecutionAspectSupport.lambda$configure$2(AsyncExecutionAspectSupport.java:119)
~[spring-aop-5.2.0.RELEASE.jar!/:5.2.0.RELEASE]
at
org.springframework.util.function.SingletonSupplier.get(SingletonSupplier.java:100)
~[spring-core-5.2.0.RELEASE.jar!/:5.2.0.RELEASE]
at
org.springframework.aop.interceptor.AsyncExecutionAspectSupport.determineAsyncExecutor(AsyncExecutionAspectSupport.java:172)
~[spring-aop-5.2.0.RELEASE.jar!/:5.2.0.RELEASE]
at
org.springframework.aop.interceptor.AsyncExecutionInterceptor.invoke(AsyncExecutionInterceptor.java:107)
~[spring-aop-5.2.0.RELEASE.jar!/:5.2.0.RELEASE]
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
~[spring-aop-5.2.0.RELEASE.jar!/:5.2.0.RELEASE]
at
org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:747)
~[spring-aop-5.2.0.RELEASE.jar!/:5.2.0.RELEASE]
at
org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:689)
~[spring-aop-5.2.0.RELEASE.jar!/:5.2.0.RELEASE]
at
org.apereo.cas.config.CasCoreServicesConfiguration$$EnhancerBySpringCGLIB$$e6407d0b.refreshServicesManagerWhenReady()
~[cas-server-core-services-6.1.6.jar!/:6.1.6]
I don't know what to do to resolve this problem. I don't know if it is
really a problem, but since I ran 6.1 version, when modifying configuration
in applications.properties, the configuration is not reloaded automaticaly
(it does so on my 5.2.9 version).
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/74dca098-afae-4950-b5c3-a1ef9b78bf77%40apereo.org.
Re: [cas-user] CAS 6.1.6 and SAML service registry
I've already activated all logger to debug level and in my log I can see my
service definition :
[org.apereo.cas.services.
AbstractServicesManager] - http://saml.localhost/demo1/metadata.php] with name [saml] and internal
identifier [2000]>
Is this mean my service is loaded and accepted ?
Le mardi 5 mai 2020 17:20:05 UTC+2, rbon a écrit :
>
> Marc,
>
> This looks like the service is not being read/loaded.
> Check which services are loaded.
>
> name="org.apereo.cas.services.AbstractServicesManager" level="debug" />
>
> Ray
>
> On Tue, 2020-05-05 at 04:27 -0700, Matthieu Marc wrote:
>
> Notice: This message was sent from outside the University of Victoria
> email system. Please be cautious with links and sensitive information.
>
> Hello,
>
> I am using CAS 6.1.6 and I am trying to configure CAS as SAML2 IDP.
>
> I included compile
> "org.apereo.cas:cas-server-support-saml-idp:${casServerVersion}" in
> build.gradle.
>
> I am able to retrieve metadata information :
> https://cas.localhost/cas/idp/metadata
>
> To test, I installed php-saml demo1 script from
> https://developers.onelogin.com/saml/php. Client URL is
> http://saml.localhost/demo1/
>
> My client settings are :
> $settingsInfo = array (
> 'sp' => array (
> 'entityId' => $spBaseUrl.'/demo1/metadata.php',
> 'assertionConsumerService' => array (
> 'url' => $spBaseUrl.'/demo1/index.php?acs',
> ),
> 'singleLogoutService' => array (
> 'url' => $spBaseUrl.'/demo1/index.php?sls',
> ),
> 'NameIDFormat' =>
> 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified',
> ),
> 'idp' => array (
> 'entityId' => 'https://cas.example.org/idp',
> 'singleSignOnService' => array (
> 'url' => '
> https://cas.localhost/cas/idp/profile/SAML2/Redirect/SSO',
> ),
> 'singleLogoutService' => array (
> 'url' => '
> https://cas.localhost/cas/idp/profile/SAML2/POST/SLO',
> ),
> 'x509cert' => 'MIIDF...==',
> ),
> );
>
> When trying to login, I get an error on CAS : service is not authorized.
>
> I installed service registry as json file :
>
> {
> "@class" : "org.apereo.cas.support.saml.services.SamlRegisteredService",
> "serviceId" : "http://saml.localhost/demo1/metadata.php;,
> "name" : "saml",
> "id" : 2000,
> "evaluationOrder" : 10,
> "metadataLocation" : "http://saml.localhost/demo1/metadata.php;,
> "accessStrategy" : {
> "@class" :
> "org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy",
> "enabled" : true,
> "ssoEnabled" : true
> }
> }
>
> In CAS log, I can see :
>
> [org.apereo.cas.services.AbstractServicesManager] - service [http://saml.localhost/demo1/metadata.php] with name [saml] and
> internal identifier [2000]>
> [org.apereo.cas.support.saml.web.idp.profile.AbstractSamlProfileHandlerController]
>
> - [AbstractWebApplicationService(id=http://saml.localhost/demo1/metadata.php,
> originalUrl=http://saml.localhost/demo1/metadata.php, artifactId=null,
> principal=null, source=null, loggedOutAlready=false, format=XML,
> attributes={})]>
> [org.apereo.cas.support.saml.web.idp.profile.AbstractSamlProfileHandlerController]
>
> - <[http://saml.localhost/demo1/metadata.php] is not found in the
> registry or service access is denied. Ensure service is registered in
> service registry>
>
> Where is my error ? I tried to configure serviceId with regex, without
> success.
>
> Can someone help ? Thanks
>
>
> --
>
> Ray Bon
> Programmer Analyst
> Development Services, University Systems
> 2507218831 | CLE 019 | rb...@uvic.ca
>
> I respectfully acknowledge that my place of work is located within the
> ancestral, traditional and unceded territory of the Songhees, Esquimalt and
> WSÁNEĆ Nations.
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/418a4a5b-b8d5-4ca7-b423-eddfe2ce0c16%40apereo.org.
Re: [cas-user] CAS Setup( gradle overlay method): Ubuntu 20.04 + CAS 6.2 + LDAP - Need proper instructions.
After having build your instance with gradle, you will find in build/overlays/bootWar/cas/WEB-INF/lib all jar files used by your instance. I am using tomcat embedded implementation, maybee jar are in another place. You will find this jar file cas-server-webapp-resources-6.1.5.jar (or another version). This archive can be unzipped and you will find in it all the css/js/html/template... files you need. If you do not find the jar file, check in your /opt/tomcat/webapps/cas/WEB-INF/lib/ directory. To override file in this jar file, put your version in src/main/resources with the same directory structure you find in the jar file (for example, if you want to override the file static/js/cas.js, put your version in src/main/resources/static/js/cas.js). Matthieu Le samedi 16 mai 2020 03:37:55 UTC+2, Root a écrit : > > @rbon, > > Thanks for the link, i was just going through the link, and as specified > here > https://apereo.github.io/cas/6.1.x/ux/User-Interface-Customization-CSSJS.html > > I was trying to find cas.css and other js files, but i couldn't find it in > the build src directory, instead i found 2 dirs as below. > > root@it:/*home/it/cas-overlay-template/src/main#* ll > total 16K > drwxr-xr-x 4 root root 4.0K May 14 06:03 ./ > drwxr-xr-x 3 root root 4.0K May 14 06:03 ../ > drwxr-xr-x 3 root root 4.0K May 14 06:03 jib/ > drwxr-xr-x 3 root root 4.0K May 14 06:03 webapp/ > > I found a resource directory in diff path but there were no mentioned > files as below > > root@it:*/home/it/cas-overlay-template/build/resources/main*# ll > total 12K > drwxr-xr-x 3 root root 4.0K May 15 06:59 ./ > drwxr-xr-x 3 root root 4.0K May 15 06:59 ../ > drwxr-xr-x 2 root root 4.0K May 15 06:59 META-INF/ > root@it:/home/it/cas-overlay-template/build/resources/main# cd META-INF/ > > root@it:/home/it/cas-overlay-template/build/resources/main/META-INF# ll > total 12K > drwxr-xr-x 2 root root 4.0K May 15 06:59 ./ > drwxr-xr-x 3 root root 4.0K May 15 06:59 ../ > -rw-r--r-- 1 root root 128 May 15 06:59 build-info.properties > root@it:/home/it/cas-overlay-template/build/resources/main/META-INF# > > Do i need to copy it from somewhere else?, because gradlew build didn't > gave me these files!, and its not there even in tomcat webapps dir as below. > > root@it:/opt/tomcat/webapps/cas/WEB-INF/classes# ll > total 20K > drwxr-x--- 4 tomcat tomcat 4.0K May 15 15:03 ./ > drwxr-x--- 4 tomcat tomcat 4.0K May 15 09:05 ../ > -rw-r- 1 tomcat tomcat 205 May 15 06:59 cas-readme.txt > drwxr-x--- 2 tomcat tomcat 4.0K May 15 09:05 META-INF/ > drwxr-x--- 3 tomcat tomcat 4.0K May 15 09:05 org/ > > > > > > On Friday, May 15, 2020 at 11:07:43 PM UTC+5:30, rbon wrote: >> >> For UI customization, see >> https://apereo.github.io/cas/6.1.x/ux/User-Interface-Customization.html >> >> This default service will allow all applications, >> https://github.com/apereo/cas/tree/master/webapp/cas-server-webapp-resources, >> >> drill down to services directory. It is already included, so all you need >> to do is set up your client apps. >> >> The default service does not support proxying. Unless you add proxying to >> the default service (and consequently every service), you will need to have >> more than one service defined. >> >> Ray >> >> On Fri, 2020-05-15 at 09:09 -0700, Root wrote: >> >> Notice: This message was sent from outside the University of Victoria >> email system. Please be cautious with links and sensitive information. >> >> Hey Kink, >> >> Thanks i copied the files manually to /etc/cas/config/ and after few >> trials with variables in cas.properties I was able to authenticate via LDAP >> in CAS web. >> >> Next thing I have to change page texts, images and layout, you have any >> idea which files i have to copy and to where?. >> >> I have one question. is it necessary to have /etc/cas/services folder? >> for authentication of websites?, I just want CAS to be free and >> authenticate to any websites requests. >> >> Still i have to do many tests like doing reverse proxy with CAS, changing >> login and logout pages etc.. and dono whether this supports "google >> recaptcha"!. >> >> >> >> >> >> >> On Thursday, May 14, 2020 at 7:34:10 PM UTC+5:30, Kink wrote: >> >> CAS can take its properties in so many ways this is flexible and insane >> at the same time. >> >> https://apereo.github.io/cas/development/configuration/Configuration-Properties.html >> >> I have personally chosen the Directory approach and more specifically >> with /etc/cas/... >> It makes it independent from the WAR (settings in one place, application >> in the other), and the service settings, which I defined with json, are >> loadable on the fly as CAS detects changes! >> >> So yes, copy the files manually and modify them according to your needs! >> >> >> >> On Thu, May 14, 2020 at 3:55 PM Root wrote: >> >> Hi Kink, >> >> Thanks for the reply. >> >> Strange!, for me the application.properties , messages and all html files >> are in this path
[cas-user] Re: CAS 6.1.6 and SAML service registry
I configured my 5.2.9 cas instance acting as SAML IDP the same way.
I declared the service with the same json file and I got no problem
connecting, the service (SP) is authorized.
Matthieu
Le mardi 5 mai 2020 13:27:10 UTC+2, Matthieu Marc a écrit :
>
> Hello,
>
> I am using CAS 6.1.6 and I am trying to configure CAS as SAML2 IDP.
>
> I included compile
> "org.apereo.cas:cas-server-support-saml-idp:${casServerVersion}" in
> build.gradle.
>
> I am able to retrieve metadata information :
> https://cas.localhost/cas/idp/metadata
>
> To test, I installed php-saml demo1 script from
> https://developers.onelogin.com/saml/php. Client URL is
> http://saml.localhost/demo1/
>
> My client settings are :
> $settingsInfo = array (
> 'sp' => array (
> 'entityId' => $spBaseUrl.'/demo1/metadata.php',
> 'assertionConsumerService' => array (
> 'url' => $spBaseUrl.'/demo1/index.php?acs',
> ),
> 'singleLogoutService' => array (
> 'url' => $spBaseUrl.'/demo1/index.php?sls',
> ),
> 'NameIDFormat' =>
> 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified',
> ),
> 'idp' => array (
> 'entityId' => 'https://cas.example.org/idp',
> 'singleSignOnService' => array (
> 'url' => '
> https://cas.localhost/cas/idp/profile/SAML2/Redirect/SSO',
> ),
> 'singleLogoutService' => array (
> 'url' => '
> https://cas.localhost/cas/idp/profile/SAML2/POST/SLO',
> ),
> 'x509cert' => 'MIIDF...==',
> ),
> );
>
> When trying to login, I get an error on CAS : service is not authorized.
>
> I installed service registry as json file :
>
> {
> "@class" : "org.apereo.cas.support.saml.services.SamlRegisteredService",
> "serviceId" : "http://saml.localhost/demo1/metadata.php;,
> "name" : "saml",
> "id" : 2000,
> "evaluationOrder" : 10,
> "metadataLocation" : "http://saml.localhost/demo1/metadata.php;,
> "accessStrategy" : {
> "@class" :
> "org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy",
> "enabled" : true,
> "ssoEnabled" : true
> }
> }
>
> In CAS log, I can see :
>
> [org.apereo.cas.services.AbstractServicesManager] - service [http://saml.localhost/demo1/metadata.php] with name [saml] and
> internal identifier [2000]>
> [org.apereo.cas.support.saml.web.idp.profile.AbstractSamlProfileHandlerController]
>
> - [AbstractWebApplicationService(id=http://saml.localhost/demo1/metadata.php,
> originalUrl=http://saml.localhost/demo1/metadata.php, artifactId=null,
> principal=null, source=null, loggedOutAlready=false, format=XML,
> attributes={})]>
> [org.apereo.cas.support.saml.web.idp.profile.AbstractSamlProfileHandlerController]
>
> - <[http://saml.localhost/demo1/metadata.php] is not found in the
> registry or service access is denied. Ensure service is registered in
> service registry>
>
> Where is my error ? I tried to configure serviceId with regex, without
> success.
>
> Can someone help ? Thanks
>
>
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/b1cf3b60-8cc6-43f0-8286-3bdbe4009d93%40apereo.org.
[cas-user] CAS 6.1.6 and SAML service registry
Hello,
I am using CAS 6.1.6 and I am trying to configure CAS as SAML2 IDP.
I included compile
"org.apereo.cas:cas-server-support-saml-idp:${casServerVersion}" in
build.gradle.
I am able to retrieve metadata information :
https://cas.localhost/cas/idp/metadata
To test, I installed php-saml demo1 script from
https://developers.onelogin.com/saml/php. Client URL is
http://saml.localhost/demo1/
My client settings are :
$settingsInfo = array (
'sp' => array (
'entityId' => $spBaseUrl.'/demo1/metadata.php',
'assertionConsumerService' => array (
'url' => $spBaseUrl.'/demo1/index.php?acs',
),
'singleLogoutService' => array (
'url' => $spBaseUrl.'/demo1/index.php?sls',
),
'NameIDFormat' =>
'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified',
),
'idp' => array (
'entityId' => 'https://cas.example.org/idp',
'singleSignOnService' => array (
'url' =>
'https://cas.localhost/cas/idp/profile/SAML2/Redirect/SSO',
),
'singleLogoutService' => array (
'url' =>
'https://cas.localhost/cas/idp/profile/SAML2/POST/SLO',
),
'x509cert' => 'MIIDF...==',
),
);
When trying to login, I get an error on CAS : service is not authorized.
I installed service registry as json file :
{
"@class" : "org.apereo.cas.support.saml.services.SamlRegisteredService",
"serviceId" : "http://saml.localhost/demo1/metadata.php;,
"name" : "saml",
"id" : 2000,
"evaluationOrder" : 10,
"metadataLocation" : "http://saml.localhost/demo1/metadata.php;,
"accessStrategy" : {
"@class" :
"org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy",
"enabled" : true,
"ssoEnabled" : true
}
}
In CAS log, I can see :
[org.apereo.cas.services.AbstractServicesManager] - http://saml.localhost/demo1/metadata.php] with name [saml] and
internal identifier [2000]>
[org.apereo.cas.support.saml.web.idp.profile.AbstractSamlProfileHandlerController]
- http://saml.localhost/demo1/metadata.php,
originalUrl=http://saml.localhost/demo1/metadata.php, artifactId=null,
principal=null, source=null, loggedOutAlready=false, format=XML,
attributes={})]>
[org.apereo.cas.support.saml.web.idp.profile.AbstractSamlProfileHandlerController]
- <[http://saml.localhost/demo1/metadata.php] is not found in the registry
or service access is denied. Ensure service is registered in service
registry>
Where is my error ? I tried to configure serviceId with regex, without
success.
Can someone help ? Thanks
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/997ffe9d-db34-4a50-9619-608563115bf6%40apereo.org.
[cas-user] Re: CAS 6.1.6 and SAML service registry
SOLVED.
I found my problem.
I defined service for the url twice.
The first one for web application, the second one for saml application. It
found the web application first, so denied because it was not a saml
service.
For my dev, I permit all .*.localhost application to use CAS :
"@class" : "org.apereo.cas.services.RegexRegisteredService",
"serviceId" : "^http://..localhost/.;,
And for my SAML test, I permit :
@class" : "org.apereo.cas.support.saml.services.SamlRegisteredService",
"serviceId" : "http://saml.localhost/demo1/metadata.php;,
Le mardi 5 mai 2020 13:27:10 UTC+2, Matthieu Marc a écrit :
>
> Hello,
>
> I am using CAS 6.1.6 and I am trying to configure CAS as SAML2 IDP.
>
> I included compile
> "org.apereo.cas:cas-server-support-saml-idp:${casServerVersion}" in
> build.gradle.
>
> I am able to retrieve metadata information :
> https://cas.localhost/cas/idp/metadata
>
> To test, I installed php-saml demo1 script from
> https://developers.onelogin.com/saml/php. Client URL is
> http://saml.localhost/demo1/
>
> My client settings are :
> $settingsInfo = array (
> 'sp' => array (
> 'entityId' => $spBaseUrl.'/demo1/metadata.php',
> 'assertionConsumerService' => array (
> 'url' => $spBaseUrl.'/demo1/index.php?acs',
> ),
> 'singleLogoutService' => array (
> 'url' => $spBaseUrl.'/demo1/index.php?sls',
> ),
> 'NameIDFormat' =>
> 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified',
> ),
> 'idp' => array (
> 'entityId' => 'https://cas.example.org/idp',
> 'singleSignOnService' => array (
> 'url' => '
> https://cas.localhost/cas/idp/profile/SAML2/Redirect/SSO',
> ),
> 'singleLogoutService' => array (
> 'url' => '
> https://cas.localhost/cas/idp/profile/SAML2/POST/SLO',
> ),
> 'x509cert' => 'MIIDF...==',
> ),
> );
>
> When trying to login, I get an error on CAS : service is not authorized.
>
> I installed service registry as json file :
>
> {
> "@class" : "org.apereo.cas.support.saml.services.SamlRegisteredService",
> "serviceId" : "http://saml.localhost/demo1/metadata.php;,
> "name" : "saml",
> "id" : 2000,
> "evaluationOrder" : 10,
> "metadataLocation" : "http://saml.localhost/demo1/metadata.php;,
> "accessStrategy" : {
> "@class" :
> "org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy",
> "enabled" : true,
> "ssoEnabled" : true
> }
> }
>
> In CAS log, I can see :
>
> [org.apereo.cas.services.AbstractServicesManager] - service [http://saml.localhost/demo1/metadata.php] with name [saml] and
> internal identifier [2000]>
> [org.apereo.cas.support.saml.web.idp.profile.AbstractSamlProfileHandlerController]
>
> - [AbstractWebApplicationService(id=http://saml.localhost/demo1/metadata.php,
> originalUrl=http://saml.localhost/demo1/metadata.php, artifactId=null,
> principal=null, source=null, loggedOutAlready=false, format=XML,
> attributes={})]>
> [org.apereo.cas.support.saml.web.idp.profile.AbstractSamlProfileHandlerController]
>
> - <[http://saml.localhost/demo1/metadata.php] is not found in the
> registry or service access is denied. Ensure service is registered in
> service registry>
>
> Where is my error ? I tried to configure serviceId with regex, without
> success.
>
> Can someone help ? Thanks
>
>
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/23bd91e0-d52f-41e9-8747-234a300738d1%40apereo.org.
[cas-user] CAS, config server and bootstrap outside war file
Hi everyone, I am working on CAS 6.1.5 and I configured a spring configuration server for my spring-boot applications. The spring config server is working as expected for my CAS instance : I wrote the bootstrap.properties file and put it in the src/main/resources directory before building with gradlew. The war file included the file and the service is starting as expected. But, I manage my source file with git and I don't want to commit the bootstrap.properties file with content credentials used to connect to the spring config server. With my spring-boot2 application, I do not include this file in the jar file, put the file on my server in a directory called config, and launch the application with the following command : java -Dloader.path="config" -jar myapp.jar I tried to do so with CAS, but the bootstrap.properties file is not read as expected. My question is how to make it working with the bootstrap.properties file outside the jar/war file ? Or are there others options/methods to not include spring config credential in bootstrap.properties commited on the git repository ? Thanks. - - - - CAS Version: 6.1.5 CAS Branch: 6.1.x CAS Commit Id: ca6c71ae73f2418843a300165115a4c137649680 CAS Build Date/Time: 2020-02-29T00:51:20Z Spring Boot Version: 2.2.0.RELEASE Spring Version: 5.2.0.RELEASE Java Home: /usr/lib/jvm/java-11-openjdk-amd64 Java Vendor: Ubuntu Java Version: 11.0.9.1 -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CADbxa2gXq%2BtjYM4kJSpLCvgT5iN46B0a8fE%3DjrVescp5yyu9Yg%40mail.gmail.com.
Re: [cas-user] CAS, config server and bootstrap outside war file
Thank you Ray, But unfortunately, it is not working for me. When adding -Dspring.config.additional-location and/or -Dspring.cloud.config.uri, the application will not retrieve the configuration from the config server. But. I find that using this configuration : spring.cloud.bootstrap.location work as expected. My command line is : /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dspring.cloud.bootstrap.location=./config/bootstrap.yml -jar cas.war I will now be able to write a systemd file to launch the application automatically. Matthieu Le lun. 16 nov. 2020 à 21:41, Ray Bon a écrit : > Matthieu, > > In our tomcat bin directory, we have a file called setenv.sh with a couple > lines like this (among others) > > CATALINA_OPTS="$CATALINA_OPTS > -Dspring.config.additional-location=/home/uvtomcat/config/bootstrap.yml" > CATALINA_OPTS="$CATALINA_OPTS > -Dspring.cloud.config.uri=https://user:password@config.local > /casconfigserver" > export CATALINA_OPTS > > bootstrap.yml (and some other config) gets deployed by jenkins and looks > like > > spring: > cloud: > config: > username: casuser > password: Mellon > > Ray > > Note: do not hard code the username password in setenv.sh, tomcat writes > CATALINA_OPTS to log on startup. > > On Mon, 2020-11-16 at 17:09 +0100, Matthieu Marc wrote: > > Notice: This message was sent from outside the University of Victoria > email system. Please be cautious with links and sensitive information. > > Hi everyone, > > I am working on CAS 6.1.5 and I configured a spring configuration server > for my spring-boot applications. > > The spring config server is working as expected for my CAS instance : I > wrote the bootstrap.properties file and put it in the src/main/resources > directory before building with gradlew. The war file included the file and > the service is starting as expected. > > But, I manage my source file with git and I don't want to commit the > bootstrap.properties file with content credentials used to connect to the > spring config server. With my spring-boot2 application, I do not include > this file in the jar file, put the file on my server in a directory called > config, and launch the application with the following command : java > -Dloader.path="config" -jar myapp.jar > > I tried to do so with CAS, but the bootstrap.properties file is not read > as expected. > > My question is how to make it working with the bootstrap.properties file > outside the jar/war file ? Or are there others options/methods to not > include spring config credential in bootstrap.properties commited on the > git repository ? > > Thanks. > > > - - - - > > CAS Version: 6.1.5 > CAS Branch: 6.1.x > CAS Commit Id: ca6c71ae73f2418843a300165115a4c137649680 > CAS Build Date/Time: 2020-02-29T00:51:20Z > Spring Boot Version: 2.2.0.RELEASE > Spring Version: 5.2.0.RELEASE > Java Home: /usr/lib/jvm/java-11-openjdk-amd64 > Java Vendor: Ubuntu > Java Version: 11.0.9.1 > > -- > > Ray Bon > Programmer Analyst > Development Services, University Systems > 2507218831 | CLE 019 | r...@uvic.ca > > I respectfully acknowledge that my place of work is located within the > ancestral, traditional and unceded territory of the Songhees, Esquimalt and > WSÁNEĆ Nations. > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cas-user+unsubscr...@apereo.org. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/e9f4034103d8f280700bfd9a08c1e65fd4c57b24.camel%40uvic.ca > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/e9f4034103d8f280700bfd9a08c1e65fd4c57b24.camel%40uvic.ca?utm_medium=email_source=footer> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CADbxa2gJvQtFLnLZe8C8bDbkTTc-PNzYqGk9h6Nii7Nz-SwCrA%40mail.gmail.com.
