Maybe you should try to think if you can route existing AJAX to B via A back
again to B but letting the service A resolve calls in behalf of clients of A.
You can authenticate calls to B from the A back end, or if B is replicable you
could do an additonal private deployment of B not casified
However it should just work out of the box by only CASifying B to the same CAS
service protecting A because that is the whole point of SSO (e.g. Apereo CAS).
Sent from my iPhone
> On 26 Jan 2017, at 07:44, Uxío <upr...@madiva.com> wrote:
>
> Maybe you should try to think i
Tweak the '4.2.x' in the link for '4.1.x' then compare the section in both
articles. Given it is documented, is probably working.
Sent from my iPhone
> On 08 Dec 2016, at 09:46, Petr Gašparík - AMI Praha a.s.
> wrote:
>
> Martin,
> is that applicable also to CAS 4.1? Do
I guess local storage is the fastest, so generally you use the other when
needing to match some requirement, mostly easy integration with other
systems..? f.i. we have kind of a procedure for ticket creation prevention
hardwired in a CAS support module, and erasure capabilities in an external
Is the new data base being served from the same host URL and port that served
the original one?
In case not, have you checked JDBC connectivity to that target destination host
from the desired source host using another JDBC tool (not Apereo CAS) like a
CLI client (the SQL*plus like alternative
Can you post web.xml configuration? Having CAS validation filter and such..?
Sent from my iPhone
> On 05 Apr 2017, at 18:36, Scott Green wrote:
>
> We are running CAS 3.5 (old I know... working on it). It is using SQL as a
> Service Registry. I have added an
I had a bad time trying to tweak CAS 3 with postgres ticket registry to use
bytea for lobs, instead of oid, ended up using oid and assuming the included
pita and believing there is a bug relating how hibernate 4 handles ticket
removal when using postgres [oid] large objects (update/delete most
How many applications, if it is not asking too much?
Sent from my iPhone
> On 27 Jun 2017, at 19:33, Richard Frovarp wrote:
>
> You can just include your own JDBC driver dependency instead of using the
> previous version. Not having them is preferable for us as we
Coming from 3.x you are likely to have a bad time wrangling the customization
stage.
Since I started reading these mails about a year ago, I have read one gifted
person was able to self make an upgrade path from 3 to 5.
IINM most peoples rework their CAS 5 customizations from scratch and from
I might be able to give some advice, only if by a somewhat big gotcha you are
referring CAS 3.
If it is CAS 4 or 5, if it was me and I thought the docs were not enough about
it, I would file an issue requesting the capability or, if ready, enhanced
explain.
Could you just use throttling of
Fast note to tell am somewhat working in a small hack branch of CAS Server 3
core in order to enable tickets' POJOs in JPA mapping under PostgreSQL to be
stored as byteas instead of as oids (i.e. b?lobs).
Additional tags: cas-server-core, abstractticket, ticketgrantingticket,
serviceticket,
A CAS service of the 3.x line I help maintaining uses JDBC for the service
registry, not sure why or if were there any other options for it back then.
Regards,
Sent from my iPhone
> On 15 Nov 2017, at 18:15, Scott Gennari wrote:
>
>> On 11/15/2017 12:03 PM, George
Is that a suspicious population of a list with comma separated values in string
containing an implicit list instead of with an explicit list of strings? Or is
it really meant to be comma separated values in string?
Sent from my iPhone
> On 13 Dec 2017, at 10:00, Sebastien BEAUDLOT
>
If I understood correctly, you only need a very vanilla CAS deployment and you
have out of the box all those features you need.
Follow up in case of any misunderstanding.
Hope that helped. Regards,
Sent from my iPhone
> On 02 Nov 2017, at 12:24, Edward wrote:
>
>
It seems a little typo, one missing comma.
Cheers,
Sent from my iPhone
> On 20 Sep 2017, at 10:15, mceylan wrote:
>
> Hi, I am using cas 5.0.8. I am working on Openldap authentication. I get an
> invalid credentials error when I enter the username and password I created
Hi,
I've known a CAS customisation where after logging in from no particular
CASified service an attribute would be passed for a default redirect URL to
then re redirect the user to a particular default service for that particular
user (the thing is really just a little bit more complicated
Bonsoir, bienvenue á la liste.
> No one has a solution for my problem?
Probably someone has a solution for your problem. That does not
necessarily mean s/he is going to share a solution soon, even ever. Keep
working on your own while you wait for answers and feel free to answer
yourself to help
please reply how you did, me at least.
Regards y le dejo mis dies.
Uxío Prego
Madiva Soluciones
Cl / Serrano Galvache 56 E Abedul 4
28033 Madrid
917 56 84 94
www.madiva.com
The activity of email inboxes can be systematically tracked by colleagues,
business partners and third parties. Turn off
will step in 4.1 because we link an in house
support module from the webapp and the integration restlet and I am not
sure how to drop this, so the question really might be "Is anybody really
sure we should step to 4.0 before 4.1 instead of try upgrading directly to
4.1?"
Thanks, regards,
Hi, am in the process of upgrading CAS 3.4.10, mainly using the Java client
3.2.1, into 5.0.0.RC3, falling back to 4.2.6 in case PITA arises.
IINM am seeing 3.4.1 as the last version of the Java client. This means is
compatible with all CAS 3 to 5 versions right?
Thanks, regards,
--
CAS
re known to exists in this release of the software:
>
> * CAS Proxy Validation is not implemented in this version.
>
> From: Uxío Prego [mailto:upr...@madiva.com]
> Sent: Saturday, December 10, 2016 1:02 PM
> To: CAS Community
> Cc: David Lawson; Pathe Sow; Chris Cheltenham
> Subject: R
You can try to find the way of applying sticky
(https://en.wikipedia.org/wiki/Load_balancing_(computing)#Persistence) to your
casified applications' load balancer, and see if that solves, but I am afraid
you could be alone on that.
CAS itself supports being behind a load balancer since a
Are you sure the cause is a problem with libraries? Why not LDAP
misconfiguration?
2017-01-08 15:49 GMT+01:00 sravani patla :
> Hello Team,
>
> I tried to deploy CAS with LDAP server and i ended up with few
> errors.Please just check the errors. I have attached the document
We do that too, since quite a time (so not 5 though) and are mostly happy C:
with the results so far.
Regards,
> On 7 Dec 2016, at 17:59, Andrew Morgan wrote:
>
> On Wed, 7 Dec 2016, Gokhan Mansuroglu wrote:
>
>> Hi,
>>
>> I have the following scenario :
>>
>> 1. In the
I assumed your CASified application was Java-like, and meant the CASified
application web.xml.
But this can make the example. There are some and
tags. CASified Java web applications work using a web.xml file alike.
If you are using your CASified application as such, it should have several
you might be able
to upgrade your production system to CAS 5 without impacting the existing
applications that are currently integrated.
I would encourage you to give some more details about your platform
architecture.
Uxío Prego
The activity of email inboxes can be systematically tracked
Not able to help.
Make sure you already read these articles from the maintainer.
https://apereo.github.io/2016/10/04/casbootoverlay/
https://apereo.github.io/2017/02/21/cas-autocfg-strategy/
https://apereo.github.io/2017/03/28/cas5-gettingstarted-overlay/
Regards,
> On 11 Aug 2017, at 19:15,
Make sure you already read and understood these articles from the
maintainer.
https://apereo.github.io/2016/10/04/casbootoverlay/
https://apereo.github.io/2017/02/21/cas-autocfg-strategy/
https://apereo.github.io/2017/03/28/cas5-gettingstarted-overlay/
Uxío Prego
Madiva Soluciones
CL
Let us hope am wrong, but reminds me vaguely of
https://groups.google.com/a/apereo.org/d/msg/cas-user/BwnFLyc8TnY/6NjFsnIEAQAJ
Best of luck,
> On 17 Jul 2017, at 09:23, Антон Шихмат wrote:
>
> Hello everyone,
>
> On my current project we use CAS with configured custom
You should not be running Java with super user privileges, ever. Specially in
production environments.
When on Linux additional configuration is necessary to allow an operating
system level user account access to well known ports in the first 1K range.
OP likely to have had indeed the port held
Clone the git repository at GitHub/apereo/cas, then switch rev with git as `git
checkout 09ead33` as seen in
https://github.com/apereo/cas/commit/09ead33abdf5124c351ce37c147bb4457307ec7f
which as you can see is tag 'v3.4.10'.
Descend into artifact cas-server-webapp, execute (with 7>=java) `mvn
Never used hazelcast ticket registry nor 5.0.x, still those figures seem normal
to me.
If you just can't kill the curiosity, I recommend you saving a snapshot of your
Debian GNU/Linux CAS server, then installing xorg, xserver, lightdm, and a
lightweight desktop environment of your choice, and
I would reboot CAS servers nightly, if you can afford that.
Try a TGT lifetime of several hours and an ST lifetime of some minutes. But I
can't tell the rationale.
> On 16 Aug 2017, at 19:54, Uxío Prego <upr...@madiva.com> wrote:
>
> Never used hazelcast ticket registry nor 5.0
So lengthy HTTP GET URLs are anti pattern.
I guess this advice will not be useful to you, but for other people could do.
If you absolutely are to stick with those huge URLs and GET methods, and you
have access to the source code of both software ends, you can easily do by
creating an informal
Make sure
service ticket not expiring by time
, service ticket not expiring by max number of uses reached
, service ticket not expiring because ticket granting ticket is expired
(happens).
Logging out parent ticket granting ticket clears all children service tickets
that is a possible cause of
There are some or at least one configuration keys named $BLAH.jpa.ddlAuto or
$BLAH.jpa.ddl.auto that if are set to (or defaulting to) 'create-drop' might be
causing those table dropping.
> On 15 Jun 2017, at 23:32, 'Iain Workman' via CAS Community
> wrote:
>
> I am
Yeh, go google, paste there 'apereo server and client version mapping' if
you are lucky you should jump to another topic where past myself was asking
similarly. Or you hit this '
https://groups.google.com/a/apereo.org/d/topic/cas-user/mLFbdpnaipY/discussion'
link that I now am betting 5 dollah to
Did not
cas.authn.jdbc.query[0].passwordEncoder.type=com.example.CustomPasswordEncoder
(https://apereo.github.io/cas/5.1.x/installation/Configuration-Properties.html#query-database-authentication)
suit your mileage?
> On 6 Jun 2017, at 19:58, Soumya Tripathy wrote:
>
> Hi,
up any
thoughts on CAS 3 further patching.
Sorry for the noise,
> On 24 May 2017, at 18:11, Uxío <upr...@madiva.com> wrote:
>
> Fast note to tell am somewhat working in a small hack branch of CAS Server 3
> core in order to enable tickets' POJOs in JPA mapping under PostgreS
+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/e96c32d0-54b4-48de-8903-0e8ebcfed924%40apereo.org
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/e96c32d0-54b4-48de-8903-0e8ebcfed924%40apereo.org?utm_me
You have to stop using the obsolete Java 6 in the client, or explicitly
enable the insecure Diffie Helman 1024 configuration in the server.
Uxío Prego
Madiva Soluciones
CL / SERRANO GALVACHE 56
BLOQUE ABEDUL PLANTA 4
28033 MADRID
+34 917 56 84 94
www.madiva.com
www.bbva.com
The activity
Are any of these blocking your CAS 5 test/dev deployment?
Uxío Prego
Madiva Soluciones
CL / SERRANO GALVACHE 56
BLOQUE ABEDUL PLANTA 4
28033 MADRID
+34 917 56 84 94 <+34%20917%2056%2084%2094>
www.madiva.com
www.bbva.com
The activity of email inboxes can be systematically tracked by coll
with your migrations, regards,
Uxío Prego
Madiva Soluciones
CL / SERRANO GALVACHE 56
BLOQUE ABEDUL PLANTA 4
28033 MADRID
+34 917 56 84 94
www.madiva.com
www.bbva.com
The activity of email inboxes can be systematically tracked by colleagues,
business partners and third parties. Turn off automatic
Why would you want not to iterate TGTs?
Aren't you using the default ticket registry?
Uxío Prego
Madiva Soluciones
CL / SERRANO GALVACHE 56
BLOQUE ABEDUL PLANTA 4
28033 MADRID
+34 917 56 84 94
www.madiva.com
www.bbva.com
The activity of email inboxes can be systematically tracked
Is it possible the ticket doesn't exist once you try to reach it?
Uxío Prego
Madiva Soluciones
CL / SERRANO GALVACHE 56
BLOQUE ABEDUL PLANTA 4
28033 MADRID
+34 917 56 84 94
www.madiva.com
www.bbva.com
The activity of email inboxes can be systematically tracked by colleagues,
business partners
Maybe grepping the CAS itself (not the overlay) helps..?
Uxío Prego
Madiva Soluciones
CL / SERRANO GALVACHE 56
BLOQUE ABEDUL PLANTA 4
28033 MADRID
+34 917 56 84 94
www.madiva.com
www.bbva.com
The activity of email inboxes can be systematically tracked by colleagues,
business partners
..?
Regards,
Uxío Prego
Madiva Soluciones
CL / SERRANO GALVACHE 56
BLOQUE ABEDUL PLANTA 4
28033 MADRID
+34 917 56 84 94
www.madiva.com
www.bbva.com
The activity of email inboxes can be systematically tracked by colleagues,
business partners and third parties. Turn off automatic loading of images
Can't you do this just by using the CAS client from the java application
like you would do by using the CAS client from the web java (CASified)
application?
Uxío Prego
Madiva Soluciones
CL / SERRANO GALVACHE 56
BLOQUE ABEDUL PLANTA 4
28033 MADRID
+34 917 56 84 94
www.madiva.com
www.bbva.com
Move the rotate responsibility to logrotate out of Tomcat and CAS.
Uxío Prego
Madiva Soluciones
CL / SERRANO GALVACHE 56
BLOQUE ABEDUL PLANTA 4
28033 MADRID
+34 917 56 84 94
www.madiva.com
www.bbva.com
The activity of email inboxes can be systematically tracked by colleagues,
business
I’m a little lost now.
Are you sure you need to waste that much energy investigating so many ticket
registry alternatives? Shouldn’t you be trying to just assess the feasibility
of using that data base with which you feel more comfortable?
To be more clear, let’s say it works better using
Do you mean it is buggy because Redis was refusing to write -1 for
expiration times?
If you have a lot of time I guess you could write your test case and
request pull.
Uxío Prego
Madiva Soluciones
CL / SERRANO GALVACHE 56
BLOQUE ABEDUL PLANTA 4
28033 MADRID
+34 917 56 84 94
www.madiva.com
quivalent of that.
Uxío Prego
Madiva Soluciones
CL / SERRANO GALVACHE 56
BLOQUE ABEDUL PLANTA 4
28033 MADRID
+34 917 56 84 94
www.madiva.com
www.bbva.com
The activity of email inboxes can be systematically tracked by colleagues,
business partners and third parties. Turn off automatic loading of images
I'm sorry I can't help you, but it would be very sweet if you could share
your effective serviceticket or ticketgrantingticket table schema from the
times when you were using PostgrelSQL as ticket registry for CAS 5...
Regards,
Uxío Prego
Madiva Soluciones
CL / SERRANO GALVACHE 56
BLOQUE
Oh... Goodness. I was hoping the ORM software to be at last using BYTEA
instead of LO/OID.
Thank you, you are very much kind.
Uxío Prego
Madiva Soluciones
CL / SERRANO GALVACHE 56
BLOQUE ABEDUL PLANTA 4
28033 MADRID
+34 917 56 84 94
www.madiva.com
www.bbva.com
The activity of email inboxes
I don't know.
Does your CAS 3 deployment provide a custom class extending
AbstractUsernamePasswordAuthenticationHandler?
Uxío Prego
Madiva Soluciones
CL / SERRANO GALVACHE 56
BLOQUE ABEDUL PLANTA 4
28033 MADRID
+34 917 56 84 94
www.madiva.com
www.bbva.com
The activity of email inboxes can
I still operate version 3 of CAS using relational as service registry, yet I
don't understand what you ask.
I can't grep the sources anyhow, today.
I hope you find whatever you are looking for.
> On 16 Feb 2018, at 18:53, Toby Archer wrote:
>
> We have an application
I noticed days ago the GitHub issues system seems disabled there. Because that
GitHub central mirror is heavily customized with a lot of goodies, the message
is clear, and it is _bug tracking is no longer there_.
I assume you are reporting the problem and if there is no answer is because no
a deployment problem (maybe not).
I think 8G should be enough for your case, but I don't really know. While
you keep investigating, maybe adding swap and more memory can help you...
maybe not!
Good luck with it,
Uxío Prego
Madiva Soluciones
CL / SERRANO GALVACHE 56
BLOQUE ABEDUL PLANTA 4
28033 MADRID
Can you confirm psql connectivity between the data base and the Java
application server (i.e. CAS)?
Uxío Prego
Madiva Soluciones
CL / SERRANO GALVACHE 56
BLOQUE ABEDUL PLANTA 4
28033 MADRID
+34 917 56 84 94
www.madiva.com
www.bbva.com
The activity of email inboxes can be systematically
Yeah take control of the browser back button and send the user to wherever
you find appropriate: https://stackoverflow.com/questions/25806608/.
Regards,
Uxío Prego
Madiva Soluciones
CL / SERRANO GALVACHE 56
BLOQUE ABEDUL PLANTA 4
28033 MADRID
+34 917 56 84 94
www.madiva.com
www.bbva.com
I don't know.
In Maven environments I would expect the declaration of a postgresql
artifact from the org.postgresql group ID.
Uxío Prego
Madiva Soluciones
CL / SERRANO GALVACHE 56
BLOQUE ABEDUL PLANTA 4
28033 MADRID
+34 917 56 84 94
www.madiva.com
www.bbva.com
The activity of email inboxes
Apart from the virtual memory increase, which is the profile of actual
memory use increase and (if applicable) swap space use increase?
In other words, are you really sure a virtual memory use increase is a
problem?
Which is the operating system where you are running that?
Uxío Prego
Madiva
to a trusted proxy where HTTPS
is handled.
Uxío Prego
Madiva Soluciones
CL / SERRANO GALVACHE 56
BLOQUE ABEDUL PLANTA 4
28033 MADRID
+34 917 56 84 94
www.madiva.com
www.bbva.com
The activity of email inboxes can be systematically tracked by colleagues,
business partners and third parties. Turn off
In line with the error message, it can hopefully be tackled by rewriting
the schema LOCKS.LOCKVER as integer.
I would issue ALTER TABLE .LOCKS MODIFY LOCKVER NUMBER(19, 0);
Best,
Uxío Prego
Madiva Soluciones
CL / SERRANO GALVACHE 56
BLOQUE ABEDUL PLANTA 4
28033 MADRID
+34 917 56 84 94
.
In other words; if you can not fix it in time, roll forward that way
without fixing anything.
Uxío Prego
Madiva Soluciones
CL / SERRANO GALVACHE 56
BLOQUE ABEDUL PLANTA 4
28033 MADRID
+34 917 56 84 94
www.madiva.com
www.bbva.com
The activity of email inboxes can be systematically tracked
Do you need to support CAS 3 and 5 at the same time for a while, or can you
afford a *migration*? Can you afford CAS downtime when migrating the users
to CAS 5? Have you tried to add LOCKVER to CAS_OWN.LOCKS?
Uxío Prego
Madiva Soluciones
CL / SERRANO GALVACHE 56
BLOQUE ABEDUL PLANTA 4
28033
ood luck with the migration,
Uxío Prego
Madiva Soluciones
CL / SERRANO GALVACHE 56
BLOQUE ABEDUL PLANTA 4
28033 MADRID
+34 917 56 84 94
www.madiva.com
www.bbva.com
The activity of email inboxes can be systematically tracked by colleagues,
business partners and third parties. Turn off automatic load
I don't know.
Uxío Prego
Madiva Soluciones
CL / SERRANO GALVACHE 56
BLOQUE ABEDUL PLANTA 4
28033 MADRID
+34 917 56 84 94
www.madiva.com
www.bbva.com
The activity of email inboxes can be systematically tracked by colleagues,
business partners and third parties. Turn off automatic loading
68 matches
Mail list logo