I was working with CAS 5.0.3 and with the current LDAP setting I could have
logged in but remember me wasn't working. I was having an error Unrecognized
field "canonicalizationMode"which was solved in later version according
one answer. So now I have updated to 5.2 but I am getting the
> On Mon, Dec 18, 2017 at 9:58 AM, casuser <fazlarab...@gmail.com
> > wrote:
>
>>
>>
>> *This is my cas.properties, *# cas.tgc.path=
>> cas.tgc.maxAge=-1
>> # cas.tgc.domain=
>>
>> cas.tgc.signingKey=
*This is my cas.properties, *# cas.tgc.path=
cas.tgc.maxAge=-1
# cas.tgc.domain=
cas.tgc.signingKey=***
cas.tgc.name=TGC
There is a load balancer in between the user and the CAS server. The load
balancer will check allow the SSL certificate. But from the load balancer
to the CAS server the connection will be HTTP.
How to configure cas server in that way so that it listen to HTTP?
I have tried this in my
There is a load balancer in between the user and the CAS . The load
balancer will check allow the SSL certificate. But from the load balancer
to the CAS the connection will be HTTP.
How to configure cas in that way so that it listen to HTTP?
I have tried this in my cas.properties but didn't
, Cristina Vlaicu wrote:
>
> Hello,
>
> I had configured https on the application server. I had nothing to
> configure in CAS properties.
>
> Thank you,
> Cristina
>
>
>
> On Dec 14, 2017 6:51 AM, "casuser" <fazlarab...@gmail.com >
>
How to remove the warning "Non-secure Connection" from the log in page? I
want to get rid of it because from the load balancer to the CAS server the
connection will be HTTP.
I have tried the following configurations to remove the warning:
"In the event that you decide to run CAS without any
+8, leleuj wrote:
>
> Hi,
>
> I would try: cas.server.httpProxy.secure=true
> Thanks.
> Best regards,
> Jérôme
>
>
> On Thu, Dec 14, 2017 at 1:46 AM, casuser <fazlarab...@gmail.com
> > wrote:
>
>> How to remove the warning "Non-secure Connection&
ettings for the
> location in Nginx
>
>
>
> proxy_set_header Host $host;
>
> proxy_set_header X-Forwarded-Proto $scheme;
>
>
>
> I wonder if you need to try something similar in your setup.
>
>
>
> Doug
>
>
>
> *From:
;
>
>
> Edit cas.properties and add the following lines:
>
>
>
> # configure CAS to only listen for non-SSL traffic on port 8080
>
> server.port=8080
>
> server.ssl.enabled=false
>
>
>
> Doug
>
>
>
> *From:* cas-...@apereo.org [mailto:cas-...@ap
wrote:
>
> I strongly recommend to not use the approach you try to configure.
> Connection between the LB and CAS Servers should be encrypted as well.
>
>
> Am 14.12.2017 um 08:13 schrieb casuser <fazlarab...@gmail.com
> >:
>
> Thank you Cristina,
>
> A
guessing in your case if you change these to your load balancer that will
> help things a little bit.
>
>
>
> Doug
>
>
>
> *From:* cas-...@apereo.org [mailto:cas-...@apereo.org
> ] *On Behalf Of *casuser
> *Sent:* Thursday, December 14, 2017 5:14 PM
> *To:*
How to remove the warning "Non-secure Connection" from the log in page? I
want to get rid of it because from the load balancer to the CAS server the
connection will be HTTP.
I have tried the following configurations to remove the warning:
"In the event that you decide to run CAS without any
r 14, 2017 at 5:50:59 AM UTC+1, casuser wrote:
>>
>> There is a load balancer in between the user and the CAS . The load
>> balancer will check allow the SSL certificate. But from the load balancer
>> to the CAS the connection will be HTTP.
>>
>> How to configur
; browser?
> There are settings, cas.tgc.maxAge and cas.tgc.rememberMeMaxAge, to tune
> cookie behaviour.
> You may also investigate your browser settings, perhaps it is removing the
> TGC on browser close.
>
> Ray
>
> On Wed, 2017-11-08 at 19:49 -0800, casuser wrote:
>
> ev
every time I logged in it says you,nobody has successfully logged into CAS.
and in the catalina.log the error shows that :
java.lang.IllegalArgumentException:
com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException:
Unrecognized field "canonicalizationMode" (class
I have tried the following configurations to remove the warning:
"In the event that you decide to run CAS without any SSL configuration in
the embedded Tomcat container and on a non-secure port yet wish to
customize the connector configuration that is linked to the running port
(i.e. 8080),
*How can I issue service tickets in CAS 5.2.0. I am using memcached for
storing the tickets. in the logs CAS is issuing the TGT but there is no ST.
this is how it looks like in the log:*
2017-12-22 09:40:47,618 DEBUG
[org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] -
ke out this line:
>
> cas.authn.samlIdp.authenticationContextClassMappings[0]=urn:oasis:names:tc:SAML:2.0:ac:classes:SomeClassName->mfa-duo
>
> If you don't understand what a setting does, do not add it blindly. Ask.
>
> --Misagh
>
> ------
>
> *From:
Hello Everyone,
I am currently using CAS 5.2.0 and I have few questions regarding Password
reset security questions. Is there a way
1. to force users to configure their custom security questions when the
user login for the 1st time?
2. password change lockout with too many
Help needed
I am currently using CAS 5.2.0 and I have few questions regarding Password
reset security questions. Is there a way
1. to force users to configure their custom security questions when the
user login for the 1st time?
2. password change lockout with too many
Help needed
I am currently using CAS 5.2.0 and I have few questions regarding Password
reset security questions. Is there a way
1. to force users to configure their custom security questions when the
user login for the 1st time?
2. password change lockout with too many
Hi Toby I am also having the same problem, zero services are loaded from
the jpa service registry. Did you able to solve it?
On Wednesday, July 19, 2017 at 9:13:40 PM UTC+8, Toby Archer wrote:
>
> yes. any ideas on why it is ignoring my files and what I could do to make
> it not ignore my
How to set a LDAP password management for 2 different OU's? Using the
current documentation password management can be configured for one OU and
it works. but like the authentication there is an option LDAP[0], LDAP[1]
there is no such option for password management. So the authentication
How to set a LDAP password management for 2 different OU's? Using the
current documentation password management can be configured for one OU and
it works. but like the authentication there is an option LDAP[0], LDAP[1]
there is no such option for password management. So the authentication
I am using CAS 5.2.x. For reset password, I get the reset password email
and from the link I can get to the reset password page where I enter my new
password and retype it but I get this error on the browser "Could not
update the account password" and nothing in the server log. I am using LDAP
It remains valid for one attempt.
On Tuesday, February 13, 2018 at 1:00:09 AM UTC+8, Snoke, Nancy wrote:
>
> Hey all,
>
>
>
> Out of the box, are the password reset links valid only once or as many
> times as the user wants?
>
>
>
> We set up password reset functionality, and did a lot of
El lunes, 5 de febrero de 2018, casuser <fazlarab...@gmail.com
> > escribió:
>
>> How to set a LDAP password management for 2 different OU's? Using the
>> current documentation password management can be configured for one OU and
>> it works. but like the auth
ticket is only issued if there is a service to log in.
> With https://foo.com/cas/login, no ST,
> https://foo.com/cas/login?service=https://bar.com, there is ST.
>
> Ray
>
> On Thu, 2017-12-21 at 20:38 -0800, casuser wrote:
>
>
>
>
> *How can I issue service ti
The service ticket validation failed and in the logs there is an error
which says json parse exception: Unexpected character (I) at position 0.
this is the error log :
=
WHO: audit:unknown
WHAT:
Thanks for the reply and I got it
On Tuesday, December 26, 2017 at 9:07:39 AM UTC+8, casuser wrote:
>
> Hi Ray, thanks for the reply, but there is no "service" parameter in the
> log in URL.
>
> Regards,
>
> FAZLA
>
> On Saturday, December 23,
From the ..cas/status/dashboard if I click to *status* it says:
2.MemcachedMonitor: ERROR - No memcached servers available.
Although I have configured memcached which is working properly. I have also
configured the memcached monitoring in the pom.xml
as well as in the cas.properties.
>From the ..cas/status/dashboard if I click to *status* it says:
2.MemcachedMonitor: ERROR - No memcached servers available.
Although I have configured memcached which is working properly. I have also
configured the memcached monitoring in the pom.xml
as well as in the cas.properties.
*How can I issue service tickets in CAS 5.2.0. I am using memcached for
storing the tickets. in the logs CAS is issuing the TGT but there is no ST.
this is how it looks like in the log:*
2017-12-22 09:40:47,618 DEBUG
[org.apereo.cas.authentication.DefaultAuthenticationResultBuilder] -
>From the ..cas/status/dashboard if I click to *status* it says:
2.MemcachedMonitor: ERROR - No memcached servers available.
Although I have configured memcached which is working properly. I have also
configured the memcached monitoring in the pom.xml
as well as in the cas.properties.
Does CAS 5.3 provide support multiple for AD password management?
Previously in CAS version 5.2 it used to only support one Active directory
where else for
LDAP Authentication it used to support multiple Active directory as
authentication methods.
And in the CAS properties in CAS 5.3
Hello Everyone,
I am currently using CAS 5.2.0 and I have few questions regarding Password
reset security questions. Is there a way
1. to force users to configure their custom security questions when the
user login for the 1st time?
2. password change lockout with too many
I am currently using CAS 5.2.0 and I have few questions regarding Password
reset security questions. Is there a way
1. to force users to configure their custom security questions when the
user login for the 1st time?
2. password change lockout with too many incorrect security
are on the classpath.
security.basic.authorize-mode=role
security.basic.path=/cas/status/**
# security.basic.enabled=true
# security.user.name=casuser
# security.user.password=
##
# CAS Web Application Session Configuration
#
server.session.timeout=300
server.session.cookie.http-only=true
server.se
I want to use the embedded tomcat as the container that is why I have
-tomcat
in the pom. But somehow my embedded container working. I have created the
keystore.
Exported the certificate to /etc/cas/config/ and also to the global home
$JAVA_HOME/jre/lib/security/cacerts
Yet when I run
*We are currently using CAS 5.2 and the current properties for LDAP
authentication, we were trying to using the same for version 6 except the
userFiler which is changed to searchFilter but still we can't connect to
the LDAP. In the logs it's nothing even in the debug mode*
2018-10-24
It works now
just needed to change the values of the following properties
cas.authn.ldap[0].allowMultipleDns=false
cas.authn.ldap[0].type=AUTHENTICATED
On Thursday, October 25, 2018 at 9:23:29 AM UTC+8, casuser wrote:
>
> Hello Ray,
>
> Thanks for the reply.
>
> I
ter the if else; actually after '//
> Other dependencies may be listed here...'.
>
> Ray
>
> On Wed, 2018-10-24 at 03:11 -0700, casuser wrote:
>
> *We are currently using CAS 5.2 and the current properties for LDAP
> authentication, we were trying to using the same for versio
I was trying to add Google Recaptcha to CAS
This is my cas.properties
#
#Google reCAPTCHA
#
cas.googleRecaptcha.enabled=true
cas.googleRecaptcha.verifyUrl=https://www.google.com/recaptcha/api/siteverify
cas.googleRecaptcha.siteKey=
CAS 6 Password management is has the same problem in the flow. provided
email address is not valid
spring.mail.host=smtp.office365.com
spring.mail.port=587
spring.mail.username=myem...@staffemail.edu
spring.mail.password=mypass
spring.mail.testConnection=true
ds, Did you find any solution for this error?
On Saturday, November 3, 2018 at 5:56:10 AM UTC+8,
ste...@scarletmail.rutgers.edu wrote:
>
>
> Hi,
>
> A while back I started looking at CAS 5.2.x to work toward upgrading our
> 3.6 server. I got distracted by another project. I'm now looking to
I have found this
https://support.symantec.com/en_US/article.TECH226886.html for ldap
referrel but I didn't find anything to ignore the ldap referel.
On Monday, November 19, 2018 at 10:06:28 AM UTC+8, casuser wrote:
>
> Hello Mike,
>
> We are also having the same problem. Did you a
Hey mike,
I am having the same error now. Did you find a way to get around with it?
On Monday, July 30, 2018 at 11:48:36 PM UTC+8, Mike wrote:
>
> Is there any way to disable hostname verification in the SSL configuration
> in CAS 5.3.x? We have a cluster of 4 AD servers named nodeX.server.com
Did you find a way to get around with this error?
On Friday, April 7, 2017 at 11:56:11 AM UTC+8, Marcio Gomes wrote:
>
> Hello guys,
> I am setting up CAS5.x LDAP with SSL. The LDAP's server is configured with
> a ssl certificate. The CN's certificate is not same LDAPs hostname.
> So, we got the
Hello Mike,
We are also having the same problem. Did you able to solve it?
Regards,
On Friday, November 16, 2018 at 11:07:34 PM UTC+8, Mike wrote:
>
> Hi. Is there any way to disable CAS 5.x from following referrals returned
> by Active Directory when using the root level DC=DOMAIN,DC=COM to
We have applications that are using CAS protocol as well as CAS REST
protocol. For applications that are using the CAS REST protocol (specially
mobile application) we want to check if the user is already log in to CAS
sso. If so then we want to let the user authenticate. We are using a
Hello everyone,
we are using cas 5.3.8 in prod. I was trying to enable the rest password
management. I have added the dependencies and the required cas.properties
but getting a 404 response from CAS.
My cas.properties are as following:
Dear All,
Good day!!!
Currently we are using CAS 5.3.8.
In the CAS protocol 3.0 section 2.2 it is mentioned that /login can be used
as a credential acceptor.
2.2. */login* as credential acceptor
When a set of accepted credentials are passed to */login*, it acts as a
credential acceptor and
Hi Robert,
I am also facing the same issue, I just what to know the steps I need to
follow from the office 365 side. I have configured cas for office 365 but
not sure about the steps in the office 365 part
On Wednesday, July 3, 2019 at 5:41:11 AM UTC+8, Robert Bond wrote:
>
>
> Were you able
Hello everyone,
we are using cas 5.3.8 in prod. I was trying to enable the rest password
management. I have added the dependencies and the required cas.properties
but getting a 404 response from CAS.
My cas.properties are as following:
cas.authn.pm.rest.
I was following the build process from CAS codebase in the documentations
https://apereo.github.io/cas/developer/Build-Process-6X.html for CAS 6.0. I
did the following
1. I have cloned the codebase
2. checkout from the master branch.
3. Built the codebase using the following command
The error indicates that transport encryption is required -- this generally
means you need to change the LDAP server URI from ldap://server.domain.gTLD
to ldaps://server.domain.gTLD *but* since few LDAP servers use certs issued
from a public certificate authority (CA), you'll also need to
We are currently using CAS 5.3
How can we hide sensitive information like authentication details in the
cas properties file by using the os environment variables?
Thanks in advance
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines:
58 matches
Mail list logo
