Re: [cas-user] Help With Performance Optimisation. CAS 6.6.x

9.8.0 > > On Monday, February 12, 2024 at 6:37:06 PM UTC+5:30 Dmitriy Kopylenko > wrote: > >> Which exact version of CAS (and the embedded Tomcat that it carries)? >> >> D. >> >> On Mon, Feb 12, 2024 at 06:49 Vaibhav GPT wrote: >> >>&g

Re: [cas-user] Help With Performance Optimisation. CAS 6.6.x

Which exact version of CAS (and the embedded Tomcat that it carries)? D. On Mon, Feb 12, 2024 at 06:49 Vaibhav GPT wrote: > Thank you Ron for the information but I have found the issue. > > Looks like the embedded tomcat in CAS is responsible for high cpu usage. > When I switched to a

Re: [cas-user] MFA User Selection Menu in CAS v7.0

about it in > documentation > في الثلاثاء، 9 يناير 2024 في تمام الساعة 11:49:31 ص UTC، كتب Dmitriy > Kopylenko رسالة نصها: > >> Hi. >> >> The namespace for the property has changed in version 7: >> >> cas.authn.mfa.core.provider-selection.provider-selection-enabled=true

Re: [cas-user] MFA User Selection Menu in CAS v7.0

The formatting didn’t work. The updated property namespace is: cas.authn.mfa.core.provider-selection.provider-selection-enabled On Tue, Jan 9, 2024 at 06:18 Dmitriy Kopylenko wrote: > Hi. > > The namespace for the property has changed in version 7: > > cas.authn.mf

Re: [cas-user] MFA User Selection Menu in CAS v7.0

Hi. The namespace for the property has changed in version 7: cas.authn.mfa.core.provider-selection.provider-selection-enabled=true as.authn.mfa.core.provider-selection.provider-selection-enabled=true Cheers, D. On Tue, Jan 9, 2024 at 05:33 Mm Mm wrote: > in cas v 6.6 there is a

Re: [cas-user] CAS6 SAML usernameAttribute

day, October 23, 2023 at 3:21:21 PM UTC-4 Dmitriy Kopylenko wrote: > >> Hi. >> >> Try this: >> >> usernameAttributeProvider: >> { >> @class: >> org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProvider >> username

Re: [cas-user] CAS6 SAML usernameAttribute

Hi. Try this: usernameAttributeProvider: { @class: org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProvider usernameAttribute: mail } D. On Mon, Oct 23, 2023 at 2:53 PM atilling wrote: > Working on a SAML integration where the subject needs to be the user's >

Re: [cas-user] CAS Security Releases/Patches

Hi Baron. It’s the “binary only” release hidden from repo before the security “grace period” has passed. >From that post: "All source code and repository tags that contain fixes for this issue are kept privately until the grace period has passed. Note that repository tags are generally

Re: [cas-user] requiredIpAddresses specification?

re/monitor/ActuatorEndpointProperties.html > > > > But I don't see the comment you provided as an example. > > > > On Wed, Feb 22, 2023 at 5:00 AM Dmitriy Kopylenko > wrote: > >> Hello. >> >> There is a useful Gradle task available which would generate

Re: [cas-user] requiredIpAddresses specification?

Hello. There is a useful Gradle task available which would generate the properties file containing ALL CAS’ properties along with documentation comments for each. Then one could use search in that file to see what’s available. To run it, simply execute ./gradlew exportConfigMetadata from the

Re: [cas-user] how to customize a filter used in CAS?

One other way to accomplish this is to disable CAS filer by setting `cas.http-web-request.header` property to false, and then to enable your version of this bean in your own configuration class by making sure it’s recognized by Spring by advertising it in META-INF/spring.factories file in your

Re: [cas-user] Re: Upgrade from CAS 6.5 to 6.6

This is related to deprecation of RegexRegisteredService type as described here in the released notes: https://apereo.github.io/cas/6.6.x/release_notes/RC3.html#cas-registered-services If you are using JSON service registry, make sure to change all the service types from RegexRegisteredService to

Re: [cas-user] CAS 6.4.x with SPNEGO, "Factory method 'spnegoAuthentications' threw exception"

Hi there. The error points to this line: https://github.com/apereo/cas/blob/master/support/cas-server-support-spnego/src/main/java/org/apereo/cas/config/SpnegoConfiguration.java#L68 where it calls Spring resource loader abstraction to load Kerboros config file and apparently the resource

Re: [cas-user] CAS 6.4.x with SPNEGO, "Factory method 'spnegoAuthentications' threw exception"

Hi. If you could post the entire stack trace, that would help to see what might be misconfigured. Cheers, D. On Sep 2, 2021 at 09:31:17, Thierry MURGUE wrote: > Hi all, > > I have a working conf with SPNEGO for CAS 6.2.x (last tried 6.2.8). > > I’ve tried for 2 days to do the same with the

Re: [cas-user] How to release eduPersonTargetedID in correct format

Hi there. Simply put, currently CAS server does not support encoding attribute values as nested SAML2XMLObject, just like that nested NameID value as required by eduPersonTargetedID spec. Best, D. On May 10, 2021 at 11:01:30, Marcin Roman wrote: > Thanks for your help, but it does not

Re: [cas-user] TGT timeout issue with v5.3.5

Hi Dave. I was just wondering, is there any reason you’d not go to the latest CAS v 6.x, as 5.x is EOL? Best, D. On Dec 1, 2020 at 13:10:26, Dave Steiner wrote: > > We are upgrading to v5.3.5 and I was just testing the TGT timeout. I am > using hazelcast and have the following settings: > >

Re: [cas-user] HandlerResult

ger, principalFactory, order); > } > > @Override > protected HandlerResult authenticateUsernamePasswordInternal( > final > UsernamePasswordCredential credential, > final > String originalPassword) { >

Re: [cas-user] HandlerResult

Hi there. Which stub code example? You’d want to make sure you implement the correct SPI for AuthenticationHandler, which is this: https://github.com/apereo/cas/blob/6.2.x/api/cas-server-core-api-authentication/src/main/java/org/apereo/cas/authentication/AuthenticationHandler.java Best, D. On

RE: [cas-user] Cas 6.1.x Web Flow Customization

/webflow/login folder but code not execute this file login page rendered from somewhere else.   Please suggest solution so I can write my custom code in login-webflow.xml page.   From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of Dmitriy Kopylenko Sent: 07 May 2020 06:44 PM

Re: [cas-user] JDBC Connection Pooling

Indeed, that might be a good idea to reuse a global DataSource for all Jdbc attributes repos. Currently it’s only possible if you have a globally defined JNDI-bound DataSource (but who does JNDI these days?) ;-)  As could be seen here: 

Re: [cas-user] Cas 6.1.x Web Flow Customization

Hi there. I’d suggest you be a bit more specific regarding what you are trying to accomplish. Best, D. On May 7, 2020 at 04:16:28, 'Suhas Bansude' via CAS Community (cas-user@apereo.org) wrote: I am using cas 6.1.x version . I am trying to configure login web flow. Please help with -- -

Re: [cas-user] Custom AUP Implementation

The best way to implement AUP flow customizations would be through a pluggable Groovy script which CAS will use for 2 phases - verification and recording of acceptance fact:  https://apereo.github.io/cas/6.1.x/webflow/Webflow-Customization-AUP.html#groovy So you could do the additional work

Re: [cas-user] SAML Delegated Authentication Auto Redirect

Set this flag to true: ${configurationKey}.autoRedirect=true where configurationKey is your pac4j client prefix path of interest. https://apereo.github.io/cas/6.0.x/configuration/Configuration-Properties-Common.html#delegated-authentication-settings Cheers, D. On March 11, 2020 at 03:57:17,

Re: [cas-user] 6.2.x Gradle Compilation

ies file. > > I have made it No changes. (http 404) > > Please note I do not have a json file in the /etc/cas/services directory yet. > > Jérémie > > > Le mardi 11 février 2020 15:34:45 UTC+1, Dmitriy Kopylenko a écrit : > > Hi there. > > > > K

Re: [cas-user] 6.2.x Gradle Compilation

; > > > > > > > * Where: > > > > > Script '/home//bin/cas-overlay-template-6.2/gradle/tasks.gradle' > > > > > line: 64 > > > > > > > > > > * What went wrong: > > > > > Execution failed for task ':run'.

Re: [cas-user] 6.2.x Gradle Compilation

> > > > > I have changed my gradle.properties > > > > > to cas.version=6.2.0-RC2 > > > > > (I copied it right from the posting. ) > > > > > > > > > > and I get: > > > > > > > > > > Could

Re: [cas-user] Re: CAS 6.x Error while deploying cas.war in tomcat

On Wednesday, November 13, 2019 at 8:58:43 AM UTC-5, Dmitriy Kopylenko wrote: For what it's worth - if anyone is deploying CAS 6.1 to external Tomcat versions that do not have the newer API, and do not want to either upgrade Tomcat or use CAS in the embedded mode, add this line to your cas.properties

Re: [cas-user] 6.2.x Gradle Compilation

face.html#sec:command_line_warnings Thank you, Jérémie Le jeudi 2 janvier 2020 14:24:48 UTC+1, Dmitriy Kopylenko a écrit : Hi there. Change version of CAS to 6.2 RC2 in gradle.properties like so: cas.version=6.2.0-RC2 Best, D. From: Jérémie Pilette Reply: cas-...@apereo.org Date: January 2, 2020 at 7

Re: [cas-user] 6.2.x Gradle Compilation

Hi there. Change version of CAS to 6.2 RC2 in gradle.properties like so: cas.version=6.2.0-RC2 Best, D. From: Jérémie Pilette Reply: cas-user@apereo.org Date: January 2, 2020 at 7:57:00 AM To: CAS Community Subject:  [cas-user] 6.2.x Gradle Compilation Hi everybody, I have a problem

Re: [cas-user] Re: CAS 6.x Error while deploying cas.war in tomcat

For what it's worth - if anyone is deploying CAS 6.1 to external Tomcat versions that do not have the newer API, and do not want to either upgrade Tomcat or use CAS in the embedded mode, add this line to your cas.properties -> 

Re: [cas-user] CAS 5.3.12, Groovy Multifactor Policy, anyone successfully used logger/LOGGER for debugging,

There is no logger instance available to your Groovy class. You’ll have to create an instance yourself e.g. static final org.slf4j.Logger log = org.slf4j.LoggerFactory.getLogger(GroovyMultifactorPolicy) Best, D. From: randomuser878 Reply: cas-user@apereo.org Date: September 26, 2019 at

Re: [cas-user] OpenID Connect issues

, but why did it persist after I restarted the service? On Tuesday, September 24, 2019 at 10:59:05 AM UTC-4, Shawn Cutting wrote: cas.authn.oidc.jwksFile=file:/etc/cas/keystore.jwks On Tuesday, September 24, 2019 at 10:57:02 AM UTC-4, Dmitriy Kopylenko wrote: What is the value of cas.authn.oidc.jwksFile

Re: [cas-user] OpenID Connect issues

What is the value of cas.authn.oidc.jwksFile property? D. From: Shawn Cutting Reply: cas-user@apereo.org Date: September 24, 2019 at 10:49:24 AM To: CAS Community Subject:  [cas-user] OpenID Connect issues I am trying to setup CAS to function as an OpenID provider, and am running into a

Re: [cas-user] Re: [CAS 6.0] Attribute Mappings to SAML Identifiers Broken in CAS 6.0

Just confirmed - fixed in 6.1.0-RC4 Best, D. From: Josh G Reply: cas-user@apereo.org Date: July 31, 2019 at 11:10:11 AM To: CAS Community Subject:  [cas-user] Re: [CAS 6.0] Attribute Mappings to SAML Identifiers Broken in CAS 6.0 Has anyone else experienced this issue? This is holding up

Re: [cas-user] Where is AbstractCasWebflowConfigurer

Add a maven dependency on cas-server-core-webflow-api module. Best, D. From: Michael MacEachran Reply: cas-user@apereo.org Date: April 24, 2019 at 10:48:37 PM To: cas-user@apereo.org Subject:  [cas-user] Where is AbstractCasWebflowConfigurer According to the documentation

Re: [cas-user] AuthenticationInterrupt + Groovy + autoRedirect

OSI ) Pôle Infrastructures Université d'Avignon et des Pays de Vaucluse Tèl : 04.90.16.26.04 -- De: "Dmitriy Kopylenko" À: "cas-user" Envoyé: Mercredi 30 Janvier 2019 16:13:02 Objet: Re: [cas-user] AuthenticationInterrupt + Groovy + autoRedirect Hi. there are getters setters methods

Re: [cas-user] AuthenticationInterrupt + Groovy + autoRedirect

Direction Opérationnelle des Systèmes d'Information ( DOSI ) Pôle Infrastructures Université d'Avignon et des Pays de Vaucluse Tèl : 04.90.16.26.04 -- De: "Dmitriy Kopylenko" À: "cas-user" Envoyé: Mercredi 30 Janvier 2019 15:47:37 Objet: Re: [cas-user] AuthenticationInterrupt + G

Re: [cas-user] AuthenticationInterrupt + Groovy + autoRedirect

Hi, can you post an example of your Groovy interrupt script - how you construct and return InterrupResponse object in particular. Cheers, D. From: Sébastien B Reply: cas-user@apereo.org Date: January 30, 2019 at 9:26:25 AM To: CAS Community Subject:  [cas-user] AuthenticationInterrupt +

Re: [cas-user] [6.x] [REST Protocol] [Request a Service Ticket] HTTP 200 - empty body

Hi, there was one custom HttpMessageConverter added in 6.0 which messes up with the body of a response on the way back during content negotiation (if by default Accept header value is set to */*): 

Re: [cas-user] CAS 6.1.0-RC2 JWT error

=28800 cas.ticket.tgt.hardTimeout.timeToKillInSeconds=28800 cas.ticket.tgt.throttledTimeout.timeToKillInSeconds=28800 cas.ticket.tgt.throttledTimeout.timeInBetweenUsesInSeconds=5 On Tuesday, January 15, 2019 at 1:36:26 PM UTC-6, Dmitriy Kopylenko wrote: What’s the value of your tgt expiration

[cas-user] CAS client auto config support 2.1.0

Folks, The CAS client auto config support 2.1.0 has been released (depends on the latest Java CAS client 3.5.1):  https://github.com/Unicon/cas-client-autoconfig-support Cheers, D. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines:

[cas-user] Java CAS client 3.5.1

Folks, the Java CAS client version 3.5.1 has been released:  https://github.com/apereo/java-cas-client/releases/tag/cas-client-3.5.1 Cheers, D. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions:

Re: [cas-user] Rerequesting CAS attributes

You might want to look into and configure attribute caching policy such that it will basically re-resolve them from attribute sources every time ST gets validated, hence you’ll get a fresh set of attributes every time CAS ST validation protocol dance happens:

Re: [cas-user] Re: CAS 5.2.0 How to configure cas in that way so that it listen to HTTP?

This might help:  https://apereo.github.io/cas/5.3.x/planning/Security-Guide.html#secure-transport-https Cheers, D. From: Pedro Rosas Silva Reply: cas-user@apereo.org Date: October 4, 2018 at 1:44:06 PM To: cas-user@apereo.org Subject:  Re: [cas-user] Re: CAS 5.2.0 How to configure cas in

Re: [cas-user] How to enable MFA by service rather than globally

You could always do a custom Groovy script trigger which will be executed and its outcome examined by CAS for each authentication transaction to decide whether to trigger any mfa transaction or not: 

Re: [cas-user] Error in CAS Management(5.2) app after authentication with the CAS Server (5.3.2)

This might help  https://apereo.github.io/cas/development/installation/Troubleshooting-Guide.html#no-subject-alternative-names D. From: vivekanand yaram Reply: cas-user@apereo.org Date: August 24, 2018 at 10:00:46 AM To: cas-user@apereo.org Subject:  Re: [cas-user] Error in CAS

RE: [cas-user] RE: CAS 5 SAML2 Azure AD delegated authentication

that into the cas.properties file, CAS doesn’t start.   Lynn Dickison   From: cas-user@apereo.org On Behalf Of Dmitriy Kopylenko Sent: Tuesday, August 7, 2018 10:53 AM To: cas-user@apereo.org Subject: Re: [cas-user] RE: CAS 5 SAML2 Azure AD delegated authentication   You could try cas.authn.pac4j.saml[0

Re: [cas-user] RE: CAS 5 SAML2 Azure AD delegated authentication

You could try cas.authn.pac4j.saml[0].useNameQualifier=false Best, D. From: Dickison, Lynn E Reply: cas-user@apereo.org Date: August 7, 2018 at 9:53:30 AM To: cas-user@apereo.org Subject:  [cas-user] RE: CAS 5 SAML2 Azure AD delegated authentication I saw on another posting that someone

Re: [cas-user] CAS 5.2.3 "500:Internal Server Error" with Groovy

t; wrote: Indeed!! El sábado, 10 de febrero de 2018, Dmitriy Kopylenko <dkopyle...@unicon.net> escribió: Thanks for confirming. Sounds like a bug to me. D. On Sat, Feb 10, 2018 at 12:01 PM -0500, "Brian Davidson" <awk.br...@gmail.com> wrote: I have tried that.  Duo w

Re: [cas-user] how do I capture audit log trail for unauthorized users who are denied access to a service in an accessStrategy configuration of one of my JSON files?

. Cheers, D. From: Dmitriy Kopylenko <dkopyle...@unicon.net> Reply: Dmitriy Kopylenko <dkopyle...@unicon.net> Date: February 9, 2018 at 10:06:39 AM To: cas-user@apereo.org <cas-user@apereo.org> Subject:  Re: [cas-user] how do I capture audit log trail for unauthorized users who

Re: [cas-user] Issues with service registry on 5.2.2

On Friday, February 9, 2018 at 4:52:55 PM UTC-6, Dmitriy Kopylenko wrote: For CAS versions 5.2+ use cas.serviceRegistry.json.location property:  https://apereo.github.io/cas/development/installation/Configuration-Properties.html#json-service-registry Cheers, D. From: Christopher Myers <chr

Re: [cas-user] CAS 5.2.3 "500:Internal Server Error" with Groovy

hen bypass isn’t in place. Thanks! Brian On Feb 10, 2018, at 11:38 AM, Dmitriy Kopylenko <dkopyle...@unicon.net> wrote: Let me suggest to get the Groovy script out of equation completely. Switch this groovy bypass off, and

Re: [cas-user] CAS 5.2.3 "500:Internal Server Error" with Groovy

Let me suggest to get the Groovy script out of equation completely. Switch this groovy bypass off, and try to perform entire duo 2 factor authentication transaction. If it completes successfully and then you again enable

Re: [cas-user] Re: Upgrade CAS 3.5.2 to CAS 5.x

So, few points. On the class names between 3 and 5 - you don’t have to worry about it anymore (well, as long as you don’t need to extend CAS and program against its internals and extension points). The general theme of CAS

Re: [cas-user] Issues with service registry on 5.2.2

For CAS versions 5.2+ use cas.serviceRegistry.json.location property:  https://apereo.github.io/cas/development/installation/Configuration-Properties.html#json-service-registry Cheers, D. From: Christopher Myers Reply: cas-user@apereo.org Date: 

Re: [cas-user] how do I capture audit log trail for unauthorized users who are denied access to a service in an accessStrategy configuration of one of my JSON files?

here is a way for me to grab and use the value of the username, the tomcat access log would capture the denied attempt for me. Carl On Friday, February 9, 2018 at 10:06:44 AM UTC-5, Dmitriy Kopylenko wrote:The short answer is - there is currently no audit trail advice weaved at the audit point you are after

Re: [cas-user] how do I capture audit log trail for unauthorized users who are denied access to a service in an accessStrategy configuration of one of my JSON files?

The short answer is - there is currently no audit trail advice weaved at the audit point you are after. Best, D. From: crdaudt Reply: cas-user@apereo.org Date: February 9, 2018 at 10:00:18 AM To: CAS Community Subject:  Re:

Re: [cas-user] CAS REST API - ST on SAML protected services

This should give you an idea: https://github.com/apereo/cas/blob/master/support/cas-server-support-saml-core/src/main/java/org/apereo/cas/support/saml/SamlProtocolConstants.java#L23

Re: [cas-user] Upgrade CAS 3.3.5 to 4 or 5?

CAS v4 is end-of-life and not officially supported, so my reccomendation would be the latest available v5. Best, D. From: Micas Camela Reply: cas-user@apereo.org Date: September 6, 2017 at 11:50:14 AM To: CAS Community

Re: [cas-user] API for SSO session management?

GET /status/ssosessions/getSsoSessions POST /status/ssosessions/destroySsoSession?ticketGrantingTicket={TGT_VALUE} Here’s a CLI example (written in Go) demonstrating the use of getSsoSessions and getAvailability endpoints: https://github.com/cas-projects/casctl D. From: Waldbieser, Carl

Re: [cas-user] Where exactly can views be found?

Thursday, July 20, 2017 at 10:59:33 AM UTC-5, Dmitriy Kopylenko wrote: There is no such directory in the overlay. You need to create one i.e. src/main/resources/templates and then copy the default templates that you are going to be modifying from here:  https://github.com/apereo/cas/tree/mas

Re: [cas-user] X509 principal resolver to extract substring from CN

You’d want to do something like this: 1) Define your own impl of the principal resolver that does the parsing of CN 2) Plug that in via re-defining the x509AuthenticationEventExecutionPlanConfigurer bean. Here’s the current bean definition for you to serve as an example: 

Re: [cas-user] Managing access to which services/websites users have access to when using SSO

https://apereo.github.io/cas/development/installation/Configuring-Service-Access-Strategy.html D. From: Roy Langa Reply: cas-user@apereo.org Date: July 6, 2017 at 10:06:26 AM To: CAS Community Subject:  [cas-user] Managing access

Re: [cas-user] Release Attributes from LDAP Authentication

Correct - i.e. CAS server implementation of CAS protocol v2 does not provide support for principal attributes. Cheers, D. From: David Huebner <d.huebne...@gmail.com> Reply: David Huebner <d.huebne...@gmail.com> Date: June 30, 2017 at 8:40:05 AM To: Dmitriy Kopylenko <dkopyl

Re: [cas-user] Release Attributes from LDAP Authentication

If your client is using CAS protocol version 2 for service ticket validation, they will not receive any attributes as protocol v2 does not support it. Switch to protocol version 3 in order to receive principal attributes. https://apereo.github.io/cas/5.1.x/protocol/CAS-Protocol.html Cheers, D.

Re: [cas-user] How to configure / inject DataSource into AbstractUsernamePasswordAuthenticationHandler (CAS 5.1)

You could follow an example of the Jdbc authn handler configuration:  https://github.com/apereo/cas/blob/master/support/cas-server-support-jdbc/src/main/java/org/apereo/cas/adaptors/jdbc/config/CasJdbcAuthenticationConfiguration.java Cheers, D. From: 'Adalbert Schwafel' via CAS Community

Re: [cas-user] [CAS 5.0.1] Unable to browse any link of my CAS Client web application after successful user authentication through CAS Server

Hi there. For a simpler CASification of Spring Boot apps via CAS Java client (without much configuration ceremony), you might want to try this ->  https://github.com/Unicon/cas-client-autoconfig-support And here’s a sample Boot app demonstrating the use of this library -> 

Re: [cas-user] custome passwordEncoder in CAS 5.1

gs Le mercredi 17 mai 2017 15:08:23 UTC+2, Dmitriy Kopylenko a écrit : Wrong link. Use this one:  https://apereo.github.io/cas/development/installation/Configuration-Properties.html#database-authentication From: Dmitriy Kopylenko <dkop...@unicon.net> Reply: Dmitriy Kopylenko <dkop...@u

Re: [cas-user] custome passwordEncoder in CAS 5.1

Wrong link. Use this one:  https://apereo.github.io/cas/development/installation/Configuration-Properties.html#database-authentication From: Dmitriy Kopylenko <dkopyle...@unicon.net> Reply: Dmitriy Kopylenko <dkopyle...@unicon.net> Date: May 17, 2017 at 9:07:24 AM To: cas-user@ape

Re: [cas-user] externalize bootstrap.properties config

http://cloud.spring.io/spring-cloud-static/spring-cloud.html#customizing-bootstrap-properties D. From: Nader Karimi Reply: cas-user@apereo.org Date: May 15, 2017 at 11:26:11 AM To: CAS Community Subject:  [cas-user]

Re: [cas-user] Extending CAS 5 Webflows - build instructions?

Try this one for the info on configuration mechanism:  https://apereo.github.io/2017/02/21/cas-autocfg-strategy/ Note, this applies to CAS 5.1. In CAS 5.0.x line, the configuration classes are contributed to Spring app ctx. by means of component scanning, so in order for CAS to pick ‘em up in

Re: [cas-user] Overloading Bean Configuration does not work in 5.0.4

Subject:  Re: [cas-user] Overloading Bean Configuration does not work in 5.0.4 :-( This means I need to overlay the whole CasValidationConfiguration bean. Am 04.05.2017 um 17:46 schrieb Dmitriy Kopylenko <dkopyle...@unicon.net>: The reason is that currently serviceValida

Re: [cas-user] Overloading Bean Configuration does not work in 5.0.4

The reason is that currently serviceValidateController bean in CAS is not @ConditionalOnMissingBean D. From: robertoschwald Reply: cas-user@apereo.org Date: May 4, 2017 at 11:40:26 AM To: CAS Community Subject:  [cas-user]

Re: [cas-user] REST authentication and attributes

Currently in both 5.0.x and master branches, the configuration for the REST authn handler “blindly" sets the person directory principal resolver, disregarding any attributes returned from the remote HTTP resource:

Re: [cas-user] Tutorial for custom DB authentication with 5.1 (or 5.0)

This might help -> https://apereo.github.io/2017/02/02/cas51-authn-handlers/ Cheers, D. From: 'Adalbert Schwafel' via CAS Community Reply: cas-user@apereo.org Date: March 20, 2017 at 6:41:56 AM To: CAS Community Subject: 

Re: [cas-user] Custom Yubikey registry

Which version of CAS? D. From: Dimitri Gavrilov Reply: cas-user@apereo.org Date: March 9, 2017 at 6:46:41 AM To: CAS Community Subject:  [cas-user] Custom Yubikey registry Hello community,   Have anyone already implemented

Re: [cas-user] SAML setup

Add this repository to your overlay’s pom: shibboleth-releases https://build.shibboleth.net/nexus/content/repositories/releases D. From: John Wynstra Reply: cas-user@apereo.org Date: March 7, 2017 at 3:15:07 PM To: 

Re: [cas-user] Re: Attributes in Rest Authentication 5.0.1

Use version 5.1.0-RC2 or 5.0.3.1 in your overlay. Cheers, D. From: Ivan Cordon Reply: cas-user@apereo.org Date: March 1, 2017 at 8:31:12 AM To: CAS Community Subject:  [cas-user] Re: Attributes in Rest Authentication 5.0.1 I

Re: [cas-user] Re: Cas 5.x on WildFly

Try this:  http://docs.spring.io/spring-boot/docs/1.5.1.RELEASE/reference/htmlsingle/#howto-create-a-deployable-war-file that is - exclude embedded tomcat from either Maven or Gradle overlay build as described there. D. From: Gokhan Mansuroglu Reply: 

Re: [cas-user] CAS/Sprint Security Issue

Bring in bootstrap.properties into your Maven/Gradle overlay’s src/main/resources and UNSET this property ->  https://github.com/apereo/cas/blob/5.0.x/webapp/cas-server-webapp/src/main/resources/bootstrap.properties#L24 Note to devs - perhaps we should unset this property by default to not to

Re: [cas-user] Cas 5.0.2 et Cas Services Management : tables containing services registry are deleted every time I stop tomcat

Make sure that this property is set to “update”: cas.serviceRegistry.jpa.ddlAuto=update Or even better, in production never rely on this Hibernate feature to mess with your DB schema during bootstrap. I’d recommend, creating the schema via this Hibernate mechanism once in dev/test environment

Re: [cas-user] Setting up CAS 5.0.2 Server and Banner XE 404 cas/samlValidate?

https://apereo.github.io/cas/5.0.x/installation/Configuration-Properties.html#ldap-authentication  see lines 16-20 From: Dmitriy Kopylenko <dkopyle...@unicon.net> Reply: Dmitriy Kopylenko <dkopyle...@unicon.net> Date: February 13, 2017 at 12:17:38 PM To: cas-user@apereo.org <cas-

Re: [cas-user] Setting up CAS 5.0.2 Server and Banner XE 404 cas/samlValidate?

Are you “resolving” the attributes?  https://apereo.github.io/cas/5.0.x/integration/Attribute-Resolution.html There are 2 pieces to attributes in CAS: 1) resolution, 2) release. First you need to resolve them from the target authentication store (or some other attribute repository), then

Re: [cas-user] Database Authentication and External Service for more information about principle object

vices.AbstractRegisteredServiceAttributeReleasePolicy] - 2017-01-27 15:04:48,822 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - 2017-01-27 15:04:48,822 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - Thanks, Ganga On

Re: [cas-user] Database Authentication and External Service for more information about principle object

I wouldn’t do it this way. I’d personality plug in Groovy attribute resolver where you’d be able to do external systems HTTP calls, etc. All working within CAS’ framework without the need to reinvent the wheel https://apereo.github.io/cas/5.0.x/installation/Configuration-Properties.html#groovy

Re: [cas-user] CAS + AD +LDAP

Use this ->  https://apereo.github.io/cas/5.0.x/installation/Maven-Overlay-Installation.html Cheers, D. From: Chonv Reply: cas-user@apereo.org Date: January 25, 2017 at 10:31:12 AM To: CAS Community Subject:  [cas-user]

Re: [cas-user] Java client - Dynamic service urls

Bryan, use the `serverName` param with just a base URL of your client app e.g. https://example.com and the full service URL will be constructed dynamically by CAS client library: see the README: https://github.com/apereo/java-cas-client Cheers, D. From: Bryan Wooten

Re: [cas-user] Re: CAS and OAuth interoperability

It would be nice if I could do it in a similar way to the CasAuthenticationToken.getAssertion().getPrincipal().getProxyTicketFor("xxx") does for cas proxy tickets... Cheers On Tuesday, 15 November 2016 14:23:50 UTC, Dmitriy Kopylenko wrote: There’s this factory API you could try:  https://g

Re: [cas-user] Re: CAS and OAuth interoperability

There’s this factory API you could try:  https://github.com/apereo/cas/blob/master/support/cas-server-support-oauth/src/main/java/org/apereo/cas/ticket/accesstoken/AccessTokenFactory.java D. From: Lewis Henderson Reply: cas-user@apereo.org

Re: [cas-user] Can application get TGT ticket?

Just to be clear - CAS protocol was never designed to work with Ajax and REST resources (non-interactive service-to-service) Best, D. -- > On Thursday, Nov 03, 2016 at 11:10 AM, Yan Zhou (mailto:yanand...@gmail.com)> wrote: > Hello, > > The basic problem is that CAS

Re: [cas-user] CAS5 Delegate Authentication for linkedin using pac4j

And that is simply because that LinkedIn is not currently implemented. Here are all the pac4j supported clients that are currently implemented:

[cas-user] Custom coding in CAS 5

Folks, here’s an excellent blog post by Misagh on doing custom coding in CAS 5: https://apereo.github.io/2016/10/19/mfacas5-extcfg/ Enjoy, D. -- -- CAS gitter chatroom: https://gitter.im/apereo/cas CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html CAS documentation

Re: [cas-user] AcceptUsersAuthenticationHandler#0 class not found error

Source) > at > org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) > at java.lang.Thread.run(Unknown Source) > > one possible reason is I didn't disable https. I only know how to do it in > the old cas version. Sorry if you thin I s

Re: [cas-user] How does CAS 4.1.X behave like SAML IdP?

Short answer: CAS < v5 cannot act like a standalone SAML IDP. CAS 5 can -> https://apereo.github.io/cas/development/installation/Configuring-SAML2-Authentication.html Cheers, D. > On Oct 13, 2016,

Re: [cas-user] AcceptUsersAuthenticationHandler#0 class not found error

t; https://apereo.github.io/cas/4.0.x/installation/Whitelist-Authentication.html > <https://apereo.github.io/cas/4.0.x/installation/Whitelist-Authentication.html>. > it is probably too old. not sure how to add whitelist in the new CAS module. > > Best regards, > > Xin > > >

Re: [cas-user] AcceptUsersAuthenticationHandler#0 class not found error

Wrong module and package. v 4.0.0 has the org.jasig.cas.authentication.AcceptUsersAuthenticationHandler in the 'cas-server-core’ module. But more generally, v 4.0,0 is pretty old, so I’d suggest moving into the latest version of CAS. Cheers, D. > On Oct 13, 2016, at 3:14 PM, Xin Gong

Re: [cas-user] CAS 4.1.x, use a different authentication provider based on the theme of Login page

r CAS5 ;-) Cheers, D. > On Oct 13, 2016, at 2:02 PM, Dmitriy Kopylenko <dkopyle...@unicon.net> wrote: > > Off the top of my head - you’d need to somehow make the current “Service” > instance available to the authn handler - perhaps a SWF state to bind it to &g

Re: [cas-user] AcceptUsersAuthenticationHandler#0 class not found error

Note that this: accept.authn.users=casuser::Mellon should go to your cas.properties file > On Oct 14, 2016, at 10:41 AM, Dmitriy Kopylenko <dkopyle...@unicon.net> wrote: > > https://apereo.github.io/cas/4.2.x/installation/Whitelist-Authentication.html > <https://apere

Re: [cas-user] CAS 4.1.x, use a different authentication provider based on the theme of Login page

how do > I get it? If I have to look up database, I would need a key to look up for. > If it is somewhere populated for the particular service user is logging into, > how do I get to it from authentication handler? > > Thx! > > > On 10/13/2016 1:32 PM, Dmitriy Kop

[cas-user] Extending CAS 5 Webflows

Folks, as CAS 5 is upon us, I would like to thank Misagh for starting to write a series of blog posts about this next generation of CAS server. Here’s one one excellent post about the new configuration philosophy of CAS 5 and its Spring WebFlow engine configuration overhaul:

  1   2   >