Re: [cas-user] Debugging help

[Jeffrey Ramsay]

Hi all -

It turned out to be a Java issue. I must admit we're running some old code,
and recent system updates broke the cas-management service. I had also
switched the authorized/admin users from properties to JSON while
troubleshooting which also goofed things up.

Thanks for reviewing.

-Jeff

On Wed, Oct 4, 2023 at 10:56 AM Ray Bon  wrote:

> Jeff,
>
> Was this part of an upgrade?
> It could be that a property has changed names. As artur said, you could
> start with a vanilla version and the items in one at a time.
> There is also the possibility that there is an old/incompatible library
> hanging around.
>
> These loggers may help:
>
> 
> 
>
> 
>  level="warn" includeLocation="true"/>
>  level="warn" includeLocation="true" />
> 
>  name="org.springframework.boot.autoconfigure.logging.ConditionEvaluationReportLoggingListener"
> level="warn" includeLocation="true" />
>
> 
>  includeLocation="true" />
> 
>  includeLocation="true" />
>
> 
>  includeLocation="true"/>
>
> Ray
>
> On Mon, 2023-10-02 at 11:14 -0400, Jeffrey Ramsay wrote:
>
> Notice: This message was sent from outside the University of Victoria
> email system. Please be cautious with links and sensitive information.
>
> Hello -
>
> My application stopped working after a rebuild with the following
> error message, and I can't seem to find the reason.
>
> Is there a debugging setting I can use to find which setting is the
> problem?
>
> 2023-10-02 11:10:38,217 WARN
> [org.springframework.boot.web.servlet.context.AnnotationConfigServletWebServerApplicationContext]
> -  attempt: org.springframework.beans.factory.UnsatisfiedDependencyException:
> Error creating bean with name
> 'org.springframework.boot.autoconfigure.web.servlet.WebMvcAutoConfiguration$EnableWebMvcConfiguration':
> Unsatisfied dependency expressed through method 'setConfigurers' parameter
> 0; nested exception is
> org.springframework.beans.factory.UnsatisfiedDependencyException: Error
> creating bean with name 'casManagementWebAppConfiguration': Unsatisfied
> dependency expressed through field 'authenticationClients'; nested
> exception is org.springframework.beans.factory.BeanCreationException: Error
> creating bean with name 'authenticationClients' defined in class path
> resource
> [org/apereo/cas/mgmt/config/CasManagementAuthenticationConfiguration.class]:
> Bean instantiation via factory method failed; nested exception is
> org.springframework.beans.BeanInstantiationException: Failed to instantiate
> [java.util.List]: Factory method 'authenticationClients' threw exception;
> nested exception is
> org.springframework.beans.factory.BeanCreationException: Error creating
> bean with name 'authorizationGenerator' defined in class path resource
> [org/apereo/cas/mgmt/config/CasManagementAuthorizationConfiguration.class]:
> Bean instantiation via factory method failed; nested exception is
> org.springframework.beans.BeanInstantiationException: Failed to instantiate
> [org.pac4j.core.authorization.generator.AuthorizationGenerator]: Factory
> method 'authorizationGenerator' threw exception; nested exception is
> org.springframework.beans.factory.BeanCreationException: Error creating
> bean with name 'springSecurityPropertiesAuthorizationGenerator' defined in
> class path resource
> [org/apereo/cas/mgmt/config/CasManagementAuthorizationConfiguration.class]:
> Bean instantiation via factory method failed; nested exception is
> org.springframework.beans.BeanInstantiationException: Failed to instantiate
> [org.pac4j.core.authorization.generator.AuthorizationGenerator]: Factory
> method 'springSecurityPropertiesAuthorizationGenerator' threw exception;
> nested exception is org.hjson.ParseException: Extra characters in input: 44
> at 22:3>
> 2023-10-02 11:10:38,462 ERROR [org.springframework.boot.SpringApplication]
> - 
>
> Thanks,
> -Jeff
>
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/7e3cead75d77d0c162ab806b44ea5d62f4d25dc4.camel%40uvic.ca
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/7e3cead75d77d0c162ab806b44ea5d62f4d25dc4.camel%40uvic.ca?utm_medium=email_source=footer>
> .
>

--

[cas-user] Debugging help

[Jeffrey Ramsay]

Hello -

My application stopped working after a rebuild with the following
error message, and I can't seem to find the reason.

Is there a debugging setting I can use to find which setting is the problem?

2023-10-02 11:10:38,217 WARN
[org.springframework.boot.web.servlet.context.AnnotationConfigServletWebServerApplicationContext]
- 
2023-10-02 11:10:38,462 ERROR [org.springframework.boot.SpringApplication]
- 

Thanks,
-Jeff

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYORFMriJL7SiJqN%3D9%3Dy7isP7b5G3DEzGdTPXVkAZXqZyQQ%40mail.gmail.com.

Re: [cas-user] CAS 6.6.x - SAML (Shibboleth), Unable to Decrypt EncryptedData

[Jeffrey Ramsay]

Check the system times (ntp) between the two hosts.

-Jeff

On Fri, Mar 31, 2023 at 1:11 AM 'Chris Durham' via CAS Community <
cas-user@apereo.org> wrote:

> Hi,
>
> We've got CAS 6.6.x running beautifully with delegated IDP logins to
> multiple SAML providers, but the most recent one we've had to integrate
> with is causing me some headaches.
>
> The initial redirect works fine, but when it comes back CAS displays the
> SAML message but then fails to decrypt the SAML message and I can't figure
> out why - has anyone come across anything similar before?
>
> Chris
>
> Logs..
>
> 63ff8111b2f8 [1;31m2023-03-30 20:01:28,342 ERROR
> [org.apereo.cas.web.flow.actions.DelegatedClientAuthenticationAction] -  valid subject assertion found in response
> 63ff8111b2f8 [1;31m2023-03-30 20:01:28,341 ERROR
> [org.pac4j.saml.sso.impl.SAML2AuthnResponseValidator] -  assertion failed, continue with the next one> [m
> 63ff8111b2f8 [1;31m2023-03-30 20:01:28,341 ERROR
> [org.opensaml.saml.saml2.encryption.Decrypter] -  encountered an error decrypting element content: Failed to decrypt
> EncryptedData> [m
> 63ff8111b2f8 [1;31m2023-03-30 20:01:28,341 ERROR
> [org.opensaml.xmlsec.encryption.support.Decrypter] -  EncryptedData using either EncryptedData KeyInfoCredentialResolver or
> EncryptedKeyResolver + EncryptedKey KeyInfoCredentialResolver> [m
> 63ff8111b2f8 [36m2023-03-30 20:01:28,341 DEBUG
> [org.opensaml.xmlsec.encryption.support.Decrypter] -  EncryptedData using EncryptedKeyResolver> [m
> 63ff8111b2f8 [36m2023-03-30 20:01:28,341 DEBUG
> [org.opensaml.xmlsec.encryption.support.ChainingEncryptedKeyResolver$ChainingIterator]
> -  [m
> 63ff8111b2f8 [36m2023-03-30 20:01:28,341 DEBUG
> [org.opensaml.xmlsec.encryption.support.ChainingEncryptedKeyResolver$ChainingIterator]
> -  org.opensaml.xmlsec.encryption.support.SimpleRetrievalMethodEncryptedKeyResolver>
> [m
> 63ff8111b2f8 [36m2023-03-30 20:01:28,341 DEBUG
> [org.opensaml.xmlsec.encryption.support.ChainingEncryptedKeyResolver$ChainingIterator]
> -  org.opensaml.saml.saml2.encryption.EncryptedElementTypeEncryptedKeyResolver>
> [m
> 63ff8111b2f8 [36m2023-03-30 20:01:28,341 DEBUG
> [org.opensaml.xmlsec.encryption.support.Decrypter] -  EncryptedData using key extracted from EncryptedKey failed: > [m
> 63ff8111b2f8 [1;31m2023-03-30 20:01:28,341 ERROR
> [org.opensaml.xmlsec.encryption.support.Decrypter] -  EncryptedKey, valid decryption key could not be resolved> [m
> 63ff8111b2f8 [36m2023-03-30 20:01:28,341 DEBUG
> [org.opensaml.xmlsec.encryption.support.Decrypter] -  EncryptedKey using credential from KEK KeyInfo resolver failed: > [m
> 63ff8111b2f8 [1;31m2023-03-30 20:01:28,341 ERROR
> [org.opensaml.xmlsec.encryption.support.Decrypter] -  encrypted key: Unwrapping failed> [m
> 63ff8111b2f8 [36m2023-03-30 20:01:28,338 DEBUG
> [org.opensaml.xmlsec.algorithm.AlgorithmSupport] -  include list, nothing to evaluate> [m
> 63ff8111b2f8 [36m2023-03-30 20:01:28,338 DEBUG
> [org.opensaml.xmlsec.algorithm.AlgorithmSupport] -  exclude list, nothing to evaluate> [m
> 63ff8111b2f8 [36m2023-03-30 20:01:28,338 DEBUG
> [org.opensaml.xmlsec.encryption.support.Decrypter] -  URI against include and exclude lists: algorithm:
> http://www.w3.org/2009/xmlenc11#mgf1sha1, included: null, excluded: null>
> [m
> 63ff8111b2f8 [36m2023-03-30 20:01:28,338 DEBUG
> [org.opensaml.xmlsec.algorithm.AlgorithmSupport] -  include list, nothing to evaluate> [m
> 63ff8111b2f8 [36m2023-03-30 20:01:28,338 DEBUG
> [org.opensaml.xmlsec.algorithm.AlgorithmSupport] -  exclude list, nothing to evaluate> [m
> 63ff8111b2f8 [36m2023-03-30 20:01:28,338 DEBUG
> [org.opensaml.xmlsec.encryption.support.Decrypter] -  URI against include and exclude lists: algorithm:
> http://www.w3.org/2000/09/xmldsig#sha1, included: null, excluded: null> [m
> 63ff8111b2f8 [36m2023-03-30 20:01:28,338 DEBUG
> [org.opensaml.xmlsec.algorithm.AlgorithmSupport] -  include list, nothing to evaluate> [m
> 63ff8111b2f8 [36m2023-03-30 20:01:28,338 DEBUG
> [org.opensaml.xmlsec.algorithm.AlgorithmSupport] -  exclude list, nothing to evaluate> [m
> 63ff8111b2f8 [36m2023-03-30 20:01:28,338 DEBUG
> [org.opensaml.xmlsec.encryption.support.Decrypter] -  URI against include and exclude lists: algorithm:
> http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p, included: null,
> excluded: null> [m
> 63ff8111b2f8 [32m2023-03-30 20:01:28,338 INFO
> [org.opensaml.xmlsec.algorithm.AlgorithmSupport] -  URI http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p to key length not
> available> [m
> 63ff8111b2f8 [36m2023-03-30 20:01:28,338 DEBUG
> [org.opensaml.xmlsec.encryption.support.Decrypter] -  algorithm criteria: RSA> [m
> 63ff8111b2f8 [36m2023-03-30 20:01:28,338 DEBUG
> [org.opensaml.xmlsec.encryption.support.ChainingEncryptedKeyResolver$ChainingIterator]
> -  org.opensaml.xmlsec.encryption.impl.EncryptedKeyImpl@3c8b684a> [m
> 63ff8111b2f8 [36m2023-03-30 20:01:28,337 DEBUG
> [org.opensaml.xmlsec.encryption.support.ChainingEncryptedKeyResolver$ChainingIterator]
> -  

Re: [cas-user] Impersonation / Surrogate-Authentication

[Jeffrey Ramsay]

Try this as well.

https://fawnoos.com/2018/05/07/cas-impersonation-authn/

-Jeff

On Wed, Nov 23, 2022 at 8:21 PM Matthew Gordon  wrote:

> Thank you Jonathon.
>
> On Monday, November 14, 2022 at 10:16:12 PM UTC-5 Jonathon Taylor wrote:
>
>> Hi Matt,
>>
>> That is the entirety of our surrogate configuration.  CAS will return the
>> surrogate user attributes, not the authenticated user.
>>
>> Jonathon
>>
>> On Tue, Nov 8, 2022 at 12:37 PM Matthew Gordon  wrote:
>>
>>> Also does it return the surrogate users attributes, or the authenticated
>>> users attributes?
>>>
>>> Thank you,
>>> Matt
>>>
>>> On Monday, November 7, 2022 at 3:55:38 PM UTC-5 Matthew Gordon wrote:
>>>
 Thank you Jonathon. I will have to look at doing it via LDAP. I was
 just trying to do it via a local JSON file. Is that the entirety of your
 surrogate config?

 Thank you,
 Matt

 On Monday, October 31, 2022 at 12:51:47 PM UTC-4 Jonathon Taylor wrote:

> Not sure if this helps, but we use impersonation with LDAP and we did
> not have to use a groovy script.  We are on 6.5.8.  Here's an example of
> our configuration:
>
> cas.authn.surrogate.ldap.ldap-url=ldap://
> cas.authn.surrogate.ldap.base-dn=.
> # this filter gets the attributes of the account being impersonated
> cas.authn.surrogate.ldap.search-filter=(&(objectClass=eduPerson)(|(cn
> ={0})))
> cas.authn.surrogate.ldap.bind-dn=
> cas.authn.surrogate.ldap.bind-credential=
> cas.authn.surrogate.ldap.use-start-tls=true
>
> # this is the format of the group that a person has to be in
> # in order to impersonate the 'surrogate'
> cas.custom.properties.surrogate-format=cn=group-{surrogate}
> # this builds the list of authorized accounts for impersonation
> cas.authn.surrogate.ldap.surrogate-search-filter=(&(cn={user})(
> isMemberOf=${cas.custom.properties.surrogate-format}))
> cas.authn.surrogate.ldap.member-attribute-name=isMemberOf
> # this extracts the 'friendly' name of the account to be impersonated
> cas.authn.surrogate.ldap.member-attribute-value-regex=cn=group-([^,]+)
>
> On Fri, Oct 28, 2022 at 12:43 PM Matthew Gordon 
> wrote:
>
>> I am using only LDAP (AD) as my attribute repository.
>>
>>
>> https://apereo.github.io/cas/6.5.x/authentication/Surrogate-Authentication.html#surrogate-principal-resolution
>>
>> I am trying to get it to resolved the impersonated users attributes,
>> but no luck.
>>
>> It appears that I have to have a groovy script:
>> cas.authn.surrogate.principal.principal-transformation.groovy.location=
>>
>> Here is my config so far:
>>
>> cas.authn.surrogate.json.location=file:/etc/cas/config/impersonations.json
>> cas.authn.surrogate.principal.attribute-resolution-enabled=true
>> cas.authn.surrogate.principal.active-attribute-repository-ids=core
>>
>> cas.authn.surrogate.principal.principal-resolution-conflict-strategy=last
>> cas.authn.surrogate.principal.principal-resolution-failure-fatal=true
>>
>> If I do need the groovy script, which since it appears to be
>> required, what should it be doing? Any examples?
>>
>> I can login and the impersonation works, but without attributes it's
>> pretty useless.
>>
>> Thank you,
>> Matt
>>
>>
>> --
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> ---
>> You received this message because you are subscribed to the Google
>> Groups "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it,
>> send an email to cas-user+u...@apereo.org.
>> To view this discussion on the web visit
>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/6ec4d3ed-8cd8-4e32-96d6-81cb48d9fcecn%40apereo.org
>> 
>> .
>>
>
>
> --
> Jonathon Taylor
> Information Security Office
> jona...@berkeley.edu
>

>>
>> --
>> Jonathon Taylor
>> Information Security Office
>> jona...@berkeley.edu
>>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/e180d6e6-67c7-4d6d-80d3-4ae0f176143dn%40apereo.org
> 

Re: [cas-user] Install of CAS 6.4.4.2 includes log4j-jul-2.14.1.jar and log4j-jul-2.17.0.jar

[Jeffrey Ramsay]

Try this:

bootWar {
entryCompression = ZipEntryCompression.STORED
overlays {
cas {
from
"org.apereo.cas:cas-server-webapp${project.appServer}:${casServerVersion}@war
"
provided = false
excludes =
["WEB-INF/lib/log4j*2.12.*.jar","WEB-INF/lib/log4j*2.13.*.jar"]
}
}
}

-Jeff

On Fri, Jan 7, 2022 at 2:01 PM Rod B  wrote:

> Hi,
>
> In test I downloaded the CAS Overlay for 6.4.4.2 here:
> https://github.com/apereo/cas-overlay-template/archive/6.4.zip
>
> We have a very basic install and I built the cas.war file.
>
> When. I look at .../cas/WEB-INF/lib I notice there is to log4j-jul files:
> log4j-jul-2.14.1.jar
> log4j-jul-2.17.0.jar
>
> I've tried to exclude the old file in the build.gradle file:
>
>   overlays {
>
> cas {
> from
> "org.apereo.cas:cas-server-webapp${project.appServer}:${project.'cas.version'}@war
>  provided = false
>  excludes = ["WEB-INF/lib/servlet-api-2*.jar"]
>  excludes = ["WEB-INF/lib/log4j-jul-2.14.1.jar"]
>
>  }
>
> But the file remains.
>
> Fortunately it doesn't seem to be causing a problem, but I've experienced
> issues when there are duplicate jar files of different versions.
> Specifically log4j2 files.
>
> Is this something that can be fixed in the upstream?
>
> Also, is log4j2 going to be upgraded to 2.17.1 soon or do we need to use
> the remediation  steps referenced in this thread:
>
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOQ-AecysHAxD0FHEdBnTTHD3wNTa_d1xXcVVRmuC16A5g%40mail.gmail.com
> 
>
> Many thanks!
>
> Rod
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/a4676eac-89f5-405e-bbc3-3e8f586725b0n%40apereo.org
> 
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOR%2Bp7uOjX2HPRMgNqebvYb3S%2B8EjN8J33V1yj%3DZVesVPg%40mail.gmail.com.

Re: [cas-user] Re: log4j vulnerability remediation

[Jeffrey Ramsay]

I did this based on what was posted earlier in the thread to update 6.2.

-- add to build.gradle dependencies section

implementation "org.apache.logging.log4j:log4j-api:2.16.0"
implementation "org.apache.logging.log4j:log4j-core:2.16.0"
implementation "org.apache.logging.log4j:log4j-jcl:2.16.0"
implementation "org.apache.logging.log4j:log4j-jul:2.16.0"
implementation "org.apache.logging.log4j:log4j-web:2.16.0"
implementation "org.apache.logging.log4j:log4j-slf4j18-impl:2.16.0"

-- add to the end of build.gradle

bootWar {
entryCompression = ZipEntryCompression.STORED
overlays {
cas {
from
"org.apereo.cas:cas-server-webapp${project.appServer}:${casServerVersion}@war
"
provided = false
excludes =
["WEB-INF/lib/log4j*2.12.*.jar","WEB-INF/lib/log4j*2.13.*.jar"]
}
}
}

I would recommend you unpack the new war once it is built and update the
excludes list as needed.

-Jeff
-Jeff


On Wed, Dec 15, 2021 at 2:22 PM Baba Ndiaye  wrote:

> good evening
>
> I would like to know if we make an update of log4j 2.16 how to know if CAS 
> has supported it (use it) and also for the update we only need to add this 
> lines
>
>
> dependencies {
> compile "org.apache.logging.log4j:log4j-api:2.15.0"
> compile "org.apache.logging.log4j:log4j-core:2.15.0"
> compile "org.apache.logging.log4j:log4j-jcl:2.15.0"
> compile "org.apache.logging.log4j:log4j-jul:2.15.0"
>     compile "org.apache.logging.log4j:log4j-web:2.15.0"
> compile "org.apache.logging.log4j:log4j-slf4j18-impl:2.15.0"
> }
>
>
> Le mer. 15 déc. 2021 à 03:43, Jeffrey Ramsay  a
> écrit :
>
>> Robert and Joe,
>>
>> Your examples were really helpful. I was able to combine the steps and
>> patch our systems.
>>
>> Thanks,
>> -Jeff
>>
>> On Tue, Dec 14, 2021 at 1:58 PM Pablo Vidaurri 
>> wrote:
>>
>>> Note v2.16.0 is now out  a patch for the patch
>>>
>>> On Tuesday, December 14, 2021 at 10:02:48 AM UTC-6 apereo_cas_user wrote:
>>>
>>>> We use cas 6.1.7  overlay template [still in pre-prod] for delegated
>>>> authentication.
>>>> As a temp solution we replaced log4j  2.12.1 with 2.15.0 manually and
>>>> bounced tomcat.
>>>> Is there a way we can exclude 2.12.1 from the build . [I can pull in
>>>> 2.15.0 by adding in build.gradle but conflict with 2.12.1].  We have issues
>>>> when upgrading to 6.3.7.2
>>>>
>>>> Thanks
>>>>
>>>> --
>>> - Website: https://apereo.github.io/cas
>>> - Gitter Chatroom: https://gitter.im/apereo/cas
>>> - List Guidelines: https://goo.gl/1VRrw7
>>> - Contributions: https://goo.gl/mh7qDG
>>> ---
>>> You received this message because you are subscribed to the Google
>>> Groups "CAS Community" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to cas-user+unsubscr...@apereo.org.
>>> To view this discussion on the web visit
>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/379632b4-2e9b-40b1-824d-1eebbdee4f83n%40apereo.org
>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/379632b4-2e9b-40b1-824d-1eebbdee4f83n%40apereo.org?utm_medium=email_source=footer>
>>> .
>>>
>> --
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to cas-user+unsubscr...@apereo.org.
>> To view this discussion on the web visit
>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOTzLyDsd-6wUFAJVjOYJkh5Jod95QTAkDH1zi5G8rY7AA%40mail.gmail.com
>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOTzLyDsd-6wUFAJVjOYJkh5Jod95QTAkDH1zi5G8rY7AA%40mail.gmail.com?utm_medium=email_source=footer>
>> .
>>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from 

[cas-user] Re: [cas-dev] CAS registry migration

[Jeffrey Ramsay]

David,

Thanks for your suggestion, I will give it a try.

Thanks again,
-Jeff

On Tue, Dec 14, 2021 at 10:15 PM David Gelhar 
wrote:

>
> Ok, I just read the error message more carefully...
>
> Cannot deserialize value of type
> `org.apereo.cas.configuration.model.core.authentication.PrincipalAttributesCoreProperties$MergingStrategyTypes`
> from String "replace": not one of the values accepted for Enum class:
> [NONE, ADD, MULTIVALUED, REPLACE]
>
>
> With 6.4, CAS seems to have become more picky about requiring the
> "MergingStrategy" values to be in uppercase. We ran into the same problem;
> solution was to change  "mergingPolicy": "replace" to "mergingPolicy":
> "REPLACE" everywhere.
> On Tuesday, December 14, 2021 at 9:05:51 AM UTC-5 David Gelhar wrote:
>
>> That message might mean that you're missing the OIDC dependency in your
>> build.gradle
>>
>> Make sure you have something like
>>
>> implementation 
>> "org.apereo.cas:cas-server-support-oidc:${project.'cas.version'}"
>>
>>
>> On Dec 14, 2021, at 8:28 AM, Jeffrey Ramsay  wrote:
>>
>> Hello -
>>
>> What is the process for migrating the service registry from CAS 6.2 to
>> 6.4? I have used the service endpoints to export the 6.2 registry and then
>> tried to import into the new 6.4 system registry and that fails. Placing
>> the exported json files in the services area fails as shown below -- and
>> this is not the only error; removing the failed section leads to another
>> very similar message.
>>
>> 2021-12-14 07:38:12,198 ERROR
>> [org.apereo.cas.util.serialization.AbstractJacksonBackedStringSerializer] -
>> > [{"@class":"org.apereo.cas.services.OidcRegisteredService","serviceId":"
>> https://bedu:6129/bprep/apex...] to deserialize into type [interface
>> org.apereo.cas.services.RegisteredService]. This may be caused in the
>> absence of a configuration/support module that knows how to interpret the
>> fragment, specially if the fragment describes a CAS registered service
>> definition. Internal parsing error is [Cannot deserialize value of type
>> `org.apereo.cas.configuration.model.core.authentication.PrincipalAttributesCoreProperties$MergingStrategyTypes`
>> from String "replace": not one of the values accepted for Enum class:
>> [NONE, ADD, MULTIVALUED, REPLACE]
>>  at [Source:
>> (String)"{"@class":"org.apereo.cas.services.OidcRegisteredService","serviceId":"
>> https://b.edu:6129/bprep/apex_authentication.callback","name":"Butternut
>> - OAuth Client","id":24,"description":"Butternut - OAuth
>> Client","expirationPolicy":{"@class":"org.apereo.cas.services.DefaultRegisteredServiceExpirationPolicy","deleteWhenExpired":false,"notifyWhenDeleted":false,"notifyWhenExpired":false},"acceptableUsagePolicy":{"@class":"org.apereo.cas.services.DefaultRegisteredServiceAcceptableU"[truncated
>> 4324 chars]; line: 1, column: 2036] (through reference chain:
>> org.apereo.cas.services.OidcRegisteredService["attributeReleasePolicy"]->org.apereo.cas.services.ChainingAttributeReleasePolicy["mergingPolicy"])]>
>>
>> You can point the 6.4 system to the 6.2 database; however, the registry
>> data are in two different tables, so what are we supposed to do?
>>
>> The 6.2 system uses the MySQL table regex_registered_service and 6.4
>> uses registered_services. I have hundreds of services to manually re add
>> unless I want to strp all but the first six lines from every json file and
>> then modify each using the management service.
>>
>> https://fawnoos.com/2020/08/15/cas63x-import-export-services/
>>
>> -Jeff
>>
>>
>>
>>
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "CAS Developer" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to cas-dev+u...@apereo.org.
>> To view this discussion on the web visit
>> https://groups.google.com/a/apereo.org/d/msgid/cas-dev/CA%2BTBYOQ0PsvRbcY1Wdv2JPiiJ3dBno7JTbm7%3D%2Bj%3DWXJid6ZjpQ%40mail.gmail.com
>> <https://groups.google.com/a/apereo.org/d/msgid/cas-dev/CA%2BTBYOQ0PsvRbcY1Wdv2JPiiJ3dBno7JTbm7%3D%2Bj%3DWXJid6ZjpQ%40mail.gmail.com?utm_medium=email_source=footer>
>> .
>>
>>
>>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOTBnQcwLQrhTTpMn4Zc-gMVoWK1Ze427tZjH2446LfQFA%40mail.gmail.com.

Re: [cas-user] Re: log4j vulnerability remediation

[Jeffrey Ramsay]

Robert and Joe,

Your examples were really helpful. I was able to combine the steps and
patch our systems.

Thanks,
-Jeff

On Tue, Dec 14, 2021 at 1:58 PM Pablo Vidaurri  wrote:

> Note v2.16.0 is now out  a patch for the patch
>
> On Tuesday, December 14, 2021 at 10:02:48 AM UTC-6 apereo_cas_user wrote:
>
>> We use cas 6.1.7  overlay template [still in pre-prod] for delegated
>> authentication.
>> As a temp solution we replaced log4j  2.12.1 with 2.15.0 manually and
>> bounced tomcat.
>> Is there a way we can exclude 2.12.1 from the build . [I can pull in
>> 2.15.0 by adding in build.gradle but conflict with 2.12.1].  We have issues
>> when upgrading to 6.3.7.2
>>
>> Thanks
>>
>> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/379632b4-2e9b-40b1-824d-1eebbdee4f83n%40apereo.org
> 
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOTzLyDsd-6wUFAJVjOYJkh5Jod95QTAkDH1zi5G8rY7AA%40mail.gmail.com.

Re: [cas-user] log4j vulnerability remediation

[Jeffrey Ramsay]

Same experience.

On Tue, Dec 14, 2021 at 11:02 AM apereo_cas_user 
wrote:

> We use cas 6.1.7  overlay template [still in pre-prod] for delegated
> authentication.
> As a temp solution we replaced log4j  2.12.1 with 2.15.0 manually and
> bounced tomcat.
> Is there a way we can exclude 2.12.1 from the build . [I can pull in
> 2.15.0 by adding in build.gradle but conflict with 2.12.1].  We have issues
> when upgrading to 6.3.7.2
>
> Thanks
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/affbd618-e1e6-427f-b333-e00ca54bf1aen%40apereo.org
> 
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOQ-AecysHAxD0FHEdBnTTHD3wNTa_d1xXcVVRmuC16A5g%40mail.gmail.com.

[cas-user] CAS registry migration

[Jeffrey Ramsay]

Hello -

What is the process for migrating the service registry from CAS 6.2 to 6.4?
I have used the service endpoints to export the 6.2 registry and then tried
to import into the new 6.4 system registry and that fails. Placing the
exported json files in the services area fails as shown below -- and this
is not the only error; removing the failed section leads to another very
similar message.

2021-12-14 07:38:12,198 ERROR
[org.apereo.cas.util.serialization.AbstractJacksonBackedStringSerializer] -
https://bedu:6129/bprep/apex...] to deserialize into type [interface
org.apereo.cas.services.RegisteredService]. This may be caused in the
absence of a configuration/support module that knows how to interpret the
fragment, specially if the fragment describes a CAS registered service
definition. Internal parsing error is [Cannot deserialize value of type
`org.apereo.cas.configuration.model.core.authentication.PrincipalAttributesCoreProperties$MergingStrategyTypes`
from String "replace": not one of the values accepted for Enum class:
[NONE, ADD, MULTIVALUED, REPLACE]
 at [Source:
(String)"{"@class":"org.apereo.cas.services.OidcRegisteredService","serviceId":"
https://b.edu:6129/bprep/apex_authentication.callback","name":"Butternut
- OAuth Client","id":24,"description":"Butternut - OAuth
Client","expirationPolicy":{"@class":"org.apereo.cas.services.DefaultRegisteredServiceExpirationPolicy","deleteWhenExpired":false,"notifyWhenDeleted":false,"notifyWhenExpired":false},"acceptableUsagePolicy":{"@class":"org.apereo.cas.services.DefaultRegisteredServiceAcceptableU"[truncated
4324 chars]; line: 1, column: 2036] (through reference chain:
org.apereo.cas.services.OidcRegisteredService["attributeReleasePolicy"]->org.apereo.cas.services.ChainingAttributeReleasePolicy["mergingPolicy"])]>

You can point the 6.4 system to the 6.2 database; however, the registry
data are in two different tables, so what are we supposed to do?

The 6.2 system uses the MySQL table regex_registered_service and 6.4
uses registered_services. I have hundreds of services to manually re add
unless I want to strp all but the first six lines from every json file and
then modify each using the management service.

https://fawnoos.com/2020/08/15/cas63x-import-export-services/

-Jeff

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOQ0PsvRbcY1Wdv2JPiiJ3dBno7JTbm7%3D%2Bj%3DWXJid6ZjpQ%40mail.gmail.com.

Re: [cas-user] Re: CAS 6.4

[Jeffrey Ramsay]

Ray,

Thanks for following up on this. I was able to resolve this issue and
posted an update. The two issues I encountered were 1) an additional
repository was required to find the libraries used for radius and 2) the
newer bcprov library used in 6.4 is missing a key component. CAS builds
correctly but you cannot use it unless you resolve this: the library
bcprov-jdk15on-1.69.jar used in this build is missing the
DERObjectIdentifier class. I downgraded to "bcprov-jdk15on-1.66.jar" which
resolved the issue.

Thanks again,
-Jeff




On Mon, Dec 13, 2021 at 12:20 PM Ray Bon  wrote:

> Jeffrey,
>
> This looks like a library conflict. You can exclude the older library.
> See
> https://docs.gradle.org/current/userguide/dependency_downgrade_and_exclude.html
>
> To find the library details
>
> ./gradlew dependencies
>
> Ray
>
> On Sun, 2021-12-12 at 09:17 -0500, Jeffrey Ramsay wrote:
>
> Notice: This message was sent from outside the University of Victoria
> email system. Please be cautious with links and sensitive information.
>
> Can anyone help me resolve this?
>
> 2021-12-12 09:11:49,787 ERROR
> [org.springframework.boot.web.servlet.support.ErrorPageFilter] -
>  [org/bouncycastle/asn1/DERObjectIdentifier]>
> java.lang.NoClassDefFoundError: org/bouncycastle/asn1/DERObjectIdentifier
> at java.lang.Class.forName0(Native Method) ~[?:?]
> at java.lang.Class.forName(Class.java:315) ~[?:?]
> at
> net.jradius.client.RadiusClient.registerAuthenticator(RadiusClient.java:189)
> ~[jradius-core-1.1.5.jar:?]
> at net.jradius.client.RadiusClient.(RadiusClient.java:82)
> ~[jradius-core-1.1.5.jar:?]
> at
> org.apereo.cas.adaptors.radius.RadiusClientFactory.newInstance(RadiusClientFactory.java:69)
> ~[cas-server-support-radius-core-6.4.4.jar:6.4.4]
> at
> org.apereo.cas.adaptors.radius.server.AbstractRadiusServer.authenticate(AbstractRadiusServer.java:111)
> ~[cas-server-support-radius-core-6.4.4.jar:6.4.4]
> at
> org.apereo.cas.adaptors.radius.RadiusServer.authenticate(RadiusServer.java:39)
> ~[cas-server-support-radius-core-6.4.4.jar:6.4.4]
> at
> org.apereo.cas.adaptors.radius.authentication.RadiusMultifactorAuthenticationProvider.canPing(RadiusMultifactorAuthenticationProvider.java:59)
> ~[cas-server-support-radius-core-mfa-6.4.4.jar:6.4.4]
> at
> org.apereo.cas.adaptors.radius.authentication.RadiusMultifactorAuthenticationProvider.isAvailable(RadiusMultifactorAuthenticationProvider.java:40)
> ~[cas-server-support-radius-core-mfa-6.4.4.jar:6.4.4]
> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native
> Method) ~[?:?]
> at
> jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> ~[?:?]
> at
> jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> ~[?:?]
> at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?]
> at
> org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:282)
> ~[spring-core-5.3.9.jar:5.3.9]
> at
> org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:485)
> ~[spring-cloud-context-3.0.3.jar:3.0.3]
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
> ~[spring-aop-5.3.9.jar:5.3.9]
> at
> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:215)
> ~[spring-aop-5.3.9.jar:5.3.9]
> at com.sun.proxy.$Proxy357.isAvailable(Unknown Source) ~[?:?]
> at
> org.apereo.cas.web.flow.actions.MultifactorAuthenticationAvailableAction.doExecute(MultifactorAuthenticationAvailableAction.java:21)
> ~[cas-server-core-webflow-mfa-api-6.4.4.jar:6.4.4]
> at
> org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188)
> ~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native
> Method) ~[?:?]
> at
> jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> ~[?:?]
> at
> jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> ~[?:?]
>
> Thanks,
> -Jeff
>
> On Sat, Dec 11, 2021 at 11:30 AM Jeffrey Ramsay 
> wrote:
>
> I added some additional repositories and that solved the problem.
>
> maven {
> url "https://maven.repository.redhat.com/ga/;
> }
> maven {
> url "https://repo1.maven.org/maven2/;
> }
>
> -Jeff
>
> On Sat, Dec 11, 2021 at 10:54 AM Jeffrey Ramsay 
> wrote:
>

[cas-user] Re: CAS 6.4

[Jeffrey Ramsay]

Can anyone help me resolve this?

2021-12-12 09:11:49,787 ERROR
[org.springframework.boot.web.servlet.support.ErrorPageFilter] -

java.lang.NoClassDefFoundError: org/bouncycastle/asn1/DERObjectIdentifier
at java.lang.Class.forName0(Native Method) ~[?:?]
at java.lang.Class.forName(Class.java:315) ~[?:?]
at
net.jradius.client.RadiusClient.registerAuthenticator(RadiusClient.java:189)
~[jradius-core-1.1.5.jar:?]
at net.jradius.client.RadiusClient.(RadiusClient.java:82)
~[jradius-core-1.1.5.jar:?]
at
org.apereo.cas.adaptors.radius.RadiusClientFactory.newInstance(RadiusClientFactory.java:69)
~[cas-server-support-radius-core-6.4.4.jar:6.4.4]
at
org.apereo.cas.adaptors.radius.server.AbstractRadiusServer.authenticate(AbstractRadiusServer.java:111)
~[cas-server-support-radius-core-6.4.4.jar:6.4.4]
at
org.apereo.cas.adaptors.radius.RadiusServer.authenticate(RadiusServer.java:39)
~[cas-server-support-radius-core-6.4.4.jar:6.4.4]
at
org.apereo.cas.adaptors.radius.authentication.RadiusMultifactorAuthenticationProvider.canPing(RadiusMultifactorAuthenticationProvider.java:59)
~[cas-server-support-radius-core-mfa-6.4.4.jar:6.4.4]
at
org.apereo.cas.adaptors.radius.authentication.RadiusMultifactorAuthenticationProvider.isAvailable(RadiusMultifactorAuthenticationProvider.java:40)
~[cas-server-support-radius-core-mfa-6.4.4.jar:6.4.4]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native
Method) ~[?:?]
at
jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
~[?:?]
at
jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
~[?:?]
at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?]
at
org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:282)
~[spring-core-5.3.9.jar:5.3.9]
at
org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:485)
~[spring-cloud-context-3.0.3.jar:3.0.3]
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
~[spring-aop-5.3.9.jar:5.3.9]
at
org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:215)
~[spring-aop-5.3.9.jar:5.3.9]
at com.sun.proxy.$Proxy357.isAvailable(Unknown Source) ~[?:?]
at
org.apereo.cas.web.flow.actions.MultifactorAuthenticationAvailableAction.doExecute(MultifactorAuthenticationAvailableAction.java:21)
~[cas-server-core-webflow-mfa-api-6.4.4.jar:6.4.4]
at
org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188)
~[spring-webflow-2.5.1.RELEASE.jar:2.5.1.RELEASE]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native
Method) ~[?:?]
at
jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
~[?:?]
at
jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
~[?:?]

Thanks,
-Jeff

On Sat, Dec 11, 2021 at 11:30 AM Jeffrey Ramsay 
wrote:

> I added some additional repositories and that solved the problem.
>
> maven {
> url "https://maven.repository.redhat.com/ga/;
> }
> maven {
> url "https://repo1.maven.org/maven2/;
> }
>
> -Jeff
>
> On Sat, Dec 11, 2021 at 10:54 AM Jeffrey Ramsay 
> wrote:
>
>> Hello -
>>
>> I need some help to resolve the following in a new build. The problem is
>> only occurring when I try to add support for the "implementation
>> "org.apereo.cas:cas-server-support-radius-mfa"" module. What do I need to
>> do to add the missing library?
>>
>> Execution failed for task ':bootWarMainClassName'.
>> > Could not resolve all files for configuration ':runtimeClasspath'.
>>> Could not find gnu-getopt:getopt:1.0.13.
>>  Required by:
>>  project : >  org.apereo.cas:cas-server-support-radius-core:6.4.4
>> > net.jradius:jradius-apps:1.1.5
>>
>> ---
>>
>> My current setup ...
>>
>> build.gradle:
>> -
>> dependencies {
>> /**
>>  * CAS dependencies and modules may be listed here.
>>  *
>>  * There is no need to specify the version number for each dependency
>>  * since versions are all resolved and controlled by the dependency
>> management
>>  * plugin via the CAS bom.
>>  **/
>>
>> implementation
>> "org.apereo.cas:cas-server-core-api-configuration-model"
>> implementation "org.apereo.cas:cas-server-webapp-init"
>>
>> implementation "org.apereo.cas:cas-server-support-jdbc"
>> impleme

[cas-user] Re: CAS 6.4

[Jeffrey Ramsay]

I added some additional repositories and that solved the problem.

maven {
url "https://maven.repository.redhat.com/ga/;
}
maven {
url "https://repo1.maven.org/maven2/;
}

-Jeff

On Sat, Dec 11, 2021 at 10:54 AM Jeffrey Ramsay 
wrote:

> Hello -
>
> I need some help to resolve the following in a new build. The problem is
> only occurring when I try to add support for the "implementation
> "org.apereo.cas:cas-server-support-radius-mfa"" module. What do I need to
> do to add the missing library?
>
> Execution failed for task ':bootWarMainClassName'.
> > Could not resolve all files for configuration ':runtimeClasspath'.
>> Could not find gnu-getopt:getopt:1.0.13.
>  Required by:
>  project : >  org.apereo.cas:cas-server-support-radius-core:6.4.4
> > net.jradius:jradius-apps:1.1.5
>
> ---
>
> My current setup ...
>
> build.gradle:
> -
> dependencies {
> /**
>  * CAS dependencies and modules may be listed here.
>  *
>  * There is no need to specify the version number for each dependency
>  * since versions are all resolved and controlled by the dependency
> management
>  * plugin via the CAS bom.
>  **/
>
> implementation "org.apereo.cas:cas-server-core-api-configuration-model"
> implementation "org.apereo.cas:cas-server-webapp-init"
>
> implementation "org.apereo.cas:cas-server-support-jdbc"
> implementation "org.apereo.cas:cas-server-support-jdbc-drivers"
> implementation "org.apereo.cas:cas-server-support-ldap"
> implementation "org.apereo.cas:cas-server-support-saml"
> implementation "org.apereo.cas:cas-server-support-saml-idp"
> implementation "org.apereo.cas:cas-server-support-jpa-service-registry"
> implementation
> "org.apereo.cas:cas-server-support-memcached-ticket-registry"
> implementation "org.apereo.cas:cas-server-support-memcached-spy"
> implementation "org.apereo.cas:cas-server-support-generic"
> implementation "org.apereo.cas:cas-server-support-actions"
> implementation "org.apereo.cas:cas-server-core-api-authentication"
> implementation "org.apereo.cas:cas-server-core-authentication-api"
> implementation "org.apereo.cas:cas-server-core-authentication"
> implementation
> "org.apereo.cas:cas-server-core-authentication-attributes"
> implementation "org.apereo.cas:cas-server-core-services-authentication"
> implementation "org.apereo.cas:cas-server-core-configuration"
> implementation "org.apereo.cas:cas-server-core-configuration-api"
> implementation "org.apereo.cas:cas-server-support-jdbc-authentication"
> implementation "org.apereo.cas:cas-server-core-util-api"
> implementation "org.apereo.cas:cas-server-support-radius"
> implementation "org.apereo.cas:cas-server-support-radius-core"
> implementation "org.apereo.cas:cas-server-support-radius-mfa"
> implementation "org.apereo.cas:cas-server-support-oidc"
>
> if (project.hasProperty("casModules")) {
> def dependencies = project.getProperty("casModules").split(",")
> dependencies.each {
> def projectsToAdd = rootProject.subprojects.findAll {project ->
> project.name == "cas-server-core-${it}" || project.name
> == "cas-server-support-${it}"
> }
> projectsToAdd.each {implementation it}
> }
> }
>
> --
>
> $ ./gradlew clean build
> To honour the JVM settings for this build a single-use Daemon process will
> be forked. See
> https://docs.gradle.org/7.3.1/userguide/gradle_daemon.html#sec:disabling_the_daemon
> .
> Daemon will be stopped at the end of the build
> > Task :bootWarMainClassName FAILED
>
> FAILURE: Build failed with an exception.
>
> * What went wrong:
> Execution failed for task ':bootWarMainClassName'.
> > Could not resolve all files for configuration ':runtimeClasspath'.
>> Could not find gnu-getopt:getopt:1.0.13.
>  Required by:
>  project : > org.apereo.cas:cas-server-support-radius-core:6.4.4 >
> net.jradius:jradius-apps:1.1.5
>
> * Try:
> > Run with --stacktrace option to get the stack trace.
> > Run with --info or --debug option to get more log output.
> > Run with --scan to get full insights.
>
> * Get more help at https://help.gradle.or

[cas-user] CAS 6.4

[Jeffrey Ramsay]

Hello -

I need some help to resolve the following in a new build. The problem is
only occurring when I try to add support for the "implementation
"org.apereo.cas:cas-server-support-radius-mfa"" module. What do I need to
do to add the missing library?

Execution failed for task ':bootWarMainClassName'.
> Could not resolve all files for configuration ':runtimeClasspath'.
   > Could not find gnu-getopt:getopt:1.0.13.
 Required by:
 project : >  org.apereo.cas:cas-server-support-radius-core:6.4.4 >
net.jradius:jradius-apps:1.1.5

---

My current setup ...

build.gradle:
-
dependencies {
/**
 * CAS dependencies and modules may be listed here.
 *
 * There is no need to specify the version number for each dependency
 * since versions are all resolved and controlled by the dependency
management
 * plugin via the CAS bom.
 **/

implementation "org.apereo.cas:cas-server-core-api-configuration-model"
implementation "org.apereo.cas:cas-server-webapp-init"

implementation "org.apereo.cas:cas-server-support-jdbc"
implementation "org.apereo.cas:cas-server-support-jdbc-drivers"
implementation "org.apereo.cas:cas-server-support-ldap"
implementation "org.apereo.cas:cas-server-support-saml"
implementation "org.apereo.cas:cas-server-support-saml-idp"
implementation "org.apereo.cas:cas-server-support-jpa-service-registry"
implementation
"org.apereo.cas:cas-server-support-memcached-ticket-registry"
implementation "org.apereo.cas:cas-server-support-memcached-spy"
implementation "org.apereo.cas:cas-server-support-generic"
implementation "org.apereo.cas:cas-server-support-actions"
implementation "org.apereo.cas:cas-server-core-api-authentication"
implementation "org.apereo.cas:cas-server-core-authentication-api"
implementation "org.apereo.cas:cas-server-core-authentication"
implementation
"org.apereo.cas:cas-server-core-authentication-attributes"
implementation "org.apereo.cas:cas-server-core-services-authentication"
implementation "org.apereo.cas:cas-server-core-configuration"
implementation "org.apereo.cas:cas-server-core-configuration-api"
implementation "org.apereo.cas:cas-server-support-jdbc-authentication"
implementation "org.apereo.cas:cas-server-core-util-api"
implementation "org.apereo.cas:cas-server-support-radius"
implementation "org.apereo.cas:cas-server-support-radius-core"
implementation "org.apereo.cas:cas-server-support-radius-mfa"
implementation "org.apereo.cas:cas-server-support-oidc"

if (project.hasProperty("casModules")) {
def dependencies = project.getProperty("casModules").split(",")
dependencies.each {
def projectsToAdd = rootProject.subprojects.findAll {project ->
project.name == "cas-server-core-${it}" || project.name ==
"cas-server-support-${it}"
}
projectsToAdd.each {implementation it}
}
}

--

$ ./gradlew clean build
To honour the JVM settings for this build a single-use Daemon process will
be forked. See
https://docs.gradle.org/7.3.1/userguide/gradle_daemon.html#sec:disabling_the_daemon
.
Daemon will be stopped at the end of the build
> Task :bootWarMainClassName FAILED

FAILURE: Build failed with an exception.

* What went wrong:
Execution failed for task ':bootWarMainClassName'.
> Could not resolve all files for configuration ':runtimeClasspath'.
   > Could not find gnu-getopt:getopt:1.0.13.
 Required by:
 project : > org.apereo.cas:cas-server-support-radius-core:6.4.4 >
net.jradius:jradius-apps:1.1.5

* Try:
> Run with --stacktrace option to get the stack trace.
> Run with --info or --debug option to get more log output.
> Run with --scan to get full insights.

* Get more help at https://help.gradle.org

Deprecated Gradle features were used in this build, making it incompatible
with Gradle 8.0.

You can use '--warning-mode all' to show the individual deprecation
warnings and determine if they come from your own scripts or plugins.

See
https://docs.gradle.org/7.3.1/userguide/command_line_interface.html#sec:command_line_warnings

BUILD FAILED in 18s
8 actionable tasks: 8 executed

Thanks,
-Jeff

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOS%2BQ%2Bs3xuor4wh0c2aimO0BQMiYUnjorQXGih0ZYzqgJA%40mail.gmail.com.

[cas-user] Username

[Jeffrey Ramsay]

How can I display the username on the token page for an MFA module?

Thanks.
-- 
Sent from Gmail Mobile

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOQMjL%2BSoO-rXq%2BX1UxO6hWTWb-XPoGCVZcvr-FB2QjMBA%40mail.gmail.com.

[cas-user] JWE decoding

[Jeffrey Ramsay]

All -

I am hoping someone can point me in the right direction. I am trying to
extract the claims from a CAS JWE token and I am not sure what I should
pass to the  AESDecrypter for the key; "X" as shown below.  I tried using
the json web key and that failed as well.

 final String jwkJson = "{\"kty\":\"oct\",\"k\":\"" + encryptionKey +
"\"}";
 final JsonWebKey jwk = JsonWebKey.Factory.newJwk(jwkJson);

Decode.java:136: error: no suitable constructor found for AESDecrypter(Key)
JWEDecrypter decrypter = new AESDecrypter(jwk.getKey());
 ^
constructor AESDecrypter.AESDecrypter(SecretKey) is not applicable
  (argument mismatch; Key cannot be converted to SecretKey)
constructor AESDecrypter.AESDecrypter(byte[]) is not applicable
  (argument mismatch; Key cannot be converted to byte[])
constructor AESDecrypter.AESDecrypter(OctetSequenceKey) is not
applicable
  (argument mismatch; Key cannot be converted to OctetSequenceKey)
constructor AESDecrypter.AESDecrypter(SecretKey,Set) is not
applicable
  (actual and formal argument lists differ in length)

---


JsonWebEncryption{"zip":"DEF","alg":"dir","enc":"A256GCM","cty":"JWT","typ":"JWT"}->eyJ6aXAiOiJERUYiLCJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIiwiY3R5IjoiSldUIiwidHlwIjoiSldUIn0..lnPt05aWOWOPxUqF.BbAS52yWx3M4PQ-a8RdMzwuVsZpHxb485XlmfvxeCfT-nw.CSkY_sNu9SQQcX_oJR32L
JWE encoded token:
eyJ6aXAiOiJERUYiLCJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIiwiY3R5IjoiSldUIiwidHlwIjoiSldUIn0..lnPt05aWOWOPxUqF.BbAS52yWx3M4PQ-a8RdMzwuVsZpHxb485XlmfvxeCfT-nw.CSkY_sNu9SQQcX_oJR32L
Header: {"zip":"DEF","cty":"JWT","typ":"JWT","enc":"A256GCM","alg":"dir"}
Algorithm: dir
Encryption: A256GCM
JWE initialization vector (BASE64URL) length: 11
ff96 73 ffed ffd3 ff96 ff96 39 63 ff8f ffc5 4a
ff85
JWE Ciphertext (BASE64URL) length: 33
5 ffb0 12 ffe7 6c ff96 ffc7 73 38 3d 6 ffbc 45 ffd3
33 ffc2 ffe5 6c 66 ff91 fff1 6f ff8f 39 5e 59 ff9f
ffbf 17 ff82 7d 39 fff0
JWE Authentication Tag (BASE64URL) length: 14
9 29 18 ffb0 ffdb ffbd 49 4 1c 5e ff82 51 0 0 0
===
What value is used for 'X' in: JWEDecrypter decrypter = new AESDecrypter(X)

-Jeff

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYORHtwQHByfs1ct%2B0eHNks4_EFbq0V206FG9Lg%2BPCY1iTg%40mail.gmail.com.

Re: [cas-user] MFA endpoint

[Jeffrey Ramsay]

Thanks, I'll check them out.

-Jeff

On Mon, Nov 23, 2020 at 4:48 PM Ray Bon  wrote:

> OK, the 6.2 docs have a link to some additional configuration options,
> https://apereo.github.io/cas/6.2.x/configuration/Configuration-Properties.html#google-authenticator-rest
>
> Ray
>
> On Mon, 2020-11-23 at 16:25 -0500, Jeffrey Ramsay wrote:
>
> Notice: This message was sent from outside the University of Victoria
> email system. Please be cautious with links and sensitive information.
>
> Neither, I believe. I am looking at (cas.authn.mfa.gauth.rest.url) which
> allows you to store the MFA data on a remote system and uses CRUD.
>
>
> https://apereo.github.io/cas/6.0.x/mfa/GoogleAuthenticator-Authentication.html#rest
>
> -Jeff
>
> On Mon, Nov 23, 2020 at 4:00 PM Ray Bon  wrote:
>
> Jeff,
>
> Are you asking about a remote rest service authenticating with cas,
> https://apereo.github.io/cas/6.2.x/protocol/REST-Protocol.html or cas
> accessing a rest service that performs authentication,
> https://apereo.github.io/cas/6.2.x/installation/Rest-Authentication.html?
>
> If you are using the remote service an MFA server, some are already
> available,
> https://apereo.github.io/cas/6.2.x/mfa/Configuring-Multifactor-Authentication.html.
> There is also a custom option.
>
> Ray
>
> On Mon, 2020-11-23 at 15:16 -0500, Jeffrey Ramsay wrote:
>
> Notice: This message was sent from outside the University of Victoria
> email system. Please be cautious with links and sensitive information.
>
> Hello -
>
> How do I set an api key or username/password to be used with a remote rest
> service?
>
> Thanks,
> -Jeff
>
> --
>
>
> Ray Bon
> Programmer Analyst
> Development Services, University Systems
> 2507218831 | CLE 019 | r...@uvic.ca
>
> I respectfully acknowledge that my place of work is located within the
> ancestral, traditional and unceded territory of the Songhees, Esquimalt and
> WSÁNEĆ Nations.
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/1f2d2b034dd9a96a75ddedf4ae35afeb49a43138.camel%40uvic.ca
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/1f2d2b034dd9a96a75ddedf4ae35afeb49a43138.camel%40uvic.ca?utm_medium=email_source=footer>
> .
>
> --
>
> Ray Bon
> Programmer Analyst
> Development Services, University Systems
> 2507218831 | CLE 019 | r...@uvic.ca
>
> I respectfully acknowledge that my place of work is located within the
> ancestral, traditional and unceded territory of the Songhees, Esquimalt and
> WSÁNEĆ Nations.
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/0d187f00c0b0bf83188121d2bfc9f45f8a6a850d.camel%40uvic.ca
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/0d187f00c0b0bf83188121d2bfc9f45f8a6a850d.camel%40uvic.ca?utm_medium=email_source=footer>
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOTUb-kR3_RnKgAawy5ZVFKhbeK3qQWaaoFhkRfkc-mWUg%40mail.gmail.com.

Re: [cas-user] MFA endpoint

[Jeffrey Ramsay]

Neither, I believe. I am looking at (cas.authn.mfa.gauth.rest.url) which
allows you to store the MFA data on a remote system and uses CRUD.

https://apereo.github.io/cas/6.0.x/mfa/GoogleAuthenticator-Authentication.html#rest

-Jeff

On Mon, Nov 23, 2020 at 4:00 PM Ray Bon  wrote:

> Jeff,
>
> Are you asking about a remote rest service authenticating with cas,
> https://apereo.github.io/cas/6.2.x/protocol/REST-Protocol.html or cas
> accessing a rest service that performs authentication,
> https://apereo.github.io/cas/6.2.x/installation/Rest-Authentication.html?
>
> If you are using the remote service an MFA server, some are already
> available,
> https://apereo.github.io/cas/6.2.x/mfa/Configuring-Multifactor-Authentication.html.
> There is also a custom option.
>
> Ray
>
> On Mon, 2020-11-23 at 15:16 -0500, Jeffrey Ramsay wrote:
>
> Notice: This message was sent from outside the University of Victoria
> email system. Please be cautious with links and sensitive information.
>
> Hello -
>
> How do I set an api key or username/password to be used with a remote rest
> service?
>
> Thanks,
> -Jeff
>
> --
>
> Ray Bon
> Programmer Analyst
> Development Services, University Systems
> 2507218831 | CLE 019 | r...@uvic.ca
>
> I respectfully acknowledge that my place of work is located within the
> ancestral, traditional and unceded territory of the Songhees, Esquimalt and
> WSÁNEĆ Nations.
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/1f2d2b034dd9a96a75ddedf4ae35afeb49a43138.camel%40uvic.ca
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/1f2d2b034dd9a96a75ddedf4ae35afeb49a43138.camel%40uvic.ca?utm_medium=email_source=footer>
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOSM%3D_KCnF%3DuwyvH%2B4ZAZwmy8G8EC69SNxP4RX5EYTRs4Q%40mail.gmail.com.

[cas-user] MFA endpoint

[Jeffrey Ramsay]

Hello -

How do I set an api key or username/password to be used with a remote rest
service?

Thanks,
-Jeff

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYORYjWtvUVFxFdoK-4%3DqhoObUSpD0%3DY010j3hPvBzoC%3D6w%40mail.gmail.com.

[cas-user] JWT decode

[Jeffrey Ramsay]

Hello -

I am hoping someone can point me in the right direction regarding JWT used
with CAS and which api is used to decode/decrypt them. I want to be able to
decode the GAUTH secret for third-party access.

Base64 decoding the string produces these headers.

{"alg":"HS512","typ":"JWT"}
{"zip":"DEF","alg":"dir","enc":"A256GCM","cty":"JWT","typ":"JWT"}

Thanks,
-Jeff

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOSO_RDcdt3OCezQ927d8VcDzfK0txvq9Oabc82Lj0tcFQ%40mail.gmail.com.

[cas-user] Help with AbstractJdbcUsernamePasswordAuthenticationHandler

[Jeffrey Ramsay]

Hello -

I am stuck trying to use the
"AbstractJdbcUsernamePasswordAuthenticationHandler" as shown below which is
used in sources like "SearchModeSearchDatabaseAuthenticationHandler.java"
but not found on javadoc.

: error: cannot find symbol
public class MyAuthenticationHandler extends
AbstractJdbcUsernamePasswordAuthenticationHandler {
 ^
  symbol: class AbstractJdbcUsernamePasswordAuthenticationHandler
1 error

I am referencing sources at the link below and if that's no longer
accurate, what is?

https://github.com/apereo/cas/blob/6.2.x/support/cas-server-support-jdbc-authentication/src/main/java/org/apereo/cas/adaptors/jdbc/SearchModeSearchDatabaseAuthenticationHandler.java

Thanks,
-Jeff

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOReV8DGevFVnUkWwgw%2BerCA2Qwkuj51ioFbn8YfYFV%3D8g%40mail.gmail.com.

Re: [cas-user] HandlerResult

[Jeffrey Ramsay]

Dmitriy,

Thank you; much appreciated.

-Jeff

On Wed, Oct 21, 2020 at 3:10 PM Dmitriy Kopylenko 
wrote:

> Unfortunately, the documentation is not up to date. The API has changed.
> As you could see there is no HandlerResult type anymore:
> https://github.com/apereo/cas/blob/6.2.x/core/cas-server-core-authentication-api/src/main/java/org/apereo/cas/authentication/handler/support/AbstractUsernamePasswordAuthenticationHandler.java#L120
>
> It’s called AuthenticationHandlerExecutionResult
>
> See if you could adopt your implementation to the latest API
>
> Best,
> D.
>
> On Oct 21, 2020 at 13:10:52, Jeffrey Ramsay 
> wrote:
>
>> Hello,
>>
>> I was following the code listed here.
>>
>>
>> https://apereo.github.io/cas/6.2.x/installation/Configuring-Custom-Authentication.html
>>
>> Also, I added the following to build.gradle:
>>
>> implementation
>> "org.apereo.cas:cas-server-core-api-authentication:${casServerVersion}"
>> implementation
>> "org.apereo.cas:cas-server-core-authentication-api:${casServerVersion}"
>> implementation
>> "org.apereo.cas:cas-server-support-generic:${casServerVersion}"
>> implementation
>> "org.apereo.cas:cas-server-support-actions:${casServerVersion}"
>> implementation
>> "org.apereo.cas:cas-server-core-authentication:${casServerVersion}"
>> implementation
>> "org.apereo.cas:cas-server-core-authentication-attributes:${casServerVersion}"
>> implementation
>> "org.apereo.cas:cas-server-core-services-authentication:${casServerVersion}"
>> implementation
>> "org.apereo.cas:cas-server-core-configuration:${casServerVersion}"
>> implementation
>> "org.apereo.cas:cas-server-core-configuration-api:${casServerVersion}"
>>
>> And the code I'm testing.
>>
>> package com.example.cas;
>>
>> import
>> org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler;
>> import
>> org.apereo.cas.authentication.credential.UsernamePasswordCredential;
>> import org.apereo.cas.authentication.principal.PrincipalFactory;
>> import org.apereo.cas.authentication.PreventedException;
>> import org.apereo.cas.services.ServicesManager;
>> import org.apereo.cas.authentication.Credential;
>> import java.security.GeneralSecurityException;
>>
>> import org.apereo.cas.authentication.principal.Principal;
>>
>> public class MyAuthenticationHandler extends
>> AbstractUsernamePasswordAuthenticationHandler {
>>
>> public MyAuthenticationHandler(String name, ServicesManager
>> servicesManager, PrincipalFactory principalFactory, Integer order) {
>> super(name, servicesManager, principalFactory, order);
>> }
>>
>> @Override
>> protected HandlerResult authenticateUsernamePasswordInternal(
>>  final
>> UsernamePasswordCredential credential,
>>  final
>> String originalPassword) {
>> return createHandlerResult(credential,
>> this.principalFactory.createPrincipal(username), null);
>> }
>> }
>>
>> -Jeff
>>
>> On Wed, Oct 21, 2020 at 10:05 AM Dmitriy Kopylenko 
>> wrote:
>>
>>> Hi there.
>>>
>>> Which stub code example?
>>>
>>> You’d want to make sure you implement the correct SPI for
>>> AuthenticationHandler, which is this:
>>> https://github.com/apereo/cas/blob/6.2.x/api/cas-server-core-api-authentication/src/main/java/org/apereo/cas/authentication/AuthenticationHandler.java
>>>
>>> Best,
>>> D.
>>>
>>> On Oct 21, 2020 at 09:46:17, Jeffrey Ramsay 
>>> wrote:
>>>
>>>> Hello -
>>>>
>>>> I am trying to build an authentication handler in cas 6.2 using the
>>>> stub code from the example and cannot get past the following error message.
>>>>
>>>> Does anyone know if this is no longer valid? or where I can find the
>>>> module where this class is defined?
>>>>
>>>> error: cannot find symbol
>>>> import org.apereo.cas.authentication.HandlerResult;
>>>> ^
>>>>   symbol:   class HandlerResult
>>>>   location: package org.apereo.cas.authentication
>>>>
>>>> Thanks,
>>>> -Jeff
>>>>
>>>> --
>>>> - Websi

Re: [cas-user] HandlerResult

[Jeffrey Ramsay]

Hello,

I was following the code listed here.

https://apereo.github.io/cas/6.2.x/installation/Configuring-Custom-Authentication.html

Also, I added the following to build.gradle:

implementation
"org.apereo.cas:cas-server-core-api-authentication:${casServerVersion}"
implementation
"org.apereo.cas:cas-server-core-authentication-api:${casServerVersion}"
implementation
"org.apereo.cas:cas-server-support-generic:${casServerVersion}"
implementation
"org.apereo.cas:cas-server-support-actions:${casServerVersion}"
implementation
"org.apereo.cas:cas-server-core-authentication:${casServerVersion}"
implementation
"org.apereo.cas:cas-server-core-authentication-attributes:${casServerVersion}"
implementation
"org.apereo.cas:cas-server-core-services-authentication:${casServerVersion}"
implementation
"org.apereo.cas:cas-server-core-configuration:${casServerVersion}"
implementation
"org.apereo.cas:cas-server-core-configuration-api:${casServerVersion}"

And the code I'm testing.

package com.example.cas;

import
org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler;
import org.apereo.cas.authentication.credential.UsernamePasswordCredential;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.authentication.PreventedException;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.authentication.Credential;
import java.security.GeneralSecurityException;

import org.apereo.cas.authentication.principal.Principal;

public class MyAuthenticationHandler extends
AbstractUsernamePasswordAuthenticationHandler {

public MyAuthenticationHandler(String name, ServicesManager
servicesManager, PrincipalFactory principalFactory, Integer order) {
super(name, servicesManager, principalFactory, order);
}

@Override
protected HandlerResult authenticateUsernamePasswordInternal(
 final
UsernamePasswordCredential credential,
 final
String originalPassword) {
return createHandlerResult(credential,
this.principalFactory.createPrincipal(username), null);
}
}

-Jeff

On Wed, Oct 21, 2020 at 10:05 AM Dmitriy Kopylenko 
wrote:

> Hi there.
>
> Which stub code example?
>
> You’d want to make sure you implement the correct SPI for
> AuthenticationHandler, which is this:
> https://github.com/apereo/cas/blob/6.2.x/api/cas-server-core-api-authentication/src/main/java/org/apereo/cas/authentication/AuthenticationHandler.java
>
> Best,
> D.
>
> On Oct 21, 2020 at 09:46:17, Jeffrey Ramsay 
> wrote:
>
>> Hello -
>>
>> I am trying to build an authentication handler in cas 6.2 using the stub
>> code from the example and cannot get past the following error message.
>>
>> Does anyone know if this is no longer valid? or where I can find the
>> module where this class is defined?
>>
>> error: cannot find symbol
>> import org.apereo.cas.authentication.HandlerResult;
>> ^
>>   symbol:   class HandlerResult
>>   location: package org.apereo.cas.authentication
>>
>> Thanks,
>> -Jeff
>>
>> --
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to cas-user+unsubscr...@apereo.org.
>> To view this discussion on the web visit
>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOSeMy3naZ_J7_v%2B2BZFmMBF1x3mV1o68OvtyKjr%3Dd2T2w%40mail.gmail.com
>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOSeMy3naZ_J7_v%2B2BZFmMBF1x3mV1o68OvtyKjr%3Dd2T2w%40mail.gmail.com?utm_medium=email_source=footer>
>> .
>>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAMpiYKh6Gjy8a5mEgogiuYQB9hu%2Bgxp7r7hPLTD7fToh3ysPFw%40mail.gmail.com
> <https://groups.google.com/a/apereo.org/d/msgid/

[cas-user] HandlerResult

[Jeffrey Ramsay]

Hello -

I am trying to build an authentication handler in cas 6.2 using the stub
code from the example and cannot get past the following error message.

Does anyone know if this is no longer valid? or where I can find the module
where this class is defined?

error: cannot find symbol
import org.apereo.cas.authentication.HandlerResult;
^
  symbol:   class HandlerResult
  location: package org.apereo.cas.authentication

Thanks,
-Jeff

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOSeMy3naZ_J7_v%2B2BZFmMBF1x3mV1o68OvtyKjr%3Dd2T2w%40mail.gmail.com.

Re: [cas-user] Cas ticket db backup/restore

[Jeffrey Ramsay]

You should try hazelcast instead of a relational database for better
performance in a clustered setup.

Jeff

On Fri, Sep 13, 2019 at 10:45 AM Timi koli  wrote:

> Hi Guys,
>
> I am testing to move the ticket fb cas-sso from localhost to clustered
> mariadb servers
>
> It works but when I do backup and restore it freezes. If I got and restore
> the fb cluster from snapshot it works again.
>
> Does anyone know any steps I need to make to back/restore the ticket fb so
> that it works.
>
>
> Thank a lot,
>
> Tim
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/4ac7c275-e841-4ce5-aec6-40670b8c59b1%40apereo.org
> .
>
-- 
Sent from Gmail Mobile

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOR_jhzG4NBN7wt5PhmNSr_PUz4hT2Fv2v%3DmLJMEJynEBw%40mail.gmail.com.

[cas-user] Hikari timeouts

[Jeffrey Ramsay]

All -

How can I adjust the Hikari pools used by CAS? For example, the maxLifetime
parameter is set to 180 (30 min) which is the default.

Thanks,
-Jeff

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOTdLAkSYUELzk9zKt6GM27PTjGe%2BMo_DMFR-C2YtWTJCA%40mail.gmail.com.

[cas-user] scratch codes

[Jeffrey Ramsay]

I'm having a hard time getting the gauth scratch codes working in release
5.1.9. Is this feature available? The codes are in the database however,
they are not being accepted.

-Jeff

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOSxk9Un9135SBhaX4mRRvY%2BitKLJfOyrDek%2BS%3Df%2BeA23g%40mail.gmail.com.

[cas-user] Google MFA secrets

[Jeffrey Ramsay]

Is there a way to encrypt the mfa secrets in our database?

-Jeff

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYORTz68WqdVR3RVxUfJWZNfa68P-OCWZzauyCgs6fS9cVw%40mail.gmail.com.

[cas-user] Yubico - Yubikey secret key cannot be blank

[Jeffrey Ramsay]

I'm getting the following error on a new build of 5.3.3 even though all
options are set in cas.properties.

Any advise?

01:24:37.084 [localhost-startStop-1] ERROR
org.springframework.boot.SpringApplication - Application startup failed
org.springframework.beans.factory.BeanCreationException: Error creating
bean with name 'scopedTarget.yubicoClient' defined in class path resource
[org/apereo/cas/config/support/authentication/YubiKeyAuthenticationEventExecutionPlanConfiguration.class]:
Bean instantiation via factory method failed; nested exception is
org.springframework.beans.BeanInstantiationException: Failed to instantiate
[com.yubico.client.v2.YubicoClient]: Factory method 'yubicoClient' threw
exception; nested exception is java.lang.IllegalArgumentException: Yubikey
secret key cannot be blank

cas.properties:
cas.authn.mfa.yubikey.clientId=4x
cas.authn.mfa.yubikey.secretKey=GMFxx=
cas.authn.mfa.yubikey.rank=0
cas.authn.mfa.yubikey.apiUrls=https://api.yubico.com/wsapi/2.0/verify
cas.authn.mfa.yubikey.trustedDeviceEnabled=true
cas.authn.mfa.yubikey.name=Yubico

Thanks,
-Jeff

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOQtE45UJLPeQNxtROpinqtjdrkEa%2BghoNtF95dHcnntFQ%40mail.gmail.com.

Re: [cas-user] PGP Verify Timeout issue CAS Management 5.1.9

[Jeffrey Ramsay]

Same for me.

On Wed, May 2, 2018 at 10:39 AM, 'Mallory, Erik' via CAS Community <
cas-user@apereo.org> wrote:

> Attempting to build CAS 5.1.9 CAS Management yields the following error.
> This is also true for 5.1.8 .I circumvented it by commenting out the pgp
> verify stanza in the pom. I’d like a better solution if possible.
>
> KeyId: 0x3B2C12292E76FEE3 UserIds: [Jerome LELEU ]
>
> [INFO] 
> 
>
> [INFO] BUILD FAILURE
>
> [INFO] 
> 
>
> [INFO] Total time: 04:41 min
>
> [INFO] Finished at: 2018-05-02T09:31:55-05:00
>
> [INFO] Final Memory: 45M/312M
>
> [INFO] 
> 
>
> [ERROR] Failed to execute goal com.github.s4u.plugins:
> pgpverify-maven-plugin:1.1.0:check (default) on project cas-overlay:
> Connection timed out (Connection timed out) -> [Help 1]
>
> [ERROR]
>
> [ERROR] To see the full stack trace of the errors, re-run Maven with the
> -e switch.
>
> [ERROR] Re-run Maven using the -X switch to enable full debug logging.
>
> [ERROR]
>
> [ERROR] For more information about the errors and possible solutions,
> please read the following articles:
>
> [ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/
> MojoFailureException
>
>
>
> Thanks,
>
>
>
> Erik Mallory
>
> Server Analyst
>
> Wichita State University
>
>
>
>
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/12B1766A-4471-4A8C-A0B7-
> 0707590D77E6%40wichita.edu
> 
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOQEzO6D5HyVLr2nvCp4WkM2ELaV4qyv9-_B8SpwoxQAaA%40mail.gmail.com.

Re: [cas-user] Re: rejected attribute

[Jeffrey Ramsay]

Man H,

I'm only using the management app to manipulate the attributes and have
only added one service to system besides the two that were delivered.

-Jeff

On Tue, Mar 20, 2018 at 1:03 PM, Man H <info.ings...@gmail.com> wrote:

> Cas management is not the same as /status/dashboard endpoint
>
> 2018-03-20 13:06 GMT-03:00 Michael Peterson <grimfd1...@gmail.com>:
>
>> Are you solely creating services through the CAS management application?
>> I know I ran into some weird behavior when I was inserting service
>> definitions outside of the management app. I also ran into some funky
>> behavior when multiple service definitions had the same ID.
>>
>> On Sunday, March 18, 2018 at 6:05:05 PM UTC-5, Jeffrey Ramsay wrote:
>>>
>>> All -
>>>
>>> I'm hoping someone can help me to resolve this problem. I'm running CAS
>>> 5.1.8 using a jdbc service registry which is not displaying the rejected
>>> attributes set for the defined services. Access to the service is denied as
>>> expected however, the only way to see what was set is by viewing the logs.
>>> Also, there's no way to delete the attribute because it's not visible
>>> through the cas management application; I've had to delete and recreate the
>>> service to clear it.
>>>
>>> 2018-03-18 18:58:08,212 DEBUG [org.apereo.cas.authentication
>>> .support.AbstractProtocolAttributeEncoder] - <[12] encoded attributes
>>> are available for release to [id=3,name=CAS Client,description=CAS
>>> Client,serviceId=^https://home.catznet.science:2443/cas-clie
>>> nt(/?|/.*)$,usernameAttributeProvider=org.apereo.cas.service
>>> s.DefaultRegisteredServiceUsernameProvider@d,theme=,
>>> evaluationOrder=1,logoutType=NONE,attributeReleasePolicy=
>>> org.apereo.cas.services.ReturnAllAttributeReleasePolicy@7af77c01
>>> [attributeFilter=,principalAttributesRepository=org.apereo.cas.
>>> authentication.principal.DefaultPrincipalAttributesRepository@5651734a
>>> [],authorizedToReleaseCredentialPassword=false,authorizedToReleaseProxy
>>> GrantingTicket=false,excludeDefaultAttributes=false,principa
>>> lIdAttribute=],accessStrategy=org.apereo.cas.services.
>>> DefaultRegisteredServiceAccessStrategy@758f4d16[enabled=
>>> true,ssoEnabled=true,requireAllAttributes=false,requiredAttr
>>> ibutes={},unauthorizedRedirectUrl=,caseInsensitive=false,
>>> *rejectedAttributes={groupDeny*=*[]}]*,publicKey=<
>>> null>,proxyPolicy=org.apereo.cas.services.RefuseRegisteredS
>>> erviceProxyPolicy@5794ac9,logo=,logoutUrl=,
>>> requiredHandlers=[],properties={},multifactorPolicy=org.
>>> apereo.cas.services.DefaultRegisteredServiceMultifactorPolicy@19b9d72e
>>> [multifactorAuthenticationProviders=[],failureMode
>>> =CLOSED,principalAttributeNameTrigger=,principalAttrib
>>> uteValueToMatch=,bypassEnabled=false],informati
>>> onUrl=,privacyUrl=,]: [[firstname, isFromNewLogin,
>>> mail, authenticationDate, sAMAccountName, successfulAuthenticationHandlers,
>>> cn, lastname, samlAuthenticationStatementAuthMethod, UDC_IDENTIFIER,
>>> authenticationMethod, longTermAuthenticationRequestTokenUsed]]>
>>>
>>> Thanks,
>>> -Jeff
>>>
>> --
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to cas-user+unsubscr...@apereo.org.
>> To view this discussion on the web visit https://groups.google.com/a/ap
>> ereo.org/d/msgid/cas-user/34c4ffb8-69f0-42e3-832d-789bdca16b
>> da%40apereo.org
>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/34c4ffb8-69f0-42e3-832d-789bdca16bda%40apereo.org?utm_medium=email_source=footer>
>> .
>>
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/CAMY5mie4z_DcUM62W57w%2Bo8xs7Thoy6PZs30UfhY_
> ZZzeAdJ9A%40

[cas-user] rejected attribute

[Jeffrey Ramsay]

All -

I'm hoping someone can help me to resolve this problem. I'm running CAS
5.1.8 using a jdbc service registry which is not displaying the rejected
attributes set for the defined services. Access to the service is denied as
expected however, the only way to see what was set is by viewing the logs.
Also, there's no way to delete the attribute because it's not visible
through the cas management application; I've had to delete and recreate the
service to clear it.

2018-03-18 18:58:08,212 DEBUG
[org.apereo.cas.authentication.support.AbstractProtocolAttributeEncoder] -
<[12] encoded attributes are available for release to [id=3,name=CAS
Client,description=CAS Client,serviceId=^
https://home.catznet.science:2443/cas-client(/?|/.*)$,usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@d,theme=
,evaluationOrder=1,logoutType=NONE,attributeReleasePolicy=org.apereo.cas.services.ReturnAllAttributeReleasePolicy@7af77c01
[attributeFilter=,principalAttributesRepository=org.apereo.cas.authentication.principal.DefaultPrincipalAttributesRepository@5651734a
[],authorizedToReleaseCredentialPassword=false,authorizedToReleaseProxyGrantingTicket=false,excludeDefaultAttributes=false,principalIdAttribute=],accessStrategy=org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy@758f4d16
[enabled=true,ssoEnabled=true,requireAllAttributes=false,requiredAttributes={},unauthorizedRedirectUrl=,caseInsensitive=false,
*rejectedAttributes={groupDeny*=*[]}]*
,publicKey=,proxyPolicy=org.apereo.cas.services.RefuseRegisteredServiceProxyPolicy@5794ac9
,logo=,logoutUrl=,requiredHandlers=[],properties={},multifactorPolicy=org.apereo.cas.services.DefaultRegisteredServiceMultifactorPolicy@19b9d72e[multifactorAuthenticationProviders=[],failureMode=CLOSED,principalAttributeNameTrigger=,principalAttributeValueToMatch=,bypassEnabled=false],informationUrl=,privacyUrl=,]:
[[firstname, isFromNewLogin, mail, authenticationDate, sAMAccountName,
successfulAuthenticationHandlers, cn, lastname,
samlAuthenticationStatementAuthMethod, UDC_IDENTIFIER,
authenticationMethod, longTermAuthenticationRequestTokenUsed]]>

Thanks,
-Jeff

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOQN9x9cHQPFmmGDpwb3Z9E%2Bj%3DZEjDvShOdKKsJvCH08OA%40mail.gmail.com.

[cas-user]

[Jeffrey Ramsay]

All -

Is there a fix in 5.1.8 for these errors? I found the following post which
led me to believe this had already been resolved.

https://github.com/vt-middleware/ldaptive/issues/24

My settings are:

cas.authn.ldap[0].useSsl=true
cas.authn.ldap[0].useStartTls=false
cas.authn.ldap[0].validatePeriodically=true

2018-03-14 11:27:47,399 WARN
[org.ldaptive.AbstractOperation$ReopenOperationExceptionHandler] -
Operation exception encountered, reopening connection
2018-03-14 11:27:47,406 WARN
[org.ldaptive.AbstractOperation$ReopenOperationExceptionHandler] -
Operation exception encountered, reopening connection
2018-03-14 11:27:47,406 WARN
[org.ldaptive.AbstractOperation$ReopenOperationExceptionHandler] -
Operation exception encountered, reopening connection
2018-03-14 11:52:47,616 WARN
[org.ldaptive.AbstractOperation$ReopenOperationExceptionHandler] -
Operation exception encountered, reopening connection
2018-03-14 11:52:52,415 WARN [org.ldaptive.pool.BlockingConnectionPool] -
org.ldaptive.pool.AbstractConnectionPool$DefaultPooledConnectionProxy@189bec25
failed validation
2018-03-14 11:52:54,836 ERROR
[org.ldaptive.AbstractOperation$ReopenOperationExceptionHandler] - unable
to handle operation exception
org.ldaptive.LdapException: javax.naming.InterruptedNamingException:
Interrupted during LDAP operation
at
org.ldaptive.provider.ProviderUtils.throwOperationException(ProviderUtils.java:55)
~[ldaptive-1.2.1.jar:?]
at
org.ldaptive.provider.jndi.JndiConnection.processNamingException(JndiConnection.java:619)
~[ldaptive-1.2.1.jar:?]
at
org.ldaptive.provider.jndi.JndiConnection.simpleBind(JndiConnection.java:261)
~[ldaptive-1.2.1.jar:?]
at
org.ldaptive.provider.jndi.JndiConnection.bind(JndiConnection.java:203)
~[ldaptive-1.2.1.jar:?]
at org.ldaptive.BindOperation.invoke(BindOperation.java:28)
~[ldaptive-1.2.1.jar:?]
at org.ldaptive.BindOperation.invoke(BindOperation.java:9)
~[ldaptive-1.2.1.jar:?]
at
org.ldaptive.AbstractOperation.execute(AbstractOperation.java:126)
~[ldaptive-1.2.1.jar:?]
at
org.ldaptive.BindConnectionInitializer.initialize(BindConnectionInitializer.java:156)
~[ldaptive-1.2.1.jar:?]
at
org.ldaptive.DefaultConnectionFactory$DefaultConnection.reopen(DefaultConnectionFactory.java:357)
~[ldaptive-1.2.1.jar:?]
at
org.ldaptive.AbstractOperation$ReopenOperationExceptionHandler.handleInternal(AbstractOperation.java:255)
~[ldaptive-1.2.1.jar:?]
at
org.ldaptive.handler.AbstractRetryOperationExceptionHandler.handle(AbstractRetryOperationExceptionHandler.java:116)
~[ldaptive-1.2.1.jar:?]
at
org.ldaptive.AbstractOperation.execute(AbstractOperation.java:133)
~[ldaptive-1.2.1.jar:?]
at
org.ldaptive.pool.SearchValidator.validate(SearchValidator.java:82)
~[ldaptive-1.2.1.jar:?]
at
org.ldaptive.pool.SearchValidator.validate(SearchValidator.java:20)
~[ldaptive-1.2.1.jar:?]
at org.ldaptive.pool.AbstractPool.validate(AbstractPool.java:210)
~[ldaptive-1.2.1.jar:?]
at
org.ldaptive.pool.AbstractConnectionPool.lambda$validate$3(AbstractConnectionPool.java:765)
~[ldaptive-1.2.1.jar:?]
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
~[?:1.8.0_152]
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
[?:1.8.0_152]
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
[?:1.8.0_152]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_152]
Caused by: javax.naming.InterruptedNamingException: Interrupted during LDAP
operation
at com.sun.jndi.ldap.Connection.readReply(Connection.java:483)
~[?:1.8.0_152]
at com.sun.jndi.ldap.LdapClient.ldapBind(LdapClient.java:365)
~[?:1.8.0_152]
at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:214)
~[?:1.8.0_152]
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2791)
~[?:1.8.0_152]
at com.sun.jndi.ldap.LdapCtx.ensureOpen(LdapCtx.java:2699)
~[?:1.8.0_152]
at com.sun.jndi.ldap.LdapCtx.ensureOpen(LdapCtx.java:2673)
~[?:1.8.0_152]
at com.sun.jndi.ldap.LdapCtx.reconnect(LdapCtx.java:2669)
~[?:1.8.0_152]
at
javax.naming.ldap.InitialLdapContext.reconnect(InitialLdapContext.java:193)
~[?:1.8.0_152]
at
org.ldaptive.provider.jndi.JndiConnection.simpleBind(JndiConnection.java:255)
~[ldaptive-1.2.1.jar:?]
... 17 more
2018-03-14 11:52:54,950 INFO [org.ldaptive.pool.BlockingConnectionPool] -
added available connection:
org.ldaptive.pool.AbstractConnectionPool$DefaultPooledConnectionProxy@432ccc
07
2018-03-14 11:57:45,100 WARN
[org.ldaptive.AbstractOperation$ReopenOperationExceptionHandler] -
Operation exception encountered, reopening connection
2018-03-14 12:02:47,616 WARN
[org.ldaptive.AbstractOperation$ReopenOperationExceptionHandler] -
Operation exception encountered, reopening connection

-Jeff

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- 

[cas-user] Thresholds

[Jeffrey Ramsay]

Will someone please explain the threshold settings for me. How is the
evictionThreshold used?

# cas.monitor.tgt.warn.threshold=10# cas.monitor.tgt.warn.evictionThreshold=0

This is not explained in the guide:
https://apereo.github.io/cas/5.1.x/installation/Monitoring-Statistics.html

Thanks,
-Jeff

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOSmrKTBt-WT%2B1RLH6YvjPwNRpqMVX8x_UbjxPOQwfcveA%40mail.gmail.com.

Re: [cas-user] cloned server

[Jeffrey Ramsay]

I was able to resolve this last night after replacing the java-cas-client
files and updating the filters. Still not sure why it worked on one and not
the other.

Thanks for your support.

Jeff

On Thu, Mar 1, 2018 at 7:52 PM Ray Bon <r...@uvic.ca> wrote:

> Hmm, could be a java version mismatch.
> You will have to check things like certificate installs, directory
> permissions, etc.
> Is the page blank or some error text?
> What do the logs say?
>
> Ray
>
> On Thu, 2018-03-01 at 19:36 -0500, Jeffrey Ramsay wrote:
>
> I cloned from an OEL 7 server to an AWS EC2 instance. I replace the cas
> and saml jars which cleared the error however, the page does not load.
>
> Thanks,
> -Jeff
>
> On Thu, Mar 1, 2018 at 6:13 PM, Ray Bon <r...@uvic.ca> wrote:
>
> Jeffrey,
>
> From where did you 'clone' tomcat home?
> Try downloading tomcat from apache and then copy cas-client.war into its
> webapp.
>
> Ray
>
> On Thu, 2018-03-01 at 16:51 -0500, Jeffrey Ramsay wrote:
>
> I'm getting the following error after cloning the entire tomcat home.
>
> What am I missing? Everything works as is on the original node
>
> 01-Mar-2018 16:27:04.979 INFO [localhost-startStop-1]
> org.apache.catalina.startup.HostConfig.deployWAR Deploying web application
> archive [/u01/app/badm/apps/tomcat/apache-tomca
> t-cas-8.5.24/webapps/cas-client.war]
> org.apache.catalina.core.ContainerBase.addChildInternal
> ContainerBase.addChild: start:
>  org.apache.catalina.LifecycleException: Failed to start component
> [StandardEngine[Catalina].StandardHost[localhost].StandardContext[/cas-client]]
> at
> org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:167)
> at
> org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:752)
> at
> org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:728)
> at
> org.apache.catalina.core.StandardHost.addChild(StandardHost.java:734)
> at
> org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:986)
> at
> org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1857)
> at
> java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
> at java.util.concurrent.FutureTask.run(FutureTask.java:266)
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
> at java.lang.Thread.run(Thread.java:748)
> Caused by: java.lang.NoClassDefFoundError:
> org/jasig/cas/client/ssl/HttpURLConnectionFactory
> at java.lang.Class.getDeclaredFields0(Native Method)
> at java.lang.Class.privateGetDeclaredFields(Class.java:2583)
> at java.lang.Class.getDeclaredFields(Class.java:1916)
> at
> org.apache.catalina.util.Introspection.getDeclaredFields(Introspection.java:110)
> at
> org.apache.catalina.startup.WebAnnotationSet.loadFieldsAnnotation(WebAnnotationSet.java:262)
> at
> org.apache.catalina.startup.WebAnnotationSet.loadApplicationFilterAnnotations(WebAnnotationSet.java:108)
> at
> org.apache.catalina.startup.WebAnnotationSet.loadApplicationAnnotations(WebAnnotationSet.java:65)
> at
> org.apache.catalina.startup.ContextConfig.applicationAnnotationsConfig(ContextConfig.java:328)
> at
> org.apache.catalina.startup.ContextConfig.configureStart(ContextConfig.java:778)
> at
> org.apache.catalina.startup.ContextConfig.lifecycleEvent(ContextConfig.java:299)
> at
> org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.java:94)
> at
> org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5105)
> at
> org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
> ... 10 more
> Caused by: java.lang.ClassNotFoundException:
> org.jasig.cas.client.ssl.HttpURLConnectionFactory
> at
> org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1291)
> at
> org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1119)
> ... 23 more
>
> --
> Ray Bon
> Programmer analyst
> Development Services, University Systems2507218831 <(250)%20721-8831> | CLE 
> 019 | r...@uvic.ca
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receivi

Re: [cas-user] cloned server

[Jeffrey Ramsay]

I cloned from an OEL 7 server to an AWS EC2 instance. I replace the cas and
saml jars which cleared the error however, the page does not load.

Thanks,
-Jeff

On Thu, Mar 1, 2018 at 6:13 PM, Ray Bon <r...@uvic.ca> wrote:

> Jeffrey,
>
> From where did you 'clone' tomcat home?
> Try downloading tomcat from apache and then copy cas-client.war into its
> webapp.
>
> Ray
>
> On Thu, 2018-03-01 at 16:51 -0500, Jeffrey Ramsay wrote:
>
> I'm getting the following error after cloning the entire tomcat home.
>
> What am I missing? Everything works as is on the original node
>
> 01-Mar-2018 16:27:04.979 INFO [localhost-startStop-1]
> org.apache.catalina.startup.HostConfig.deployWAR Deploying web
> application archive [/u01/app/badm/apps/tomcat/apache-tomca
> t-cas-8.5.24/webapps/cas-client.war]
> org.apache.catalina.core.ContainerBase.addChildInternal
> ContainerBase.addChild: start:
>  org.apache.catalina.LifecycleException: Failed to start component
> [StandardEngine[Catalina].StandardHost[localhost].
> StandardContext[/cas-client]]
> at org.apache.catalina.util.LifecycleBase.start(
> LifecycleBase.java:167)
> at org.apache.catalina.core.ContainerBase.addChildInternal(
> ContainerBase.java:752)
> at org.apache.catalina.core.ContainerBase.addChild(
> ContainerBase.java:728)
> at org.apache.catalina.core.StandardHost.addChild(
> StandardHost.java:734)
> at org.apache.catalina.startup.HostConfig.deployWAR(
> HostConfig.java:986)
> at org.apache.catalina.startup.HostConfig$DeployWar.run(
> HostConfig.java:1857)
> at java.util.concurrent.Executors$RunnableAdapter.
> call(Executors.java:511)
> at java.util.concurrent.FutureTask.run(FutureTask.java:266)
> at java.util.concurrent.ThreadPoolExecutor.runWorker(
> ThreadPoolExecutor.java:1149)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(
> ThreadPoolExecutor.java:624)
> at java.lang.Thread.run(Thread.java:748)
> Caused by: java.lang.NoClassDefFoundError: org/jasig/cas/client/ssl/
> HttpURLConnectionFactory
> at java.lang.Class.getDeclaredFields0(Native Method)
> at java.lang.Class.privateGetDeclaredFields(Class.java:2583)
> at java.lang.Class.getDeclaredFields(Class.java:1916)
> at org.apache.catalina.util.Introspection.getDeclaredFields(
> Introspection.java:110)
> at org.apache.catalina.startup.WebAnnotationSet.
> loadFieldsAnnotation(WebAnnotationSet.java:262)
> at org.apache.catalina.startup.WebAnnotationSet.
> loadApplicationFilterAnnotations(WebAnnotationSet.java:108)
> at org.apache.catalina.startup.WebAnnotationSet.
> loadApplicationAnnotations(WebAnnotationSet.java:65)
> at org.apache.catalina.startup.ContextConfig.
> applicationAnnotationsConfig(ContextConfig.java:328)
> at org.apache.catalina.startup.ContextConfig.configureStart(
> ContextConfig.java:778)
> at org.apache.catalina.startup.ContextConfig.lifecycleEvent(
> ContextConfig.java:299)
> at org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(
> LifecycleBase.java:94)
> at org.apache.catalina.core.StandardContext.startInternal(
> StandardContext.java:5105)
> at org.apache.catalina.util.LifecycleBase.start(
> LifecycleBase.java:150)
> ... 10 more
> Caused by: java.lang.ClassNotFoundException: org.jasig.cas.client.ssl.
> HttpURLConnectionFactory
> at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(
> WebappClassLoaderBase.java:1291)
> at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(
> WebappClassLoaderBase.java:1119)
> ... 23 more
>
> --
> Ray Bon
> Programmer analyst
> Development Services, University Systems2507218831 <(250)%20721-8831> | CLE 
> 019 | r...@uvic.ca
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/1519946006.1801.82.camel%40uvic.ca
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/1519946006.1801.82.camel%40uvic.ca?utm_medium=email_source=footer>
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You re

Re: [cas-user] pay forward?

[Jeffrey Ramsay]

I like the multitenancy idea as well.

On Mon, Feb 26, 2018 at 11:05 PM, Man H  wrote:

> If nobody else considered your kind offer I suppose cas multitenancy wins!!
>
>
> El lunes, 26 de febrero de 2018, Cheltenham, Chris <
> ccheltenham-...@philasd.org> escribió:
>
>> Hello Michael,
>>
>>
>>
>>
>>
>> I work for Philadelphia School District K thru 12.
>>
>>
>>
>> We may be interested in the hours of part of them perhaps.
>>
>>
>>
>> What do we need to do ?
>>
>>
>>
>>
>>
>> ===
>>
>> Thank You;
>>
>> Chris Cheltenham
>> Technology Services
>> The School District of Philadelphia
>>
>> Work # 215-400-5025 <(215)%20400-5025>
>> Cell # 215-301-6571 <(215)%20301-6571>
>>
>> *From:* cas-user@apereo.org [mailto:cas-user@apereo.org] *On Behalf Of 
>> *Michael
>> O Holstein
>> *Sent:* Friday, February 23, 2018 2:39 PM
>> *To:* cas-user@apereo.org
>> *Subject:* [cas-user] pay forward?
>>
>>
>>
>> Our annual contract with Unicon is going to renew here in a bit, and we
>> have a bunch of unused consulting hours which are for features and whatnot.
>> I'm sure if they're not cool with this I'll get told shortly but here's
>> what I'm proposing ..
>>
>>
>>
>> I'll bet there's a couple others in the same boat .. since you can't roll
>> it .. might as well donate it.
>>
>>
>>
>> If there's a feature that everybody thinks would be neat, or some similar
>> such thing that we don't need but would collectively benefit (which happens
>> regardless, eventually .. if you've read the contract) .. we propose ..
>>
>>
>>
>> Come up with something, we'll donate our hours remaining (40 something?)
>> to it .. we get new block next year anyway. If that covers it, great .. if
>> not, perhaps others will agree with the idea and it'll get done
>> collectively. But as long as Unicon is cool with this we're game. Yay open
>> source, etc.
>>
>>
>>
>> Suggestions? Needs to be well-scoped though, so if you've thought it
>> through but couldn't get funding, here's your chance.
>>
>>
>>
>> Michael Holstein CISSP
>>
>> Mgr. Network & Data Security
>>
>> Cleveland State University
>>
>>
>>
>>
>>
>> --
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to cas-user+unsubscr...@apereo.org.
>> To view this discussion on the web visit https://groups.google.com/a/ap
>> ereo.org/d/msgid/cas-user/DM2PR0801MB0863C082C73ACC125861182
>> 783CC0%40DM2PR0801MB0863.namprd08.prod.outlook.com
>> 
>> .
>>
>> --
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to cas-user+unsubscr...@apereo.org.
>> To view this discussion on the web visit https://groups.google.com/a/ap
>> ereo.org/d/msgid/cas-user/003601d3af03%244bc28bc0%24e347a340
>> %24%40philasd.org
>> 
>> .
>>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/CAMY5mif%3D6fWv1ENdecQbGYoXm-%
> 2BFr%3Dp5wM0frS1xQbPFjtGvcg%40mail.gmail.com
> 
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOT_OXSCJxPfLvT2c1JtVBJmTx5KCAqKAV44wpDnuV4sGw%40mail.gmail.com.

[cas-user] MultiRowJdbcPersonAttributeDao

[Jeffrey Ramsay]

Does anyone know where I can the " MultiRowJdbcPersonAttributeDao" dot java
file for CAS 5.1.8?

If it no longer exists then where is the following code triggered?

2018-02-15 16:21:53,425 DEBUG
[org.apereo.services.persondir.support.jdbc.MultiRowJdbcPersonAttributeDao]
- 
2018-02-15 16:21:53,427 DEBUG
[org.apereo.services.persondir.support.jdbc.MultiRowJdbcPersonAttributeDao]
- 
2018-02-15 16:21:53,428 DEBUG
[org.apereo.services.persondir.support.jdbc.MultiRowJdbcPersonAttributeDao]
- 

-Jeff

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOQFgFoijUgjwM9GWE0xOiOo4yPJ_zuPRZTsVWAiVt%3DBAw%40mail.gmail.com.

Re: [cas-user]

[Jeffrey Ramsay]

Is there a cas developer group?

On Mon, Feb 12, 2018 at 1:21 PM, Jeffrey Ramsay <jeffrey.ram...@gmail.com>
wrote:

> All -
>
> Is it possible to extend the following query within the current framework?
>
> cas.authn.attributeRepository.jdbc[0].sql=select * from cas_attrs where
> {0}
>
> I can hardcode a value {0} Column=XYZ and it will return the correct data
> however, I have been unsuccessful in my attempts to update the code to ... 
> from
> cas_attrs where {0} {1}. This should evaluate to uid=someone and
> group=somegroup
>
> The CasPersonDirectoryConfiguration.java and
> PrincipalAttributesProperties.java files were modded in an attempt to
> pass a new variable which is failing.
>
> Also, I switched the following to a hash map (ordered) but the system only
> appears to access one value.
>
> jdbcDao.setQueryAttributeMapping(Collections.singletonMap("username",
> jdbc.getUsername()));
>
> /*
> final Map<String, String> mapAttributes = new HashMap<>();
> mapAttributes.put("username", "uid");
> jdbcDao.setQueryAttributeMapping(mapAttributes);
> */
>
> Please help if you can.
>
> Thanks,
> -Jeff
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/CA%2BTBYOSXFyLp2xj5-
> HXbB0DGrbbgg9GDvMFuNa811-mR%3D0D-MA%40mail.gmail.com
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOSXFyLp2xj5-HXbB0DGrbbgg9GDvMFuNa811-mR%3D0D-MA%40mail.gmail.com?utm_medium=email_source=footer>
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOTdx3CoxewSQ6O18G6CqfQeVB2X9P93P9aSUeQX%2BmgxoA%40mail.gmail.com.

[cas-user]

[Jeffrey Ramsay]

All -

Is it possible to extend the following query within the current framework?

cas.authn.attributeRepository.jdbc[0].sql=select * from cas_attrs where {0}

I can hardcode a value {0} Column=XYZ and it will return the correct data
however, I have been unsuccessful in my attempts to update the code to ... from
cas_attrs where {0} {1}. This should evaluate to uid=someone and
group=somegroup

The CasPersonDirectoryConfiguration.java
and PrincipalAttributesProperties.java files were modded in an attempt to
pass a new variable which is failing.

Also, I switched the following to a hash map (ordered) but the system only
appears to access one value.

jdbcDao.setQueryAttributeMapping(Collections.singletonMap("username",
jdbc.getUsername()));

/*
final Map mapAttributes = new HashMap<>();
mapAttributes.put("username", "uid");
jdbcDao.setQueryAttributeMapping(mapAttributes);
*/

Please help if you can.

Thanks,
-Jeff

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOSXFyLp2xj5-HXbB0DGrbbgg9GDvMFuNa811-mR%3D0D-MA%40mail.gmail.com.

Re: [cas-user] Cas Custom Login Field

[Jeffrey Ramsay]

Thanks.

On Wed, Feb 7, 2018 at 8:52 AM, Ramakrishna G <ramakris...@teligenz.in>
wrote:

>
>  @Override
>
> protected HandlerResult authenticateUsernamePasswordInternal(final
> UsernamePasswordCredential credentials,  final String originalPassword)
>
> throws GeneralSecurityException, PreventedException
>
> {
>
> try
>
> {
>
> if(validateCredentials(credentials.getUsername(), 
> credentials.getPassword(),
> credentials.getPancard()))
>
> {
>
> final String username = credentials.getUsername();
>
> HandlerResult result = createHandlerResult(credentials, this.
> principalFactory.createPrincipal(username), null);
>
> return result;
>
> }
>
> }
>
> catch (final Exception e)
>
> {
>
> throw new FailedLoginException();
>
> }
>
> throw new FailedLoginException();
>
> }
>
>
> validateCredentials method takes all my parameters and validates the user.
>
>
> On Wednesday, February 7, 2018 at 6:22:03 PM UTC+5:30, Jeffrey Ramsay
> wrote:
>>
>> :) Let us know how your custom authentication handler works out; I'm
>> interesting in doing this the correct way, eventually.
>>
>> -Jeff
>>
>> On Wed, Feb 7, 2018 at 7:32 AM, Ramakrishna G <r...@tts.in> wrote:
>>
>>> Hey Jeffrey Ramsay, Thankyou so much. You have saved me!!
>>>
>>>
>>> Ramakrishna G
>>>
>>> On Tue, Feb 6, 2018 at 6:18 PM, Jeffrey Ramsay <jeffrey...@gmail.com>
>>> wrote:
>>>
>>>> In addition to modding the  login-webflow.xml form to add "database"
>>>> as a required property, I modified UsernamePasswordCredential.java and
>>>> AbstractUsernamePasswordAuthenticationHandler.java to get the value of
>>>> the new form element; see highlighted.
>>>>
>>>> Also, I modified QueryDatabaseAuthenticationHandler.java to extend the
>>>> SQL query with a new conditional for jdbc authentication:
>>>>
>>>> cas.authn.jdbc.query[0].sql=select * from cas_users where cas_user=?
>>>> and cas_domain=?
>>>>
>>>> I'm now stuck trying to mod CasPersonDirectoryConfiguration.java to
>>>> get attributes per user by domain/database
>>>>
>>>> cas.authn.attributeRepository.jdbc[0].sql=*select * from cas_attrs
>>>> where {0}*
>>>>
>>>> I plan to rename database to domain as to not confuse anyone.
>>>>
>>>> file: UsernamePasswordCredential.java
>>>>
>>>> package org.apereo.cas.authentication;
>>>>
>>>> import org.apache.commons.lang3.builder.HashCodeBuilder;
>>>>
>>>> import javax.validation.constraints.Size;
>>>> import java.io.Serializable;
>>>>
>>>> /**
>>>>  * Credential for authenticating with a username and password.
>>>>  *
>>>>  * @author Scott Battaglia
>>>>  * @author Marvin S. Addison
>>>>  * @since 3.0.0
>>>>  */
>>>> public class UsernamePasswordCredential implements Credential,
>>>> Serializable {
>>>>
>>>> /**
>>>>  * Authentication attribute name for password.
>>>>  **/
>>>> public static final String AUTHENTICATION_ATTRIBUTE_PASSWORD =
>>>> "credential";
>>>> public static final String AUTHENTICATION_ATTRIBUTE_DATABASE =
>>>> "credential";
>>>>
>>>> private static final long serialVersionUID = -700605081472810939L;
>>>>
>>>> @Size(min = 1, message = "required.username")
>>>> private String username;
>>>>
>>>> @Size(min = 1, message = "required.password")
>>>> private String password;
>>>>
>>>> private String database;
>>>>
>>>> /**
>>>>  * Default constructor.
>>>>  */
>>>> public UsernamePasswordCredential() {
>>>> }
>>>>
>>>> /**
>>>>  * Creates a new instance with the given username and password.
>>>>  *
>>>>  * @param userName Non-null user name.
>>>>  * @param password Non-null password.
>>>>  */
>>>> public UsernamePasswordCredential(final String userName, final
>>>> String password

[cas-user] JDBC Authentication Attributes

[Jeffrey Ramsay]

Hi -

Anyone knows where the select is read? I would like to know what "{0}"
resolves to.

cas.authn.attributeRepository.jdbc[0].sql=select * from cas_attrs where {0}

Thanks,
-Jeff

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOQWBafDq2PCfg5Ahk2epjOqjurH%3DyiNXC%2BGrNC3eqWwaQ%40mail.gmail.com.

[cas-user] CAS Credentials

[Jeffrey Ramsay]

Is it possible to extend the CAS Credential class to accept three
authentication parameters for authentication? I'm interested in something
analogous to windows domain support because I will have the same
credentials in multiple user stores (domains) however, there will be
attribute differences between the identities.

If anyone has done something similar, I'm interesting in hearing about it.
I started with the following and it's modeled after the RememberMe
implementation but I'm unable to use it to replace the default
UsernamePasswordCredential class.

//DatabaseUsernamePasswordCredential.java:
package org.apereo.cas.authentication;

import org.apache.commons.lang3.builder.HashCodeBuilder;

public class DatabaseUsernamePasswordCredential extends
UsernamePasswordCredential implements DatabaseCredential {

private static final long serialVersionUID = -677659431302397L;

private String database;

@Override
public String getDatabase() {
return this.database;
}

public void setDatabase(final String database) {
this.database = database;
}

@Override
public boolean equals(final Object o) {
if (this == o) {
return true;
}
if (!super.equals(o)) {
return false;
}
if (getClass() != o.getClass()) {
return false;
}
final DatabaseUsernamePasswordCredential that =
(DatabaseUsernamePasswordCredential) o;
return this.database != null ? this.database.equals(that.database)
: that.database == null;
}

@Override
public int hashCode() {
return new HashCodeBuilder()
.appendSuper(super.hashCode())
.append(this.database)
.toHashCode();
}
}

//DatabaseCredential.java:
package org.apereo.cas.authentication;

public interface DatabaseCredential extends Credential {

public static final String AUTHENTICATION_ATTRIBUTE_DATABASE =
"database";

public String getDatabase();
}

Thanks,
-Jeff

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOSdWsoma2_vPEdG9Pz0jmxFmxg302q8u6ZhS7F9xJH6Dw%40mail.gmail.com.

Re: [cas-user] CAS 5.2.1 report failed authentications as AUTHENTICATION_SUCCESS

[Jeffrey Ramsay]

How are you getting these statements in your logs? I can produce them since
upgrading to 5.1 and it was used for our Splunk system.






-Jeff

On Thu, Jan 11, 2018 at 2:35 AM, Mohsen Ebrahimi 
wrote:

> Hello
>
> It works fine in 5.2. I think it's a bug.
>
> Thank you
>
>
> 2018-01-11 02:18:15,693 WARN 
> [org.apereo.cas.authentication.LdapAuthenticationHandler]
> - 
> 2018-01-11 02:18:15,694 ERROR [org.apereo.cas.authentication.
> PolicyBasedAuthenticationManager] -  Credentials may be incorrect or CAS cannot find authentication handler that
> supports [wronguser] of type [UsernamePasswordCredential].>
> 2018-01-11 02:18:15,697 INFO 
> [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager]
> -  =
> WHO: wronguser
> WHAT: Supplied credentials: [wronguser]
> ACTION: AUTHENTICATION_SUCCESS
> APPLICATION: CAS
> WHEN: Thu Jan 11 02:18:15 EST 2018
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/5d686a56463686a943ec76d5ae0fde
> 8f%40of.iut.ac.ir
> 
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOTrvbTAyo%3DGWR9vt6%2B4ZGWiUiC4x_M4FW06Mr60y6%2BNpw%40mail.gmail.com.

Re: [cas-user] sso sessions

[Jeffrey Ramsay]

Anyone else experiencing this problem? I could really use some help
resolving this issue; we have 38K records now in our ticketgrantingticket
table.

Thanks,
-Jeff

On Wed, Jan 17, 2018 at 9:38 AM, Jeffrey Ramsay <jeffrey.ram...@gmail.com>
wrote:

> I have a bit more information on this problem; it is occurring when the
> active principals is over 5k and this has been confirmed by the number of
> rows in the mysql ticketgrantingticket table.
>
> Any suggestions on how this can be fixed? Here are the settings I have set
> in regard to monitoring.
>
> ##
> # CAS Monitoring
> #
> cas.monitor.tgt.warn.threshold=1
> cas.monitor.tgt.warn.evictionThreshold=0
> cas.monitor.st.warn.threshold=5000
> cas.monitor.st.warn.evictionThreshold=0
> cas.monitor.warn.threshold=1000
> cas.monitor.warn.evictionThreshold=0
> cas.monitor.freeMemThreshold=10
>
> Thanks,
> -Jeff
>
> On Mon, Jan 15, 2018 at 8:08 AM, Jeffrey Ramsay <jeffrey.ram...@gmail.com>
> wrote:
>
>> I have async enable and I'm not finding anything in my logs. I added jsp
>> error pages to my TC web.xml which might be the source of the problem
>> because the error is very sporadic.
>>
>> Thanks,
>> -Jeff
>>
>> On Mon, Jan 15, 2018 at 3:04 AM, Bergner, Arnold <
>> arnold.berg...@hrz.tu-darmstadt.de> wrote:
>>
>>> Hi Jeff,
>>>
>>>
>>>
>>> I had this error too. Problem for me was that I had a custom filter in
>>> tomcat without async processing turned on. Did you look at the server logs?
>>>
>>>
>>>
>>> Arnold
>>>
>>>
>>>
>>> *Von:* cas-user@apereo.org [mailto:cas-user@apereo.org] *Im Auftrag von
>>> *Jeffrey Ramsay
>>> *Gesendet:* Montag, 15. Januar 2018 04:03
>>> *An:* CAS Community <cas-user@apereo.org>
>>> *Betreff:* [cas-user] sso sessions
>>>
>>>
>>>
>>> Is there a fix for this error is 5.1.7?
>>>
>>>
>>>
>>> /cas/status/ssosessions: DataTables warning: table id=ssoSession - Ajax
>>> error.
>>>
>>>
>>>
>>> Thanks,
>>>
>>> -Jeff
>>>
>>> --
>>> - Website: https://apereo.github.io/cas
>>> - Gitter Chatroom: https://gitter.im/apereo/cas
>>> - List Guidelines: https://goo.gl/1VRrw7
>>> - Contributions: https://goo.gl/mh7qDG
>>> ---
>>> You received this message because you are subscribed to the Google
>>> Groups "CAS Community" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to cas-user+unsubscr...@apereo.org.
>>> To view this discussion on the web visit https://groups.google.com/a/ap
>>> ereo.org/d/msgid/cas-user/CA%2BTBYOQ2kd9DL6hDZw9bTZtxESEoaYi
>>> oE8hd_mchWHFw3yrWWA%40mail.gmail.com
>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOQ2kd9DL6hDZw9bTZtxESEoaYioE8hd_mchWHFw3yrWWA%40mail.gmail.com?utm_medium=email_source=footer>
>>> .
>>>
>>> --
>>> - Website: https://apereo.github.io/cas
>>> - Gitter Chatroom: https://gitter.im/apereo/cas
>>> - List Guidelines: https://goo.gl/1VRrw7
>>> - Contributions: https://goo.gl/mh7qDG
>>> ---
>>> You received this message because you are subscribed to the Google
>>> Groups "CAS Community" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to cas-user+unsubscr...@apereo.org.
>>> To view this discussion on the web visit https://groups.google.com/a/ap
>>> ereo.org/d/msgid/cas-user/495bb910f52b4bab89b07e53fcbd99cd%4
>>> 0hrz.tu-darmstadt.de
>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/495bb910f52b4bab89b07e53fcbd99cd%40hrz.tu-darmstadt.de?utm_medium=email_source=footer>
>>> .
>>>
>>
>>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOT7HaN9H2hgz02EceoxaFCwvFfM9Yrja7UgdoJ2LU9RoQ%40mail.gmail.com.

Re: [cas-user] sso sessions

[Jeffrey Ramsay]

I have a bit more information on this problem; it is occurring when the
active principals is over 5k and this has been confirmed by the number of
rows in the mysql ticketgrantingticket table.

Any suggestions on how this can be fixed? Here are the settings I have set
in regard to monitoring.

##
# CAS Monitoring
#
cas.monitor.tgt.warn.threshold=1
cas.monitor.tgt.warn.evictionThreshold=0
cas.monitor.st.warn.threshold=5000
cas.monitor.st.warn.evictionThreshold=0
cas.monitor.warn.threshold=1000
cas.monitor.warn.evictionThreshold=0
cas.monitor.freeMemThreshold=10

Thanks,
-Jeff

On Mon, Jan 15, 2018 at 8:08 AM, Jeffrey Ramsay <jeffrey.ram...@gmail.com>
wrote:

> I have async enable and I'm not finding anything in my logs. I added jsp
> error pages to my TC web.xml which might be the source of the problem
> because the error is very sporadic.
>
> Thanks,
> -Jeff
>
> On Mon, Jan 15, 2018 at 3:04 AM, Bergner, Arnold <arnold.berg...@hrz.tu-
> darmstadt.de> wrote:
>
>> Hi Jeff,
>>
>>
>>
>> I had this error too. Problem for me was that I had a custom filter in
>> tomcat without async processing turned on. Did you look at the server logs?
>>
>>
>>
>> Arnold
>>
>>
>>
>> *Von:* cas-user@apereo.org [mailto:cas-user@apereo.org] *Im Auftrag von 
>> *Jeffrey
>> Ramsay
>> *Gesendet:* Montag, 15. Januar 2018 04:03
>> *An:* CAS Community <cas-user@apereo.org>
>> *Betreff:* [cas-user] sso sessions
>>
>>
>>
>> Is there a fix for this error is 5.1.7?
>>
>>
>>
>> /cas/status/ssosessions: DataTables warning: table id=ssoSession - Ajax
>> error.
>>
>>
>>
>> Thanks,
>>
>> -Jeff
>>
>> --
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to cas-user+unsubscr...@apereo.org.
>> To view this discussion on the web visit https://groups.google.com/a/ap
>> ereo.org/d/msgid/cas-user/CA%2BTBYOQ2kd9DL6hDZw9bTZtxESEoaYi
>> oE8hd_mchWHFw3yrWWA%40mail.gmail.com
>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOQ2kd9DL6hDZw9bTZtxESEoaYioE8hd_mchWHFw3yrWWA%40mail.gmail.com?utm_medium=email_source=footer>
>> .
>>
>> --
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to cas-user+unsubscr...@apereo.org.
>> To view this discussion on the web visit https://groups.google.com/a/ap
>> ereo.org/d/msgid/cas-user/495bb910f52b4bab89b07e53fcbd99cd%
>> 40hrz.tu-darmstadt.de
>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/495bb910f52b4bab89b07e53fcbd99cd%40hrz.tu-darmstadt.de?utm_medium=email_source=footer>
>> .
>>
>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOS5NTA27mk2GHs9J07GCiu2a7xvoi23nzuO0_Bm%3DypgtA%40mail.gmail.com.

Re: [cas-user] sso sessions

[Jeffrey Ramsay]

I have async enable and I'm not finding anything in my logs. I added jsp
error pages to my TC web.xml which might be the source of the problem
because the error is very sporadic.

Thanks,
-Jeff

On Mon, Jan 15, 2018 at 3:04 AM, Bergner, Arnold <
arnold.berg...@hrz.tu-darmstadt.de> wrote:

> Hi Jeff,
>
>
>
> I had this error too. Problem for me was that I had a custom filter in
> tomcat without async processing turned on. Did you look at the server logs?
>
>
>
> Arnold
>
>
>
> *Von:* cas-user@apereo.org [mailto:cas-user@apereo.org] *Im Auftrag von 
> *Jeffrey
> Ramsay
> *Gesendet:* Montag, 15. Januar 2018 04:03
> *An:* CAS Community <cas-user@apereo.org>
> *Betreff:* [cas-user] sso sessions
>
>
>
> Is there a fix for this error is 5.1.7?
>
>
>
> /cas/status/ssosessions: DataTables warning: table id=ssoSession - Ajax
> error.
>
>
>
> Thanks,
>
> -Jeff
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/CA%2BTBYOQ2kd9DL6hDZw9bTZtxESEoaY
> ioE8hd_mchWHFw3yrWWA%40mail.gmail.com
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOQ2kd9DL6hDZw9bTZtxESEoaYioE8hd_mchWHFw3yrWWA%40mail.gmail.com?utm_medium=email_source=footer>
> .
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/495bb910f52b4bab89b07e53fcbd99
> cd%40hrz.tu-darmstadt.de
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/495bb910f52b4bab89b07e53fcbd99cd%40hrz.tu-darmstadt.de?utm_medium=email_source=footer>
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOTEa%2BaT8_9fs17nuFhutmDUKXdm3k8sXudU10_cCXAxhg%40mail.gmail.com.

[cas-user] sso sessions

[Jeffrey Ramsay]

Is there a fix for this error is 5.1.7?

/cas/status/ssosessions: DataTables warning: table id=ssoSession - Ajax
error.

Thanks,
-Jeff

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOQ2kd9DL6hDZw9bTZtxESEoaYioE8hd_mchWHFw3yrWWA%40mail.gmail.com.

[cas-user]

[Jeffrey Ramsay]

All -

I need some help getting a somewhat crazy idea I have started. We use CAS
with Ellucian Banner and those of you familiar with the application and
support multiple instances will probably understand why I'm attempting to
do this.

We have around nine instances of Banner and each requires a CAS instance
for authentication because there are different passwords used. CAS allows
for multiple user stores however, the first match is used for
authentication and that is not what we want.

So, I've decided to try and consolidate our instances and is attempting to
get this started however, I'm not successful in retrieving the "instance"
value in calls to the Credentials controller.

@loginform.html:

.
.
.

Database:


BANDEV
BANTMP
BANQA




Where do I start? I just want to be able to log the value after a couple of
days hitting my head against the wall.

Thanks,
-Jeff

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYORXyX1YCu3ob7LWeOz3xQTTdrxaGW%3DAKA9a%3DsbOjC2JQQ%40mail.gmail.com.

Re: [cas-user] Re: CAS 5.x - regular expressions

[Jeffrey Ramsay]

Good point.

Thanks,
-Jeff

On Tue, Jan 2, 2018 at 12:44 PM, Ray Bon <r...@uvic.ca> wrote:

> Jeff,
>
> I would suggest you include the trailing slash as optional to avoid
> someone poking at your system with a service like
> https://my.service.education <https://my.service.education.>
>
> ^https?://my.service.edu(/?|/.*)$
>
> Ray
>
> On Tue, 2018-01-02 at 07:15 -0500, Jeffrey Ramsay wrote:
>
> Andy,
>
>
>
> Thanks for the update and after using the validation link you provided, I
> believe the following will work for both service links.
>
>
>
> ^https?://my.service.edu.*$
>
>
>
> Thanks,
>
> -Jeff
>
>
>
> Sent from Mail <https://go.microsoft.com/fwlink/?LinkId=550986> for
> Windows 10
>
>
>
> *From: *Andy Ng <long...@gmail.com>
> *Sent: *Tuesday, January 2, 2018 2:09 AM
> *To: *CAS Community <cas-user@apereo.org>
> *Subject: *[cas-user] Re: CAS 5.x - regular expressions
>
>
>
> Hi Jeff,
>
>
>
> Would like to know what exactly you want to catch using regex for the two
> links?  (Maybe give some example?)
>
>
>
> The first link you provided, when translate to regex only matches
> something like these:
> https://my.service.edu, http://my.service.edu///
> 
>
>
>
> Which, I think maybe is not what you wanted.
>
>
>
>
>
> In any case, If your two links are valid, see if the below fit your needs:
>
> (https?://my.service.edu/.*)|(https?://my.service.edu/*
> <http://my.service.edu/.*)%7C(https?://my.service.edu/*>)
>
>
>
> Or maybe even this:
> https?://my.service.edu((/.*)|(/*))
>
>
>
>
>
> If you want to test Regex (the links pattern you using) without worrying
> it will broke your production setup, you can always go to site like
> http://jsregex.com/, then fine tune your link pattern until it is correct
> before deploying them to production.
>
>
>
> cheers
>
> - Andy
>
> On Wednesday, 27 December 2017 21:45:41 UTC+8, Jeffrey Ramsay wrote:
>
> All -
>
> I went live with CAS 5.1.7 in production and ran into a problem that was
> not reported in test. I have a site which requires me to use both star and
> dot star allowances so, I defined two service entries however, I think I
> should be able to combine these but have not been successful.
>
>
>
> How can I combine these links? (.|.*) did not work and I'm not sure what
> effect escaping the dots will have. Since this is production, I can
> experiment as much as I would like.
>
>
>
> https?://my.service.edu/*
>
> https?://my.service.edu/.*
>
> Thanks,
>
> -Jeff
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/78814056-a9fa-4537-8ec5-
> 9d59f5f74b62%40apereo.org
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/78814056-a9fa-4537-8ec5-9d59f5f74b62%40apereo.org?utm_medium=email_source=footer>
> .
>
>
>
> --
> Ray Bon
> Programmer analyst
> Development Services, University Systems2507218831 <(250)%20721-8831> | CLE 
> 019 | r...@uvic.ca
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/1514915084.4183.14.camel%40uvic.ca
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/1514915084.4183.14.camel%40uvic.ca?utm_medium=email_source=footer>
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOR_QiR9tzLvS1RqJa3tPHWYrQmsbnjatbUHQcSY%2BWR-4g%40mail.gmail.com.

[cas-user] SessionMonitor: WARN

[Jeffrey Ramsay]

What parameter controls this? cas.monitor..warn.threshold=10

SessionMonitor: WARN - Session count (1771) is above threshold 10

Thanks.

-Jeff

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOSoLBpYFkZHGWLnmsmCLu_8kZB0XC8o-ggoYfM5xaHh_g%40mail.gmail.com.

RE: [cas-user] Re: CAS 5.x - regular expressions

[Jeffrey Ramsay]

Andy,

Thanks for the update and after using the validation link you provided, I 
believe the following will work for both service links.

^https?://my.service.edu.*$

Thanks,
-Jeff

Sent from Mail for Windows 10

From: Andy Ng
Sent: Tuesday, January 2, 2018 2:09 AM
To: CAS Community
Subject: [cas-user] Re: CAS 5.x - regular expressions

Hi Jeff,

Would like to know what exactly you want to catch using regex for the two 
links?  (Maybe give some example?) 

The first link you provided, when translate to regex only matches something 
like these:
https://my.service.edu, http://my.service.edu///

Which, I think maybe is not what you wanted.


In any case, If your two links are valid, see if the below fit your needs:
(https?://my.service.edu/.*)|(https?://my.service.edu/*)

Or maybe even this:
https?://my.service.edu((/.*)|(/*))


If you want to test Regex (the links pattern you using) without worrying it 
will broke your production setup, you can always go to site like 
http://jsregex.com/, then fine tune your link pattern until it is correct 
before deploying them to production.

cheers
- Andy

On Wednesday, 27 December 2017 21:45:41 UTC+8, Jeffrey Ramsay wrote:
All -
I went live with CAS 5.1.7 in production and ran into a problem that was not 
reported in test. I have a site which requires me to use both star and dot star 
allowances so, I defined two service entries however, I think I should be able 
to combine these but have not been successful.

How can I combine these links? (.|.*) did not work and I'm not sure what effect 
escaping the dots will have. Since this is production, I can experiment as much 
as I would like.

https?://my.service.edu/*
https?://my.service.edu/.*
Thanks,
-Jeff
-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/78814056-a9fa-4537-8ec5-9d59f5f74b62%40apereo.org.

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/5a4b77dd.062b370a.5cba8.4f4d%40mx.google.com.

[cas-user] CAS 5.x - regular expressions

[Jeffrey Ramsay]

All -

I went live with CAS 5.1.7 in production and ran into a problem that was
not reported in test. I have a site which requires me to use both star and
dot star allowances so, I defined two service entries however, I think I
should be able to combine these but have not been successful.

How can I combine these links? (.|.*) did not work and I'm not sure what
effect escaping the dots will have. Since this is production, I can
experiment as much as I would like.

https?://my.service.edu/*

https?://my.service.edu/.*

Thanks,
-Jeff

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOSCVGUgJF_NCQy7gCFXXwMoBF-Crzc%3DLTa7Qk6Bi%2BQj3Q%40mail.gmail.com.

Re: [cas-user] Re: Recommendations for CATALINA_OPTS for cas 5.x with tomcat 8.5.x

[Jeffrey Ramsay]

I have been using this setup within our VMware environment without any
problems.

$ cat bin/setenv.sh
export JAVA_HOME=/u01/app/badm/apps/java/jdk1.8.0_152
export CATALINA_HOME=/u01/app/badm/apps/dev/apache-tomcat-8-auth
export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:/usr/local/apr/lib"
export JAVA_OPTS="$JAVA_OPTS -Dcatalina.home=$CATALINA_HOME"
JAVA_OPTS="$JAVA_OPTS -server -d64 -Xms2048m -Xmx2048m"
JAVA_OPTS="$JAVA_OPTS -XX:NewSize=768m -XX:MaxNewSize=768m"
JAVA_OPTS="$JAVA_OPTS -XX:MetaspaceSize=768m -XX:MaxMetaspaceSize=1024m"
JAVA_OPTS="$JAVA_OPTS -XX:SurvivorRatio=12 -XX:MaxTenuringThreshold=0"
JAVA_OPTS="$JAVA_OPTS -XX:+UseConcMarkSweepGC -XX:+DisableExplicitGC"
JAVA_OPTS="$JAVA_OPTS -XX:+UseParNewGC -XX:+UseTLAB"
JAVA_OPTS="$JAVA_OPTS -Djava.awt.headless=true"
JAVA_OPTS="$JAVA_OPTS -Djava.security.egd=file:/dev/./urandom"
JAVA_OPTS="$JAVA_OPTS -Djava.library.path=$CATALINA_HOME/lib"
JAVA_OPTS="$JAVA_OPTS -Dcatalina.home=$CATALINA_HOME"
JAVA_OPTS="$JAVA_OPTS -Dlocal.logs=$CATALINA_HOME/logs"
JAVA_OPTS="$JAVA_OPTS -Dcas.log.dir=$CATALINA_HOME/logs"
JAVA_OPTS="$JAVA_OPTS -Dcas.standalone.config=/etc/cas/5/dev516"
rm -rf $CATALINA_HOME/logs/* >/dev/null 2>&1

-Jeff

On Wed, Dec 20, 2017 at 9:35 PM, William E.  wrote:

> RHEL 7, 8GB ram, swap is 4GB.  It's a VM in our vSphere cluster+SAN.  I
> actually have three, two PROD nodes behind a load balancer and one test
> node.  All have same specs and all show the issue.  Steadily chews up
> memory until eventual crash, 1-6 hours depending on load.
>
> The asme servers were running cas 3.6 . + shibboleth 3.3.x for quite a
> while without memory issues.  Upgraded and tried to consolidate to just cas
> 5, using it's saml2 capabilities to replace the shibboleth component.  But,
> it's not going as well as I had hoped.
>
> Been working with Unicon Support on it, but it appears to be a memory leak
> in cas 5.2, based on heap analysis.  So I am kinda of stuck.
>
> Thanks for your help!
>
>
>
> On Wednesday, December 20, 2017 at 6:49:39 PM UTC-6, Martin Bohun wrote:
>>
>> What is your:
>> 1. operation system
>> 2. how much RAM do you have
>> 3. how much swap do you have
>>
>> if you are on  Linux you can do:
>> 1.uname -a
>> 2-3. free -m
>>
>> and post the output here
>>
>> regards,
>>
>> martin
>>
>> On Thursday, December 21, 2017 at 11:00:30 AM UTC+11, William E. wrote:
>>>
>>> Does anyone have any recommendations for CATALINA_OPTS for cas 5.x on
>>> tomcat 8?
>>>
>>> I am finding that our setup steadily eats up memory to the point that it
>>> eventually crashes from out of memory and has to be restarted.
>>>
>>> Current settings:
>>>
>>> CATALINA_OPTS="-Djava.awt.headless=true -Dfile.encoding=UTF-8 -server
>>> -Xms1g -Xmx6g -XX:-UseGCOverheadLimit -XX:+UseConcMarkSweepGC
>>> -XX:-UseCompressedOops"
>>>
>>> JAVA_OPTS=$CATALINA_OPTS
>>>
>>>
>>> Thanks,
>>> William
>>>
>>> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/bfe6c835-bf1e-4f24-b507-
> 025d7c0e3172%40apereo.org
> 
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOQh71%3DMLiGxQMqOcFQugR_%3D6ASv75Mx%3DGWXdY%2BnE%3DTkWA%40mail.gmail.com.

Re: [cas-user] cas-overlay 5.2 personalization

[Jeffrey Ramsay]

Thanks.

On Fri, Dec 8, 2017 at 2:17 AM, vallee.romain 
wrote:

> I spent a lot of time customizing the cas-overlay.
> I hope this structure can help some people.
>
> *src*
> └── *main*
> └── *resources*
> ├── cas_audit.log
> ├── cas.log
> ├── esig.properties
> ├── messages_fr.properties
> ├── messages.properties
> ├── perfStats.log
> ├── *services*
> ├── *static*
> │   └── *themes*
> │   └── *esig*
> │   ├── *css*
> │   │   └── cas.css
> │   ├── *images*
> │   │   ├── apereo-logo.png
> │   │   ├── cas-logo.png
> │   │   └── logo.png
> │   └── *js*
> │   └── cas.js
> └── *templates*
> ├── *esig*
> │   ├── casAcceptableUsagePolicyView.html
> │   ├── casAccountDisabledView.html
> │   ├── casAccountLockedView.html
> │   ├── casAuthenticationBlockedView.html
> │   ├── casAuthyLoginView.html
> │   ├── casAzureAuthenticatorLoginView.html
> │   ├── casBadHoursView.html
> │   ├── casBadWorkstationView.html
> │   ├── casConfirmLogoutView.html
> │   ├── casConfirmView.html
> │   ├── casConsentLogoutView.html
> │   ├── casConsentReviewView.html
> │   ├── casConsentView.html
> │   ├── casDuoLoginView.html
> │   ├── casExpiredPassView.html
> │   ├── casGenericSuccessView.html
> │   ├── casGoogleAuthenticatorLoginView.html
> │   ├── casGoogleAuthenticatorRegistrationView.html
> │   ├── casGuaDisplayUserGraphicsView.html
> │   ├── casGuaGetUserIdView.html
> │   ├── casInterruptView.html
> │   ├── casLoginMessageView.html
> │   ├── casLoginView.html
> │   ├── casLogoutView.html
> │   ├── casMfaRegisterDeviceView.html
> │   ├── casMustChangePassView.html
> │   ├── casPac4jStopWebflow.html
> │   ├── casPasswordUpdateSuccessView.html
> │   ├── casPropagateLogoutView.html
> │   ├── casRadiusLoginView.html
> │   ├── casResetPasswordErrorView.html
> │   ├── casResetPasswordSendInstructionsView.html
> │   ├── casResetPasswordSentInstructionsView.html
> │   ├── casResetPasswordVerifyQuestionsView.html
> │   ├── casRiskAuthenticationBlockedView.html
> │   ├── casServiceErrorView.html
> │   ├── casSurrogateAuthnListView.html
> │   ├── casSwivelLoginView.html
> │   ├── casU2fLoginView.html
> │   ├── casU2fRegistrationView.html
> │   ├── casYubiKeyLoginView.html
> │   ├── casYubiKeyRegistrationView.html
> │   ├── *error*
> │   │   ├── 401.html
> │   │   ├── 403.html
> │   │   ├── 404.html
> │   │   ├── 405.html
> │   │   └── 423.html
> │   ├── error.html
> │   ├── layout.html
> │   ├── *monitoring*
> │   │   ├── attrresolution.html
> │   │   ├── layout.html
> │   │   ├── viewAuthenticationEvents.html
> │   │   ├── viewConfig.html
> │   │   ├── viewConfigMetadata.html
> │   │   ├── viewDashboard.html
> │   │   ├── viewLoggingConfig.html
> │   │   ├── viewSsoSessions.html
> │   │   ├── viewStatistics.html
> │   │   └── viewTrustedDevices.html
> │   └── *protocol*
> │   ├── *2.0*
> │   │   ├── casProxyFailureView.html
> │   │   ├── casProxySuccessView.html
> │   │   ├── casServiceValidationFailure.html
> │   │   └── casServiceValidationSuccess.html
> │   ├── *3.0*
> │   │   ├── casServiceValidationFailure.html
> │   │   └── casServiceValidationSuccess.html
> │   ├── casAcceptableUsagePolicyView.html
> │   ├── casAccountDisabledView.html
> │   ├── casAccountLockedView.html
> │   ├── casAuthenticationBlockedView.html
> │   ├── casAuthyLoginView.html
> │   ├── casAzureAuthenticatorLoginView.html
> │   ├── casBadHoursView.html
> │   ├── casBadWorkstationView.html
> │   ├── casConfirmLogoutView.html
> │   ├── casConfirmView.html
> │   ├── casConsentLogoutView.html
> │   ├── casConsentReviewView.html
> │   ├── casConsentView.html
> │   ├── casDuoLoginView.html
> │   ├── 

[cas-user] CAS Management - Loading

[Jeffrey Ramsay]

My cas management screen only display "Loading..." while all other services
are functioning.

[image: Inline image 1]
What can I do to resolve this? Anyone else experienced this.

Thanks,
-Jeff

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOTningvhbkhismnKBmK%3DLY4cBmY-KEowGYeb%2BXXnKgG_A%40mail.gmail.com.

Re: [cas-user] CAS 5.2 ST errors

[Jeffrey Ramsay]

I know the feeling :)

Good luck.

On Thu, Dec 7, 2017 at 3:37 PM, vallee.romain 
wrote:

> Thanks you Jeff for your answer.
> I try toMorrow, i spend so many Time on jasig this week.
> I turn off the pc and i'm going to do jasig dream!!!
>
> And thanks you again
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/bbb7833d-6555-4d27-aacc-
> efc6df5f3f4a%40apereo.org.
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOSqvfiVw1vdwg3U5--cEU%3DJB%3DgX54Sh7fj81q3v_6M1Yg%40mail.gmail.com.

Re: [cas-user] CAS 5.2 ST errors

[Jeffrey Ramsay]

Try switching these:

//phpCAS::client(SAML_VERSION_1_1, $cas_host, $cas_port, $cas_context);
phpCAS::client(CAS_VERSION_3_0, $cas_host, $cas_port, $cas_context);

-Jeff

On Thu, Dec 7, 2017 at 3:22 PM, vallee.romain 
wrote:

> hello users,
> i need help !!!
> i prepare a 5.2 cas with apache php client test its working well
>
>
> 
>
>
> But, when i use a real application, i got this error :
>
> org.pac4j.core.exception.TechnicalException: cannot validate CAS ticket: 
> ST-1-kVX-MDuam-viJYOoV8leCNh5KI8-cas
> at 
> org.pac4j.cas.credentials.authenticator.CasAuthenticator.validate(CasAuthenticator.java:92)
> at 
> org.pac4j.cas.client.direct.DirectCasClient.retrieveCredentials(DirectCasClient.java:67)
> at 
> org.pac4j.cas.client.direct.DirectCasClient.retrieveCredentials(DirectCasClient.java:36)
> at 
> org.pac4j.core.client.DirectClient.getCredentials(DirectClient.java:44)
> at 
> org.pac4j.core.engine.DefaultSecurityLogic.perform(DefaultSecurityLogic.java:111)
> at 
> org.pac4j.springframework.web.SecurityInterceptor.preHandle(SecurityInterceptor.java:65)
> at 
> org.pac4j.springframework.web.SecurityInterceptor$$FastClassBySpringCGLIB$$efdcf9fe.invoke()
> at 
> org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
> at 
> org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:738)
> at 
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
> at 
> org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:133)
> at 
> org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:121)
>
>
> i find nothing on this forum bout this error .
>
> Thank you very much!!
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/6d2df6f0-5398-4fbd-ba6e-
> 42a37e0af72a%40apereo.org
> 
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYORq%2Bsz5yk4iZpCVhfXB24UzfuL3pYvOiVAJxzNospEw8w%40mail.gmail.com.

Re: [cas-user] Twilio

[Jeffrey Ramsay]

Ok! Thanks.

-Jeff

On Thu, Dec 7, 2017 at 2:05 PM, Man H <info.ings...@gmail.com> wrote:

> Jeffrey
>
> It is supposed to use with cas events related to password management,
> where user is notified, unless you have you own notifications implemented.
>
> Regards
>
>
>
> 2017-12-04 16:03 GMT-03:00 Jeffrey Ramsay <jeffrey.ram...@gmail.com>:
>
>> Anyone using twilio with CAS for SMS; I have it configured but not sure
>> how we are supposed to use it.
>>
>> -Jeff
>>
>> --
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to cas-user+unsubscr...@apereo.org.
>> To view this discussion on the web visit https://groups.google.com/a/ap
>> ereo.org/d/msgid/cas-user/CA%2BTBYOTRZoWHZRYk0-GCR9ev9nAYJo
>> Jm4dH4kS-bhi_Erm04zg%40mail.gmail.com
>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOTRZoWHZRYk0-GCR9ev9nAYJoJm4dH4kS-bhi_Erm04zg%40mail.gmail.com?utm_medium=email_source=footer>
>> .
>>
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/CAMY5midODLxdwqSRxuURAe1ct2LKN
> V7y0H99PXNM8EHitiF0rw%40mail.gmail.com
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAMY5midODLxdwqSRxuURAe1ct2LKNV7y0H99PXNM8EHitiF0rw%40mail.gmail.com?utm_medium=email_source=footer>
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOQ5n-0K5%3Dkb%3Dk_LVbgYZjZd-nRfXrQmLJVNV5JeZtR0zw%40mail.gmail.com.

[cas-user] Help - cas-management - jpa

[Jeffrey Ramsay]

Has anyone else experience this error before? What's the fix?

@pom.xml:


5.2.0
5.1.31



org.apereo.cas
cas-server-support-jpa-service-registry
${cas.version}


org.apereo.cas
cas-server-support-jdbc
${cas.version}


org.apereo.cas
cas-server-support-jdbc-drivers
${cas.version}


mysql
mysql-connector-java
${mysql.version}
provided


@management.properties:

cas.serviceRegistry.jpa.healthQuery=SELECT 1
cas.serviceRegistry.jpa.isolateInternalQueries=false
cas.serviceRegistry.jpa.url=jdbc:mysql://localhost:3306/cas520?autoReconnect=true=false
cas.serviceRegistry.jpa.failFastTimeout=1
cas.serviceRegistry.jpa.dialect=org.hibernate.dialect.MySQL57Dialect
cas.serviceRegistry.jpa.leakThreshold=10
cas.serviceRegistry.jpa.batchSize=1
cas.serviceRegistry.jpa.user=casuser
cas.serviceRegistry.jpa.ddlAuto=update
cas.serviceRegistry.jpa.password=caspassword
cas.serviceRegistry.jpa.autocommit=false
cas.serviceRegistry.jpa.driverClass=com.mysql.jdbc.Driver
cas.serviceRegistry.jpa.idleTimeout=5000
cas.serviceRegistry.jpa.dataSourceName=cas520
cas.serviceRegistry.jpa.dataSourceProxy=false
# Hibernate-specific properties (i.e.
`hibernate.globally_quoted_identifiers`)
# cas.serviceRegistry.jpa.properties.propertyName=propertyValue
cas.serviceRegistry.jpa.pool.suspension=false
cas.serviceRegistry.jpa.pool.minSize=6
cas.serviceRegistry.jpa.pool.maxSize=18
cas.serviceRegistry.jpa.pool.maxWait=2000



2017-12-07 13:15:22,639 ERROR [com.zaxxer.hikari.HikariConfig] -  Parent Classloader:
java.net.URLClassLoader@776ec8df
>
2017-12-07 13:15:22,640 ERROR
[org.apereo.cas.configuration.support.JpaBeans] - 
2017-12-07 13:15:22,641 WARN
[org.hibernate.engine.jdbc.env.internal.JdbcEnvironmentInitiator] -

2017-12-07 13:15:23,799 ERROR [com.zaxxer.hikari.HikariConfig] -  Parent Classloader:
java.net.URLClassLoader@776ec8df
>
2017-12-07 13:15:23,799 ERROR
[org.apereo.cas.configuration.support.JpaBeans] - 
2017-12-07 13:15:23,802 WARN
[org.springframework.boot.context.embedded.AnnotationConfigEmbeddedWebApplicationContext]
- 
2017-12-07 13:15:23,829 ERROR [org.springframework.boot.SpringApplication]
- 
org.springframework.beans.factory.BeanCreationException: Error creating
bean with name 'serviceEntityManagerFactory' defined in class path resource
[org/apereo/cas/config/JpaServiceRegistryConfiguration.class]: Invocation
of init method failed; nested exception is
javax.persistence.PersistenceException: [PersistenceUnit:
jpaServiceRegistryContext] Unable to build Hibernate SessionFactory
at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1628)
~[spring-beans-4.3.12.RELEASE.jar:4.3.12.RELEASE]
at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:555)
~[spring-beans-4.3.12.RELEASE.jar:4.3.12.RELEASE]
at
org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:483)
~[spring-beans-4.3.12.RELEASE.jar:4.3.12.RELEASE]
at
org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:306)
~[spring-beans-4.3.12.RELEASE.jar:4.3.12.RELEASE]
at
org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230)
~[spring-beans-4.3.12.RELEASE.jar:4.3.12.RELEASE]
at
org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:302)
~[spring-beans-4.3.12.RELEASE.jar:4.3.12.RELEASE]
at
org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197)
~[spring-beans-4.3.12.RELEASE.jar:4.3.12.RELEASE]
at
org.springframework.context.support.AbstractApplicationContext.getBean(AbstractApplicationContext.java:1078)
~[spring-context-4.3.12.RELEASE.jar:4.3.12.RELEASE]
at
org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:857)
~[spring-context-4.3.12.RELEASE.jar:4.3.12.RELEASE]
at
org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:543)
~[spring-context-4.3.12.RELEASE.jar:4.3.12.RELEASE]
at
org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.refresh(EmbeddedWebApplicationContext.java:122)
~[spring-boot-1.5.8.RELEASE.jar:1.5.8.RELEASE]
at
org.springframework.boot.SpringApplication.refresh(SpringApplication.java:693)
[spring-boot-1.5.8.RELEASE.jar:1.5.8.RELEASE]
at
org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:360)

Re: [cas-user] Service Registry

[Jeffrey Ramsay]

Is 5.2 stable? Have you had any setbacks with it? I had planned to move to
5.0.10 later this month but is very concerned about recovery of the service
registry; too many services with only the option of a full database
recovery.

Thanks,
-Jeff

On Wed, Dec 6, 2017 at 7:49 AM, David Curry <david.cu...@newschool.edu>
wrote:

> Looks like you're right; it was added in 5.2RC1:
>
> https://apereo.github.io/2017/06/30/520rc1-release/#016-
> registered-services-endpoint
>
> Sorry 'bout that; I didn't set it up in my environment until I was at
> 5.2RC4, so I never saw it when it wasn't there.
>
> --Dave
>
>
>
> --
>
> DAVID A. CURRY, CISSP
> *DIRECTOR OF INFORMATION SECURITY*
> INFORMATION TECHNOLOGY
>
> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
> <https://maps.google.com/?q=71+FIFTH+AVE.,+9TH+FL.,+NEW+YORK,+NY+10003=gmail=g>
> +1 212 229-5300 x4728 <(212)%20229-5300> • david.cu...@newschool.edu
>
> [image: The New School]
>
> On Wed, Dec 6, 2017 at 5:45 AM, Jeffrey Ramsay <jeffrey.ram...@gmail.com>
> wrote:
>
>> David,
>>
>> It appears the option to dump the registry is only available in 5.2 and
>> not in 5.0 or 5.1.
>>
>> cas.monitor.endpoints.registeredServicesReport.enabled=true
>> cas.monitor.endpoints.registeredServicesReport.sensitive=false
>>
>> Unless, I'm not understanding this correctly.
>>
>> -Jeff
>>
>> On Mon, Dec 4, 2017 at 4:01 PM, Jeffrey Ramsay <jeffrey.ram...@gmail.com>
>> wrote:
>>
>>> Well, I had that turned on but didn't notice that option so, I'll
>>> redeploy.
>>>
>>> Thank you,
>>> -Jeff
>>>
>>> On Mon, Dec 4, 2017 at 2:51 PM, David Curry <david.cu...@newschool.edu>
>>> wrote:
>>>
>>>>
>>>> I don't have a specific MySQL-ish answer, but if you've configured the
>>>> dashboard ("admin pages"), the "Registered Services" button will give you a
>>>> JSON document that contains the entire registry.
>>>>
>>>>  It's just a REST endpoint (https://your.server.name/cas/
>>>> status/services), so depending on how you've secured the admin pages,
>>>> you could probably get the results with curl or whatever instead of a
>>>> browser.
>>>>
>>>> --Dave
>>>>
>>>>
>>>>
>>>> --
>>>>
>>>> DAVID A. CURRY, CISSP
>>>> *DIRECTOR OF INFORMATION SECURITY*
>>>> INFORMATION TECHNOLOGY
>>>>
>>>> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
>>>> <https://maps.google.com/?q=71+FIFTH+AVE.,+9TH+FL.,+NEW+YORK,+NY+10003=gmail=g>
>>>> +1 212 229-5300 x4728 <(212)%20229-5300> • david.cu...@newschool.edu
>>>>
>>>> [image: The New School]
>>>>
>>>> On Mon, Dec 4, 2017 at 1:03 PM, Jeffrey Ramsay <
>>>> jeffrey.ram...@gmail.com> wrote:
>>>>
>>>>> Is there a way to export the service registry? MySQL CAS 5.x.
>>>>>
>>>>> -Jeff
>>>>>
>>>>> --
>>>>> - Website: https://apereo.github.io/cas
>>>>> - Gitter Chatroom: https://gitter.im/apereo/cas
>>>>> - List Guidelines: https://goo.gl/1VRrw7
>>>>> - Contributions: https://goo.gl/mh7qDG
>>>>> ---
>>>>> You received this message because you are subscribed to the Google
>>>>> Groups "CAS Community" group.
>>>>> To unsubscribe from this group and stop receiving emails from it, send
>>>>> an email to cas-user+unsubscr...@apereo.org.
>>>>> To view this discussion on the web visit
>>>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2
>>>>> BTBYORysDQmBYto0Pvr1MgNkhu4FYXdbD2cCvS4yGrGQbdAvw%40mail.gmail.com
>>>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYORysDQmBYto0Pvr1MgNkhu4FYXdbD2cCvS4yGrGQbdAvw%40mail.gmail.com?utm_medium=email_source=footer>
>>>>> .
>>>>>
>>>>
>>>> --
>>>> - Website: https://apereo.github.io/cas
>>>> - Gitter Chatroom: https://gitter.im/apereo/cas
>>>> - List Guidelines: https://goo.gl/1VRrw7
>>>> - Contributions: https://goo.gl/mh7qDG
>>>> ---
>>>> You received this message because you are subscribed to the Google
>>>> Groups "CAS Community" group.
>>>> To unsubscribe from this group and stop receiving emails from it, send
&

Re: [cas-user] Service Registry

[Jeffrey Ramsay]

David,

It appears the option to dump the registry is only available in 5.2 and not
in 5.0 or 5.1.

cas.monitor.endpoints.registeredServicesReport.enabled=true
cas.monitor.endpoints.registeredServicesReport.sensitive=false

Unless, I'm not understanding this correctly.

-Jeff

On Mon, Dec 4, 2017 at 4:01 PM, Jeffrey Ramsay <jeffrey.ram...@gmail.com>
wrote:

> Well, I had that turned on but didn't notice that option so, I'll redeploy.
>
> Thank you,
> -Jeff
>
> On Mon, Dec 4, 2017 at 2:51 PM, David Curry <david.cu...@newschool.edu>
> wrote:
>
>>
>> I don't have a specific MySQL-ish answer, but if you've configured the
>> dashboard ("admin pages"), the "Registered Services" button will give you a
>> JSON document that contains the entire registry.
>>
>>  It's just a REST endpoint (https://your.server.name/cas/status/services),
>> so depending on how you've secured the admin pages, you could probably get
>> the results with curl or whatever instead of a browser.
>>
>> --Dave
>>
>>
>>
>> --
>>
>> DAVID A. CURRY, CISSP
>> *DIRECTOR OF INFORMATION SECURITY*
>> INFORMATION TECHNOLOGY
>>
>> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
>> <https://maps.google.com/?q=71+FIFTH+AVE.,+9TH+FL.,+NEW+YORK,+NY+10003=gmail=g>
>> +1 212 229-5300 x4728 <(212)%20229-5300> • david.cu...@newschool.edu
>>
>> [image: The New School]
>>
>> On Mon, Dec 4, 2017 at 1:03 PM, Jeffrey Ramsay <jeffrey.ram...@gmail.com>
>> wrote:
>>
>>> Is there a way to export the service registry? MySQL CAS 5.x.
>>>
>>> -Jeff
>>>
>>> --
>>> - Website: https://apereo.github.io/cas
>>> - Gitter Chatroom: https://gitter.im/apereo/cas
>>> - List Guidelines: https://goo.gl/1VRrw7
>>> - Contributions: https://goo.gl/mh7qDG
>>> ---
>>> You received this message because you are subscribed to the Google
>>> Groups "CAS Community" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to cas-user+unsubscr...@apereo.org.
>>> To view this discussion on the web visit https://groups.google.com/a/ap
>>> ereo.org/d/msgid/cas-user/CA%2BTBYORysDQmBYto0Pvr1MgNkhu4FYX
>>> dbD2cCvS4yGrGQbdAvw%40mail.gmail.com
>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYORysDQmBYto0Pvr1MgNkhu4FYXdbD2cCvS4yGrGQbdAvw%40mail.gmail.com?utm_medium=email_source=footer>
>>> .
>>>
>>
>> --
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to cas-user+unsubscr...@apereo.org.
>> To view this discussion on the web visit https://groups.google.com/a/ap
>> ereo.org/d/msgid/cas-user/CA%2Bd9XANie1bHW%2BA3Maq7_ezXKku%
>> 2B_eaATJExMMugXYti9%2Bd2gQ%40mail.gmail.com
>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XANie1bHW%2BA3Maq7_ezXKku%2B_eaATJExMMugXYti9%2Bd2gQ%40mail.gmail.com?utm_medium=email_source=footer>
>> .
>>
>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOQVnexAsXu8YL1rUHiuNXiW2-W7zv8sPyULu96Br_nUYw%40mail.gmail.com.

Re: [cas-user] Service Registry

[Jeffrey Ramsay]

Well, I had that turned on but didn't notice that option so, I'll redeploy.

Thank you,
-Jeff

On Mon, Dec 4, 2017 at 2:51 PM, David Curry <david.cu...@newschool.edu>
wrote:

>
> I don't have a specific MySQL-ish answer, but if you've configured the
> dashboard ("admin pages"), the "Registered Services" button will give you a
> JSON document that contains the entire registry.
>
>  It's just a REST endpoint (https://your.server.name/cas/status/services),
> so depending on how you've secured the admin pages, you could probably get
> the results with curl or whatever instead of a browser.
>
> --Dave
>
>
>
> --
>
> DAVID A. CURRY, CISSP
> *DIRECTOR OF INFORMATION SECURITY*
> INFORMATION TECHNOLOGY
>
> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
> <https://maps.google.com/?q=71+FIFTH+AVE.,+9TH+FL.,+NEW+YORK,+NY+10003=gmail=g>
> +1 212 229-5300 x4728 <(212)%20229-5300> • david.cu...@newschool.edu
>
> [image: The New School]
>
> On Mon, Dec 4, 2017 at 1:03 PM, Jeffrey Ramsay <jeffrey.ram...@gmail.com>
> wrote:
>
>> Is there a way to export the service registry? MySQL CAS 5.x.
>>
>> -Jeff
>>
>> --
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to cas-user+unsubscr...@apereo.org.
>> To view this discussion on the web visit https://groups.google.com/a/ap
>> ereo.org/d/msgid/cas-user/CA%2BTBYORysDQmBYto0Pvr1MgNkhu4FYX
>> dbD2cCvS4yGrGQbdAvw%40mail.gmail.com
>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYORysDQmBYto0Pvr1MgNkhu4FYXdbD2cCvS4yGrGQbdAvw%40mail.gmail.com?utm_medium=email_source=footer>
>> .
>>
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/CA%2Bd9XANie1bHW%2BA3Maq7_
> ezXKku%2B_eaATJExMMugXYti9%2Bd2gQ%40mail.gmail.com
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XANie1bHW%2BA3Maq7_ezXKku%2B_eaATJExMMugXYti9%2Bd2gQ%40mail.gmail.com?utm_medium=email_source=footer>
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOTByJ6%2BnQzaQf6PdDavOHfB0L%3D8zkLAZgsc%3DdGX6vngQw%40mail.gmail.com.

[cas-user] Twilio

[Jeffrey Ramsay]

Anyone using twilio with CAS for SMS; I have it configured but not sure how
we are supposed to use it.

-Jeff

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOTRZoWHZRYk0-GCR9ev9nAYJoJm4dH4kS-bhi_Erm04zg%40mail.gmail.com.

Re: [cas-user] Disable googleRecaptcha

[Jeffrey Ramsay]

OK! I will try that and see. I commented the options out of the config and
the captcha was removed however, the authentication failed the verification.

Thanks,
-Jeff

On Mon, Nov 20, 2017 at 2:33 PM, Misagh Moayyed <mmoay...@unicon.net> wrote:

> If you blank out your site key, that might do it.
>
> --Misagh
>
> ------
>
> *From: *"Jeffrey Ramsay" <jeffrey.ram...@gmail.com>
> *To: *"CAS Community" <cas-user@apereo.org>
> *Sent: *Monday, November 20, 2017 8:20:06 AM
> *Subject: *[cas-user] Disable googleRecaptcha
>
> Hello - Is there a simple boolean option to disable CAPTCHA during
> maintenance without redeploying the war file and disabling
> cas-server-support-captcha? I'm previewing CAS 5.0.10.
>
> Thanks,
> -Jeff
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/CA%2BTBYOT_Ea2joSqhMY6sJYBOLc3UqtFBqqphn7
> HBttusLmp71Q%40mail.gmail.com
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOT_Ea2joSqhMY6sJYBOLc3UqtFBqqphn7HBttusLmp71Q%40mail.gmail.com?utm_medium=email_source=footer>
> .
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/1861789271.8130604.
> 1511206430251.JavaMail.zimbra%40unicon.net
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/1861789271.8130604.1511206430251.JavaMail.zimbra%40unicon.net?utm_medium=email_source=footer>
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOSMbt6sh5ipLmV2H3e1qU-GtMZ_BbhZ6%2BV7dFte4DVczA%40mail.gmail.com.

[cas-user] Disable googleRecaptcha

[Jeffrey Ramsay]

Hello - Is there a simple boolean option to disable CAPTCHA during
maintenance without redeploying the war file and disabling
cas-server-support-captcha? I'm previewing CAS 5.0.10.

Thanks,
-Jeff

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOT_Ea2joSqhMY6sJYBOLc3UqtFBqqphn7HBttusLmp71Q%40mail.gmail.com.

[cas-user] phpCAS 1.3.4+

[Jeffrey Ramsay]

Has anyone been able to get phpCAS working with CAS 5? We have a basic
client which displays the attributes released by CAS 3.5.x which fails once
repointed to 5.0.x.

Warning: DOMDocument::loadXML(): Premature end of data in tag html line 1
in Entity, line: 1 in
/u01/app/badm/user_projects/dev/jramsay/phpCAS/source/CAS/Client.php on
line 2097
CAS Authentication failed!

-Jeff

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOS1tnCHEDrtt-vw1tLY2hJgNE9JqghBOQ8CyJ3BPO56WQ%40mail.gmail.com.

[cas-user] CAS management help

[Jeffrey Ramsay]

Hello -

I could use some help trying to resolve the following error: {{
serviceTableCtrl.alert.data.name }} has been successfully deleted. A
problem has occurred while trying to delete the service. Be aware that the
default service can not be deleted. Unable to retrieve service listing. The
service evaluation order can not be updated.

I dropped and recreated the back-end mysql database and let the system
reconfigure itself; the default service record is present but the
application is not reading it. I'm using release 5.0.0 and I'm building
using the maven.

Thanks,
-Jeff

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYORvmvVmOxJDsEHv1v3E0EZW6%3DFRUe2xDjq3WWHm3ib%2B6A%40mail.gmail.com.

[cas-user] Google reCAPTCHA

[Jeffrey Ramsay]

Hello -

I would like to request an additional option to the Google reCAPTCHA
integration for those of us who may want to pass the "async and defer"
options. I contemplated adding my own option but then I'd have to remember
to do the same after every build.

layout.html:


Thanks,
-Jeff

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOQBeOS4c9JY8gHH7bwZEXQYf6%3DarcOBQaf8VPLT3YUg4Q%40mail.gmail.com.

Re: [cas-user] Google reCAPTCHA - CAS 5 RC4

[Jeffrey Ramsay]

Misagh,

The force update has resolved the issue; now running RC4-SNAP. Also, I was
running IE in compatibility mode for our domain and that caused the other
issue.

Thanks again,
-Jeff

On Thu, Oct 6, 2016 at 4:27 PM, Misagh Moayyed <mmoay...@unicon.net> wrote:

> Navigate to the Console tab please. What does that say?
>
>
> And have you tried RC4-SNAPSHOT? Force an update with Maven’s -U and try
> again please.
>
> --
> Misagh
>
> From: Jeffrey Ramsay <jeffrey.ram...@gmail.com> <jeffrey.ram...@gmail.com>
> Reply: Jeffrey Ramsay <jeffrey.ram...@gmail.com>
> <jeffrey.ram...@gmail.com>
> Date: October 6, 2016 at 11:45:26 PM
> To: CAS Community <cas-user@apereo.org> <cas-user@apereo.org>
> Cc: jeffrey.ram...@gmail.com <jeffrey.ram...@gmail.com>
> <jeffrey.ram...@gmail.com>
> Subject:  Re: [cas-user] Google reCAPTCHA - CAS 5 RC4
>
> Misagh,
>
> Attached is a screenshot. The api.js is executing but nothing is
> rendering; I can rebuild using RC2-SNAP and it works every time.
>
> /* PLEASE DO NOT COPY AND PASTE THIS CODE. */(function() {if
> (!window['___grecaptcha_cfg']) { window['___grecaptcha_cfg'] = {}; };if
> (!window['___grecaptcha_cfg']['render']) { 
> window['___grecaptcha_cfg']['render']
> = 'onload'; };window['__google_recaptcha_client'] = true;var po =
> document.createElement('script'); po.type = 'text/javascript'; po.async =
> true;po.src = 'https://www.gstatic.com/recaptcha/api2/
> /recaptcha__en.js'; var elem = 
> document.querySelector('script[nonce]');var
> nonce = elem && elem.getAttribute('nonce');if (nonce) {
> po.setAttribute('nonce', nonce); }var s = 
> document.getElementsByTagName('script')[0];
> s.parentNode.insertBefore(po, s);})();
>
> -Jeff
>
> On Thursday, October 6, 2016 at 7:21:29 AM UTC-4, Misagh Moayyed wrote:
>>
>> Have your checked your browser logs?
>>
>> --
>> Misagh
>>
>> From: Jeffrey Ramsay <jeffre...@gmail.com>
>> Reply: Jeffrey Ramsay <jeffre...@gmail.com>
>> Date: October 5, 2016 at 11:32:58 PM
>> To: CAS Community <cas...@apereo.org>
>> Subject:  [cas-user] Google reCAPTCHA - CAS 5 RC4
>>
>> Google reCAPTCHA does not work in any release past the RC2-SNAP; are
>> there any plans to fix. Also, reCAPTCHA does not render in Internet Explore
>> 11. I reported this before but no one followed up on my post.
>>
>> -Jeff
>> --
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to cas-user+u...@apereo.org.
>> To post to this group, send email to cas-...@apereo.org.
>> Visit this group at https://groups.google.com/a/ap
>> ereo.org/group/cas-user/.
>> To view this discussion on the web visit https://groups.google.com/a/ap
>> ereo.org/d/msgid/cas-user/dfe4ef61-63fd-4e83-824f-62c90e50f9
>> 86%40apereo.org
>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/dfe4ef61-63fd-4e83-824f-62c90e50f986%40apereo.org?utm_medium=email_source=footer>
>> .
>> For more options, visit https://groups.google.com/a/apereo.org/d/optout.
>>
>> --
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To post to this group, send email to cas-user@apereo.org.
> Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/
> .
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/bd041397-0f58-44d6-81e3-
> be1e8d3e1bb1%40apereo.org
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/bd041397-0f58-44d6-81e3-be1e8d3e1bb1%40apereo.org?utm_medium=email_source=footer>
> .
> For more options, visit https://groups.google.com/a/apereo.org/d/optout.
>
>

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOQYo1XkYOKNT6DuzgEj%3D%2B1mRvxS58UmBTq8jY4XH%2BGs%3Dg%40mail.gmail.com.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

[cas-user] Google reCAPTCHA - CAS 5 RC4

[Jeffrey Ramsay]

Google reCAPTCHA does not work in any release past the RC2-SNAP; are there 
any plans to fix. Also, reCAPTCHA does not render in Internet Explore 11. I 
reported this before but no one followed up on my post.

-Jeff 

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/dfe4ef61-63fd-4e83-824f-62c90e50f986%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

[cas-user] Re: CAS 5.0.0.RC3-SNAPSHOT - Google Captcha

[Jeffrey Ramsay]

I was able to confirm it's working in RC2.

-Jeff

On Thursday, September 29, 2016 at 12:58:34 PM UTC-4, Jeffrey Ramsay wrote:
>
> Hello -
>
> I had a need to rebuild my war file last night which downloaded several 
> new files and now Google Capthca is no longer displaying. Also, this option 
> has never worked in IE 11.
>
> -Jeff
>

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/9e7d47f1-f897-453d-8cce-e343a6c42974%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

[cas-user] CAS 5.0.0.RC3-SNAPSHOT - Google Captcha

[Jeffrey Ramsay]

Hello -

I had a need to rebuild my war file last night which downloaded several new 
files and now Google Capthca is no longer displaying. Also, this option has 
never worked in IE 11.

-Jeff

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/3f34417a-bd40-4318-a511-0b481484aabc%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

[cas-user] Re: CAS Management - InMemoryServiceRegistryDaoImpl

[Jeffrey Ramsay]

Added cas.serviceRegistry.jpa entries to management bootstrap file but 
application still using the InMemoryServiceRegistry.

-Jeff

On Wednesday, September 21, 2016 at 3:49:57 PM UTC-4, Jeffrey Ramsay wrote:
>
> How do you disable the InMemoryServiceRegistry for the management console 
> 5.0? I added the same JPA configuration used by CAS 5.0 and it's not 
> working.
>
> 2016-09-21 15:43:28,822 DEBUG 
> [org.apereo.cas.services.DefaultServicesManagerImpl] -  from InMemoryServiceRegistryDaoImpl>
> 2016-09-21 15:43:28,822 DEBUG 
> [org.apereo.cas.services.DefaultServicesManagerImpl] -  service ^(https|imaps)://.*>
> 2016-09-21 15:43:28,822 DEBUG 
> [org.apereo.cas.services.DefaultServicesManagerImpl] -  service ^https://www.apereo.org>
> 2016-09-21 15:43:28,824 INFO 
> [org.apereo.cas.services.DefaultServicesManagerImpl] -  from InMemoryServiceRegistryDaoImpl.>
> 21-Sep-2016 15:43:36.188 INFO [localhost-startStop-3] 
> org.apache.catalina.startup.HostConfig.deployWAR Deployment of web 
> application archive 
> /u01/app/badm/apps/dev/apache-tomcat-8.5.5-auth/webapps/cas5-management.war 
> has finished in 32,533 ms
>
>
> -Jeff
>

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/4c4cfa2d-583b-4830-acd4-5b9ab67c6b36%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

[cas-user] Re: CAS Management - InMemoryServiceRegistryDaoImpl

[Jeffrey Ramsay]

Nevermind.

On Wednesday, September 21, 2016 at 3:49:57 PM UTC-4, Jeffrey Ramsay wrote:
>
> How do you disable the InMemoryServiceRegistry for the management console 
> 5.0? I added the same JPA configuration used by CAS 5.0 and it's not 
> working.
>
> 2016-09-21 15:43:28,822 DEBUG 
> [org.apereo.cas.services.DefaultServicesManagerImpl] -  from InMemoryServiceRegistryDaoImpl>
> 2016-09-21 15:43:28,822 DEBUG 
> [org.apereo.cas.services.DefaultServicesManagerImpl] -  service ^(https|imaps)://.*>
> 2016-09-21 15:43:28,822 DEBUG 
> [org.apereo.cas.services.DefaultServicesManagerImpl] -  service ^https://www.apereo.org>
> 2016-09-21 15:43:28,824 INFO 
> [org.apereo.cas.services.DefaultServicesManagerImpl] -  from InMemoryServiceRegistryDaoImpl.>
> 21-Sep-2016 15:43:36.188 INFO [localhost-startStop-3] 
> org.apache.catalina.startup.HostConfig.deployWAR Deployment of web 
> application archive 
> /u01/app/badm/apps/dev/apache-tomcat-8.5.5-auth/webapps/cas5-management.war 
> has finished in 32,533 ms
>
>
> -Jeff
>

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/405fd199-e7c4-4d5b-a36d-ec021d1809d2%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

[cas-user] CAS Management - InMemoryServiceRegistryDaoImpl

[Jeffrey Ramsay]

How do you disable the InMemoryServiceRegistry for the management console 
5.0? I added the same JPA configuration used by CAS 5.0 and it's not 
working.

2016-09-21 15:43:28,822 DEBUG 
[org.apereo.cas.services.DefaultServicesManagerImpl] - 
2016-09-21 15:43:28,822 DEBUG 
[org.apereo.cas.services.DefaultServicesManagerImpl] - 
2016-09-21 15:43:28,822 DEBUG 
[org.apereo.cas.services.DefaultServicesManagerImpl] - https://www.apereo.org>
2016-09-21 15:43:28,824 INFO 
[org.apereo.cas.services.DefaultServicesManagerImpl] - 
21-Sep-2016 15:43:36.188 INFO [localhost-startStop-3] 
org.apache.catalina.startup.HostConfig.deployWAR Deployment of web 
application archive 
/u01/app/badm/apps/dev/apache-tomcat-8.5.5-auth/webapps/cas5-management.war 
has finished in 32,533 ms


-Jeff

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/4805761d-571e-455e-96d9-e2f8d6431672%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

Re: [cas-user] Re: CAS Management App 5.0.0.RC2-SNAPSHOT

[Jeffrey Ramsay]

It's hard to tell what will or will not work. The definition I shared
before was directly from the cas-management.properties file. Those lines
should probably be removed to avoid confusion.

# User details file location that contains list of users
# who are allowed access to the management webapp:
#
# user.details.file.location = classpath:user-details.properties
##
# JSON Service Registry
#
# Directory location where JSON service files may be found.
# service.registry.config.location=classpath:services

Thanks,
-Jeff

On Wed, Sep 21, 2016 at 1:36 PM, Misagh Moayyed <mmoay...@unicon.net> wrote:

> It most definitely won’t work, given that’s an invalid property. See:
>
> https://apereo.github.io/cas/development/installation/
> Configuration-Properties.html#management-webapp
>
>
>
> *From:* cas-user@apereo.org [mailto:cas-user@apereo.org] *On Behalf Of 
> *Jeffrey
> Ramsay
> *Sent:* Tuesday, September 20, 2016 11:28 PM
> *To:* CAS Community <cas-user@apereo.org>
> *Subject:* [cas-user] Re: CAS Management App 5.0.0.RC2-SNAPSHOT
>
>
>
> I found the problem and I'm able to access the console.
>
>
> I tried to override the user-details.properties location by setting the
> following but it's clearly not working.
>
> # user.details.file.location = classpath:user-details.properties
> user.details.file.location=file:/etc/cas/5/dev/user-details.properties
>
> -Jeff
>
> On Sunday, September 18, 2016 at 7:51:13 PM UTC-4, Jeffrey Ramsay wrote:
>
> I'm receiving this message "You are not authorized to access this
> resource. Contact your CAS administrator for more info." while trying to
> access the CAS management interface. I have tried using the "casuser"
> account along with my LDAP credentials but both accounts have failed. I
> tried adding my LDAP userid to the user-details.properties file but that
> too has been unsuccessful.
>
> Has anyone been able to authenticate using LDAP as user store and the
> user-default.properties file to limit admin access? I tried the "cas.mgmt"
> options but that too has not been successful.
>
>
> -Jeff
>
> --
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To post to this group, send email to cas-user@apereo.org.
> Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/
> .
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/bb241356-f071-492e-a274-
> 281f149c3629%40apereo.org
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/bb241356-f071-492e-a274-281f149c3629%40apereo.org?utm_medium=email_source=footer>
> .
> For more options, visit https://groups.google.com/a/apereo.org/d/optout.
>
> --
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To post to this group, send email to cas-user@apereo.org.
> Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/
> .
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/00b501d2142e%24a4741d90%
> 24ed5c58b0%24%40unicon.net
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/00b501d2142e%24a4741d90%24ed5c58b0%24%40unicon.net?utm_medium=email_source=footer>
> .
>
> For more options, visit https://groups.google.com/a/apereo.org/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYORnHKeQ%3Dd54_jcDR%2B8hgre4TbV%3D8iztdzHYeRELDU9E2g%40mail.gmail.com.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

[cas-user] Re: CAS Management App 5.0.0.RC2-SNAPSHOT

[Jeffrey Ramsay]

I found the problem and I'm able to access the console.

I tried to override the user-details.properties location by setting the 
following but it's clearly not working.

# user.details.file.location = classpath:user-details.properties
user.details.file.location=file:/etc/cas/5/dev/user-details.properties

-Jeff

On Sunday, September 18, 2016 at 7:51:13 PM UTC-4, Jeffrey Ramsay wrote:
>
> I'm receiving this message "You are not authorized to access this 
> resource. Contact your CAS administrator for more info." while trying to 
> access the CAS management interface. I have tried using the "casuser" 
> account along with my LDAP credentials but both accounts have failed. I 
> tried adding my LDAP userid to the user-details.properties file but that 
> too has been unsuccessful.
>
> Has anyone been able to authenticate using LDAP as user store and the 
> user-default.properties file to limit admin access? I tried the "cas.mgmt" 
> options but that too has not been successful.
>
> -Jeff
>

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/bb241356-f071-492e-a274-281f149c3629%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

[cas-user] Re: CAS Management App 5.0.0.RC2-SNAPSHOT

[Jeffrey Ramsay]

Do you have any idea why I still get Access Denied?

On Sunday, September 18, 2016 at 7:51:13 PM UTC-4, Jeffrey Ramsay wrote:
>
> I'm receiving this message "You are not authorized to access this 
> resource. Contact your CAS administrator for more info." while trying to 
> access the CAS management interface. I have tried using the "casuser" 
> account along with my LDAP credentials but both accounts have failed. I 
> tried adding my LDAP userid to the user-details.properties file but that 
> too has been unsuccessful.
>
> Has anyone been able to authenticate using LDAP as user store and the 
> user-default.properties file to limit admin access? I tried the "cas.mgmt" 
> options but that too has not been successful.
>
> -Jeff
>

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/d5711a28-b867-4e0b-8ae0-3add8dafea3a%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

Re: [cas-user] Re: CAS Management App 5.0.0.RC2-SNAPSHOT

[Jeffrey Ramsay]

Ok, how do I accomplish this? I have tried adding my userid 
to user-details.properties but do not want to have my password in clear 
text. So, what's the recipe to make this work?

jramsay=notused,ROLE_ADMIN

-Jeff


On Tuesday, September 20, 2016 at 11:04:30 AM UTC-4, Misagh Moayyed wrote:
>
> Yes, and yes. 
>
> --
> *From: *"Jeffrey Ramsay" <jeffrey...@gmail.com >
> *To: *"CAS Community" <cas-...@apereo.org >
> *Sent: *Tuesday, September 20, 2016 7:30:42 PM
> *Subject: *[cas-user] Re: CAS Management App 5.0.0.RC2-SNAPSHOT
>
> Is it possible to access the CAS 5 management console using an account 
> other than "casuser"? Is so, can the admin users be placed in a static file 
> and have their primary authentication source be LDAP? In CAS 3.4.x we only 
> had to add the matching userid to deployerConfigContext.xml -> 
> userDetailService block.
>
> -Jeff
>
> On Sunday, September 18, 2016 at 7:51:13 PM UTC-4, Jeffrey Ramsay wrote:
>>
>> I'm receiving this message "You are not authorized to access this 
>> resource. Contact your CAS administrator for more info." while trying to 
>> access the CAS management interface. I have tried using the "casuser" 
>> account along with my LDAP credentials but both accounts have failed. I 
>> tried adding my LDAP userid to the user-details.properties file but that 
>> too has been unsuccessful.
>>
>> Has anyone been able to authenticate using LDAP as user store and the 
>> user-default.properties file to limit admin access? I tried the "cas.mgmt" 
>> options but that too has not been successful.
>>
>>
>> -Jeff
>>
>
> -- 
> You received this message because you are subscribed to the Google Groups 
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to cas-user+u...@apereo.org .
> To post to this group, send email to cas-...@apereo.org .
> Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/
> .
> To view this discussion on the web visit 
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/00a20f52-eb8a-4dc3-a689-6f0ff15e44f5%40apereo.org
>  
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/00a20f52-eb8a-4dc3-a689-6f0ff15e44f5%40apereo.org?utm_medium=email_source=footer>
> .
> For more options, visit https://groups.google.com/a/apereo.org/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/2881588b-511c-4e5a-96da-472907ddcf9c%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

[cas-user] Re: CAS Management App 5.0.0.RC2-SNAPSHOT

[Jeffrey Ramsay]

Is it possible to access the CAS 5 management console using an account 
other than "casuser"? Is so, can the admin users be placed in a static file 
and have their primary authentication source be LDAP? In CAS 3.4.x we only 
had to add the matching userid to deployerConfigContext.xml -> 
userDetailService block.

-Jeff

On Sunday, September 18, 2016 at 7:51:13 PM UTC-4, Jeffrey Ramsay wrote:
>
> I'm receiving this message "You are not authorized to access this 
> resource. Contact your CAS administrator for more info." while trying to 
> access the CAS management interface. I have tried using the "casuser" 
> account along with my LDAP credentials but both accounts have failed. I 
> tried adding my LDAP userid to the user-details.properties file but that 
> too has been unsuccessful.
>
> Has anyone been able to authenticate using LDAP as user store and the 
> user-default.properties file to limit admin access? I tried the "cas.mgmt" 
> options but that too has not been successful.
>
> -Jeff
>

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/00a20f52-eb8a-4dc3-a689-6f0ff15e44f5%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

[cas-user] CAS 5.0.0.RC2 build failures

[Jeffrey Ramsay]

My experience trying to upgrade from both RC1 and RC2-SNAPSHOT is anything 
but painless. 

[INFO] 

[INFO] BUILD FAILURE
[INFO] 

[INFO] Total time: 10.468 s
[INFO] Finished at: 2016-09-20T07:23:28-04:00
[INFO] Final Memory: 11M/357M
[INFO] 

[ERROR] Failed to execute goal on project cas-overlay: Could not resolve 
dependencies for project org.jasig.cas:cas-overlay:war:1.0: The following 
artifacts could not be resolved: 
org.apereo.cas:cas-server-webapp:war:5.0.0.RC2, 
org.apereo.cas:cas-server-support-gauth:jar:5.0.0.RC2, 
org.apereo.cas:cas-server-support-gauth-jpa:jar:5.0.0.RC2, 
org.apereo.cas:cas-server-support-captcha:jar:5.0.0.RC2, 
org.apereo.cas:cas-server-support-ldap:jar:5.0.0.RC2, 
org.apereo.cas:cas-server-support-jpa-service-registry:jar:5.0.0.RC2, 
org.apereo.cas:cas-server-support-jdbc:jar:5.0.0.RC2: Could not find 
artifact org.apereo.cas:cas-server-webapp:war:5.0.0.RC2 in 
sonatype-releases (http://oss.sonatype.org/content/repositories/releases/) 
-> [Help 1]
org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute 
goal on project cas-overlay: Could not resolve dependencies for project 
org.jasig.cas:cas-overlay:war:1.0: The following artifacts could not be 
resolved: org.apereo.cas:cas-server-webapp:war:5.0.0.RC2, 
org.apereo.cas:cas-server-support-gauth:jar:5.0.0.RC2, 
org.apereo.cas:cas-server-support-gauth-jpa:jar:5.0.0.RC2, 
org.apereo.cas:cas-server-support-captcha:jar:5.0.0.RC2, 
org.apereo.cas:cas-server-support-ldap:jar:5.0.0.RC2, 
org.apereo.cas:cas-server-support-jpa-service-registry:jar:5.0.0.RC2, 
org.apereo.cas:cas-server-support-jdbc:jar:5.0.0.RC2: Could not find 
artifact org.apereo.cas:cas-server-webapp:war:5.0.0.RC2 in 
sonatype-releases (http://oss.sonatype.org/content/repositories/releases/)


[INFO] 

[INFO] BUILD FAILURE
[INFO] 

[INFO] Total time: 0.666 s
[INFO] Finished at: 2016-09-20T07:24:38-04:00
[INFO] Final Memory: 14M/357M
[INFO] 

[ERROR] Failed to execute goal on project cas-overlay: Could not resolve 
dependencies for project org.apereo.cas:cas-overlay:war:1.0: Failure to 
find org.apereo.cas:cas-management-webapp:war:5.0.0.RC2 in 
http://oss.sonatype.org/content/repositories/releases/ was cached in the 
local repository, resolution will not be reattempted until the update 
interval of sonatype-releases has elapsed or updates are forced -> [Help 1]
org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute 
goal on project cas-overlay: Could not resolve dependencies for project 
org.apereo.cas:cas-overlay:war:1.0: Failure to find 
org.apereo.cas:cas-management-webapp:war:5.0.0.RC2 in 
http://oss.sonatype.org/content/repositories/releases/ was cached in the 
local repository, resolution will not be reattempted until the update 
interval of sonatype-releases has elapsed or updates are forced

-Jeff

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/a14c732f-2c91-43e1-8252-7c21690c19f5%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

[cas-user] CAS Management App 5.0.0.RC2-SNAPSHOT

[Jeffrey Ramsay]

I'm receiving this message "You are not authorized to access this resource. 
Contact your CAS administrator for more info." while trying to access the 
CAS management interface. I have tried using the "casuser" account along 
with my LDAP credentials but both accounts have failed. I tried adding my 
LDAP userid to the user-details.properties file but that too has been 
unsuccessful.

Has anyone been able to authenticate using LDAP as user store and the 
user-default.properties file to limit admin access? I tried the "cas.mgmt" 
options but that too has not been successful.

-Jeff

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/aed8f68a-735a-4e59-9c16-180c2e8a853b%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

[cas-user] Re: CAS 5.0.0.RC1 - Is service management webapp functional ?

[Jeffrey Ramsay]

Is CloudBus or RabbitMQ required for non-distributed environments? I prefer 
to disable these option and set the following in both the 
cas-management.properties and cas.properties file but still receives the 
errors:

spring.cloud.bus.enabled=false


2016-09-13 12:51:04,127 WARN 
[org.springframework.amqp.rabbit.core.RabbitAdmin] - 
org.springframework.amqp.AmqpConnectException: java.net.ConnectException: 
Connection refused
at 
org.springframework.amqp.rabbit.support.RabbitExceptionTranslator.convertRabbitAccessException(RabbitExceptionTranslator.java:62)
 
~[spring-rabbit-1.6.1.RELEASE.jar:?]

-Jeff

On Tuesday, September 13, 2016 at 11:49:08 AM UTC-4, Philippe MARASSE wrote:
>
> Folks,
>
> I've managed to get the management webapp running on my development 
> platform using overlay provided on github (5.0 branch), It uses the same 
> Json registry as my CAS Server, but manage.html view is a bit weird :
>
>
>
>
> Is the management webapp functional ?
>
> Regards.
>
> -- 
> Philippe MARASSE
>
> Responsable pôle Infrastructures - DSIO
> Centre Hospitalier Henri Laborit
> CS 10587 - 370 avenue Jacques Cœur 
> 86021 Poitiers Cedex
> Tel : 05.49.44.57.19
>
>

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/6cf9aaf5-1242-4eac-95fa-8d13ba021021%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

[cas-user] Re: ldapAuthenticationHandler

[Jeffrey Ramsay]

It's working.

Thanks again.

-Jeff

On Thursday, September 8, 2016 at 5:34:13 PM UTC-4, Jeffrey Ramsay wrote:
>
> Ok. I tried to follow the link to setup LDAP authentication and it's not 
> working.
>
>
> https://apereo.github.io/cas/development/installation/Configuration-Properties.html#ldap-authentication
>
> I configured the following in cas.properties but I'm not sure if I'm on 
> the right path:
>
> ##
> # CAS Authentication Policy
> #
> cas.authn.policy.any.tryall=false
> cas.authn.policy.req.tryall=true
> cas.authn.policy.req.handlername=ldapAuthenticationHandler
>
> #cas.authn.policy.req.handlername=org.apereo.cas.authentication.LdapAuthenticationHandler
> cas.authn.policy.req.enabled=true
>
> ##
> # Ldap Authentication
> #
> cas.authn.accept.users=
> cas.authn.ldap[0].ldapUrl=ldap://localhost:389
> cas.authn.ldap[0].useSsl=false
> cas.authn.ldap[0].useStartTls=false
> cas.authn.ldap[0].connectTimeout=5000
>
> I don't know how to configure the deployerConfigContext.xml if that's even 
> needed at all. I found an overlay someone uploaded and it had something 
> along these lines but it's not correct.
>
>
>  />
>
>
> Any help would be most appreciated.
>
> -Jeff
>

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/c0ed67d0-170d-4e9e-a022-e6b5e7040d42%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

[cas-user] Re: ldapAuthenticationHandler

[Jeffrey Ramsay]

Hello -

I was able to fix my earlier oversight and ldap is work however, I'm unable 
to authenticate because there are no resolver configured for 
LdapAuthenticationHandler which I don't know how to.

log snippet:
2016-09-09 12:47:40,649 INFO 
[org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - 

2016-09-09 12:47:40,652 DEBUG 
[org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - 
2016-09-09 12:47:40,653 DEBUG 
[org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - 
2016-09-09 12:47:40,664 WARN 
[org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - 

2016-09-09 12:47:40,666 DEBUG 
[org.apereo.cas.audit.spi.ThreadLocalPrincipalResolver] - 
2016-09-09 12:47:40,691 DEBUG 
[org.apereo.cas.web.flow.resolver.impl.InitialAuthenticationAttemptWebflowEventResolver]
 
- <0 errors, 1 successes>
org.apereo.cas.authentication.AuthenticationException: 0 errors, 1 successes

-Jeff


On Thursday, September 8, 2016 at 5:34:13 PM UTC-4, Jeffrey Ramsay wrote:
>
> Ok. I tried to follow the link to setup LDAP authentication and it's not 
> working.
>
>
> https://apereo.github.io/cas/development/installation/Configuration-Properties.html#ldap-authentication
>
> I configured the following in cas.properties but I'm not sure if I'm on 
> the right path:
>
> ##
> # CAS Authentication Policy
> #
> cas.authn.policy.any.tryall=false
> cas.authn.policy.req.tryall=true
> cas.authn.policy.req.handlername=ldapAuthenticationHandler
>
> #cas.authn.policy.req.handlername=org.apereo.cas.authentication.LdapAuthenticationHandler
> cas.authn.policy.req.enabled=true
>
> ##
> # Ldap Authentication
> #
> cas.authn.accept.users=
> cas.authn.ldap[0].ldapUrl=ldap://localhost:389
> cas.authn.ldap[0].useSsl=false
> cas.authn.ldap[0].useStartTls=false
> cas.authn.ldap[0].connectTimeout=5000
>
> I don't know how to configure the deployerConfigContext.xml if that's even 
> needed at all. I found an overlay someone uploaded and it had something 
> along these lines but it's not correct.
>
>
>  />
>
>
> Any help would be most appreciated.
>
> -Jeff
>

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/63c14113-f672-43b1-babe-4f71c8077f8f%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

[cas-user] Re: Step by Step guide

[Jeffrey Ramsay]

I will definitely post what I have done. I haven't had to start from 
scratch but it has been tough trying to figure this out (Tomcat and JAVA 
versions, etc).

Also, I want to convey that these builds are much easier than the earlier 
releases (I started with the 3.4 branch) to configure, so keep up the good 
work and hopefully you will not see these comments as being negative.

-Jeff

On Friday, September 9, 2016 at 8:51:16 AM UTC-4, Josep Manel Andrés wrote:
>
> Hi guys, 
> After a while of being subscribedto this mailing list, I have noticed 
> that we keep asking the same basic questions because there isn't a step 
> by step guide, manual to follow or something similar. I think we loose 
> time answering always the same questions 
> Is there any way of having something similar to a guide? 
>
> Cheers. 
>
>
>
> WARNING / LEGAL TEXT: This message is intended only for the use of the 
> individual or entity to which it is addressed and may contain 
> information which is privileged, confidential, proprietary, or exempt 
> from disclosure under applicable law. If you are not the intended 
> recipient or the person responsible for delivering the message to the 
> intended recipient, you are strictly prohibited from disclosing, 
> distributing, copying, or in any way using this message. If you have 
> received this communication in error, please notify the sender and 
> destroy and delete any copies you may have received. 
>
> http://www.bsc.es/disclaimer 
>

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/58623bcc-1e27-4f4e-aed8-b6ce26c358c3%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

[cas-user] ldapAuthenticationHandler

[Jeffrey Ramsay]

Ok. I tried to follow the link to setup LDAP authentication and it's not 
working.

https://apereo.github.io/cas/development/installation/Configuration-Properties.html#ldap-authentication

I configured the following in cas.properties but I'm not sure if I'm on the 
right path:

##
# CAS Authentication Policy
#
cas.authn.policy.any.tryall=false
cas.authn.policy.req.tryall=true
cas.authn.policy.req.handlername=ldapAuthenticationHandler
#cas.authn.policy.req.handlername=org.apereo.cas.authentication.LdapAuthenticationHandler
cas.authn.policy.req.enabled=true

##
# Ldap Authentication
#
cas.authn.accept.users=
cas.authn.ldap[0].ldapUrl=ldap://localhost:389
cas.authn.ldap[0].useSsl=false
cas.authn.ldap[0].useStartTls=false
cas.authn.ldap[0].connectTimeout=5000

I don't know how to configure the deployerConfigContext.xml if that's even 
needed at all. I found an overlay someone uploaded and it had something 
along these lines but it's not correct.

   

   

Any help would be most appreciated.

-Jeff

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/19c7df38-79f9-4330-be63-6134ba7f21f8%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

Re: [cas-user] Re: reCAPTCHA validation failed.

[Jeffrey Ramsay]

Awesome! Thanks.

-Jeff

On Wednesday, September 7, 2016 at 1:44:45 AM UTC-4, Dmitriy Kopylenko 
wrote:
>
> In CAS 5, the location of the config properties resources is configured in 
> 'bootstrap.properties'. 
>
> See this guide: 
> https://apereo.github.io/cas/development/installation/Configuration-Management.html
>
> D.
>
> On Wed, Sep 7, 2016 at 01:37, Jeffrey Ramsay <jeffrey...@gmail.com 
> > wrote:
>
> I placed my config in /etc/cas/config and reCaptcha is now working. I 
> would still like to be able differentiate between development and test.
>
> -Jeff
>
> On Tuesday, September 6, 2016 at 1:06:01 AM UTC-4, Jeffrey Ramsay wrote:
>>
>> I'm getting the error "reCAPTCHA validation failed" in CAS 5.0.0 RC1.
>>
>> I added the correct site and secret keys to the cas.properties file.
>> cas.googleRecaptcha.verifyUrl=
>> https://www.google.com/recaptcha/api/siteverify
>> cas.googleRecaptcha.siteKey=6LerbCk
>> cas.googleRecaptcha.secret=6LerbCk
>>
>> I don't see any other error in the log besides this.
>> --
>> 2016-09-06 00:51:21,324 DEBUG 
>> [org.springframework.webflow.engine.ViewState] - > [ServletMvcView@4e00be92 view = 
>> org.thymeleaf.spring4.view.ThymeleafView@51e42401]>
>> 2016-09-06 00:51:21,324 DEBUG 
>> [org.springframework.webflow.engine.ViewState] - <  Flash scope = 
>> map[[empty]]>
>> 2016-09-06 00:51:21,324 DEBUG 
>> [org.springframework.webflow.engine.ViewState] - <  Messages = 
>> [DefaultMessageContext@38ef1ae0 sourceMessages = map[[null] -> 
>> list[[Message@6ac3a8ac source = [null], severity = ERROR, text = 'reCAPTCHA 
>> validation failed.'>
>> 2016-09-06 00:51:21,326 DEBUG 
>> [org.springframework.webflow.mvc.view.AbstractMvcView] - > [org.thymeleaf.spring4.view.ThymeleafView@51e42401] with model map 
>> [{passwordManagementEnabled=false, recaptchaSiteKey=null, 
>> viewScope=map[[empty]], warnCookieValue=false, 
>> org.springframework.validation.BindingResult.credential=org.springframework.webflow.mvc.view.BindingModel:
>>  
>> 1 errors
>> Error in object 'credential': codes []; arguments []; default message 
>> [reCAPTCHA validation failed.], staticAuthentication=true, 
>> flowExecutionUrl=/cas/login?username=casuser=Mellon=1ccf000b-5a4f-4859-b5df-9fda4189e31a_ZXlKaGJHY2lPaUpJVXpVeE1pSjkuY0daR05YaEVXbTF2Y0ZkQ1JYbHNlVlJNUlhaSmVuaGplV2hCZDBscmVrUlpWR1F3ZW5GQlJsQlJiV1pOYUhWR1IwdEtLMUYxWmpScGEyazBMMWh3T1hCRE5pOVdVMUp0VWs0eFRXcGxVRFpqWW1GNVVqZFpWMmsyY1RjMk1XOUJSRXBhTkZNMmVtSnRNVU4yTW01ak5TdDFZWFZTYm1OSGNGbDRUalpNU2xaM1RGaGhaMHhPTURkMUwwZzJVWFJoYlRCbE9HTjVjMVkxVmxSR1YyaHhXVlp6Y2xRNGVEaHZiMVJOT0c1aldFbElVVVZuVlZWaWNVUTBaR05yY1dkRmJWVmpWMGhxZVRCSmFFSTBTaTlRTDNOb09FeFlXVkphVDNOYVpIaFpaMVJtVTJ4VU0yNUdkbHBoYW1WcVdHbGFWVmxSV1VKdlR5dExVV2xsUkRGemNFbHVSRzFpVTJOUFVqYzRUMGh1VEhKeU0zcGFLMEZXWTFRd1FXNVBWVUZJYjI5S05VZElUR1pFT1RBd2NqaHFiMEkzVlZkSWRVMDNOV3hXY2tkbE1pdDZaVGc0T1dkMlZVTXZPRzA0V2xReE5sRkpSbTFVVkZOUWF6WkdjMlZDZFZaUWRUa3ZVRGhFUWswMmVuTnNhVkZtWkVkc1NUVnhSVFpwUzBKVFJUaFdWRXd2WjFoTE9DdFRhRU5vYjFnd1ExZFVabE5SYjBKcE5WbERibFZyYVc1SWIzQXJWMVV5Y0hsTWNGaExRWFJUY0hsaFIxUnBPU3RqV0ZkTWFtSnNZbGxKVGtOMmREVjFXRVV2UkdGWmVqWkNZM0J3ZEdOek9GQktVMjlyWjJ4Vk
>>  
>> 4zWllRbUZ0V1cxNmRuTlJkemhrWVhVMVdWWnpVVzlqZWk5emRUTnBiVFY2U0RSbWNIcHFkWFJPWm00dlUxVlBRazlXTjJkNE5rWnVUVEpMYVdkWWRFOXBZVmg1S3pkM1NVSm9VVFJKZHpWSVVuUnBOR0ZoUTBsU1pXVnpPRUZsVFdad1ZtZHZaV013UkhsdmFVSnNUMGh1UkdaR1ZHSlhaRE5RUjFGU04yVnlNMVJEYjJ4WllURjFMMUZzTTFaTVRHeDZWV0ZoY2xnd2VUUlJWbUpGTlhSSFF6TjNVbWR1UmxKSmFWZHhiRGR1TW5jdlNuTm1UbFo2VUZaR1VWVnZTVVEzZFhrMWNISTVlRkpQTjJZNWFsazBOa2hHVmpsMU5WTmlRbGhGYlVWSFFYY3ZVRTFSUWtrd1ltOXFNRWxXWVRkRlJXeDFXRWhwZFZSRVFrWnNjbmhWWkRadGRqbFlLMkZNZFRKSk5IbGlUVWhUZVdZemVVNTVSRkZETVhoRmMySkdlRlJrYURGdllXTjNTU3RWYm1rMVZFRjRVbEYyVmtGaVYzWndTMWszVjFWQloyZHFjMGhGT1ZKaFJFMW5hVmhITWs5S1puVndaSGgxTkdoQmRDdE5jRmxqZVhKeldYTlVjMU5yYlhvMmIxQk5kbEZrTVRoU1REUkNXQzlRVVZGaE1pOURNbUZCTjFsVVNIWXZPRzF6TlhaS05VTTFWVk4yWXl0TU0ybHNhVlZFYVdkUFRtRktkSFZqTVhKbmEzaE1OSEpSWm5GTGRsUnJaMDlPWjNkdE5IZG1kSEZVUXpOaWEyTnhUMDB2TUZScmNGcHdLM1JzYURCM2QxbzRRVkJFZUZkVU5FWnhhMVZLV1hWTFZIRlZiVUo1ZVhOaE9VcHJVREJMYzNaUlJHTldUMGRDWW1WMlV6TXpNV3RWVlZKUFlXdE9ia1YySzJNcmEybDNhV3hOYVRWMlpYWmpjWEpQZUdOcFJWRjB
>>  
>> XbFUzYUhjOVBRLnFqQk00c09EMTV0aVZNXzF0VXN0QzR4TVc1Qi1fcmIxU1VuQjZsU3U0NHA3ampDX1hiRkVSWlNWRkxudjFWb3Z6MWRvcEMzUkpMbTZsTlhLWWc4Z0N3&_eventId=submit=,
>>  
>> flowRequestContext=[RequestControlContextImpl@21fc6f48 externalContext = 
>> org.springframework.webflow.mvc.servlet.MvcExternalContext@29bd4e5b, 
>> currentEvent = success, requestScope = map[[empty]], attributes = 
>> map[[empty]], messageContext = [DefaultMessageContext@38ef1ae0 
>> sourceMessages = map[[null] -> list[[Message@6ac3a8ac so

[cas-user] Re: reCAPTCHA validation failed.

[Jeffrey Ramsay]

I placed my config in /etc/cas/config and reCaptcha is now working. I would 
still like to be able differentiate between development and test.

-Jeff

On Tuesday, September 6, 2016 at 1:06:01 AM UTC-4, Jeffrey Ramsay wrote:
>
> I'm getting the error "reCAPTCHA validation failed" in CAS 5.0.0 RC1.
>
> I added the correct site and secret keys to the cas.properties file.
> cas.googleRecaptcha.verifyUrl=
> https://www.google.com/recaptcha/api/siteverify
> cas.googleRecaptcha.siteKey=6LerbCk
> cas.googleRecaptcha.secret=6LerbCk
>
> I don't see any other error in the log besides this.
> --
> 2016-09-06 00:51:21,324 DEBUG 
> [org.springframework.webflow.engine.ViewState] -  [ServletMvcView@4e00be92 view = 
> org.thymeleaf.spring4.view.ThymeleafView@51e42401]>
> 2016-09-06 00:51:21,324 DEBUG 
> [org.springframework.webflow.engine.ViewState] - <  Flash scope = 
> map[[empty]]>
> 2016-09-06 00:51:21,324 DEBUG 
> [org.springframework.webflow.engine.ViewState] - <  Messages = 
> [DefaultMessageContext@38ef1ae0 sourceMessages = map[[null] -> 
> list[[Message@6ac3a8ac source = [null], severity = ERROR, text = 'reCAPTCHA 
> validation failed.'>
> 2016-09-06 00:51:21,326 DEBUG 
> [org.springframework.webflow.mvc.view.AbstractMvcView] -  [org.thymeleaf.spring4.view.ThymeleafView@51e42401] with model map 
> [{passwordManagementEnabled=false, recaptchaSiteKey=null, 
> viewScope=map[[empty]], warnCookieValue=false, 
> org.springframework.validation.BindingResult.credential=org.springframework.webflow.mvc.view.BindingModel:
>  
> 1 errors
> Error in object 'credential': codes []; arguments []; default message 
> [reCAPTCHA validation failed.], staticAuthentication=true, 
> flowExecutionUrl=/cas/login?username=casuser=Mellon=1ccf000b-5a4f-4859-b5df-9fda4189e31a_ZXlKaGJHY2lPaUpJVXpVeE1pSjkuY0daR05YaEVXbTF2Y0ZkQ1JYbHNlVlJNUlhaSmVuaGplV2hCZDBscmVrUlpWR1F3ZW5GQlJsQlJiV1pOYUhWR1IwdEtLMUYxWmpScGEyazBMMWh3T1hCRE5pOVdVMUp0VWs0eFRXcGxVRFpqWW1GNVVqZFpWMmsyY1RjMk1XOUJSRXBhTkZNMmVtSnRNVU4yTW01ak5TdDFZWFZTYm1OSGNGbDRUalpNU2xaM1RGaGhaMHhPTURkMUwwZzJVWFJoYlRCbE9HTjVjMVkxVmxSR1YyaHhXVlp6Y2xRNGVEaHZiMVJOT0c1aldFbElVVVZuVlZWaWNVUTBaR05yY1dkRmJWVmpWMGhxZVRCSmFFSTBTaTlRTDNOb09FeFlXVkphVDNOYVpIaFpaMVJtVTJ4VU0yNUdkbHBoYW1WcVdHbGFWVmxSV1VKdlR5dExVV2xsUkRGemNFbHVSRzFpVTJOUFVqYzRUMGh1VEhKeU0zcGFLMEZXWTFRd1FXNVBWVUZJYjI5S05VZElUR1pFT1RBd2NqaHFiMEkzVlZkSWRVMDNOV3hXY2tkbE1pdDZaVGc0T1dkMlZVTXZPRzA0V2xReE5sRkpSbTFVVkZOUWF6WkdjMlZDZFZaUWRUa3ZVRGhFUWswMmVuTnNhVkZtWkVkc1NUVnhSVFpwUzBKVFJUaFdWRXd2WjFoTE9DdFRhRU5vYjFnd1ExZFVabE5SYjBKcE5WbERibFZyYVc1SWIzQXJWMVV5Y0hsTWNGaExRWFJUY0hsaFIxUnBPU3RqV0ZkTWFtSnNZbGxKVGtOMmREVjFXRVV2UkdGWmVqWkNZM0J3ZEdOek9GQktVMjlyWjJ4Vk4zWllRbUZ0V1cxNmRuTlJkemhrWVhVMVdWWnpVVzlqZWk5emRUTnBiVFY2U0RSbWNIcHFkWFJPWm00dlUxVlBRazlXTjJkNE5rWnVUVEpMYVdkWWRFOXBZVmg1S3pkM1NVSm9VVFJKZHpWSVVuUnBOR0ZoUTBsU1pXVnpPRUZsVFdad1ZtZHZaV013UkhsdmFVSnNUMGh1UkdaR1ZHSlhaRE5RUjFGU04yVnlNMVJEYjJ4WllURjFMMUZzTTFaTVRHeDZWV0ZoY2xnd2VUUlJWbUpGTlhSSFF6TjNVbWR1UmxKSmFWZHhiRGR1TW5jdlNuTm1UbFo2VUZaR1VWVnZTVVEzZFhrMWNISTVlRkpQTjJZNWFsazBOa2hHVmpsMU5WTmlRbGhGYlVWSFFYY3ZVRTFSUWtrd1ltOXFNRWxXWVRkRlJXeDFXRWhwZFZSRVFrWnNjbmhWWkRadGRqbFlLMkZNZFRKSk5IbGlUVWhUZVdZemVVNTVSRkZETVhoRmMySkdlRlJrYURGdllXTjNTU3RWYm1rMVZFRjRVbEYyVmtGaVYzWndTMWszVjFWQloyZHFjMGhGT1ZKaFJFMW5hVmhITWs5S1puVndaSGgxTkdoQmRDdE5jRmxqZVhKeldYTlVjMU5yYlhvMmIxQk5kbEZrTVRoU1REUkNXQzlRVVZGaE1pOURNbUZCTjFsVVNIWXZPRzF6TlhaS05VTTFWVk4yWXl0TU0ybHNhVlZFYVdkUFRtRktkSFZqTVhKbmEzaE1OSEpSWm5GTGRsUnJaMDlPWjNkdE5IZG1kSEZVUXpOaWEyTnhUMDB2TUZScmNGcHdLM1JzYURCM2QxbzRRVkJFZUZkVU5FWnhhMVZLV1hWTFZIRlZiVUo1ZVhOaE9VcHJVREJMYzNaUlJHTldUMGRDWW1WMlV6TXpNV3RWVlZKUFlXdE9ia1YySzJNcmEybDNhV3hOYVRWMlpYWmpjWEpQZUdOcFJWRjBXbFUzYUhjOVBRLnFqQk00c09EMTV0aVZNXzF0VXN0QzR4TVc1Qi1fcmIxU1VuQjZsU3U0NHA3ampDX1hiRkVSWlNWRkxudjFWb3Z6MWRvcEMzUkpMbTZsTlhLWWc4Z0N3&_eventId=submit=,
>  
> flowRequestContext=[RequestControlContextImpl@21fc6f48 externalContext = 
> org.springframework.webflow.mvc.servlet.MvcExternalContext@29bd4e5b, 
> currentEvent = success, requestScope = map[[empty]], attributes = 
> map[[empty]], messageContext = [DefaultMessageContext@38ef1ae0 
> sourceMessages = map[[null] -> list[[Message@6ac3a8ac source = [null], 
> severity = ERROR, text = 'reCAPTCHA validation failed.', flowExecution 
> = [FlowExecutionImpl@96840ba flow = 'login', flowSessions = 
> list[[FlowSessionImpl@7ab4cc52 flow = 'login', state = 'viewLoginForm', 
> scope = map['passwordManagementEnabled' -> false, 
> 'rememberMeAuthenticationEnabled' -> false, 'recaptchaSiteKey' -> [null], 
> 'viewScope' -> map[[empty]], 'credential' -> casuser, 'warnCookieValue' -> 
> false, 'staticAuthentication' -> true, 'service' -> [null], 
> 'ticketGrantingTicketId' -> [null],

[cas-user] Re: reCAPTCHA validation failed.

[Jeffrey Ramsay]

Hello -

Thanks for taking a look at this.

1. How can I redefine where the cas.properties file is located. We 
typically have dev and test instances hosted on the same box and I am 
trying to avoid using the same files. In 4.2.x there was a 
"propertyFileConfigurer.xml", is that available in 5; I used that to alter 
the location.

2. Where do I obtain the proper CAS 5 pom file? I just 
downloaded v5.0.0.RC1.tar.gz and there's no pom.xml and I can't seem to get 
my builds started using gradle.

[root@opti-760 cas-5.0.0.RC1]# ./dev-build.sh 
Starting a Gradle Daemon (subsequent builds will be faster)
Incremental java compilation is an incubating feature.

FAILURE: Build failed with an exception.

* Where:
Build file 
'/root/src/cas/tmp/cas-5.0.0.RC1/cas-management-webapp/build.gradle' line: 
28

* What went wrong:
A problem occurred evaluating project ':cas-management-webapp'.
> Could not get unknown property 'java' for object of type 
org.gradle.api.java.archives.internal.DefaultManifest.

* Try:
Run with --stacktrace option to get the stack trace. Run with --info or 
--debug option to get more log output.

BUILD FAILED

Total time: 39.471 secs

-Jeff

On Tuesday, September 6, 2016 at 1:06:01 AM UTC-4, Jeffrey Ramsay wrote:
>
> I'm getting the error "reCAPTCHA validation failed" in CAS 5.0.0 RC1.
>
> I added the correct site and secret keys to the cas.properties file.
> cas.googleRecaptcha.verifyUrl=
> https://www.google.com/recaptcha/api/siteverify
> cas.googleRecaptcha.siteKey=6LerbCk
> cas.googleRecaptcha.secret=6LerbCk
>
> I don't see any other error in the log besides this.
> --
> 2016-09-06 00:51:21,324 DEBUG 
> [org.springframework.webflow.engine.ViewState] -  [ServletMvcView@4e00be92 view = 
> org.thymeleaf.spring4.view.ThymeleafView@51e42401]>
> 2016-09-06 00:51:21,324 DEBUG 
> [org.springframework.webflow.engine.ViewState] - <  Flash scope = 
> map[[empty]]>
> 2016-09-06 00:51:21,324 DEBUG 
> [org.springframework.webflow.engine.ViewState] - <  Messages = 
> [DefaultMessageContext@38ef1ae0 sourceMessages = map[[null] -> 
> list[[Message@6ac3a8ac source = [null], severity = ERROR, text = 'reCAPTCHA 
> validation failed.'>
> 2016-09-06 00:51:21,326 DEBUG 
> [org.springframework.webflow.mvc.view.AbstractMvcView] -  [org.thymeleaf.spring4.view.ThymeleafView@51e42401] with model map 
> [{passwordManagementEnabled=false, recaptchaSiteKey=null, 
> viewScope=map[[empty]], warnCookieValue=false, 
> org.springframework.validation.BindingResult.credential=org.springframework.webflow.mvc.view.BindingModel:
>  
> 1 errors
> Error in object 'credential': codes []; arguments []; default message 
> [reCAPTCHA validation failed.], staticAuthentication=true, 
> flowExecutionUrl=/cas/login?username=casuser=Mellon=1ccf000b-5a4f-4859-b5df-9fda4189e31a_ZXlKaGJHY2lPaUpJVXpVeE1pSjkuY0daR05YaEVXbTF2Y0ZkQ1JYbHNlVlJNUlhaSmVuaGplV2hCZDBscmVrUlpWR1F3ZW5GQlJsQlJiV1pOYUhWR1IwdEtLMUYxWmpScGEyazBMMWh3T1hCRE5pOVdVMUp0VWs0eFRXcGxVRFpqWW1GNVVqZFpWMmsyY1RjMk1XOUJSRXBhTkZNMmVtSnRNVU4yTW01ak5TdDFZWFZTYm1OSGNGbDRUalpNU2xaM1RGaGhaMHhPTURkMUwwZzJVWFJoYlRCbE9HTjVjMVkxVmxSR1YyaHhXVlp6Y2xRNGVEaHZiMVJOT0c1aldFbElVVVZuVlZWaWNVUTBaR05yY1dkRmJWVmpWMGhxZVRCSmFFSTBTaTlRTDNOb09FeFlXVkphVDNOYVpIaFpaMVJtVTJ4VU0yNUdkbHBoYW1WcVdHbGFWVmxSV1VKdlR5dExVV2xsUkRGemNFbHVSRzFpVTJOUFVqYzRUMGh1VEhKeU0zcGFLMEZXWTFRd1FXNVBWVUZJYjI5S05VZElUR1pFT1RBd2NqaHFiMEkzVlZkSWRVMDNOV3hXY2tkbE1pdDZaVGc0T1dkMlZVTXZPRzA0V2xReE5sRkpSbTFVVkZOUWF6WkdjMlZDZFZaUWRUa3ZVRGhFUWswMmVuTnNhVkZtWkVkc1NUVnhSVFpwUzBKVFJUaFdWRXd2WjFoTE9DdFRhRU5vYjFnd1ExZFVabE5SYjBKcE5WbERibFZyYVc1SWIzQXJWMVV5Y0hsTWNGaExRWFJUY0hsaFIxUnBPU3RqV0ZkTWFtSnNZbGxKVGtOMmREVjFXRVV2UkdGWmVqWkNZM0J3ZEdOek9GQktVMjlyWjJ4Vk4zWllRbUZ0V1cxNmRuTlJkemhrWVhVMVdWWnpVVzlqZWk5emRUTnBiVFY2U0RSbWNIcHFkWFJPWm00dlUxVlBRazlXTjJkNE5rWnVUVEpMYVdkWWRFOXBZVmg1S3pkM1NVSm9VVFJKZHpWSVVuUnBOR0ZoUTBsU1pXVnpPRUZsVFdad1ZtZHZaV013UkhsdmFVSnNUMGh1UkdaR1ZHSlhaRE5RUjFGU04yVnlNMVJEYjJ4WllURjFMMUZzTTFaTVRHeDZWV0ZoY2xnd2VUUlJWbUpGTlhSSFF6TjNVbWR1UmxKSmFWZHhiRGR1TW5jdlNuTm1UbFo2VUZaR1VWVnZTVVEzZFhrMWNISTVlRkpQTjJZNWFsazBOa2hHVmpsMU5WTmlRbGhGYlVWSFFYY3ZVRTFSUWtrd1ltOXFNRWxXWVRkRlJXeDFXRWhwZFZSRVFrWnNjbmhWWkRadGRqbFlLMkZNZFRKSk5IbGlUVWhUZVdZemVVNTVSRkZETVhoRmMySkdlRlJrYURGdllXTjNTU3RWYm1rMVZFRjRVbEYyVmtGaVYzWndTMWszVjFWQloyZHFjMGhGT1ZKaFJFMW5hVmhITWs5S1puVndaSGgxTkdoQmRDdE5jRmxqZVhKeldYTlVjMU5yYlhvMmIxQk5kbEZrTVRoU1REUkNXQzlRVVZGaE1pOURNbUZCTjFsVVNIWXZPRzF6TlhaS05VTTFWVk4yWXl0TU0ybHNhVlZFYVdkUFRtRktkSFZqTVhKbmEzaE1OSEpSWm5GTGRsUnJaMDlPWjNkdE5IZG1kSEZVUXpOaWEyTnhUMDB2TUZScmNGcHdLM1JzYURCM2QxbzRRVkJFZUZkVU5FWnhhMVZLV1hWTFZIRlZiVUo1ZVhOaE9VcHJVREJMYzNaUlJHTldUMGRDWW1WMlV6TXpNV3RWVlZKUFlXdE9ia1YySzJNcmEybDNhV3hOYVRWMlpYWmpjWEpQZUdOcFJWRjBXbFUzYUhjOVBRLnFqQk00c09EMTV0aVZNXzF0VXN0QzR4TVc1Qi1fcmIxU1VuQjZsU3U0NHA3ampDX1hiRkVSWlNWRkxudjFWb3Z6MWRvcEMzUkpMbTZsTlhLWWc4Z0N3&_eventId=submit=,
>  
&

[cas-user] reCAPTCHA validation failed.

[Jeffrey Ramsay]

I'm getting the error "reCAPTCHA validation failed" in CAS 5.0.0 RC1.

I added the correct site and secret keys to the cas.properties file.
cas.googleRecaptcha.verifyUrl=https://www.google.com/recaptcha/api/siteverify
cas.googleRecaptcha.siteKey=6LerbCk
cas.googleRecaptcha.secret=6LerbCk

I don't see any other error in the log besides this.
--
2016-09-06 00:51:21,324 DEBUG 
[org.springframework.webflow.engine.ViewState] - 
2016-09-06 00:51:21,324 DEBUG 
[org.springframework.webflow.engine.ViewState] - <  Flash scope = 
map[[empty]]>
2016-09-06 00:51:21,324 DEBUG 
[org.springframework.webflow.engine.ViewState] - <  Messages = 
[DefaultMessageContext@38ef1ae0 sourceMessages = map[[null] -> 
list[[Message@6ac3a8ac source = [null], severity = ERROR, text = 'reCAPTCHA 
validation failed.'>
2016-09-06 00:51:21,326 DEBUG 
[org.springframework.webflow.mvc.view.AbstractMvcView] -  list[[Message@6ac3a8ac source = [null], 
severity = ERROR, text = 'reCAPTCHA validation failed.', flowExecution 
= [FlowExecutionImpl@96840ba flow = 'login', flowSessions = 
list[[FlowSessionImpl@7ab4cc52 flow = 'login', state = 'viewLoginForm', 
scope = map['passwordManagementEnabled' -> false, 
'rememberMeAuthenticationEnabled' -> false, 'recaptchaSiteKey' -> [null], 
'viewScope' -> map[[empty]], 'credential' -> casuser, 'warnCookieValue' -> 
false, 'staticAuthentication' -> true, 'service' -> [null], 
'ticketGrantingTicketId' -> [null], 'googleAnalyticsTrackingId' -> false, 
'trackGeoLocation' -> [null]], rememberMeAuthenticationEnabled=false, 
currentUser=null, credential=casuser, 
flowExecutionKey=1ccf000b-5a4f-4859-b5df-9fda4189e31a_ZXlKaGJHY2lPaUpJVXpVeE1pSjkuY0daR05YaEVXbTF2Y0ZkQ1JYbHNlVlJNUlhaSmVuaGplV2hCZDBscmVrUlpWR1F3ZW5GQlJsQlJiV1pOYUhWR1IwdEtLMUYxWmpScGEyazBMMWh3T1hCRE5pOVdVMUp0VWs0eFRXcGxVRFpqWW1GNVVqZFpWMmsyY1RjMk1XOUJSRXBhTkZNMmVtSnRNVU4yTW01ak5TdDFZWFZTYm1OSGNGbDRUalpNU2xaM1RGaGhaMHhPTURkMUwwZzJVWFJoYlRCbE9HTjVjMVkxVmxSR1YyaHhXVlp6Y2xRNGVEaHZiMVJOT0c1aldFbElVVVZuVlZWaWNVUTBaR05yY1dkRmJWVmpWMGhxZVRCSmFFSTBTaTlRTDNOb09FeFlXVkphVDNOYVpIaFpaMVJtVTJ4VU0yNUdkbHBoYW1WcVdHbGFWVmxSV1VKdlR5dExVV2xsUkRGemNFbHVSRzFpVTJOUFVqYzRUMGh1VEhKeU0zcGFLMEZXWTFRd1FXNVBWVUZJYjI5S05VZElUR1pFT1RBd2NqaHFiMEkzVlZkSWRVMDNOV3hXY2tkbE1pdDZaVGc0T1dkMlZVTXZPRzA0V2xReE5sRkpSbTFVVkZOUWF6WkdjMlZDZFZaUWRUa3ZVRGhFUWswMmVuTnNhVkZtWkVkc1NUVnhSVFpwUzBKVFJUaFdWRXd2WjFoTE9DdFRhRU5vYjFnd1ExZFVabE5SYjBKcE5WbERibFZyYVc1SWIzQXJWMVV5Y0hsTWNGaExRWFJUY0hsaFIxUnBPU3RqV0ZkTWFtSnNZbGxKVGtOMmREVjFXRVV2UkdGWmVqWkNZM0J3ZEdOek9GQktVMjlyWjJ4Vk4zWllRbUZ0V1cxNmRuTlJkemhrWVhVMVdWWnpVVzlqZWk5emRUTnBiVFY2U0RSbWNIcHFkWFJPWm00dlUxVlBRazlXTjJkNE5rWnVUVEpMYVdkWWRFOXBZVmg1S3pkM1NVSm9VVFJKZHpWSVVuUnBOR0ZoUTBsU1pXVnpPRUZsVFdad1ZtZHZaV013UkhsdmFVSnNUMGh1UkdaR1ZHSlhaRE5RUjFGU04yVnlNMVJEYjJ4WllURjFMMUZzTTFaTVRHeDZWV0ZoY2xnd2VUUlJWbUpGTlhSSFF6TjNVbWR1UmxKSmFWZHhiRGR1TW5jdlNuTm1UbFo2VUZaR1VWVnZTVVEzZFhrMWNISTVlRkpQTjJZNWFsazBOa2hHVmpsMU5WTmlRbGhGYlVWSFFYY3ZVRTFSUWtrd1ltOXFNRWxXWVRkRlJXeDFXRWhwZFZSRVFrWnNjbmhWWkRadGRqbFlLMkZNZFRKSk5IbGlUVWhUZVdZemVVNTVSRkZETVhoRmMySkdlRlJrYURGdllXTjNTU3RWYm1rMVZFRjRVbEYyVmtGaVYzWndTMWszVjFWQloyZHFjMGhGT1ZKaFJFMW5hVmhITWs5S1puVndaSGgxTkdoQmRDdE5jRmxqZVhKeldYTlVjMU5yYlhvMmIxQk5kbEZrTVRoU1REUkNXQzlRVVZGaE1pOURNbUZCTjFsVVNIWXZPRzF6TlhaS05VTTFWVk4yWXl0TU0ybHNhVlZFYVdkUFRtRktkSFZqTVhKbmEzaE1OSEpSWm5GTGRsUnJaMDlPWjNkdE5IZG1kSEZVUXpOaWEyTnhUMDB2TUZScmNGcHdLM1JzYURCM2QxbzRRVkJFZUZkVU5FWnhhMVZLV1hWTFZIRlZiVUo1ZVhOaE9VcHJVREJMYzNaUlJHTldUMGRDWW1WMlV6TXpNV3RWVlZKUFlXdE9ia1YySzJNcmEybDNhV3hOYVRWMlpYWmpjWEpQZUdOcFJWRjBXbFUzYUhjOVBRLnFqQk00c09EMTV0aVZNXzF0VXN0QzR4TVc1Qi1fcmIxU1VuQjZsU3U0NHA3ampDX1hiRkVSWlNWRkxudjFWb3Z6MWRvcEMzUkpMbTZsTlhLWWc4Z0N3,
 
service=null, ticketGrantingTicketId=null, googleAnalyticsTrackingId=false, 
trackGeoLocation=null, flashScope=map[[empty]]}]>

-Jeff

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/c802123b-cb7b-4690-a737-e94ffe4a846c%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

Re: [cas-user] CAS 4.2.4 reCaptcha configuration

[Jeffrey Ramsay]

OK. I will try 5. Thanks.

On Thursday, September 1, 2016 at 12:47:05 AM UTC-4, Misagh Moayyed wrote:
>
> There is no reCAPTCHA or Google MFA support with CAS 4.2.4. If you meant 
> 5, then sure.
>
> -- 
> Misagh
>
> From: Jeffrey Ramsay <jeffre...@gmail.com> 
> Reply: Jeffrey Ramsay <jeffre...@gmail.com> 
> Date: August 31, 2016 at 9:42:16 PM
> To: CAS Community <cas...@apereo.org> 
> Subject:  [cas-user] CAS 4.2.4 reCaptcha configuration 
>
> I have built a new CAS 4.2.4 system using the cas-overlay-template maven 
> method including both reCaptcha and Google MFA. I'm try to test the 
> reCaptcha and it's not rendering. We configured the cas.properties file to 
> include our site and private keys but I'm unsure of what else has to be 
> done; I could really use some help in getting started. 
>
> Thanks,
> -Jeff  
> --
> You received this message because you are subscribed to the Google Groups 
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to cas-user+u...@apereo.org .
> To post to this group, send email to cas-...@apereo.org .
> Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/
> .
> To view this discussion on the web visit 
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/c02a55cb-dd7d-490b-8490-60c06ef672ed%40apereo.org
>  
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/c02a55cb-dd7d-490b-8490-60c06ef672ed%40apereo.org?utm_medium=email_source=footer>
> .
> For more options, visit https://groups.google.com/a/apereo.org/d/optout.
>
> -- 
> You received this message because you are subscribed to the Google Groups 
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to cas-user+u...@apereo.org .
> To post to this group, send email to cas-...@apereo.org .
> Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/
> .
> To view this discussion on the web visit 
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/etPan.57c7b2be.c5022b8.22dd%40unicon.net
>  
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/etPan.57c7b2be.c5022b8.22dd%40unicon.net?utm_medium=email_source=footer>
> .
> For more options, visit https://groups.google.com/a/apereo.org/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/cf38682b-ed4b-41c9-b088-d0927490ddac%40googlegroups.com.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

[cas-user] CAS 4.2.4 reCaptcha configuration

[Jeffrey Ramsay]

I have built a new CAS 4.2.4 system using the cas-overlay-template maven 
method including both reCaptcha and Google MFA. I'm try to test the 
reCaptcha and it's not rendering. We configured the cas.properties file to 
include our site and private keys but I'm unsure of what else has to be 
done; I could really use some help in getting started.

Thanks,
-Jeff  

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/c02a55cb-dd7d-490b-8490-60c06ef672ed%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.