2
>
>
> Maybe there is another way?
> wtorek, 13 kwietnia 2021 o 15:22:29 UTC+2 Philippe MARASSE napisał(a):
>
> A good question indeed :-)
>
> I've took a look over my overlay, it seem that I only overloaded
> the flawed class from the commit :
>
>
t; after build. Maybe it's possible to replace/edit it?
> Regards
> Bartek
>
>
> wtorek, 13 kwietnia 2021 o 14:06:08 UTC+2 Philippe MARASSE napisał(a):
>
> Hello,
>
> It has been fixed there
>
> https://github.com/apereo/cas/commit/e7c
stry.redis.pool.test-while-idle": "false",
> "cas.ticket.registry.redis.port": "6379",
> "cas.ticket.registry.redis.timeout": "2000",
> "cas.ticket.registry.redis.use-ssl": "false",
>
> Any hints?
3e90e-b6c3-4bdb-917d-d59141c2d6f2%40nitkiewicz.eu
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/5a83e90e-b6c3-4bdb-917d-d59141c2d6f2%40nitkiewicz.eu?utm_medium=email_source=footer>.
--
Philippe MARASSE
Responsable pôle Infrastructures - DSIO
Centre Hospitalier Henri L
https://groups.google.com/a/apereo.org/d/msgid/cas-user/3ac21753-2b33-44ca-aec5-84d2d0fa5865n%40apereo.org
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/3ac21753-2b33-44ca-aec5-84d2d0fa5865n%40apereo.org?utm_medium=email_source=footer>.
--
Philippe MARASSE
Responsable pôle Infrastru
https://github.com/apereo/cas/commit/e7cb3b8b44867addcb6b8510cbbed45cbc9b265f>).
>
> Pavlos
>
> On Tue, Mar 9, 2021 at 10:19 PM 'Philippe MARASSE' via CAS Community
> mailto:cas-user@apereo.org>> wrote:
>
> Folks,
>
> Since we've installed our new cas
-support-redis-ticket-registry:${project.'cas.version'}"
}
And relevant configuation in cas.properties :
cas.authn.mfa.gauth.code-digits=6
cas.authn.mfa.gauth.time-step-size=30
cas.authn.mfa.gauth.rank=2
Any idea ?
Regards.
--
Philippe MARASSE
Responsable pôle Infrastructures - DSIO
Cen
ava:48)
at java.util.Optional.map(Optional.java:265) ~[?:?]
Regards.
Le 06/10/2020 à 17:51, 'Philippe MARASSE' via CAS Community a écrit :
> Folks,
>
> I'm testing the possibility to let the user choose MFA token to use, in
> fact between u2f and google authenticator.
>
> I h
error of requiring the Incommon
> Federation certificate as a requirement to start.
>
>
>
> If you search the for incommon.pem over the last few weeks discussion
> you’ll find several answers to this problem.
>
>
>
>
>
>
>
> *From:*'Philippe MARASSE' via CAS
:28:50 CEST 2020
CLIENT IP ADDRESS:
SERVER IP ADDRESS:
=
If I use cas.authn.mfa.provider-selection-enabled=false, I cannot choose
the 2FA but it works...
Any clue ?
Regards.
--
Philippe MARASSE
Responsable pôle Infrastructures
:
*screen.service.error.message*
...
Any idea ?
If I switch back to 6.1.0-RC4, it works.
Regards.
--
Philippe MARASSE
Responsable pôle Infrastructures
Direction de l'Informatique, Support à la Communication et à l'Organisation
(DISCO)
Centre Hospitalier Henri Laborit
CS 10587 - 370 avenue Jacques Cœur
86021
to do yet.
Philippe.
Le 16/04/2020 à 17:52, Ray Bon a écrit :
> Philippe,
>
> I do not know the exact answer. But check how clear pass works. It
> encrypts the password with the service's public key.
>
> Ray
>
> On Thu, 2020-04-16 at 16:49 +0200, 'Philippe MARASSE' via CAS
guacamole in a
safe way.
Cheers.
--
Philippe MARASSE
Responsable pôle Infrastructures - DSIO
Centre Hospitalier Henri Laborit
CS 10587 - 370 avenue Jacques Cœur
86021 Poitiers Cedex
Tel : 05.49.44.57.19
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo
/0b45cc66-1160-48aa-9320-b4fabc54ae75%40apereo.org
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/0b45cc66-1160-48aa-9320-b4fabc54ae75%40apereo.org?utm_medium=email_source=footer>.
--
Philippe MARASSE
Responsable pôle Infrastructures - DSIO
Centre Hospitalier Henri Laborit
CS
e the packetSize of the AJP connector, but it's missing
> from
> https://apereo.github.io/cas/5.3.x/installation/Configuration-Properties.html#ajp
>
> Is it hidden somewhere else ?
>
>
>
--
Philippe MARASSE
Responsable pôle Infrastructures - DSIO
Centre Hospitalier Henri Laborit
CS
google.com/a/apereo.org/d/msgid/cas-user/c9b1459f-54ca-48a5-9b0f-868dadaf0b17%40apereo.org?utm_medium=email_source=footer>.
--
Philippe MARASSE
Responsable pôle Infrastructures - DSIO
Centre Hospitalier Henri Laborit
CS 10587 - 370 avenue Jacques Cœur
86021 Poitiers Cedex
Tel : 05.49.44.57.19
If it fits your use case it's perfect.
In our case we want Spnego for all internal accesses so CAS needs to
stop and does not offer login/password if Spnego fails.
Regards.
Le 14/02/2017 à 15:22, Felix Schumacher a écrit :
> Am 13.02.2017 18:45, schrieb 'Philippe MARASSE' via CAS Commun
:
- casSpnegoNegotiateView.html (first 401 view)
- casSpnegoAuthenticationFailureView.html (auth failure view)
- casSpnegoErrorView.html (all other errors view)
Regards.
Le 13/02/2017 à 18:07, Felix Schumacher a écrit :
>
> Am 13. Februar 2017 17:28:44 MEZ schrieb 'Philippe MARASSE' via CAS Community
>
e user is therefore
> greeted with an empty page.
>
> Is this a bug, or do I have to specify anything to get the first 401
> page have the login page included?
>
> Regards,
> Felix
>
--
Philippe MARASSE
Responsable pôle Infrastructures - DSIO
Centre Hospitalier Henri Laborit
CS 10
ation.PolicyBasedAuthenticationManager] -
>
> 2016-12-13 12:14:20,368 WARN
> [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] -
> find authentication handler that supports [testuser] of type
> [UsernamePasswordCredential], which suggests a configuration problem.>
>
> On Monday, December 12, 2
lal
> wrote:
>
> Hell Philippe,
>
> So how to we can configure the LDAP authentication handler?
>
> Thanks.
>
>
>
> On Monday, December 12, 2016 at 12:01:20 PM UTC+3, Philippe
> MARASSE wrote:
>
> Hello,
>
> No, it's n
t; MFA based on the Ldap handler, that pretty much confirms my theory.
>
>
>
> File an issue either way please. (And since you’re on SNAPSHOT, let’s
> move this to dev)
>
>
>
> --Misagh
>
>
>
> *From:*'Philippe MARASSE' via CAS Community [mailto:cas-user@aper
dler, LdapAuthenticationHandler whe I use login
form, fine.
and successfulAuthenticationHandlers: JcifsSpnegoAuthenticationHandler
with SPNEGO, perfect :-).
but IMHO, bypass configuration option behavior is inverted.
Regards.
--
Philippe MARASSE
Responsable pôle Infrastructures - DSIO
Ce
--Misagh
>
>
> -Original Message-
> From: 'Philippe MARASSE' via CAS Community [mailto:cas-user@apereo.org]
> Sent: Thursday, November 17, 2016 4:37 AM
> To: CAS Community <cas-user@apereo.org>
> Subject: [cas-user] CAS 5.1.0-SNAPSHOT no more mfa-yubikey ??
>
> H
n Monday, August 8, 2016 at 9:42:40 AM UTC-5, Philippe MARASSE wrote:
>
> Folks,
>
> I'm preparing a new CAS service for our organisation (we use CAS
> 3.5 for years now :-) ), my plan is to upgrade to v5 in order to
> use MFA.
>
> I'm using maven ove
Hello,
After disabling spnego, I wanted to test MFA yubikey with CAS
5.1.0-SNAP, unfortunately I get authenticated without MFA :
2016-11-17 11:51:36,559 DEBUG
[org.apereo.cas.web.flow.resolver.impl.RegisteredServiceAuthenticationPolicyProviderResolver]
-
2016-11-17 11:51:36,569 DEBUG
or SWF).
>
> --Misagh
>
> -Original Message-
> From: 'Philippe MARASSE' via CAS Community [mailto:cas-user@apereo.org]
> Sent: Wednesday, November 16, 2016 3:20 AM
> To: CAS Community <cas-user@apereo.org>
> Subject: [cas-user] CAS 5.1.0-SNAPSHOT - SPNEGO broken ?
&g
.
--
Philippe MARASSE
Responsable pôle Infrastructures - DSIO
Centre Hospitalier Henri Laborit
CS 10587 - 370 avenue Jacques Cœur
86021 Poitiers Cedex
Tel : 05.49.44.57.19
--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing
discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/4ee8f8ac-5761-43d7-ade1-ad95b6e11e3f%40apereo.org
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/4ee8f8ac-5761-43d7-ade1-ad95b6e11e3f%40apereo.org?utm_medium=email_source=footer>.
--
Phil
uld be an attractive
> feature to add; to turn on/off mfa levels conditionally based on mode
> of authentication. You’re welcome to file a request.
>
> --
> Misagh
>
> From: Philippe MARASSE <philippe.mara...@ch-poitiers.fr>
> <mailto:philippe.mara...@ch-poitiers
gt; From: Philippe MARASSE <philippe.mara...@ch-poitiers.fr>
> <mailto:philippe.mara...@ch-poitiers.fr>
> Reply: Philippe MARASSE <philippe.mara...@ch-poitiers.fr>
> <mailto:philippe.mara...@ch-poitiers.fr>
> Date: October 5, 2016 at 3:37:18 PM
> To: c
3:19, Misagh Moayyed a écrit :
>
> What exactly do these points mean?
>
>
> If you mean to say, multiple MFA options are assigned to a user, and
> you wish to rank them by weight, that’s already supported.
>
>
> --
> Misagh
>
> From: Philippe
) is instantiated instead of jsonServiceRegistry
found in cas-server-support-json-service-registry module.
Environment is the same as last week (Tomcat 8.5.4 / java 8u101).
Regards.
--
Philippe MARASSE
Responsable pôle Infrastructures - DSIO
Centre Hospitalier Henri Laborit
CS 10587 - 370 avenue Jacques
No idea, really ?
It's mentioned in section MFA of
https://apereo.github.io/cas/4.2.x/planning/Security-Guide.html
but not anymore on v5
https://apereo.github.io/cas/development/planning/Security-Guide.html ??
Regards.
Le 29/09/2016 à 14:43, Philippe MARASSE a écrit :
> Hello,
>
gain access with SPNEGO, and external
users will be requested login/password only for Webmail, and
login/password + MFA for Personal Informations.
Is it already possible with CASv5 ?
I think it will need some development though, in this case, I'll need
directions :-)
Regards.
--
Philippe
/apereo.org/d/msgid/cas-user/etPan.57e567f8.1ae214b4.2e6e%40unicon.net
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/etPan.57e567f8.1ae214b4.2e6e%40unicon.net?utm_medium=email_source=footer>.
> For more options, visit https://groups.google.com/a/apereo.org/d/optout.
--
Phi
(
https://apereo.github.io/cas/development/installation/Configuring-Multifactor-Authentication.html#yubikey
), there's a mention of "id" field, but I didn't find any reference in
my configuration files.
Regards.
Le 16/09/2016 à 16:57, Philippe MARASSE a écrit :
> Hello,
>
> I'm tr
tionExecutor] -
Is login-webflow.xml needing modifications (documentation does not
mention this) ?
Regards.
--
Philippe MARASSE
Responsable pôle Infrastructures - DSIO
Centre Hospitalier Henri Laborit
CS 10587 - 370 avenue Jacques Cœur
86021 Poitiers Cedex
Tel : 05.49.44.57.19
--
You received
Thanks in Advance,
>
>
> --
> You received this message because you are subscribed to the Google
> Groups "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to cas-user+unsubscr...@apereo.org
> <m
the right localized page.
Regards.
--
Philippe MARASSE
Responsable pôle Infrastructures - DSIO
Centre Hospitalier Henri Laborit
CS 10587 - 370 avenue Jacques Cœur
86021 Poitiers Cedex
Tel : 05.49.44.57.19
--
You received this message because you are subscribed to the Google Groups &quo
Sep 14, 2016 at 06:30, Philippe MARASSE
> <philippe.mara...@ch-poitiers.fr> wrote:
>
> Actually, we're testing a few Yubikeys with customized
> cryptographic keys, so public Yubico API's cannot validate our
> tokens. I've set up a local validation server that work
disable a certain API version?
>
>
> --
> Misagh
>
> From: Philippe MARASSE <philippe.mara...@ch-poitiers.fr>
> <mailto:philippe.mara...@ch-poitiers.fr>
> Reply: Philippe MARASSE <philippe.mara...@ch-poitiers.fr>
> <mailto:philippe.mara...@ch-poi
r@apereo.org
> <mailto:cas-user@apereo.org>.
> Visit this group at
> https://groups.google.com/a/apereo.org/group/cas-user/.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/9a92aede-f879-4387-ad16-cdecbfffbd8b%40apereo.org
>
Folks,
Actually, when SPNEGO authentication fails, it's falling back to login
form (wether cas.authn.spnego.send401OnAuthenticationFailure is true or
false).
But in our configuration, on a failure, we need to send a specific view.
How can I achieve that behavior ?
Regards.
--
Philippe MARASSE
Done. #1946
Le 11/08/2016 à 22:27, Misagh Moayyed a écrit :
> Possibly. Could you issue a pull with the updates you have in mind to
> the docs?
>
> --
> Misagh
>
> From: Philippe MARASSE <philippe.mara...@ch-poitiers.fr>
> <mailto:philippe.mara...@ch-poiti
t; <mailto:cas-user@apereo.org>.
> Visit this group at
> https://groups.google.com/a/apereo.org/group/cas-user/.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/df64e990-a4f5-406a-871e-f4a8ea96d289%40apereo.org
> <https://groups.goo
cas.authn.spnego.ipsToCheckPattern=172.+
cas.authn.spnego.send401OnAuthenticationFailure=false
cas.authn.spnego.principalWithDomainName=false
it works...
Is the documentation needing update ?
Regards.
Le 10/08/2016 à 17:42, Philippe MARASSE a écrit :
> Folks,
>
> I'm testing my freshly inst
?
Regards.
--
Philippe MARASSE
Responsable pôle Infrastructures - DSIO
Centre Hospitalier Henri Laborit
CS 10587 - 370 avenue Jacques Cœur
86021 Poitiers Cedex
Tel : 05.49.44.57.19
--
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubs
Done : https://github.com/apereo/cas/issues/1943
Regards.
Le 10/08/2016 à 13:57, Misagh Moayyed a écrit :
>
>
> I don’t think you have. Go ahead and file an issue please.
>
>
> On Wednesday, August 10, 2016 at 4:46:07 AM UTC-7, Philippe MARASSE
> wrote:
>
> BT
roupId}
cas-server-support-json-service-registry
${cas.version}
org.apereo.cas
cas-server-support-saml
${cas.version}
Am I missing something (again :-) ) ?
Regards.
--
Philippe MARASSE
Responsabl
agh Moayyed a écrit :
> Simply put, you should be following the docs here:
> https://github.com/apereo/cas-overlay-template/tree/5.0
>
> There is no “propertyFileConfigurer.xml”.
> Using “deployerConfigContext.xml” is also useless for most if not all
> cases.
>
> --
> Mis
}
runtime
${cas.groupId}
cas-server-support-json-service-registry
${cas.version}
Regards.
--
Philippe MARASSE
Responsable pôle Infrastructures - DSIO
Centre Hospitalier Henri Laborit
CS 10587 - 370 avenue Jacques Cœur
86021 Poitiers
m
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CABjbDXTu2oDXd%2BRjvt%2BXyc4h2sTekoxtH1jveQXCXeYxxqng7w%40mail.gmail.com?utm_medium=email_source=footer>.
> For more options, visit https://groups.google.com/a/apereo.org/d/optout.
--
Philippe MARASSE
Responsable pôle Infrastructures - DSIO
53 matches
Mail list logo