Re: [cas-user] org.pac4j.saml.exceptions.SAMLAuthnInstantException: Authentication issue instant is too old or in the future

2022-07-05 Thread Sean Day 
Hi Filipe,

Unfortunately I did not find a good solution, the two options I have found 
are to keep increasing 
the cas.authn.pac4j.saml[0].maximum-authentication-lifetime setting
or to set below which will force a login each time someone access a service 
via CAS:

cas.authn.pac4j.saml[0].force-auth: true

Regards

Sean


On Tuesday, 5 July 2022 at 11:50:30 UTC+1 frib...@keep.pt wrote:

> Hello Sean,
>
> Have you found something else?
> I'm facing this problem as well.
> The Azure AccessTokenLifetime is set to 90 days (+/- 5 minutes) and my 
> maximumAuthenticationLifetime is set to 7776000. However, 90 days after I 
> set that property, some users are not able to login using CAS. 
> How did you solved it?
>
> Best Regards,
> Filipe
>
> A quarta-feira, 25 de novembro de 2020 à(s) 20:20:22 UTC, Sean Day 
> escreveu:
>
>> Hi Ray,
>>
>> Thanks for the quick response, I have got the users to check the time on 
>> their PC plus I have checked the CAS server and all seem to be in sync. 
>> Also, the users have noticed that if they use a different browser they can 
>> login, I have had users switch from Chrome to Firefox on the same PC and 
>> they can login.
>>
>> I have tried getting them to clear their browser cache but they still 
>> experience the same issue. 
>>
>> I have found some similar issues with Azure AD and pac4j here: 
>> https://groups.google.com/g/pac4j-users/c/G4Cn5j0XDm4 where the user set 
>> the max auth lifetime really high but again was advised this is not a good 
>> idea. I will keep investigating..
>>
>> Thanks
>>
>> Sean
>>
>> On Wednesday, 25 November 2020 at 18:37:43 UTC Ray Bon wrote:
>>
>>> Sean,
>>>
>>> This looks like your clock is incorrect.
>>> Use a tool like samltracer to see what is being passed.
>>>
>>> You do not want to have large lifetime windows on authentication 
>>> responses, to limit replay attacks.
>>>
>>> Ray
>>>
>>> On Wed, 2020-11-25 at 10:15 -0800, Sean Day wrote:
>>>
>>> Notice: This message was sent from outside the University of Victoria 
>>> email system. Please be cautious with links and sensitive information. 
>>>
>>>
>>> Hi, 
>>>
>>> I have CAS 6.2 configured to authenticate against Azure AD, I have some 
>>> users that are getting an error:
>>>
>>> org.pac4j.saml.exceptions.SAMLAuthnInstantException: Authentication 
>>> issue instant is too old or in the future
>>>
>>> It seems to be browser/PC dependent, if they try a different PC it is 
>>> OK, the assertion seems to be very old in some cases (months old). It only 
>>> seems to affect CAS based SAML logins though, authenticating against Azure 
>>> AD directly for O365 for example works as expected.
>>>
>>> I know I can workaround this by increasing the setting but does anyone 
>>> know why I would need to (I already have it set for about 3 months and need 
>>> to increase it further and I am guessing would have to do this again in the 
>>> future if I cannot find the cause.
>>>
>>> Thanks
>>>
>>> Sean
>>>
>>> -- 
>>>
>>> Ray Bon
>>> Programmer Analyst
>>> Development Services, University Systems
>>> 2507218831 <(250)%20721-8831> | CLE 019 | rb...@uvic.ca
>>>
>>> I respectfully acknowledge that my place of work is located within the 
>>> ancestral, traditional and unceded territory of the Songhees, Esquimalt and 
>>> WSÁNEĆ Nations.
>>>
>>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/d3514c66-15e4-4507-95b3-77317e497cd1n%40apereo.org.

Re: [cas-user] org.pac4j.saml.exceptions.SAMLAuthnInstantException: Authentication issue instant is too old or in the future

2020-11-25 Thread Sean Day 
Hi Ray,

Thanks for the quick response, I have got the users to check the time on 
their PC plus I have checked the CAS server and all seem to be in sync. 
Also, the users have noticed that if they use a different browser they can 
login, I have had users switch from Chrome to Firefox on the same PC and 
they can login.

I have tried getting them to clear their browser cache but they still 
experience the same issue. 

I have found some similar issues with Azure AD and pac4j 
here: https://groups.google.com/g/pac4j-users/c/G4Cn5j0XDm4 where the user 
set the max auth lifetime really high but again was advised this is not a 
good idea. I will keep investigating..

Thanks

Sean

On Wednesday, 25 November 2020 at 18:37:43 UTC Ray Bon wrote:

> Sean,
>
> This looks like your clock is incorrect.
> Use a tool like samltracer to see what is being passed.
>
> You do not want to have large lifetime windows on authentication 
> responses, to limit replay attacks.
>
> Ray
>
> On Wed, 2020-11-25 at 10:15 -0800, Sean Day wrote:
>
> Notice: This message was sent from outside the University of Victoria 
> email system. Please be cautious with links and sensitive information. 
>
>
> Hi, 
>
> I have CAS 6.2 configured to authenticate against Azure AD, I have some 
> users that are getting an error:
>
> org.pac4j.saml.exceptions.SAMLAuthnInstantException: Authentication issue 
> instant is too old or in the future
>
> It seems to be browser/PC dependent, if they try a different PC it is OK, 
> the assertion seems to be very old in some cases (months old). It only 
> seems to affect CAS based SAML logins though, authenticating against Azure 
> AD directly for O365 for example works as expected.
>
> I know I can workaround this by increasing the setting but does anyone 
> know why I would need to (I already have it set for about 3 months and need 
> to increase it further and I am guessing would have to do this again in the 
> future if I cannot find the cause.
>
> Thanks
>
> Sean
>
> -- 
>
> Ray Bon
> Programmer Analyst
> Development Services, University Systems
> 2507218831 <(250)%20721-8831> | CLE 019 | rb...@uvic.ca
>
> I respectfully acknowledge that my place of work is located within the 
> ancestral, traditional and unceded territory of the Songhees, Esquimalt and 
> WSÁNEĆ Nations.
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/ecc3f249-1f2b-4d7e-b12d-d0b8795b4269n%40apereo.org.

[cas-user] org.pac4j.saml.exceptions.SAMLAuthnInstantException: Authentication issue instant is too old or in the future

2020-11-25 Thread Sean Day 
Hi,

I have CAS 6.2 configured to authenticate against Azure AD, I have some 
users that are getting an error:

org.pac4j.saml.exceptions.SAMLAuthnInstantException: Authentication issue 
instant is too old or in the future

It seems to be browser/PC dependent, if they try a different PC it is OK, 
the assertion seems to be very old in some cases (months old). It only 
seems to affect CAS based SAML logins though, authenticating against Azure 
AD directly for O365 for example works as expected.

I know I can workaround this by increasing the setting but does anyone know 
why I would need to (I already have it set for about 3 months and need to 
increase it further and I am guessing would have to do this again in the 
future if I cannot find the cause.

Thanks

Sean

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/60e4cb0e-9f3d-4bfd-acae-5144020f745cn%40apereo.org.

[cas-user] Re: Issue with CAS client when using CAS as an SP

2020-01-31 Thread Sean Day 

>
> I replied to the wrong thread, below was meant for this not the OIDC 
> thread..
>

This seems to have been fixed in 6.2.0 RC2, I have not had the error at all 
on 6.2.0 RC2, I then spend a bit of time finding a reliable sequence of 
events that caused the error and found a way to reproduce consistently on 
6.1.2 following a specific series of login/logout requests:

In the same browser window: 
Login to system A.
Login to system B.
Logout System B.
Login to system A.
Logout System A.
Login System B - results in error.

Above resulted in the error on every attempt, I then replaced the 6.1.2 
cas.war file with 6.2.0 RC2 no other changes made to config etc and 
repeated above and did not get the error.

 

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/ea7e5f35-3dfb-4e30-a00b-9fac6ecd483d%40apereo.org.

[cas-user] Re: How to specify redirect_uri for CAS 6 Delegation to Azure AD OIDC

2020-01-29 Thread Sean Day 

This seems to have been fixed in 6.2.0 RC2, I have not had the error at all 
on 6.2.0 RC2, I then spend a bit of time finding a reliable sequence of 
events that caused the error and found a way to reproduce consistently on 
6.1.2 following a specific series of login/logout requests:

In the same browser window: 
Login to system A.
Login to system B.
Logout System B.
Login to system A.
Logout System A.
Login System B - results in error.

Above resulted in the error on every attempt, I then replaced the 6.1.2 
cas.war file with 6.2.0 RC2 no other changes made to config etc and 
repeated above and did not get the error.

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/c1d95dce-c581-46ac-ab8c-287d67b189cd%40apereo.org.

[cas-user] Re: Issue with CAS client when using CAS as an SP

2020-01-23 Thread Sean Day 
I believe I am having the exact same issue, I have the same setup:

CAS 6.1.2 acting as an SP, delegating authentication to Azure AD.

All works fine but I intermittently get an Application is not authorised 
error.

With debug enabled I have the same entries in the error log (works when the 
RelayState is TST... does not work when it is the CAS server address with 
client.

Did you find a solution to this issue?

Thanks

Sean

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/f120b027-a2f0-4a6d-be68-11c5f8a4d5c2%40apereo.org.

[cas-user] Re: 401 page after failed login

2018-09-20 Thread Sean Day 
For reference I have found

Changed from using the ISAP redirector to HttpPlatformHandler and the 
system works so it appears to be a problem with using the ISAP redirector 
or I am missing a config setting that would allow the 401 to be passed back 
to Tomcat/CAS to display the message on the login page.

So I have 2 options, just use Tomcat or use HttpPlatformHandler instead of 
ISAPI redirector but I am curious if anyone else fronts their CAS service 
with IIS and has found this issue?

Sean

>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/c9793829-5a59-4b82-8abb-842572b1a8bd%40apereo.org.

[cas-user] Re: 401 page after failed login

2018-09-19 Thread Sean Day 
OK, after spending way too much time trying to workout what was wrong in my 
CAS config I have found the cause (but not the solution yet).

We have a practice of deploying all web applications on IIS, I therefore 
have IIS sitting in front of CAS using the tomcat ISAPI redirector to pass 
the requests to tomcat.

The 401 error I was seeing is the standard IIS 401 page, checking the IIS 
logs this has a substatus of 5 which means the 401 has come from tomcat.

As a simple test I re-enable port 8080 on Tomcat and tested directly to 
tomcat and the failed logins work as expected with an 'Invalid credentials' 
message displayed on the login page.

I am guessing that IIS is blocking CAS from handling the 401 error in some 
way which I have yet to figure out...




-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/3b0cf494-dc0b-411d-835e-f15463182146%40apereo.org.

[cas-user] 401 page after failed login

2018-09-19 Thread Sean Day 
Hi,

I think I must be missing something simple here. 

If I enter an incorrect username/password on our CAS 5.x server I get a 401 
error page, on our old 3.5 CAS service the login page used to display an 
incorrect password message but would stay on the login screen. 

I have not managed to find any pointers on how to control this, I am 
guessing it is to do with the login-webflow.xml file but have no idea what 
I need to change?

Is this default behaviour or do I have a bigger problem in my config that 
is causing this?

Thanks

Sean

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/23da5f76-4599-4251-9877-b883a02642c9%40apereo.org.

Re: [cas-user] CAS build stuck

2018-09-17 Thread Sean Day 
OK, back at the desk now so have extracted the relevant sections from my 
build documentation. Screenshots are missing but the text should provide 
enough detail (if not too much ;-).

I doubt it is 100% correct as I stumbled though it myself, also the exact 
same config failed with 5.3.0 but was OK with 5.3.2 and 5.2.3 so seems 
there was a bug added then fixed (or my config just did not work with that 
build). Hopefully this will help you/someone and maybe if someone who knows 
better spots some mistakes in my config I can learn some more also ;-)


*Configure ADFS*

The CAS Service will be configured to redirect to ADFS before CAS can be 
setup to do this the Relying Party needs to be setup on the ADFS server.

Login to the ADFS server and launch “AD FS Management”

Expand the tree to “Relying Party Trusts”.
Right click on “Relying Party Trusts” and select “Add Relying Party Trust..”
Click the “Start” button:
Select “Enter the data about the relying party manually” Then click Next.
Enter a Display Name and Notes then click “Next”.
On the “Choose Profile” section leave as AD FS Profile and click “Next”.
Click “Next” on the “Configure Certificate” screen.
Click “Next” on the “Configure URL” page.
On the “Configure Identifiers” page enter a unique identifier e.g. 
urn:cas-svr.domain.com for the CAS service and click “Add” then “Next”.
Leave the Multi-factor authentication as “I do not want to configure..” and 
click “Next”:
On the “Choose Issuance Authorization Rules” page leave it as “Permit all 
users to access this relying party” and click “Next”.
Click “Next” on the “Ready to Add Trust” page
Click “Close”.
Double click on the new Relying Party entry and select the “Endpoints” tab.
Click on “Add WS-Federation..".
Populate with the CAS login URL for your CAS server e.g. 
https://cas-svr.domain.com/cas/login.
Click “OK” then “OK” again to close the properties window.
Right click on the CAS Relying Party and select “Edit Claim Rules”.
Click “Add Rule” on the "Issuance Transform Rules" screen.
Select “Send LDAP  Attributes as Claims” and click “Next”.
Complete the “Configure Claim Rule” page as required, my settings were 
"LDAP Attribute"= "SAM-Account-Name" mapped to "Outgoing Claim Type"="UPN".
Click "finish".

*Export the Token-signing Certificate*
CAS will need to have access to the ADFS Token-signing certificate, export 
this from "AD FS Manager" and store it on the CAS server for later use.

*CAS Maven pom.xml*
Edit the Maven pom.xml, find the section below and add the lines in Green:


  org.apereo.cas
cas-server-webapp${app.server}
${cas.version}
war
runtime

  

org.apereo.cas
cas-server-support-json-service-registry
${cas.version}


org.apereo.cas
cas-server-support-wsfederation-webflow
${cas.version}

 


Save the pom.xml file.

*ADFS token-signing certificate*

Now open the etc/cas/config folder and copy the ADFS token-signing 
certificate file to this folder (File in this example is 
"my-adfs-token-signing.cer").

*CAS ADFS settings*
Edit the cas.properties file in this folder and add the contents below:

# Logout settings if required uncomment below and change the 
cas.slo.disabled setting
#cas.logout.redirectUrl=https://adfs-svr.domain.com/adfs/ls/?wa=wsignin1.0=urn:cas:cas-svr.domain.com
cas.slo.disabled=true
#cas.logout.followServiceRedirects=true

# ADFS Note http on the "identityProviderIdentifier" this is not a mistake..
cas.authn.wsfed[0].identityProviderUrl=https://adfs-svr.domain.com/adfs/ls/
cas.authn.wsfed[0].identityProviderIdentifier=http://adfs-svr.domain.com/adfs/services/trust
cas.authn.wsfed[0].relyingPartyIdentifier=urn:cas:cas-svr.domain.com
cas.authn.wsfed[0].attributesType=WSFED
cas.authn.wsfed[0].signingCertificateResources=file:///etc/cas/config/my-adfs-token-signing.cer
cas.authn.wsfed[0].tolerance=1
cas.authn.wsfed[0].identityAttribute=upn
cas.authn.wsfed[0].attributeResolverEnabled=true
cas.authn.wsfed[0].autoRedirect=true
# cas.authn.wsfed[0].name=

# cas.authn.wsfed[0].principal.principalAttribute=
# cas.authn.wsfed[0].principal.returnNull=false

# Private/Public keypair used to decrypt assertions, if any.
# cas.authn.wsfed[0].encryptionPrivateKey=classpath:private.key
# cas.authn.wsfed[0].encryptionCertificate=classpath:certificate.crt
# cas.authn.wsfed[0].encryptionPrivateKeyPassword=NONE

Build and deploy CAS.
Make sure the configuration is copied by running “build copy” or manually 
copying the files to the correct location.
Run the Package command to generate the .war file “build package”:



-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion

Re: [cas-user] CAS build stuck

2018-09-16 Thread Sean Day 
Do you mean delegated authentication with the login being passed off to 
ADFS? 

If so I can post the steps I used to get this working, it was a lot easier 
than I was expecting.

On Friday, 14 September 2018 20:05:30 UTC+1, Zach Tackett wrote:
>
> That did it for me! Thank you so much. The login page came up, now I just 
> have to figure out how to get it to work with ADFS so that it will redirect 
> to the college login page.
>
> On Friday, September 14, 2018 at 2:49:41 PM UTC-4, Matthew Uribe wrote:
>>
>> Have you had a chance to look through David Curry's guide? It's thorough 
>> and well laid out, and should get you on the road to successfully setting 
>> up CAS.
>>
>>
>> https://dacurry-tns.github.io/deploying-apereo-cas/introduction_overview.html
>>
>>
>> [image: Aims Community College Top Work Places 2018 - The Denver Post] 
>> Matt Uribe
>> Programmer Analyst II
>> Information Technology
>> Aims Community College
>> 970.339.6375
>> matthe...@aims.edu
>> 5401 W. 20th Street 
>> 
>> Greeley, CO, 80634 
>> 
>> www.aims.edu
>> 
>>
>>
>> *IT staff will never ask you for your username and password. *
>>
>>
>> *Always decline to provide the information and report such attempts to the 
>> Help Desk (x6380).*
>>
>>
>> On Fri, Sep 14, 2018 at 12:35 PM, Zach Tackett  
>> wrote:
>>
>>> I am completely new to CAS, server side management. New job, boss asked 
>>> me to setup CAS on a CentOS 7 server
>>>
>>> Installed Java8, tomcat, cloned down the cas-overlay-template (maven)
>>>
>>> I am getting stuck at this point. I have went back into the logs and set 
>>> the values it is issuing warnings on, and it still comes up with the 
>>> warnings for the signing and encryption keys. All of the documentation I 
>>> have been able to find and understand is old, or useless
>>>
>>> [INFO] Scanning for projects...
>>> [INFO] 
>>> [INFO] Using the MultiThreadedBuilder implementation with a thread count 
>>> of 5
>>> [INFO] 
>>> [INFO] 
>>> 
>>> [INFO] Building cas-overlay 1.0
>>> [INFO] 
>>> 
>>> [INFO] 
>>> [INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ cas-overlay ---
>>> [INFO] Deleting /home/entapps/cas-overlay-template/target
>>> [INFO] 
>>> [INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ 
>>> cas-overlay ---
>>> [INFO] Using 'UTF-8' encoding to copy filtered resources.
>>> [INFO] skip non existing resourceDirectory 
>>> /home/entapps/cas-overlay-template/src/main/resources
>>> [INFO] 
>>> [INFO] --- maven-compiler-plugin:3.3:compile (default-compile) @ 
>>> cas-overlay ---
>>> [INFO] No sources to compile
>>> [INFO] 
>>> [INFO] --- maven-resources-plugin:2.6:testResources 
>>> (default-testResources) @ cas-overlay ---
>>> [INFO] Using 'UTF-8' encoding to copy filtered resources.
>>> [INFO] skip non existing resourceDirectory 
>>> /home/entapps/cas-overlay-template/src/test/resources
>>> [INFO] 
>>> [INFO] --- maven-compiler-plugin:3.3:testCompile (default-testCompile) @ 
>>> cas-overlay ---
>>> [INFO] No sources to compile
>>> [INFO] 
>>> [INFO] --- maven-surefire-plugin:2.12.4:test (default-test) @ 
>>> cas-overlay ---
>>> [INFO] No tests to run.
>>> [INFO] 
>>> [INFO] --- maven-war-plugin:2.6:war (default-war) @ cas-overlay ---
>>> [INFO] Packaging webapp
>>> [INFO] Assembling webapp [cas-overlay] in 
>>> [/home/entapps/cas-overlay-template/target/cas]
>>> [info] Copying manifest...
>>> [INFO] Processing war project
>>> [INFO] Processing overlay [ id org.apereo.cas:cas-server-webapp-tomcat]
>>> [INFO] Webapp assembled in [1278 msecs]
>>> [INFO] Building war: /home/entapps/cas-overlay-template/target/cas.war
>>> [INFO] 
>>> [INFO] --- spring-boot-maven-plugin:1.5.12.RELEASE:repackage (default) @ 
>>> cas-overlay ---
>>> [INFO] Layout: WAR
>>> [INFO] 
>>> 
>>> [INFO] BUILD SUCCESS
>>> [INFO] 
>>> 
>>> [INFO] Total time: 7.112 s (Wall Clock)
>>> [INFO] Finished at: 2018-09-14T14:28:55-04:00
>>> [INFO] Final Memory: 13M/39M
>>> [INFO] 
>>> 
>>>
>>>__     _     __  
>>>   / /  / ___|/ \/ ___|  \ \ 
>>>  | |  | |   / _ \   \___ \   | |
>>>  | |  | |___   / ___ \   ___) |  | |
>>>  | |   \| /_/   \_\ |/   | |
>>>   \_\   /_/ 
>>>
>>> CAS Version: 5.2.6
>>> CAS Commit Id: f5118fffa39b90da780500631d1dffcc296bbc08
>>> CAS Build Date/Time: 2018-09-14T18:28:54Z
>>> Spring Boot Version: 1.5.12.RELEASE
>>> 
>>> Java Home: 
>>>

[cas-user] Re: CAS 5.3 ADFS Delegated login

2018-08-06 Thread Sean Day 
Have built this project now using the same settings with maven 3.5.4 and 
CAS 5.3.2 and it now works, I suspect it is the change to CAS 3.5.2 rather 
than the maven update (previously I was using maven 3.5.0).



On Wednesday, 18 July 2018 16:59:27 UTC+1, Sean Day wrote:
>
> OK, so I used exactly the same config but changed the dependency/version 
> to CAS 5.2.3 and this works fine, changing back to 5.3.0 and it no longer 
> works.
>
> Either this is an issue with 5.3.0 or I am missing a new/changed setting?
>
>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/86be24f8-ccfa-4127-a39f-4a20b20e6dd6%40apereo.org.