Re: [cas-user] cas5.1.1 + cas-services-management-overlay

[sesharaju sv]

Hello Jérémie

I think you have missed to configure the cas-management application in
CAS Server services.  Please do add the CAS Management application URL
in your services registry and try log you should be able to login.

Thanks
Seshu

On 27 August 2017 at 22:27, Jérémie Pilette  wrote:
> Hello,
>
> I installed "cas-services-management-overlay".
> When I connect to the url "https://myurl/cas-management;, I have the page
> that indicate :
>
> Application Not Authorized to Use CAS
>
> The services registry of CAS is empty and has no service definitions.
> Applications that wish to authenticate with CAS must explicitly be defined
> in the services registry.
>
>
> Could you help me please ?
>
> ==management.properties==
> # CAS server that management app will authenticate with
> # This server will authenticate for any app (service) and you can login as
> casuser/Mellon
> cas.server.name: https://myurl
> cas.server.prefix: https://myurl/cas
>
> cas.mgmt.adminRoles=ROLE_ADMIN
> cas.mgmt.userPropertiesFile=file:/etc/cas/config/users.properties
>
> # Update this URL to point at server running this management app
> cas.mgmt.serverName=https://myurl
>
> server.context-path=/cas-management
> server.port=443
>
> spring.thymeleaf.mode=HTML
> logging.config=file:/etc/cas/config/log4j2-management.xml
>
> ==cas.properties==
> cas.server.name=https://myurl
> cas.server.prefix=https://myurl/cas
>
> cas.adminPagesSecurity.ip=127\.0\.0\.1
> logging.config=file:/etc/cas/config/log4j2.xml
> # cas.serviceRegistry.config.location: classpath:/services
> cas.authn.accept.users=
>
> Thanks a lot
>
> Jérémie
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/dec52428-deaa-4913-ade8-d730f64edd8b%40apereo.org.



-- 
Venkata S Sadhu (Seshu)
India (Mobile) : +91 7032638062 (WhatsApp)
INDIA

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAABZGc20S4hw7jm1eASneSm51P873uSDZpAHdvU9k6qgg%2B-MGA%40mail.gmail.com.

Re: [cas-user] Re: cas.serviceRegistry.config.location not set Absolute path in Window

[sesharaju sv]

its should be prefix by file:// i think.

that should resolve the issue.

On 1 June 2017 at 11:38, Doan Moon  wrote:
> In CAS 4.2.7, This Issue is simple. I set :
>
> ##
> # JSON Service Registry
> #
> # Directory location where JSON service files may be found.
> tomcat.url=C:/Program Files/Apache Software Foundation/Tomcat 8.5/webapps
> #service.registry.config.location=classpath:services
> #service.registry.config.location=${tomcat.url}/cas-management/WEB-INF/classes/services
> service.registry.config.location=${tomcat.url}/cas/WEB-INF/classes/services
>
> => Then CAS Server and CAS Management will share the same Folder Service in
> Machine.
>
> But CAS 5.0.5 is error ?
>
> Vào 00:31:51 UTC+7 Thứ Năm, ngày 01 tháng 6 năm 2017, Doan Moon đã viết:
>>
>> Hi all !
>>
>> I built successfully CAS Server 5.0.5 and CAS Management 5.0.5 in the same
>> Window Server ( Use Service Register is Json). In file
>> application.properties of CAS manamement, I set
>> cas.serviceRegistry.config.location is Absolute path to folder Services of
>> CAS Server 5.0.5
>>
>> ##
>> # Resource-based (JSON/YAML) Service Registry
>> #
>> tomcat.url=C:/Program Files/Apache Software Foundation/Tomcat
>> 8.5/webapps/cas//WEB-INF/classes/services
>> cas.serviceRegistry.config.location=${tomcat.url}
>>
>> And cas-management.log warning:
>>
>> 2017-06-01 00:08:54,966 WARN
>> [org.apereo.cas.config.JsonServiceRegistryConfiguration] - The location of
>> service definitions class path resource [C:/Program Files/Apache Software
>> Foundation/Tomcat 8.5/webapps/cas//WEB-INF/classes/services] is on the
>> classpath. It is recommended that the location of service definitions be
>> externalized to allow for easier modifications and better sharing of the
>> configuration.
>>
>> How to share Services Register Json between CAS Server and CAS manament ?
>>
>> Help me !
>>
>> Thanks.
>>
> --
> - CAS gitter chatroom: https://gitter.im/apereo/cas
> - CAS mailing list guidelines:
> https://apereo.github.io/cas/Mailing-Lists.html
> - CAS documentation website: https://apereo.github.io/cas
> - CAS project website: https://github.com/apereo/cas
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/865003de-9235-4f82-a07b-26ea55ca749e%40apereo.org.



-- 
Venkata S Sadhu (Seshu)
India (Mobile) : +91 7032638062 (WhatsApp)
INDIA

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAABZGc1zyyrq0Gok7DwPD67a%2BC0RLWtUrZ55VdcTr%3DgP3o%2BG3Q%40mail.gmail.com.

Re: [cas-user] How to Synchronized Configuration Service Registry between CAS server and the services management webapp

[sesharaju sv]

I think we have set the service registry location

cas.serviceRegistry.config.location=classpath:/services

point this property to an external source location and check

Thanks
Seshu


On 31 May 2017 at 07:41, Doan Moon  wrote:
> Hi All !
>
> I'm building CAS Sever (5.0.5) and CAS management webapp (5.0.5) on the same
> machine.
>
> Cas server is : https://localhost:8443/cas => Done ( Like Login, Logout,
> user login with File Authen + LDAP Authen
> Cas management is : https://localhost:8443/cas-management => Done ( Login
> with acc in user-details.properties)
> Cas Client : http://localhost: => Done
>
> I have a question => How to Synchronized Configuration Service Registry
> between CAS server and the services management webapp ?
>
> If i add one file service json to Cas server (5.0.5) :
> \cas\WEB-INF\classes\services
> {
>   "@class" : "org.apereo.cas.services.RegexRegisteredService",
>   "serviceId" : "^https?://.*",
>   "name" : "HTTP",
>   "id" : 1003,
>   "description" : "This service definition authorizes all application urls
> that support HTTP protocols.",
>   "evaluationOrder" : 2
> }
>
> => Then Cas client Login OK
>
> But i add content the same with CAS management webapp (5.0.5): I see 1 file
> service json added to \cas-management\WEB-INF\classes\services
>
> => But Cas Login can't get service json config in CAS management webapp (It
> still got the service Registry from Cas server (5.0.5)  localtion
> \cas\WEB-INF\classes\services
>
> In CAS documentation :
> https://apereo.github.io/cas/5.0.x/installation/Installing-ServicesMgmt-Webapp.html
> have content guide:
>
> Synchronized Configuration
>
> You MUST keep in mind that both applications (the CAS server and the
> services management webapp) share the sameservice registry configuration for
> CAS services.
>
>
> How do i solve this problem ?
>
>
> Thanks.
>
>
> --
> - CAS gitter chatroom: https://gitter.im/apereo/cas
> - CAS mailing list guidelines:
> https://apereo.github.io/cas/Mailing-Lists.html
> - CAS documentation website: https://apereo.github.io/cas
> - CAS project website: https://github.com/apereo/cas
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/ee8cd685-682e-470e-b182-6d1dfa2fabc9%40apereo.org.



-- 
Venkata S Sadhu (Seshu)
India (Mobile) : +91 7032638062 (WhatsApp)
INDIA

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAABZGc0%3DScJ-UABjkskguY1YuijzCVm0uLr-j3dTj5c56XtZyw%40mail.gmail.com.

Re: [cas-user] CAS 5.0.5 Login in CAS Manager

[sesharaju sv]

Hello Marco Osorio,

you have to configure the services in CAS 5.0.5 to authorize the URL
of management application and also you need to configure the user
authorization to allow access the admin pages of the CAS Management
application.

Please check if you have done those 2 task and still you see the same
message do let me know i will help you.

Thanks
Seshu

On 26 May 2017 at 16:07, Marco Osorio  wrote:
>
> Hello everyone,
>
> I have been able to configure CAS 5.0.5 standalone mode with LDAP AD and
> authenticates correctly. There are some CSS and JS errors that do not find
> the correct path, but it is somewhat minor to do the tests.
> Now I'm deploying CAS-MANAGEMENT and booting without any errors, the problem
> is that when I access cas-management, it tells me that the application is
> not authorized to use CAS.
> I wonder, How do I have to authorize the manager to access it. With version
> 4.2.7, I think there is a property, but in the overlay there are none.
>
> Thanks in advance
>
> --
> - CAS gitter chatroom: https://gitter.im/apereo/cas
> - CAS mailing list guidelines:
> https://apereo.github.io/cas/Mailing-Lists.html
> - CAS documentation website: https://apereo.github.io/cas
> - CAS project website: https://github.com/apereo/cas
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/ee73489d-c657-4d00-8e35-9b1275216442%40apereo.org.



-- 
Venkata S Sadhu (Seshu)
India (Mobile) : +91 7032638062 (WhatsApp)
INDIA

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAABZGc3wLbU3-DV%2Bsg36v2uKbz8p81tnxso3hg4r8Q05Or4dLA%40mail.gmail.com.

Re: [cas-user] Error when trying to add new service to CAS

[sesharaju sv]

i m sure i have looked at this error when i was installing the management app.
Please look into the properties file some where you have provide the
user ROLE defined

management.properties file :
=
cas.mgmt.adminRoles=ROLE_ADMIN
cas.mgmt.userPropertiesFile=file:/C:/Users/IBM_ADMIN/Documents/GitHub/cas-config/cas-config/users.properties

IF you look at the above properties (cas.mgmt.adminRoles) it says the
users who is having the ROLE_ADMIN should be able to access the pages.
so, please provide your addition roles which you use in your
environment.

users.properties file :
===
casuser=notused,ROLE_ADMIN
user.0=admin,ROLE_ADMIN

This is how i was able to make it working please check the same and
let me know if you still have any issues.

Thanks
Seshu

On 10 May 2017 at 22:08, bobbintb  wrote:
> I have CAS 5 set up and am trying to add a service to manage with the CAS
> services management app. When doing so I get "An error has occurred while
> attempting to save the service. Please try again later."
> Catalina.out also shows "[org.pac4j.cas.client.CasClient] -  detected -> returning 401>" which I assume is some authorization error. I do
> have the user set to ROLE_ADMIN in the user.properties file though. Any idea
> what is wrong?
>
> --
> - CAS gitter chatroom: https://gitter.im/apereo/cas
> - CAS mailing list guidelines:
> https://apereo.github.io/cas/Mailing-Lists.html
> - CAS documentation website: https://apereo.github.io/cas
> - CAS project website: https://github.com/apereo/cas
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/32c2ee87-f29a-4a27-a81d-acf66d449bad%40apereo.org.



-- 
Venkata S Sadhu (Seshu)
India (Mobile) : +91 7032638062 (WhatsApp)
INDIA

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAABZGc3b4WcWOH0UsiFjSwpDhn%2BA9ehOepMrN9rt3HVsOBg%3DfQ%40mail.gmail.com.

Re: [cas-user] changeing emails

[sesharaju sv]

may be unsubscribe from the mailing-list and subscribe with the
alternate mail server.

Thanks
Seshu

On 26 April 2017 at 04:16, Chris Cheltenham  wrote:
> How does one change their email to get these postings sent to an alternate
> mail server ?
>
>
>
>
>
>
>
> Thank You;
>
>
>
> Chris Cheltenham
>
>
>
> 215-301-6571
>
>
>
>
>
> --
> - CAS gitter chatroom: https://gitter.im/apereo/cas
> - CAS mailing list guidelines:
> https://apereo.github.io/cas/Mailing-Lists.html
> - CAS documentation website: https://apereo.github.io/cas
> - CAS project website: https://github.com/apereo/cas
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/MWHPR17MB12138563B913809FA519DA16C41E0%40MWHPR17MB1213.namprd17.prod.outlook.com.



-- 
Venkata S Sadhu (Seshu)
India (Mobile) : +91 7032638062 (WhatsApp)
INDIA

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAABZGc05Hzesw0wjsfK0c%2Bq76BoJ86DaH4z1w%2BF8Se%3DZErRhiQ%40mail.gmail.com.

[cas-user] Re: Need help for CAS Server (Delegate Facebook authentication) + Spring Security CAS Client

[sesharaju sv]

Below is the error which i m getting now.

2017-03-30 23:23:08,038 DEBUG
[org.apereo.cas.ticket.registry.EhCacheTicketRegistry] -

Re: [cas-user] Cas 5 and implementing ehcache replication

[sesharaju sv]

Ticket encryption is not enabled. Falling back to default behavior

Seems the ticket encryption is not configured.

Can you plz share me the cas.properties file.

Thanks
Seshu

On 17 January 2017 at 03:58, Maxwell, Gary <maxwel...@fortlewis.edu> wrote:
> Hi Seshu,
>
> I turned on Debug and It shows me where it creates the TGT:
>
> DEBUG [org.apereo.cas.ticket.registry.EhCacheTicketRegistry] -  TGT-**5B0wydvh6k-login-test1..edu
>  to the cache org.apereo.cas.ticket.TicketCache to live 7200 seconds and stay 
> idle for 7200 seconds>
>
> However latter on (in abbreviated log) it says it can't find it:
>
> DEBUG [org.apereo.cas.web.support.DefaultCasCookieValueManager] -  cookie value is 
> [TGT-**5B0wydvh6k-login-test1..edu@10.39.2.5@Mozilla/5.0
>  (Windows NT 10.0; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0]>
> TRACE [org.apereo.cas.ticket.registry.EhCacheTicketRegistry] -  encryption is not enabled. Falling back to default behavior>
> DEBUG [org.apereo.cas.ticket.registry.EhCacheTicketRegistry] -  id 
> [TGT-**5B0wydvh6k-login-test1..fortlewis.edu]
>  is found in the registry>
> TRACE [org.apereo.cas.ticket.registry.EhCacheTicketRegistry] -  encryption is not enabled. Falling back to default behavior>
> DEBUG [org.apereo.cas.ticket.registry.EhCacheTicketRegistry] -  id 
> [TGT-**5B0wydvh6k-login-test1..edu]
>  is found in the registry>
> TRACE [org.apereo.cas.ticket.registry.EhCacheTicketRegistry] -  encryption is not enabled. Falling back to default behavior>
> DEBUG [org.apereo.cas.ticket.registry.EhCacheTicketRegistry] -  id 
> [TGT-**5B0wydvh6k-login-test1.X.edu]
>  is found in the registry>
> DEBUG [org.apereo.cas.CentralAuthenticationServiceImpl] -  [TGT-**5B0wydvh6k-login-test1..edu]
>  by type [Ticket] cannot be found in the ticket registry.>
> DEBUG [org.apereo.cas.CentralAuthenticationServiceImpl] -  [TGT-**5B0wydvh6k-login-test1..edu]
>  from registry...>
>
> Any Ideas why????
>
> -Gary
>
> -Original Message-
> From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of sesharaju 
> sv
> Sent: Monday, January 16, 2017 11:34 AM
> To: cas-user@apereo.org
> Subject: Re: [cas-user] Cas 5 and implementing ehcache replication
>
> This would be few reasons behind this issue. Please enable your ehcache 
> logging to debug and you should be able to see what exactly the issues is.
>
> Thanks
> Seshu
>
> On 16 January 2017 at 23:42, Maxwell, Gary <maxwel...@fortlewis.edu> wrote:
>> .We have installed cas 5 along with ehcache replication. When we login
>> to a SSO application the replication works great however when we log
>> into the next SSO application, CAS deletes the existing TGT. CAS then
>> requires the user to re-authenticate. Does anyone know why this would be 
>> happening?
>>
>>
>>
>> Thanks for any insight on this!
>>
>>
>>
>> -Gary
>>
>> --
>> - CAS gitter chatroom: https://gitter.im/apereo/cas
>> - CAS mailing list guidelines:
>> https://apereo.github.io/cas/Mailing-Lists.html
>> - CAS documentation website: https://apereo.github.io/cas
>> - CAS project website: https://github.com/apereo/cas
>> ---
>> You received this message because you are subscribed to the Google
>> Groups "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send
>> an email to cas-user+unsubscr...@apereo.org.
>> To view this discussion on the web visit
>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/016e99eee450407ca0bb6a035d5032fb%40mbx2.fortlewis.edu.
>
>
>
> --
> Venkata S Sadhu
> India (Mobile) : +91 7032638062
> INDIA
>
> --
> - CAS gitter chatroom: https://gitter.im/apereo/cas
> - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
> - CAS documentation website: https://apereo.github.io/cas
> - CAS project website: https://github.com/apereo/cas
> ---
> You received this message because you are subscribed to the Google Groups 
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit 
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAABZGc2v3cFumnBDu%2B7%3DVu0XzJC%2B7cvOGMpzY6OYa7zgtagPvQ%40mail.gmail.com.

[cas-user] Re: Need help with CAS 5.0.0 with PostgreSQL JDBC authentication source

[sesharaju sv]

Me too looking for the same solution (LDAP). Assume its bit related with 
configuration but not sure on the same. 

Thanks 
Seshu

On Friday, January 13, 2017 at 2:14:03 PM UTC+5:30, Michael Zhang wrote:
>
> Me too. Looking for a solution. 
>
> On Thursday, November 17, 2016 at 9:55:13 PM UTC+8, Daniel wrote:
>>
>> I'm getting this error with a new LDAP configuration. Probably unrelated 
>> but I am interested in seeing how this resolves.
>>
>>
>>
>> On Wednesday, November 9, 2016 at 9:39:58 AM UTC-5, mrcasa wrote:
>>>
>>> Hi!
>>>
>>> New to CAS 5 and gradle cas overlay. I'm trying to get authentication 
>>> against postgresql 9.6.1 jdbc working.
>>>
>>> Here what I did,
>>>
>>> * cloned gradle overlay 
>>> https://github.com/apereo/cas-gradle-overlay-template.git
>>> * created keystore
>>> * compiled and started cas.war
>>> * default username/password casuser/Mellon works - 
>>> https://localhost:8443/cas/login
>>>
>>> Updated /etc/cas/config/cas.properties for jdbc source -
>>>
>>> cas.server.name: https://cas.example.org:8443
>>> cas.server.prefix: https://cas.example.org:8443/cas
>>>
>>> endpoints.enabled=true
>>> management.contextPath=/status
>>> cas.adminPagesSecurity.ip=127\.0\.0\.1
>>>
>>> logging.config: file:/etc/cas/config/log4j2.xml
>>> # cas.serviceRegistry.config.location: classpath:/services
>>>
>>> cas.authn.accept.users=
>>>
>>> cas.authn.jdbc.query[0].sql=SELECT password FROM user_table WHERE 
>>> emailaddress=?
>>> cas.authn.jdbc.query[0].healthQuery=SELECT 1 FROM 
>>> INFORMATION_SCHEMA.SYSTEM_USERS
>>> cas.authn.jdbc.query[0].isolateInternalQueries=false
>>> cas.authn.jdbc.query[0].url=jdbc:postgresql://localhost:5432/users
>>> cas.authn.jdbc.query[0].failFast=true
>>> cas.authn.jdbc.query[0].isolationLevelName=ISOLATION_READ_COMMITTED
>>> cas.authn.jdbc.query[0].dialect=org.hibernate.dialect.PostgreSQLDialect
>>> cas.authn.jdbc.query[0].leakThreshold=10
>>> cas.authn.jdbc.query[0].propagationBehaviorName=PROPAGATION_REQUIRED
>>> cas.authn.jdbc.query[0].batchSize=1
>>> cas.authn.jdbc.query[0].user=postgres
>>> cas.authn.jdbc.query[0].ddlAuto=create-drop
>>> cas.authn.jdbc.query[0].maxAgeDays=180
>>> cas.authn.jdbc.query[0].password=postgres
>>> cas.authn.jdbc.query[0].autocommit=false
>>> cas.authn.jdbc.query[0].driverClass=org.postgresql.Driver
>>> cas.authn.jdbc.query[0].idleTimeout=5000
>>> cas.authn.jdbc.query[0].credentialCriteria=
>>> cas.jdbc.showSql=true
>>> cas.jdbc.genDdl=true
>>> spring.jpa.show-sql=true
>>>
>>> cas.authn.jdbc.query[0].passwordEncoder.type=NONE
>>>
>>> ===
>>>
>>> I get invalid credentials and I see in the logs -
>>>
>>> ===
>>> ...
>>> 2016-11-09 20:02:09,380 WARN 
>>> [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - 
>>> >> authentication handler that supports [x...@xxx.com] of type 
>>> [UsernamePasswordCredential], which suggests a configuration problem.>
>>> ...
>>> ...
>>> 2016-11-09 20:02:09,436 ERROR 
>>> [org.apereo.cas.web.flow.AuthenticationExceptionHandler] - >> translate handler errors of the authentication exception 
>>> org.apereo.cas.authentication.AuthenticationException: 0 errors, 0 
>>> successes. Returning UNKNOWN by default...>
>>> ...
>>> 
>>>
>>> I'm sure I have not configured it correctly and would appreciate some 
>>> help
>>>
>>> Thanks!
>>>
>>

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/b59c16a9-dad8-4fa2-a20b-124d4e544e98%40apereo.org.

Re: [cas-user] CAS 3.0 and SAML Version

[sesharaju sv]

you can upgrade to CAS 4.x supports SAML 2.0

On 9 January 2017 at 16:38, Mahantesh Prasad Katti
 wrote:
> Hi All,
>
>
>
> AFAIK, CAS 3.0 supports SAML 1.1.  what are the options in case we want to
> use SAML 2.0?
>
>
>
> Regards,
>
> Prasad
>
> --
> - CAS gitter chatroom: https://gitter.im/apereo/cas
> - CAS mailing list guidelines:
> https://apereo.github.io/cas/Mailing-Lists.html
> - CAS documentation website: https://apereo.github.io/cas
> - CAS project website: https://github.com/apereo/cas
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/83FA22EE27AA7949A5F616D4DD6AF71E195F826B%40INBLRMBX001.INDECOMM.LOCAL.



-- 
Venkata S Sadhu
India (Mobile) : +91 7032638062
INDIA

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAABZGc0Xohan0G28RTO0TMp2Z7Cc6D2i55WCs39T9%2BCq5Q4Q1Q%40mail.gmail.com.

Re: [cas-user] CAS4 flow decode execution error, is this an issue?

[sesharaju sv]

Hello Yan,

 you would have missed some configurations in cas.properties. Please
share properties so that can we can review and let you know the issue.

Thanks
Seshu

On 5 January 2017 at 20:17, Yan Zhou  wrote:
> Hello,
>
> When you submit CAS4 login page, sometimes you got “Decode flow execution
> error”. For a long time, I have been struggling as to why this happens. I
> think we have an answer.
>
>
> This most likely happens in a cluster environment when you have multiple
> active CAS4 servers. They each has a different signing key.  The webflow
> values are encrypted by the CAS server handling request and sent back to CAS
> login form, when form is submitted, the encrypted value comes back to CAS
> server.  Without session affinity, one server can sign the data, but the
> other server won’t decrypt it, because the keys are different.
>
>
>
> That is my theory, do you think that would cause this error?   I did verify
> that when server cannot decrypt data, it results in null value, which causes
> the following exception.
>
>
> 2016-11-23 15:21:01,746 ERROR [org.jasig.cas.util.BinaryCipherExecutor] -
> Unable to correctly extract the Initialization Vector or ciphertext.
>
> org.apache.shiro.crypto.CryptoException: Unable to correctly extract the
> Initialization Vector or ciphertext.
>
> at
> org.apache.shiro.crypto.JcaCipherService.decrypt(JcaCipherService.java:378)
>
> at
> org.jasig.cas.util.BinaryCipherExecutor.decode(BinaryCipherExecutor.java:120)
>
> at
> org.jasig.cas.util.BinaryCipherExecutor.decode(BinaryCipherExecutor.java:42)
>
> at
> org.jasig.cas.web.flow.CasWebflowCipherBean.decrypt(CasWebflowCipherBean.java:58)
>
> at
> org.jasig.spring.webflow.plugin.EncryptedTranscoder.decode(EncryptedTranscoder.java:105)
>
> at
> org.jasig.spring.webflow.plugin.ClientFlowExecutionRepository.getFlowExecution(ClientFlowExecutionRepository.java:90)
>
> at
> org.springframework.webflow.executor.FlowExecutorImpl.resumeExecution(FlowExecutorImpl.java:168)
>
> at
> org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:228)
>
> at
> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:959)
>
> at
> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:893)
>
> at
> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:967)
>
> at
> org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:869)
>
> at javax.servlet.http.HttpServlet.service(Unknown Source)
>
> at
> org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:843)
>
> at javax.servlet.http.HttpServlet.service(Unknown Source)
>
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Unknown
> Source)
>
> at org.apache.catalina.core.ApplicationFilterChain.doFilter(Unknown
> Source)
>
> at org.apache.tomcat.websocket.server.WsFilter.doFilter(Unknown
> Source)
>
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Unknown
> Source)
>
> at org.apache.catalina.core.ApplicationFilterChain.doFilter(Unknown
> Source)
>
> at
> org.jasig.cas.security.ResponseHeadersEnforcementFilter.doFilter(ResponseHeadersEnforcementFilter.java:227)
>
>at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Unknown
> Source)
>
>
>
> at
> org.jasig.cas.security.RequestParameterPolicyEnforcementFilter.doFilter(RequestParameterPolicyEnforcementFilter.java:250)
>
> at
> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344)
>
> at
> org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:261)
>
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Unknown
> Source)
>
> at org.apache.catalina.core.ApplicationFilterChain.doFilter(Unknown
> Source)
>
> at
> org.jasig.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:62)
>
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Unknown
> Source)
>
> at org.apache.catalina.core.ApplicationFilterChain.doFilter(Unknown
> Source)
>
> at
> org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:85)
>
> at
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>
> at
> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344)
>
> at
> org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:261)
>
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Unknown
> Source)
>
> at