Hi, I'm using CAS to authenticate both with web interface and rest calls.
While trying to configure Surrogate authentication, it works with web interface but it doesn't with rest. e.g. curl -k -X POST \ https://local.host.it:8444/cas/v1/tickets/ \ -H 'Content-Type: application/x-www-form-urlencoded' \ -H 'cache-control: no-cache' \ -d 'token=true&username=myuser&password=mypwd' it works while curl -k -X POST \ https://local.host.it:8444/cas/v1/tickets/ \ -H 'Content-Type: application/x-www-form-urlencoded' \ -H 'cache-control: no-cache' \ -d 'token=true&username=myuser+myprincipal&password=myprincipalpwd' returns 401 (even with url-encoded parameters) with the following log: 2019-12-16 14:34:03,861 ERROR [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <Authentication has failed. Credentials may be incorrect or CAS cannot find authentication handler that supports [UsernamePasswordCredential(username=myuser+myprincipal, source=null)] of type [UsernamePasswordCredential]. Examine the configuration to ensure a method of authentication is defined and analyze CAS logs at DEBUG level to trace the authentication event.> 2019-12-16 14:34:03,862 DEBUG [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <[QueryDatabaseAuthenticationHandler] exception details: [myuser+myprincipal not found with SQL query].> 2019-12-16 14:34:03,862 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN ============================================================= WHO: myuser+myprincipal WHAT: Supplied credentials: [UsernamePasswordCredential(username=myuser+myprincipal, source=null)] ACTION: AUTHENTICATION_FAILED APPLICATION: CAS WHEN: Mon Dec 16 14:34:03 CET 2019 any experience with this? thanks in advance Michele -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/5caedd89-5d5d-4973-aae0-131a53af2817%40apereo.org.