Hi,
I would like to have a Demo of installation and configuration of
Apache-tomcat8.0.8 and CAS Server 3.5.2 with CAS-ify applications web
(php, java, c#, asp, ...) and LDAP.
thank
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change
Hello,
Any help? I still can't get it working.
Thanks,
Michael
From: Todorovic, Michael
Sent: 06 August 2014 16:39
To: cas-user@lists.jasig.org
Subject: [cas-user] Getting attributes from AD with CAS 4
Hello,
I configured CAS 4 with my Active Directory servers and authentication works
great.
Yes, it would ease patching. I'm finding getting a uPortal 4.0 release
squared away jumping from a Java CAS Client 3.2 version to 3.3.2 to be
substantially unpleasant.
Ok. Here's the catch. Some of the integration modules,
cas-client-integration-atlassian comes to mind, have dependencies in
This apparently happens because we don't believe we have access to the
TARGET to validate:
https://github.com/Jasig/cas/blob/master/cas-server-support-saml/src/main/java/org/jasig/cas/support/saml/authentication/principal/SamlService.java#L96
Thanks for investigating. Agree that appears wrong
Okay. So, a cas-client-core-3.2.1.1 that
1) Fixes cas-client-core , and
2) drops whatever integration modules cannot be built
? And then many folks can bop to 3.2.1.1, ignore the missing integration
modules they aren't using anyway, and be happy. And folks who are using
those modules can
Using CAS 3.5.2
I have multiple Authentication Handlers each with their own ContextSource as
well.
What I would like it to do is this.
UserA exist in ldapA and LdapB But with different passwords.
The multiple Auth handlers are working fine... If UserA logs in with ldapA
password it works
Hi John
Thanks for your reply:
I have the following - is this not sufficient to invoke the forms
authentication?
system.web
!-- Other system.web elements here --
httpModules
add name=DotNetCasClient
type=DotNetCasClient.CasAuthenticationModule,DotNetCasClient /
!-- Other modules
This makes sense to me, Andrew. Anybody on 3.2.x should be able to upgrade
with a drop-in Jar and if we can manage that with a 3.2.1.1 release that all
the better.
From: Andrew Petro [mailto:apetro.li...@gmail.com]
Sent: Tuesday, August 12, 2014 8:33 AM
To: cas-user@lists.jasig.org
Subject:
Don’t think you can unfortunately. At least not without forking the authn
manager and letting it go through completely.
-Original Message-
From: Aaron [mailto:aaron.e...@sungardhe.com]
Sent: Tuesday, August 12, 2014 9:22 AM
To: cas-user@lists.jasig.org
Subject: [cas-user] CAS
No, that simply states how to authenticate a user.
You'll need something like:
authorization
deny users=?/
/authorization
Here's a pretty good tutorial on how to set this and other cases up,
Here is my deployerConfigContext.xml for reference...
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user?xml version=1.0 encoding=UTF-8?
!--
Attached is a FastBind handler with the fix applied.
Also attached is an exert of a modified BindLdap handler. (sorry don't
have the full thing in front of me.) You'll need to pull the appropriate
version from github and make the change to the exception handler.
In either case, just add the file
Hi John,
Thanks - that actually helped. Not on its own though. I had, at the
site-level, disabled the anonymous authentication. I changed that to enabled
and added the following to web.config in the system.web section:
authorizationdeny users=?/ /authorization
I restarted the server and
What about using PolicyBasedAuthenticationManager
would this work? If so does anyone have an example
https://github.com/Jasig/cas/wiki/Configuring-Authentication-Components
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings
Aaron,
that is a v4 component and I do not believe it will work with CAS 3.5.x line.
Best,
Dmitriy.
On Aug 12, 2014, at 2:17 PM, Aaron aaron.e...@sungardhe.com wrote:
What about using PolicyBasedAuthenticationManager
would this work? If so does anyone have an example
This set of transitive dependency exclusions *might* allow bumping from
Java CAS Client 3.2.1 to 3.3.2:
https://github.com/Jasig/uPortal/pull/404
I'm concerned about potentially losing Tomcat 6 support (needs testing?)
and about how fragile this solution may be. Still feeling like a bump to a
That exclusion list is alarming. Not that this is great solution, but I
wonder if most of those would be excluded automatically by excluding the
SAML jar.
Nonetheless we should definitely look at the effort involved in a 3.2.1.1
release as we want to maximize the number of people who upgrade.
Can someone explain to me how #2 is not a CAS *server* issue?
There weren't any examples given.
For #1, I can see how if you are running CAS open to all services you could
trick someone into using the wrong service.
However, for #2, I have a hard time seeing how the server would allow you to
However, for #2, I have a hard time seeing how the server would allow you to
request a ticket for A and then use it for B.
Both attacks are really the same with different origins. While it's
not appropriate to provide an attack sequence here, I encourage you to
continue thinking about this
The .NET CAS client doesn't release attributes via the header (like Shib
SP does). Check out
http://jasig.275507.n4.nabble.com/Is-there-a-NET-Client-equivalent-to-phpCAS-getAttributes-td4169188.html
On 8/12/14, 11:02 AM, Haer, Neelam wrote:
Hi John,
Thanks - that actually helped. Not on its
Thanks John, you have been most helpful. Unfortunately, the code posted is
like french to me - what language is it written in ? Is that VB.NET?
Thanks
From: John Gasper [jgas...@unicon.net]
Sent: August-12-14 1:46 PM
To: cas-user@lists.jasig.org
Subject: Re:
21 matches
Mail list logo
