[cas-user] CAS 5.2.2 with MFA using Google Authenticator / GAuth

Hello, I'm trying to setup CAS 5.2.2 with Google Authenticator as second auth factor for specified services. CAS is running over LDAP (AD) and GAuth based on mongo. So far everything was great, build succeed, GAuth qrcode appears, user registers and now it's time for TOKEN form. I'm typing all

Re: [cas-user] Mod_Auth_Cas logout issue

Got it Ray. Thanks for clarifying. On Thu, Feb 15, 2018 at 10:56 PM, Ray Bon wrote: > Ramakrishna, > > Your application is responsible for destroying its own session and cookies. > CAS will send a logout request to each service configured to receive it > (on by default). > You

[cas-user] Re: [CAS-5.2.2] Jaas LDAP Authentication Prinicipal Attribute Resolve Issue

I want CAS should resolve the principal as *Soumya_Tripathy *instead of *CN=Soumya Ranjan Tripathy,OU=GEN,OU=Users,OU=XXX,OU=XXX,OU=XXX,DC=ad,DC=XXX,DC=com.,* How can I achieve the same in 5.2.2 version of CAS with Jaas LDAP? On Thursday, February 15, 2018 at 7:59:54 PM UTC+5:30, Soumya

Re: [cas-user] [CAS-5.2.2] Jaas LDAP Authentication Prinicipal Attribute Resolve Issue

I want CAS should resolve the principal as *Soumya_Tripathy *instead of *CN=Soumya Ranjan Tripathy,OU=GEN,OU=Users,OU=XXX,OU=XXX,OU=XXX,DC=ad,DC=XXX,DC=com.,* How can I achieve the same in 5.2.2 version of CAS with Jaas LDAP? On Thursday, February 15, 2018 at 11:19:39 PM UTC+5:30, Manfredo

[cas-user] Overriding Problems with cas.properties

Hello, It is my understanding that cas.properties should override whatever properties are in WEB-INF/classes application.properties. Is this correct? If so, I'm having trouble overriding "cas.authn.accept.users=casuser::Mellon". With a blank value in cas.properties and

[cas-user] [CAS-5.2.2] Jaas LDAP Authentication Prinicipal Attribute Resolve Issue

Hi, Recently we upgraded CAS from 5.1.0 to 5.2.2. With CAS 5.1.0 when I was using JAAS with LDAP it was returning the correct principal. But when with CAS 5.2.0 now I'm getting the principal as Log In Successful You, *CN=Soumya Ranjan

[cas-user] Re: jsp views instead of thymeleaf

Hi psv, I also used to have a bunch of jsp file inside my CAS and needs to update it to thymeleaf. Unfortunately, my final solution is to just go along with thymeleaf, since CAS 5 pretty much already switch over their own view file all from .jsp to .html (thymeleaf) Even if I manage to sneak

[cas-user] Re: cas-management 5.x cas-management.log java.io.IOException: Permission denied

Hi, I was facing the same problem, all write/execute/read rights and ownerships were correct and tomcat could access all mentioned directories but still there was an error on startup. Only one thing worked for me. In cas-management-overlay I've overridded log4j2.xml

Re: [cas-user] Overriding Problems with cas.properties

Kevin, Is the config file being written to /etc/cas1/config? Do you still have the same problem when using /etc/cas/config? Ray On Thu, 2018-02-15 at 07:05 -0800, Kevin Liu wrote: Hello, It is my understanding that cas.properties should override whatever properties are in WEB-INF/classes

[cas-user] CAS 5.2.x SAML IdP Issues

Hey, everyone, I'm trying to get SAML2 authentication working against my CAS server. I've got CAS protocol authentications working just fine, but am struggling getting the SAML IdP configured correctly. I have the following items configured in my main CAS configuration: ## SAML Provider

Re: [cas-user] CAS 5.2.x SAML IdP Issues

Do you have other JSON service definitions in the registry? Anything with a lower evaluation order or a more relaxed regex pattern? --Misagh > From: "vnick" > To: "CAS Community" > Sent: Thursday, February 15, 2018 10:15:40 AM > Subject:

Re: [cas-user] CAS 5.2.x SAML IdP Issues

There are other service definitions in the registry, yes, but none that should overlap with this definition. There are only two other service definitions - one is the OAuth Callback, which is automatically generated by CAS, and the other is one for the server on which CAS is running, which is

Re: [cas-user] Mod_Auth_Cas logout issue

Ramakrishna, Your application is responsible for destroying its own session and cookies. CAS will send a logout request to each service configured to receive it (on by default). You will see this in the CAS logs when the CAS session is terminated: Thu Feb 15 09:25:10 PST

Re: [cas-user] Cannot retrieve user attributes from PHP application behind mod_auth_cas

Thanks dhawes. I'm using the php code to print the values retuned in the header $value) { echo "$name: $value\n"; } ?> I've no issues if I use serviceValidate, but I'm only getting the username, I do not see the rest of the attributes released CASValidateURL

Re: [SOLVED] Re: [cas-user] CAS 5.2.x SAML IdP Issues

Nice. If and when you get to it, turn it into once of these: https://apereo.github.io/cas/development/integration/Configuring-SAML-SP-Integrations.html --Misagh > From: "vnick" > To: "CAS Community" > Cc: "Misagh Moayyed"

Re: [cas-user] CAS google-authenticator removes tables???

Tim, Check your database settings, something along the lines of 'ddlAuto'. It can be set to 'create-drop' which would result in the behaviour you are seeing. Search for JPA options to see what other settings are available. Ray On Thu, 2018-02-15 at 14:51 -0600, Tim Tyler wrote: CAS experts,

[cas-user] CAS google-authenticator removes tables???

CAS experts, We are running CAS 5.2 on Redhat 7. We installed and configured Google Authenticator and got it sort of working with Mariadb. We see the tables and record entries get created and entered into the database when logging in. But when we cntrl-C to restart the CAS service, CAS

Re: [cas-user] [CAS-5.2.2] Jaas LDAP Authentication Prinicipal Attribute Resolve Issue

What would your question be 2018-02-15 11:29 GMT-03:00 Soumya Tripathy : > Hi, > Recently we upgraded CAS from 5.1.0 to 5.2.2. > With CAS 5.1.0 when I was using JAAS with LDAP it was returning the > correct principal. > But when with CAS 5.2.0 now I'm getting the principal

[cas-user] Re: Overriding Problems with cas.properties

Notice that the cas.properties used is the one that it's located at /etc/cas/config (c:/etc/cas/config at windows environments). The script copies your project configuration to that folder before building the web app (target generation). El jueves, 15 de febrero de 2018, 16:05:28 (UTC+1),

Re: [SOLVED] Re: [cas-user] CAS 5.2.x SAML IdP Issues

Cool. Who exactly is the SP in this scenario? --Misagh > From: "vnick" > To: "CAS Community" > Cc: "Misagh Moayyed" > Sent: Thursday, February 15, 2018 10:48:25 AM > Subject: [SOLVED] Re: [cas-user] CAS 5.2.x SAML IdP

[cas-user] Re: Overriding Problems with cas.properties

Yes, sorry I should have made it more clear. All the changes I'm making are to /etc/cas1/config. On Thursday, February 15, 2018 at 12:09:41 PM UTC-6, Oscar del Pozo wrote: > > Notice that the cas.properties used is the one that it's located at > /etc/cas/config (c:/etc/cas/config at windows

[SOLVED] Re: [cas-user] CAS 5.2.x SAML IdP Issues

Well, this put me on the right path - turns out the number of services the log file told me was loading just happened to match what was in the services directory, but the CAS configuration was not pointing at anything but the default location, so it wasn't actually loading my services.

Re: [cas-user] Overriding Problems with cas.properties

Yes the config file is being written to /etc/cas1/config. What's interesting is that some of the other properties are being accepted and some are not. It looks like ones defined already in application.properties are not being overriden. On Thursday, February 15, 2018 at 11:21:43 AM UTC-6,

Re: [SOLVED] Re: [cas-user] CAS 5.2.x SAML IdP Issues

I'm writing a SAML authentication extension for the Guacamole Project (http://guacamole.apache.org). -Nick On Thursday, February 15, 2018 at 1:24:24 PM UTC-5, Misagh Moayyed wrote: > > Cool. Who exactly is the SP in this scenario? > > --Misagh > > -- > > *From:

Re: [cas-user] cas-management 5.x cas-management.log java.io.IOException: Permission denied

Hi Jeremiah*,* I'm also struggling with this issue. Did you developed any working solution ? W dniu czwartek, 8 lutego 2018 18:08:42 UTC+1 użytkownik Jeremiah Schilens napisał: > > Hi Travis, > > > > Thank you for that information. I thought I was overriding the log4j.xml > files by

[cas-user] Re: Delegated authentication issues moving from 5.2.0-RC2 to 5.2.0-RC3-SNAPSHOT

Hello, I'm having the same problem, it seems that the HTTP-POST binding is not supported at all. This is because pac4j creates a redirect action

[cas-user] MultiRowJdbcPersonAttributeDao

Does anyone know where I can the " MultiRowJdbcPersonAttributeDao" dot java file for CAS 5.1.8? If it no longer exists then where is the following code triggered? 2018-02-15 16:21:53,425 DEBUG [org.apereo.services.persondir.support.jdbc.MultiRowJdbcPersonAttributeDao] - 2018-02-15 16:21:53,427

RE: [cas-user] CAS google-authenticator removes tables???

Ray, YES! That fixed that aspect by using create for the value. Except now we are finding that the data entries are now removed on startup though the tables remain. Are we also missing something for startup that cleans. Or should we use update instead of create? Tim *From:*

[cas-user] Values are all ? for MFA-JDBC

Have configured MFA - works great with JSON storage file, but when configuring JDBC, the values are always question marks any ideas? Caused by: java.sql.SQLException: Cannot insert an explicit value into a timestamp column. Use INSERT with a column list to exclude the timestamp column, or

Re: [cas-user] War deployment to external container of choice - Tomcat

I ran into something not working on Tomcat 7. Can't remember if it was the IdP or the management application. Either way I had to go to Tomcat 8.5. Don't think that's the problem here, but you may want to go to 8.5 anyway. On 02/14/2018 11:56 PM, Matthew Hannay wrote: We have the latest

Re: [cas-user] mod_auth_cas environnment variable

On Tue, Feb 13, 2018 at 10:23 AM, Fabio Martelli wrote: > Hi All, is there a way to force mod_auth_cas to put retrieved principal > attributes as env variable instead of headers? We're talking Apache environment variables, right? Do you need anything other than

[cas-user] Re: War deployment to external container of choice - Tomcat

This is useful for modifying the POM to build a war for deployment to a tomcat or other container. https://spring.io/guides/gs/convert-jar-to-war/ --Matt On Thursday, 15 February 2018 15:56:19 UTC+10, Matthew Hannay wrote: > > > We have the latest tomcat 7 servers > > In my POM I have set >

Re: [cas-user] Cannot retrieve user attributes from PHP application behind mod_auth_cas

On Thu, Feb 15, 2018 at 2:51 PM, Mukunthini Jeyakumar wrote: > Thanks dhawes. > > I'm using the php code to print the values retuned in the header > foreach (getallheaders() as $name => $value) { > echo "$name: $value\n"; > } > ?> > > I've no

Re: [cas-user] CAS google-authenticator removes tables???

Tim, Once your tables are created you can change the value to anything and the tables will not be touched. (Try 'none' or 'dummy'.) With create, the tables are created every time but not dropped (on close). update will also work and will leave the tables untouched unless something changes,

Re: [cas-user] Re: Values are all ? for MFA-JDBC

Justin, It may be possible to see the values that will replace the '?'. Perhaps the next few log lines will display the values. The '?' are just there as placeholders. Ray On Thu, 2018-02-15 at 14:13 -0800, Justin Andrews wrote: Here is another portion of the log showing that it knows who I