Well, it's more of a company IT requirement rather than a desirable
approach.
I just wanted to find out what are the features that we could miss by not
having CAS running on https.
Is there any place listing the HTTPS ONLY features?
Nevertheless, I'll try to push the option of having it running
Jaume,
cas/logout will end the CAS session. It is up to your application to end its
own session. If tomcat is redirecting on your application logout, then your
application will never know to end the session.
Perhaps your cas client can perform the right steps (end session and redirect
to
Hi!
I have a problem using RegexUriLogoutValve to achieve global logout in a
tomcat server.
I have two applications (app1 and app2) in the same tomcat protected with
org.jasig.cas.client.tomcat.v7.Cas20CasAuthenticator. Single Sign On works
perfect, but I have troubles with logout.
I
Pedro,
Why?
Setting up certificates, even self signed ones, is painless. There is plenty of
documentation (some on CAS site).
Other aspects of CAS, such as proxying, require https.
Ray
On Thu, 2018-10-04 at 04:37 -0700, Pedro Rosas wrote:
Hi all,
I'm currently building a cas-overlay instance
Jaume,
Does the redirect to CAS happen?
If CAS does not terminate the session but your application does (i.e. the valve
works), then when you access your application, it will go to CAS and create a
new session using the previous single sign on.
If this is happening you will see the redirect in
I believe filter mappings are regex expressions.
So with the proper regex I can protect:
/secure/* but exclude a url like:
/secure/notsensitve/*
Thanks,
Bryan
University of Utah
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines:
This might help:
https://apereo.github.io/cas/5.3.x/planning/Security-Guide.html#secure-transport-https
Cheers,
D.
From: Pedro Rosas Silva
Reply: cas-user@apereo.org
Date: October 4, 2018 at 1:44:06 PM
To: cas-user@apereo.org
Subject: Re: [cas-user] Re: CAS 5.2.0 How to configure cas in
Ok. I can use the single sign out request on cas logout, but this is not
what I'm looking for.
I thaught that logoutvalve would do a logout in all applications on same
tomcat, without the need of a single sign out request from cas server.
Am I wrong?
El dj., 4 oct. 2018 19.24, Ray Bon va
Yes, redirection happens and CAS server forgets the logged user
My flow is:
* http://localhost:8080/app1/test.jsp
-> redirects to CAS login
* login in cas server with username and password
-> redirects to /app1/test.jsp, showing my username and a
_const_cas_assertion_
*
no problem. Thanks for quick response
On Wed, Oct 3, 2018 at 6:30 PM Andy Ng wrote:
> Hi Chava,
>
> Ops, guess I misunderstand your question then. Cool that your code
> worked!
>
> Cheers!
> - Andy
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom:
Hi, Currently I've implemented delegated authentication using CAS 5.2.3
with other apps for external IDP logins, i.e ADFS, OKTA etc.. When the
user click on app which is integrated with CAS SSO ,they pass a param
called idp=adfs
and when the user logout from app1 it will go to logout to
Hi Bryan,
I did not used "Java client filter" regex mapping before, so not sure of
the language of the regex needed.
Anyway, I think there is a stackoverflow page that talk about what you
need,
see
Jaume,
If test.jsp requires login and you can access it after app1/logout, I agree
that you are not logged out.
Hi,
I'm using CAS5.3 version and LDAP for user creating and access. My problem
is If a end user want to change their CAS password voluntarily means, how
we do this. Is there any option for that ?
Also end user want to use the Forget password. Please post your reply, If
you have any ideas for
Hi all,
I'm currently building a cas-overlay instance (based on CAS 5.3.3) that
will be deployed to a standalone Tomcat 9 server.
Our production environment will have a load balancer that will offload the
SSL certificates.
Between the load balancer and the Tomcat server communication will be
Hi,
I'm trying to update up custom template and I'm stumbling with param.service
e.g.
in the old version (4.1) as an example
jsp/default/ui/casConfirmView.jsp:
so I could construct a link/use javascript in my template like this:
16 matches
Mail list logo