On Wed, May 06, 2020 at 02:15:39PM -0400, Daniel Fisher wrote:
On Wed, May 6, 2020 at 1:40 PM Baron Fujimoto wrote:
On Tue, May 05, 2020 at 11:42:01PM -0400, Daniel Fisher wrote:
>On Tue, May 5, 2020 at 11:15 PM Baron Fujimoto wrote:
>
>> We're running CAS 5.0.10 under Tomcat 8.5.54 with
Hello,
we have a cas 6.1.5 instance and we are trying the oidc server feature. We
have configured a "hello world" style service for the poc in the service
registry.
So far, when we request the service, we are redirected to the login page.
Once logged in, the oidc attribute release
Hi all,
I'm setting up a SAML2 service and running into unexpected behavior with
the syntax for building the PrincipalID using
the GroovyRegisteredServiceUsernameProvider. Here's what I'm attempting to
do:
[snip]
"requiredNameIdFormat":
"urn:oasis:names:tc:SAML:2.0:nameid-format:persistent",
I configured my 5.2.9 cas instance acting as SAML IDP the same way.
I declared the service with the same json file and I got no problem
connecting, the service (SP) is authorized.
Matthieu
Le mardi 5 mai 2020 13:27:10 UTC+2, Matthieu Marc a écrit :
>
> Hello,
>
> I am using CAS 6.1.6 and I
SOLVED.
I found my problem.
I defined service for the url twice.
The first one for web application, the second one for saml application. It
found the web application first, so denied because it was not a saml
service.
For my dev, I permit all .*.localhost application to use CAS :
"@class" :
Hi all,
I see in the documentation for CAS 5.3 there is a note regarding MS ending
support for their MFA SDK. It seems pretty straight forward with regards to
that explicit implementation: not going to work in 2020. I am
not familiar with the MS program for their Authenticator.
Can you tell me,
Hi Jitendral,
Thank you for your very detailled answer.
I will try to rephrase to make sure I understood well.
1. Open https://ui-domain.com/
2. Click on -> Redirect from https://ui-domain.com/ to
https://cas-domain.com (credential input form)
3. On https://cas-domain.com type user
Hi Marc,
what Jitendral has written sounds correct to me, with one small change. In
my environment the SERVICE_URL is actually the UI-url not the Spring API.
The Spring API is then called with the Service-Ticket to log in and the
Spring API validates the ST against a CAS instance. If everything is
Baron,
I seem to recall a bug in the JVM with some versions that affected ldap
connections. It did not affect us so I really did not pay close attention.
If you recently upgraded your java, you might want to look in to this.
Ray
On Tue, 2020-05-05 at 17:14 -1000, Baron Fujimoto wrote:
Notice:
On Tue, May 05, 2020 at 11:42:01PM -0400, Daniel Fisher wrote:
On Tue, May 5, 2020 at 11:15 PM Baron Fujimoto wrote:
We're running CAS 5.0.10 under Tomcat 8.5.54 with LDAP (389DS) for
authentication and attributes. We were previously using Java 1.0.8_212
successfully. However, I recently
On Wed, May 6, 2020 at 1:40 PM Baron Fujimoto wrote:
> On Tue, May 05, 2020 at 11:42:01PM -0400, Daniel Fisher wrote:
> >On Tue, May 5, 2020 at 11:15 PM Baron Fujimoto wrote:
> >
> >> We're running CAS 5.0.10 under Tomcat 8.5.54 with LDAP (389DS) for
> >> authentication and attributes. We were
Hi Filip,
Thank you again for your answer.
Are your Backend and Frontend on the same domain?
Do you have something like the following:
- https://front.domain.com
- https://api.domain.com
or do you have something more like
- https://domain.com/api
- https://domain.com/front
Hi Marc,
My example is has wrong/non matching PGT values, Please ignore the values.
For clarity.
- In step 4, UI try to generate a PGT using ST from CAS server. CAS server
will return the PGTOU to UI and (PGTID + PGTOU) to call-back(REST API
Server) url.
- In step 5, UI request for a
That JNDI bug affects Java versions 9-13. And doesn't affect CAS unless
you've specifically enabled the JndiProvider. I believe the UnboundID
provider is enabled by default.
--Daniel Fisher
On Wed, May 6, 2020 at 11:48 AM Ray Bon wrote:
> Baron,
>
> I seem to recall a bug in the JVM with some
On Wed, May 06, 2020 at 03:48:46PM +, Ray Bon wrote:
Baron,
I seem to recall a bug in the JVM with some versions that affected ldap
connections. It did not affect us so I really did not pay close attention.
If you recently upgraded your java, you might want to look in to this.
Ray
My
15 matches
Mail list logo
