..@apereo.org
---
You received this message because you are subscribed to the Google Groups
"Apereo Announcements" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to announcements+unsubscr...@apereo.org.
--
*- Misagh*
--
- CAS gitter chatroom: ht
group, please contact e...@apereo.org
---
You received this message because you are subscribed to the Google Groups
"Apereo Announcements" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to announcements+unsubscr...@apereo.org.
--
*- Misagh*
--
- Web
Wouldn't step 1 and 2 also be handled using the rest protocol?
On Tue, Aug 27, 2019, 6:48 PM Petr Gašparík - AMI Praha a.s. <
petr.gaspa...@ami.cz> wrote:
> Hi,
> in my proof of concept, I want piece of code (program library) to *log in
> user to CASified application without user's password.*
>
Please see https://apereo.github.io/2019/09/27/numvulndisc/
--
*- Misagh*
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you
This was an obvious mistake; sorry about that. The repo status is restored.
On Thu, Sep 10, 2020 at 6:31 PM randomuser878 wrote:
>
> Greetings
>
> Can not add anything concrete to your observation.
> This looks promising
>
Hello,
> There's a comment that summarized missing features:
> https://github.com/spring-projects/spring-security/issues/5887#issuecomment-627169437
> Is there any development in that direction?
No.
> Should a relevant ticket be submitted somewhere?
No. A relevant pull request can be
might have missed it, so
apologies for the noise beforehand. If you have any other questions or
concerns, please feel free to contact me all the same.
Thank you,
Misagh Moayyed, on behalf of CAS PMC
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List
Hello,
The Open Apereo conference will again be online next year. If you
would like to help shape this conference by being on the planning
committee, please read the invitation below and let Ian Dolphin know.
-- Forwarded message -
From: Ian Dolphin (apereo)
Date: Mon, Oct 19,
Probably not "less custom", but I would either write my own access
strategy or use the one based on aan external groovy script to embed
logic in there.
On Thu, Jan 21, 2021 at 7:54 PM Davide Malacrida
wrote:
>
> Hello everyone,
>
> Lately we have been working on a locally deployed instance of
The ESUP-Portail Consortium and the Apereo Foundation are pleased to
invite you to the eighth edition of the ESUP-Days/Apereo Paris event
that will take place on February 2, 2021. Due to the pandemic
situation, we have no other choice but to go fully online for this
edition. The "good" thing about
Have you tried this with the next patch release?
-- Misagh
On Thu, Apr 29, 2021, 10:49 PM Ray Bon wrote:
> cas-overlay-template
> cas.version=6.3.2
>
> git log -1
>
> commit 995813b85141124952fdc362fefebd3b9dead061 (vendor/6.3)
> Author: Misagh Moayyed
> Date: 2
On Fri, Apr 30, 2021 at 5:28 AM Ray Bon wrote:
>
> It works as expected with cas-overlay-template master. (Details below.)
>
> Any idea what is the hangup?
https://github.com/apereo/cas/pull/5073
Request is missing the content-type.
>
> cas.version=6.4.0-SNAPSHOT
This works too but you didn't
On Thu, Apr 29, 2021 at 2:36 AM Ray Bon wrote:
>
> Setup:
> Given a fresh 6.3 install, I configured Duo MFA integration and have a
> service definition that requires it.
Could you be more specific please? What exact CAS version are you using?
--
- Website: https://apereo.github.io/cas
-
we are using this external Tomcat. Yet
> we still get the logs provided previously, and I don't think we've done
> anything to explicitly enable or disable any internal Tomcat. Where would I
> find information on doing so?
>
> On Thu, Feb 4, 2021 at 9:12 PM Misagh Moayyed
> wrote:
>
Or generate everything manually, if the software can't do it for you, yet.
On Thu, Mar 25, 2021 at 8:26 PM Misagh wrote:
>
> > Can anyone tell me what values are allowed for that parameter?
>
> Not the relevant setting. The setting you want to modify should
> cont
> Can anyone tell me what values are allowed for that parameter?
Not the relevant setting. The setting you want to modify should
control the generation of the certificate; not what algorithms should
be allowed/used during the metadata resolution process.
...and that setting is supported by
> Instructure's Canvas (LMS) oddly links session timeouts to CAS' Ticket
> Expiration Policy. So, as I understand it, with the default Ticket
> Expiration Policy of 2 hours, Canvas sessions are automatically logging out
> users because Instructure chose to tie their Canvas-user session limits
Please see: https://apereo.github.io/2021/02/13/gauthvuln/
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the
> Is it possible if USER-A logs into an ADFS application, and then tries to log
> into a CAS application, CAS can check to see if they are already
> authenticated with ADFS and if so, let them in, SSO-style?
What you likely want to do, as most organizations do, is to make CAS
invisible and a
Your deployment is crashing. That's why you get no logs from CAS. Look
into Tomcat/Catalina logs and you'll find a stacktrace or an
indication of what the problem may be.
On Wed, Oct 20, 2021 at 9:52 AM Vittore Zen wrote:
>
> It was my own conclusion, so
> first I checked files with:
> diff
Please see:
https://apereo.github.io/2021/10/18/restvuln/
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the
On Wed, Nov 24, 2021 at 8:42 PM Rod wrote:
> Thanks Mike!
>
> I was hoping we would have a little more time with this feature.
>
You do. It's not removed.
https://apereo.github.io/cas/6.4.x/integration/Google-Apps-Integration.html
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom:
Yes you can.
-- Misagh
On Tue, Dec 14, 2021, 12:35 AM Pablo Vidaurri wrote:
> We currently have 6.3.7 deployed. I see cas project v6.3.7.2 has the fix
> for the log4j vulnerability (using log4j-core v2.15.0). So what is the
> proper way to upgrade CAS template? Looking at the cas proj
> Is JDK 11 an exact requirement? Or are later versions of the JDK also
> acceptable?
6.4, JDK 16:
https://apereo.github.io/cas/6.4.x/release_notes/RC3.html#jdk-16-compatibility
6.5, JDK 17:
https://apereo.github.io/cas/development/release_notes/RC1.html#jdk-17-compatibility
Also 6.5 now
would be X-Forwarded-For to glean the client address
from the request, assuming the load balancer is configured correctly to
pass that header along.
-- Misagh
On Fri, Mar 11, 2022, 4:54 AM Colin Ryan wrote:
> Folks,
>
> I know there's lots of info on this but I just can't see
Sorry. Didn't realize you are on 6.3.x. Use:
cas.audit.alternate-client-addr-header-name=X-Forwarded-For
On Fri, Mar 11, 2022, 8:40 AM Misagh wrote:
>
>- cas.audit.engine.alternate-client-addr-header-name=
>
>
>-
>
>Request header to use to identi
> If I browse to one of our CAS endpoints (e.g. /cas/login), I see the Strict
> Transport Security response header.
> However, if I browse to an invalid endpoint, e.g. /, I don't see the Strict
> Transport Security response header. This gets flagged in security scans.
Headers are inserted into
Please see: https://apereo.github.io/2023/08/30/groovy-vuln/
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the
Please see https://apereo.github.io/2023/09/14/oauth-vuln/
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the
Come to think of it, I suppose the mustache-backed pages should also
be listed somewhere in the docs. That should help clarify.
On Thu, Oct 12, 2023 at 6:25 PM Misagh wrote:
>
> Yes.
>
> On Thu, Oct 12, 2023 at 6:24 PM atilling wrote:
> >
> > So the user interface views
> But the documents at
> https://apereo.github.io/cas/development/ux/User-Interface-Customization-Views.html
> and the jars still show Thymeleaf
Do you see anything in the list that might be categorized as "CAS
Protocol view and response"? This is mainly talking about something
that produces a
Yes.
On Thu, Oct 12, 2023 at 6:24 PM atilling wrote:
>
> So the user interface views like login, logout, etc are still managed with
> Thymeleaf?
>
> On Thursday, October 12, 2023 at 10:15:09 AM UTC-4 Misagh wrote:
>>
>> > But the documents at
>> > http
pereo/cas-overlay-template is empty
>
> On Friday, May 20, 2022 at 11:18:24 AM UTC-5 Misagh Moayyed wrote:
>>
>> Your question does not make sense. The overlay has never contained
>> "source files". You are looking at the wrong place or operating based
>> on the
Your question does not make sense. The overlay has never contained
"source files". You are looking at the wrong place or operating based
on the wrong assumption.
On Fri, May 20, 2022 at 6:25 PM wrote:
>
> Hi,
> I have just discovered that the GIT repo for "cas-overlay-template" does not
>
you. I triggered the sync job again; the repo should
> be sync'ed again shortly. I'll keep an eye on it to see what might
> fail.
>
> On Fri, May 20, 2022 at 8:44 PM John wrote:
> >
> > I think they are referring to the fact that the 6.4 and 6.5 branch of
> > https://g
It is not an error. If you see this, usually it means the problem is
something or somewhere else and this is not the root cause.
-- Misagh
On Thu, May 26, 2022, 12:10 AM Pablo Vidaurri wrote:
> On occasion I'm seeing a login error with this in my logs:
>
> in state 'xxxCheck' of fl
There is not.
-- Misagh
On Fri, Jul 8, 2022, 8:25 AM JiangYing wrote:
> Hello all, is there an official Single Logout flow diagram in CAS doc? I
> can not find one now.
> like this one
> https://apereo.github.io/cas/6.5.x/images/cas_flow_diagram.png
>
> --
> - Website: htt
See below.
-- Forwarded message -
Dear Apereo Community,
(Please redistribute and share with your project and community.)
Nominations are now open for the Apereo Board of Directors. This year,
four (4) seats are open for Organizational-Member Representatives and
one (1) for
8, 2022 at 8:52 AM Misagh wrote:
>>
>> > Is this intended behaviour? It appears that one has to specify the
>> > bootVersion in order to get the correct version.
>>
>> No, this is a problem for sure. One should never have to specify the
>> boot v
> Is this intended behaviour? It appears that one has to specify the
> bootVersion in order to get the correct version.
No, this is a problem for sure. One should never have to specify the
boot version. Looks like it might be defaulting to the latest boot
version, as opposed to using what is
management committee,
Misagh
P.S. If you are not able to pull up the link or have questions, please
reach out to the PMC or me directly.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl
That is not your bad, if it is as you report it. I am sure I messed
something up. Will look into it a bit later. Thanks for sharing.
On Tue, Aug 16, 2022 at 6:06 PM Nathan Lewan wrote:
>
> sorry, that was not welll written
>
> "I noticed that the gradle.properties file for both cas and
When you validate the ticket, specify "renew=true".
Review this:
https://apereo.github.io/cas/6.5.x/protocol/CAS-Protocol-Specification.html#251-parameters
On Tue, Aug 16, 2022 at 9:30 PM 'Richard Frovarp' via CAS Community
wrote:
>
> Part of the response metadata coming back is if the
ializr,
> and it's happy now. Let me know if you need another set of eyeballs to test
> something, if you end up needing to make a change.
>
> Thanks for all your hard work.
>
> On Tue, Aug 16, 2022, 10:15 AM Misagh wrote:
>>
>> That is not your bad, if it is as you report
Did you mean this?
https://apereo.github.io/cas/6.6.x/installation/Configuring-SAML2-DynamicMetadata-Git.html
On Thu, Dec 22, 2022 at 4:52 AM 'Richard Frovarp' via CAS Community
wrote:
>
> Is it possible to have CAS use two different repos, with one of them
> NOT being services in 6.6? I have a
>
> On 12/22/22 07:50, Misagh wrote:
> > Did you mean this?
> > https://apereo.github.io/cas/6.6.x/installation/Configuring-SAML2-DynamicMetadata-Git.html
> >
> > On Thu, Dec 22, 2022 at 4:52 AM 'Richard Frovarp' via CAS Community
> > wrote:
> >> Is it p
will be anonymized,
aggregated and published accordingly for wider community's review on
the Apereo blog. Details to follow.
Thank you!
On behalf of the CAS project management committee,
Misagh
P.S. If you are not able to pull up the link or have questions, please
reach out to the PMC or me directly
Anonymous requests are not allowed. You need a google account.
On Mon, Dec 5, 2022 at 10:49 PM Ray Bon wrote:
>
> I am being asked to sign in!
>
> Ray
>
> On Mon, 2022-12-05 at 11:23 +0400, Misagh wrote:
>
> Notice: This message was sent from outside the University of
> I have two questions:
>
> 1) I'm unclear on the impact of including the "core" and "webapp"
> dependencies i.e. to I need to the specify them?
No. They are implicitly included.
> 2) In reviewing the gradle.properties file generated by cas-initializ, how to
> I get it to generate the line
project management committee,
Misagh
P.S. If you are not able to pull up the link or have questions, please
reach out to the PMC or me directly.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https
Most likely an oversight.
On Tue, Mar 14, 2023 at 7:56 AM Jammy Sprangus
wrote:
>
> Our calls to the initializr have been failing, and we have found the reason
> to be that the saml idp package no longer is seen as valid by the initializr.
>
> This package is still referenced in the docs
>
Please see https://apereo.github.io/2023/02/20/x509-vuln/
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the
Please see https://apereo.github.io/2023/07/21/oidc-vuln/
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the
>From Apereo Foundation.
-- Forwarded message -
Hi All,
I just wanted to share a free Open Forum Europe presentation today.
Focusing on the EU's Cyber Resilience Act, this session will discuss the
new requirements, guidance for adherence, and perspectives from European
open
OK that’s an easy one. Go ahead and submit a PR if you would please:
http://jasig.github.io/cas/developer/Contributor-Guidelines.html
<http://jasig.github.io/cas/developer/Contributor-Guidelines.html>
- Misagh
> On Dec 1, 2015, at 2:07 PM, Abhijit Gaikwad <agaik...@fit.edu>
eed [1].
A rational database is a database for which a JDBC driver exists such as MYSQL,
etc.
- Misagh
> On Dec 1, 2015, at 12:36 PM, Manfredo Hopp <mhopp.coni...@gmail.com> wrote:
>
> Hi, I was looking for statistics and audit in Cas4.
>
> I would like to gather infor
The stats you are after are only available via a web endpoint. The docs should
explain how to get those endpoints. They are not in a rational DB. You could
get those and put them into a DB of your choice.
- Misagh
> On Dec 1, 2015, at 1:51 PM, Manfredo Hopp <mhopp.coni...@gmail.com&
that confirm that theory, great. Otherwise, we’ll look into it but go
ahead and submit a PR please to the 4.1 branch.
- Misagh
> On Dec 1, 2015, at 3:42 PM, Abhijit Gaikwad <agaik...@fit.edu> wrote:
>
> Misagh,
> Just to confirm since I don’t know the code base very wel
”, then that does not exist in CAS yet. It’s on
the roadmap.
https://wiki.jasig.org/display/CAS/CAS+4.3+Roadmap#CAS4.3Roadmap-AuthenticationPerService
<https://wiki.jasig.org/display/CAS/CAS+4.3+Roadmap#CAS4.3Roadmap-AuthenticationPerService>
- Misagh
> On Dec 1, 2015, at 9:43 AM, Artur
Yes, good catch. The httpclient that proxy callbacks use is different from
the httpclient that SLO uses, where the latter does not use the CAS local
truststore.
Feel free to submit an issue, or better yet, submit a patch.
From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of
At this point, you’re going to have to up the logs to DEBUG and watch what
happens.
From: brues...@gmail.com [mailto:brues...@gmail.com] On Behalf Of John
Bruestle
Sent: Wednesday, January 6, 2016 3:19 PM
To: Dmitriy Kopylenko <dkopyle...@unicon.net>
Cc: Misagh Moayyed <mmoay...@u
The images are for now treated as base images used for testing and
demonstration purposes. We have not begun the work to fully make them
production-ready. If you examine the Dockerfile, that would give an idea
what docker attempts to do upon the build. At this point, the massaging of
the
Study:
http://jasig.github.io/cas/4.1.x/protocol/CAS-Protocol-Specification.html#p3servicevalidate-cas-30
http://jasig.github.io/cas/4.1.x/integration/Attribute-Release.html
From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of jason
Sent: Tuesday, December 22, 2015 11:20 PM
4.1.2: JpaTicketRegistry: No transactional
EntityManager available
The patch Misagh introduced in 4.1.3 caused a different issue once the
backing database connection timed out. I have tracked down what the missing
transactional config was for 4.1.x and added it to the documentation.
The JpaTicketRe
Google turned up:
https://wiki.jasig.org/display/CASUM/Integrating+reCaptcha+with+CAS
https://wiki.jasig.org/display/CAS4UM/JCaptcha
I don’t know if these are the “best” ways to do this but they will give you
an idea.
From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of
Yes, we can skew both. Please do create an issue.
- Misagh
> On Nov 30, 2015, at 6:41 AM, Abhijit Gaikwad <agaik...@fit.edu> wrote:
>
>
> From: Abhijit Gaikwad
> Sent: Tuesday, November 24, 2015 4:39 PM
> To: cas-u...@lists.jasig.org <mailto:cas-u...@lists.jas
No you should not have to use the same transaction manager.
- Misagh
> On Dec 1, 2015, at 8:00 AM, Robert Oschwald <robertoschw...@gmail.com> wrote:
>
>
> As I use the JPA Ticket Registry and the JPA Service Registry in my CAS 4.1.2
> Server, I assume I
Are you using the official java cas client?
From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of Stephen
More
Sent: Monday, January 11, 2016 11:27 AM
To: cas-user@apereo.org
Subject: [cas-user] [ Upgrade 3.5.3 -> 4.1.3 ] INVALID_SERVICE when
parameters are added to url
I
Try setting a static service parameter in your configuration. For SAML it
may be called TARGET.
From: Stephen More [mailto:stephen.m...@gmail.com]
Sent: Tuesday, January 12, 2016 6:21 AM
To: Misagh Moayyed <mmoay...@unicon.net>
Cc: cas-user@apereo.org
Subject: Re: [cas-user] [ Upgrade
Not a client issue. More likely, you’re missing this in your CAS
configuration:
https://jasig.github.io/cas/4.0.x/protocol/SAML-Protocol.html#saml-id-generator
From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of Robert
Sent: Tuesday, January 12, 2016 12:24 PM
To: CAS Community
Everything you described is possible, almost word for word :)
See https://apereo.github.io/cas/4.2.x/installation/X509-Authentication.html
From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of Nick
Couchman
Sent: Wednesday, June 8, 2016 11:54 AM
To: CAS Community
This probably points to some other underlying issue. I have never had to set
that.
You can see the configuration of the demo webapp running on heroku. There is
no reference to that flag.
https://github.com/apereo/cas/blob/heroku-mgmtwebapp/src/main/resources/user-details.properties
From:
http://apereo.github.io/cas/4.0.x/installation/Service-Management.html#registered-services
From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of wael
souissi
Sent: Tuesday, June 7, 2016 5:53 AM
To: CAS Community
Subject: [cas-user] Enable allowedToProxy
Right.
> -Original Message-
> From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of Josep
> Manel Andrés
> Sent: Monday, June 6, 2016 9:05 AM
> To: CAS Community
> Subject: [cas-user] Active/Passive cluster CAS 4.1.x
>
> Hi,
> I am trying to set up a
S),
> >
> > So the default configuration in CAS basically set this up to be a race
> condition to determine if a node is dead or alive.
> >
> > On Thu, Jun 2, 2016 at 9:29 AM Misagh Moayyed <mmoay...@unicon.net
> > <mailto:mmoay...@unicon.net>&g
the development process and the
planning of the final release. Feedback is appreciated.
Misagh
[1] https://github.com/apereo/cas/releases/tag/v5.0.0.M2
[2] https://apereo.github.io/cas/development
[3] https://github.com/apereo/cas/milestones
[4] https://github.com/apereo/cas-overlay-template/tree
Share logs please.
From: Claude Viéville [mailto:claude.vievi...@univ-lille1.fr]
Sent: Monday, June 13, 2016 11:19 AM
To: jasig-cas-user
Cc: cas-user@apereo.org; mmoay...@unicon.net
Subject: Re: [cas-user] JSON Service for CAS Client does not follow success
Does the CAS server produce any logs when it attempts to validate that
ticket? Can you log into any other apps beside the management webapp?
From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of Conan
Malone
Sent: Thursday, May 26, 2016 2:11 AM
To: CAS Community
This is where the configuration falls short a bit where multiple encoders in
the way that you describe are not easily put in place. You're welcome to
file an issue.
In the meantime, you will need to define the bean manually on your own
rather than falling back onto a pre-configured instance.
Thanks for feedback. Should be fixed now.
From: Petr Gašparík - AMI Praha a.s. [mailto:petr.gaspa...@ami.cz]
Sent: Thursday, June 2, 2016 5:10 AM
To: Misagh Moayyed <mmoay...@unicon.net>
Subject: Re: [cas-dev] RE: CAS documentation site maintenance
Hi Misagh,
nice redesign.
I coug
Probably too aggressive of a default, yes, but the UM is in seconds:
# hz.cluster.max.heartbeat.seconds=5
Enable that property and set it to 300.
> -Original Message-
> From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of Tom
> Poage
> Sent: Thursday, June 2, 2016 8:56 AM
No. That would be pointless. Back-channel logout ought to happen
asynchronously and you shouldn't rely on the callback order. Kill the app
session before redirecting to /cas/logout.
--Misagh On Thu, May 26, 2016 at 11:30 PM, Sankalp Sharma <
sankalp.n...@gmail.com [sankalp.n...@gmail.
Back in business: http://apereo.github.io/cas/
From: Misagh Moayyed [mailto:mmoay...@unicon.net]
Sent: Wednesday, June 1, 2016 11:52 AM
To: 'CAS Community' <cas-user@apereo.org>; 'CAS Developer'
<cas-...@apereo.org>
Subject: CAS documentation site maintenance
FYI. We a
c
Le mercredi 22 juin 2016 03:48:43 UTC+2, Misagh Moayyed a écrit :
You wrote L1LdapAuthenticationHandler.java, correct? Can you share it as a
gist, etc?
From: Claude Viéville [mailto:claude@univ-lille1.fr ]
Sent: Monday, June 20, 2016 7:03 AM
To: CAS Community <cas-...@apereo.org &
or CAS Client does not follow success
message of required Handler
Hello Misagh,
Sorry for the delay but I was out of my ofiice these last days.
cas-1.log is the log when the first handler sucesses with "vieville" : in
this case the second handler is not runned by the authentication
[mailto:cas-user@apereo.org] On Behalf Of John
Stevens II
Sent: Tuesday, June 21, 2016 11:09 AM
To: CAS Community <cas-user@apereo.org>
Cc: mmoay...@unicon.net
Subject: Re: [cas-user] Rest API Service Ticket Validation Issue
Misagh,
If the release date for version 5 is far off then I wo
That means:
1. CAS might have some attributes cached already as part of primary
authn.
2. CAS starts to retrieve attributes during a particular validation
event, based on caching rules and if/when configured.
3. When it does, in case there are collisions between what it already
ession is still valid right?
Otherwise you would have to authenticate the user on every call to the
developers API vs just verifying a ticket. Maybe i'm thinking about this the
wrong way?
On Monday, June 20, 2016 at 9:23:38 AM UTC-4, Misagh Moayyed wrote:
Why multiple times? What's the
Yes, define the AuthN handler yourself directly in the file as a bean. This
is something the project is working on to make sure “auto configuration” can
take into account multiple handlers and such.
From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of John
Rellis
Sent:
Find your JSON service file, and change the serviceId pattern to match
anything and everything.
Definitely a bad idea though. Do not recommend it.
From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of Petr
Gašparík - AMI Praha a.s.
Sent: Monday, January 11, 2016 7:24 AM
To:
Your SLO filter is designed to do just that. It grabs onto the request,
examines it and if it considers it an SLO request it will attempt to
terminate the session. It also does nothing with cookies, if I recall. There
are no other flags. I guess what you are trying to do is advise the webapp
CAS supports SAML1.1 and SAML2. The SAML2 support specifically targeted
Google Apps support, but it has been used to integrate with all other
applications. YMMV. CAS 4.3 presently in dev presents support for SAML2 Web
SSO/SLO Browser-POST profile. CAS can also act as a bridge between RPs and
ookies-based webapp (like the
sample provided by UniconLabs
<https://github.com/UniconLabs/cas-sample-java-webapp> ).
It sounds like there is not and I'll have to use one of the compatible
security frameworks like Shiro or Spring Security.
On Monday, January 11, 2016 at 11:13:19 AM UTC-5, Mi
ed accounts. Being
> able
> to invalidate any corresponding CAS sessions would be a plus, especially
> if it
> can be coded (e.g. IIRC when using memcached, one could delete a TGT
> entry through a command line-like interface).
>
> Tom.
>
> > On Jan 15, 2016, at 2:28
ehavior
The SamlService entry in your should point to
samlServiceTicketUniqueIdGenerator instead of serviceTicketUniqueIdGenerator
as it does now. Can you change that and see how it behaves?
Best regards,
--
Carlos.
_
From: "King, Robert" <r...@mun.ca <mailto:
the session on receipt of a SLO message from the
CAS server. Or am I still confused about what is happening?
On Monday, January 11, 2016 at 1:36:34 PM UTC-5, Misagh Moayyed wrote:
No there is. That is the configuration you have. Cookies are not deleted,
yes, but your session is gone which is mos
> again thank you very much for being to active and helpful on the ML.
> I really appreciate that and I hope I am able to give back in code or
> assistance
> to others myself.
[>] Pleasure.
> Understood. The Transformers I understand and they likely are suitable to
> convert the received
As long as your redirect url has the correct service parameter appended to
the login endpoint, CAS will detect the associated theme and will render the
relevant view.
From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of Artur
Stöcklin
Sent: Monday, January 18, 2016 8:39 AM
To:
ed
in order to upgrade your deployment to the new release?
On Tuesday, December 29, 2015 at 12:37:38 AM UTC-5, Misagh Moayyed wrote:
CAS Community,
CAS version 4.2.0 RC1 [1] has been released and should shortly find its way
into Maven central repositories, if not already. This is a release candi
direct to Service Dependent Login Page
Thank you Misagh. How do I get/append the service parameter to de login
endpoint?
Can I ask the spring webflow framework to get the right login endpoint the
user came from?
Can you perhaps provide a short example?
thank you
Am Montag, 18. Januar 2016 18:09:
1 - 100 of 617 matches
Mail list logo