Re: [cas-user] CAS 5.3.2 - Delegate auth to SAML2 IdP issue - No client found for name: SAML2Client
IMHO, Nebil has a fair point. The pac4j.saml[0].clientName property is in
the 5.2.x doc (line 27 of the SAML section under the Pac4j delegated authn
section) but not the 5.3.x. Being paranoid & cynical, I have to wonder, if
the documentation for 1 property has been removed, what are the odds it's
the only piece of regressed documentation? I have to jump back into CAS
5.3 soon, I need to invest the time into determining how to find all the
config properties in the source code, because of my cynicism.
I give thanks each day for the excellent project & user community feedback,
postings. helps us all, I suspect.
Hopefully, my cynicism will improved over the remainder of today...
-Steve
On Thu, Aug 2, 2018 at 4:23 AM, Nebil Mabrouk
wrote:
>
> Thank you Misagh, it works.
> But this property does not exist in CAS documentation (
> https://apereo.github.io/cas/5.3.x/installation/
> Configuration-Properties.html#saml2).
>
> Nebil
>
>
> On Wed, Aug 1, 2018 at 10:22 PM, Misagh Moayyed
> wrote:
>
>> cas.authn.pac4j.saml[0].clientName=SAML2Client
>>
>> --Misagh
>>
>> --
>>
>> *From: *"Nebil Mabrouk"
>> *To: *"CAS Community"
>> *Sent: *Wednesday, August 1, 2018 1:15:18 PM
>> *Subject: *[cas-user] CAS 5.3.2 - Delegate auth to SAML2 IdP issue - No
>> client found for name: SAML2Client
>>
>> Hello,
>> I followed the tutorial (https://apereo.github.io/2017
>> /03/22/cas51-delauthn-tutorial/) to delegate CAS authentication to an
>> external SAML2 IdP.
>> It works well with CAS 5.2.x, but when I upgraded to CAS 5.3..2, I have
>> the following errors:
>>
>>
>> *==> In the browser I see:*
>> Application Not Authorized to Use CAS
>> The application you attempted to authenticate to is not authorized to use
>> CAS. This usually indicates that the application is not registered with
>> CAS, or its authorization policy defined in its registration record
>> prevents it from leveraging CAS functionality, or it's malformed and
>> unrecognized by CAS. Contact your CAS administrator to learn how you might
>> register and integrate your application with CAS.
>>
>>
>> *==> in the logs: *
>> ERROR [org.apereo.cas.web.flow.DelegatedClientAuthenticationAction] -
>>
>> org.pac4j.core.exception.TechnicalException: No client found for name:
>> SAML2Client
>> at org.pac4j.core.client.Clients.findClient(Clients.java:128)
>> ~[pac4j-core-3.0.1.jar!/:?]
>>
>>
>> I added the following dependency in build.gradle
>>
>> *compile*
>> "org.apereo.cas:cas-server-support-pac4j-webflow:${project.'cas.version'}"
>>
>>
>> *Here are the properties I use:*
>>
>> cas.authn.pac4j.saml[0].keystorePassword=zzz
>> cas.authn.pac4j.saml[0].privateKeyPassword=zzz
>> cas.authn.pac4j.saml[0].serviceProviderEntityId=urn:mace:saml:pac4j.org
>> cas.authn.pac4j.saml[0].serviceProviderMetadataPath=/sp-metadata.xml
>> cas.authn.pac4j.saml[0].keystorePath=/keystore
>> cas.authn.pac4j.saml[0].identityProviderMetadataPath=https://x.oktapreview.com/app/xx/sso/saml/metadata
>>
>>
>> I also added the following service declaration
>>
>> {
>> "@class" : "org.apereo.cas.services.RegexRegisteredService",
>> "serviceId" : "^https://localhost:8446/iam-client-2(\\z|/.*)",
>> "name" : "CAS Client 2",
>> "id" : 3,
>> "description" : "CAS java webapp client",
>> "attributeReleasePolicy" : {
>> "@class" : "org.apereo.cas.services.ReturnMappedAttributeReleasePolicy",
>> "allowedAttributes" : {
>> "@class" : "java.util.TreeMap",
>> "Group" : "role",
>> "FirstName" : "FirstName",
>> "LastName" : "LastName",
>> "Email" : "Email"
>> }
>> }
>> }
>>
>>
>>
>> Have I missed something? please help
>>
>> --
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to cas-user+unsubscr...@apereo.org.
>> To view this discussion on the web visit https://groups.google.com/a/ap
>> ereo.org/d/msgid/cas-user/914dc1d1-a924-46cd-96bc-7556040abd
>> a8%40apereo.org
>>
>> .
>>
>> --
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to cas-user+unsubscr...@apereo.org.
>> To view this discussion on the web visit https://groups.google.com/a/ap
>> ereo.org/d/msgid/cas-user/308092497.6622737.1533154966534.
>> JavaMail.zimbra%40unicon.net
>>
Re: [cas-user] CAS 5.3.2 - Delegate auth to SAML2 IdP issue - No client found for name: SAML2Client
Thank you Misagh, it works.
But this property does not exist in CAS documentation (
https://apereo.github.io/cas/5.3.x/installation/Configuration-Properties.html#saml2
).
Nebil
On Wed, Aug 1, 2018 at 10:22 PM, Misagh Moayyed wrote:
> cas.authn.pac4j.saml[0].clientName=SAML2Client
>
> --Misagh
>
> --
>
> *From: *"Nebil Mabrouk"
> *To: *"CAS Community"
> *Sent: *Wednesday, August 1, 2018 1:15:18 PM
> *Subject: *[cas-user] CAS 5.3.2 - Delegate auth to SAML2 IdP issue - No
> client found for name: SAML2Client
>
> Hello,
> I followed the tutorial (https://apereo.github.io/
> 2017/03/22/cas51-delauthn-tutorial/) to delegate CAS authentication to an
> external SAML2 IdP.
> It works well with CAS 5.2.x, but when I upgraded to CAS 5.3..2, I have
> the following errors:
>
>
> *==> In the browser I see:*
> Application Not Authorized to Use CAS
> The application you attempted to authenticate to is not authorized to use
> CAS. This usually indicates that the application is not registered with
> CAS, or its authorization policy defined in its registration record
> prevents it from leveraging CAS functionality, or it's malformed and
> unrecognized by CAS. Contact your CAS administrator to learn how you might
> register and integrate your application with CAS.
>
>
> *==> in the logs: *
> ERROR [org.apereo.cas.web.flow.DelegatedClientAuthenticationAction] - client found for name: SAML2Client>
> org.pac4j.core.exception.TechnicalException: No client found for name:
> SAML2Client
> at org.pac4j.core.client.Clients.findClient(Clients.java:128)
> ~[pac4j-core-3.0.1.jar!/:?]
>
>
> I added the following dependency in build.gradle
>
> *compile*
> "org.apereo.cas:cas-server-support-pac4j-webflow:${project.'cas.version'}"
>
>
> *Here are the properties I use:*
>
> cas.authn.pac4j.saml[0].keystorePassword=zzz
> cas.authn.pac4j.saml[0].privateKeyPassword=zzz
> cas.authn.pac4j.saml[0].serviceProviderEntityId=urn:mace:saml:pac4j.org
> cas.authn.pac4j.saml[0].serviceProviderMetadataPath=/sp-metadata.xml
> cas.authn.pac4j.saml[0].keystorePath=/keystore
> cas.authn.pac4j.saml[0].identityProviderMetadataPath=https://x.oktapreview.com/app/xx/sso/saml/metadata
>
>
> I also added the following service declaration
>
> {
> "@class" : "org.apereo.cas.services.RegexRegisteredService",
> "serviceId" : "^https://localhost:8446/iam-client-2(\\z|/.*)",
> "name" : "CAS Client 2",
> "id" : 3,
> "description" : "CAS java webapp client",
> "attributeReleasePolicy" : {
> "@class" : "org.apereo.cas.services.ReturnMappedAttributeReleasePolicy",
> "allowedAttributes" : {
> "@class" : "java.util.TreeMap",
> "Group" : "role",
> "FirstName" : "FirstName",
> "LastName" : "LastName",
> "Email" : "Email"
> }
> }
> }
>
>
>
> Have I missed something? please help
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/914dc1d1-a924-46cd-96bc-
> 7556040abda8%40apereo.org
>
> .
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/308092497.6622737.
> 1533154966534.JavaMail.zimbra%40unicon.net
>
> .
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAKnBmdxvQKNFd0PmrnNN2NWWHpWTrLR3TZ9-XX_X8yj80QjdBQ%40mail.gmail.com.
Re: [cas-user] CAS 5.3.2 - Delegate auth to SAML2 IdP issue - No client found for name: SAML2Client
cas.authn.pac4j.saml[0].clientName =SAML2Client
--Misagh
> From: "Nebil Mabrouk"
> To: "CAS Community"
> Sent: Wednesday, August 1, 2018 1:15:18 PM
> Subject: [cas-user] CAS 5.3.2 - Delegate auth to SAML2 IdP issue - No client
> found for name: SAML2Client
> Hello,
> I followed the tutorial
> (https://apereo.github.io/2017/03/22/cas51-delauthn-tutorial/) to delegate CAS
> authentication to an external SAML2 IdP.
> It works well with CAS 5.2.x, but when I upgraded to CAS 5.3..2, I have the
> following errors:
> ==> In the browser I see:
> Application Not Authorized to Use CAS
> The application you attempted to authenticate to is not authorized to use CAS.
> This usually indicates that the application is not registered with CAS, or its
> authorization policy defined in its registration record prevents it from
> leveraging CAS functionality, or it's malformed and unrecognized by CAS.
> Contact your CAS administrator to learn how you might register and integrate
> your application with CAS.
> ==> in the logs:
> ERROR [org.apereo.cas.web.flow.DelegatedClientAuthenticationAction] - client
> found for name: SAML2Client>
> org.pac4j.core.exception.TechnicalException: No client found for name:
> SAML2Client
> at org.pac4j.core.client.Clients.findClient(Clients.java:128)
> ~[pac4j-core-3.0.1.jar!/:?]
> I added the following dependency in build.gradle
> compile "org.apereo.cas:cas-server-support-pac4j-webflow: ${project.
> 'cas.version' } "
> Here are the properties I use:
> cas.authn.pac4j.saml[0].keystorePassword = zzz
> cas.authn.pac4j.saml[0].privateKeyPassword = zzz
> cas.authn.pac4j.saml[0].serviceProviderEntityId = urn:mace:saml:pac4j.org
> cas.authn.pac4j.saml[0].serviceProviderMetadataPath =
> /sp-metadata.xml
> cas.authn.pac4j.saml[0].keystorePath = /keystore
> cas.authn.pac4j.saml[0].identityProviderMetadataPath =
> https://x.oktapreview.com/app/xx/sso/saml/metadata
> I also added the following service declaration
> {
> "@class" : "org.apereo.cas.services.RegexRegisteredService" ,
> "serviceId" : "^https://localhost:8446/iam-client-2( \\ z|/.*)" ,
> "name" : "CAS Client 2" ,
> "id" : 3 ,
> "description" : "CAS java webapp client" ,
> "attributeReleasePolicy" : {
> "@class" : "org.apereo.cas.services.ReturnMappedAttributeReleasePolicy" ,
> "allowedAttributes" : {
> "@class" : "java.util.TreeMap" ,
> "Group" : "role" ,
> "FirstName" : "FirstName" ,
> "LastName" : "LastName" ,
> "Email" : "Email"
> }
> }
> }
> Have I missed something? please help
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups "CAS
> Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email
> to cas-user+unsubscr...@apereo.org .
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/914dc1d1-a924-46cd-96bc-7556040abda8%40apereo.org
> .
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/308092497.6622737.1533154966534.JavaMail.zimbra%40unicon.net.
