[cas-user] AdobeSign SingleLogout Via GET +SAML

Hi all I am intigrating AdobeSign SSO with SMAL, it call the SLO via get method with below parameters: GET SAMLRequest: RelayState: x SigAlg: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 Signature: I got below error: SO is unable to process this request: "500:Internal Server

[cas-user] CAS vs Spring Security PLUS CAS

I'm making a web app for my company for a new product and we've setup a CAS server for authentication. I'm fairly new to Spring in the first place so this has been pretty steep curve all around, but I've finally used the java-cas-client to integrate cas into my app. I wound up doing this

RE: [EXTERNAL SENDER] Re: [cas-user] CAS 6.3.4 Hazelcast 4.1 Issue.

If I had a nickel for every “is it plugged in” I have missed. ;) From: cas-user@apereo.org On Behalf Of Baron Fujimoto Sent: Thursday, July 8, 2021 2:59 PM To: CAS Community Subject: [EXTERNAL SENDER] Re: [cas-user] CAS 6.3.4 Hazelcast 4.1 Issue. Thanks for that clarification of replicated vs

Re: [cas-user] CAS 6.3.4 Hazelcast 4.1 Issue.

Thanks for that clarification of replicated vs distributed. That was helpful. So if I understand correctly, CAS's use of Hazelcast, if distributed but not replicated, means that the loss of a node in a cluster means the remaining nodes may not actually have the desired content from the lost node.

Re: [cas-user] How to return the appropriate Attributes with CAS acting as SAML IdP and SAML SP in the same instance

Jon, You could get all attributes from your IdP and third party IdP on first login. Once cas has established a session (TGC) it no longer attempts to create new user attributes. Two cas servers would mean no sso. Can you remove your IdP and let cas to its work? Ray On Thu, 2021-07-08 at

[cas-user] CAS 6.3.5 bug with SubjectConfirmationNotOnOrAfter ?

Hi All, I've just noticed in 6.3.5 the notonorafter timestamp in the saml subject confirmation is always set to the authentication date. So the saml envelope is valid only on the first login but then sso is not working for saml few seconds after login. I've enabled the notbefore to show the

Re: [cas-user] CAS 6.3.4 Hazelcast 4.1 Issue.

On Wed, Jul 07, 2021 at 02:49:32PM -1000, Baron Fujimoto wrote: > I'm also confused by this. What does distributed mean, if not replicated? I understand "replicated" to mean that each associated instance contains the complete set of cache entries locally. There would be a great deal of

[cas-user] Cannot use AOP in cas-overlay 5.3.14

Hello everyone, I am trying to customize CAS client IP address obtaining process, for example, try get IP address from custom HTTP header "X-IP", if not found then try "X-Forwarded-For", finally use underlying TCP/IP connection address (aka. request.getRemoteAddr()). I extended ClientInfo

[cas-user] RE: CAS 6.3 High CPU on Tomcat

Related, I just got the latest shib-cas-authn plugin working on Shibboleth IDP 4.1.2 so we can delegate authentication to CAS (6.3.5). When I do this and try to authenticate, I see the following log message (45 times) and the response time from CAS is so long that our IDP timesout the seeion.

[cas-user] How to return the appropriate Attributes with CAS acting as SAML IdP and SAML SP in the same instance

Hi there, here is my challenge We can work in two SAML integration ways, by means of CAS.5.2 in the same instance of CAS over Tomcat. - In one way (A), our Identity Provider launches a SSO SAML Request, delegating Authentication in CAS. CAS, in turn, delegates Authentication to