Hi Richard,
Thanks for you answer.
This is my JSON Service
{
*@class: org.apereo.cas.support.saml.services.SamlRegisteredService*
serviceId: ^https://jira.myDomain.com/plugins/servlet/*
name: JIRA-SAMLTest
id: 3032504042888199
description: JIRA SAML Testing
proxyPolicy:
{
@class: org.apereo.cas.services.RefuseRegisteredServiceProxyPolicy
}
evaluationOrder: 1
usernameAttributeProvider:
{
@class: org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider
canonicalizationMode: NONE
encryptUsername: false
}
attributeReleasePolicy:
{
@class: org.apereo.cas.services.ReturnAllAttributeReleasePolicy
principalAttributesRepository:
{
@class:
org.apereo.cas.authentication.principal.DefaultPrincipalAttributesRepository
expiration: 2
timeUnit: HOURS
}
authorizedToReleaseCredentialPassword: false
authorizedToReleaseProxyGrantingTicket: false
excludeDefaultAttributes: false
}
multifactorPolicy:
{
@class:
org.apereo.cas.services.DefaultRegisteredServiceMultifactorPolicy
failureMode: CLOSED
bypassEnabled: false
}
logoutUrl: https://jira.myDomain.com/logout
accessStrategy:
{
@class: org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy
enabled: true
ssoEnabled: true
requireAllAttributes: true
caseInsensitive: false
}
*metadataLocation: /etc/cas/saml/sp/jira-test-metadata.xml*
metadataMaxValidity: 0
metadataSignatureLocation:
signAssertions: false
signResponses: true
encryptAssertions: true
metadataCriteriaRoles: SPSSODescriptor
metadataCriteriaRemoveEmptyEntitiesDescriptors: false
metadataCriteriaRemoveRolelessEntityDescriptors: false
}
I don't know if is correct
El jueves, 29 de junio de 2017, 14:53:14 (UTC+2), richard.frovarp escribió:
>
> On 06/29/2017 04:31 AM, Marco Osorio wrote:
> > Hello everyone,
> > I have managed to configure SAML2 and load the Idp-metadata, which
> > generates it automatically and the sp-metadata generated by the SP
> plugin.
> > I have entered the CAS manager and added the SP, but when I try to
> > authenticate, CAS tells me that the application is not authorized to
> > use cas.
> > I loaded the idp-metadata into the plugin to render the parameters and
> ok.
> >
> > My question is what do I need to be able to authenticate correctly?
>
> Last line of your log file:
>
> <CAS has found a match for service
> [https://jira.myDomain.com/plugins/servlet/samlsso] in registry but the
> match is not defined as a SAML service>
>
> You need to define the service as a SAML 2 service. If you are using the
> manager, change the service type. If you are doing it via direct JSON,
> follow the instructions in the documentation.
>
--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/b61d0532-ccae-451d-a387-e349c2760218%40apereo.org.
