Hi, The encryption of the TGC makes it too long for a Memcached key: do you really need it? Thanks. Best regards, Jérôme
On Mon, Dec 18, 2017 at 9:58 AM, casuser <fazlarabby043...@gmail.com> wrote: > > > *This is my cas.properties, *# cas.tgc.path= > cas.tgc.maxAge=-1 > # cas.tgc.domain= > cas.tgc.signingKey=***************************************** > ************************************************** > cas.tgc.name=TGC > cas.tgc.encryptionKey=************************************** > ***************************************************** > cas.tgc.secure=false > cas.tgc.rememberMeMaxAge=1350000 > > cas.tgc.cipherEnabled=true > > cas.webflow.signing.key=************************************ > ******************************************************* > cas.webflow.signing.keySize=512 > > > cas.webflow.encryption.keySize=16 > cas.webflow.encryption.key=********************************* > ********************************************************** > cas.webflow.crypto.signing.key=************************** > ***************************************************************** > cas.webflow.crypto.encryption.key=************************** > ***************************************************************** > #cas.webflow.crypto.enabled=false > cas.webflow.crypto.signing.keySize=512 > cas.webflow.crypto.encryption.keySize=16 > #cas.webflow.crypto.alg=AES > > cas.tgc.crypto.signing.key=********************************* > ********************************************************** > cas.tgc.crypto.encryption.key=****************************** > ************************************************************* > > > # Service Registry > cas.serviceRegistry.watcherEnabled=true > cas.serviceRegistry.repeatInterval=120000 > cas.serviceRegistry.startDelay=15000 > cas.serviceRegistry.initFromJson=true > cas.serviceRegistry.config.location=file:/etc/cas/config/services > > cas.ticket.tgt.onlyTrackMostRecentSession=true > cas.ticket.tgt.maxLength=50 > cas.monitor.tgt.warn.threshold=10 > cas.monitor.tgt.warn.evictionThreshold=0 > # > # #remember me in seconds > # # Set to a negative value to never expire tickets > cas.ticket.tgt.maxTimeToLiveInSeconds=135000 > cas.ticket.tgt.timeToKillInSeconds=7200 > cas.ticket.tgt.rememberMe.enabled=true > cas.ticket.tgt.rememberMe.timeToKillInSeconds=135000 > cas.web.flow.GenericSuccessViewAction=*********************************** > ******************************************************** > cas.ticket.tgt.timeout.maxTimeToLiveInSeconds=135000 > > ## > #Throttled Timeout > ## > cas.ticket.tgt.throttledTimeout.timeToKillInSeconds=28800 > cas.ticket.tgt.throttledTimeout.timeInBetweenUsesInSeconds=5 > cas.ticket.tgt.hardTimeout.timeToKillInSeconds=28800 > > > cas.monitor.st.warn.threshold=10 > cas.monitor.st.warn.evictionThreshold=0 > > cas.ticket.st.maxLength=20 > > cas.ticket.st.numberOfUses=1 > cas.ticket.st.timeToKillInSeconds=180 > > cas.ticket.crypto.enabled=true > cas.ticket.crypto.signing.key=****************************** > ************************************************************* > cas.ticket.crypto.encryption.key=************************** > ***************************************************************** > > I am getting an error in the catalina "java.lang.IllegalArgumentException: > Key is too long (maxlen = 250)". How can I solve this? > > *This is the log:* > > > 2017-12-18 15:12:50,962 DEBUG > [org.apereo.cas.util.cipher.BaseStringCipherExecutor] > - <Creating encryption key instance based on provided secret key> > 2017-12-18 15:12:50,962 DEBUG > [org.apereo.cas.util.cipher.BaseStringCipherExecutor] > - <Initialized cipher encryption sequence via content encryption > [A128CBC-HS256] and algorithm [dir]> > 2017-12-18 15:12:50,963 DEBUG > [org.apereo.cas.util.cipher.BaseStringCipherExecutor] > - <Located signing key to use for [CAS Protocol Tickets]> > 2017-12-18 15:12:50,963 DEBUG > [org.apereo.cas.util.cipher.AbstractCipherExecutor] > - <Created signing key instance [AesKey] based on provided secret key> > 2017-12-18 15:12:50,964 DEBUG [org.apereo.cas.util.EncodingUtils] - > <Encrypting via [A128CBC-HS256]> > 2017-12-18 15:12:50,964 DEBUG [org.apereo.cas.ticket.factory. > DefaultTicketGrantingTicketFactory] - <Encoded ticket-granting ticket id > [*********************************************************** > ********************************]> > 2017-12-18 15:12:50,965 DEBUG > [org.apereo.cas.ticket.registry.MemcachedTicketRegistry] > - <Adding ticket [***************************** > **************************************************************]> > 2017-12-18 15:12:50,965 ERROR > [org.apereo.cas.ticket.registry.MemcachedTicketRegistry] > - <Failed adding [***************************** > **************************************************************]> > java.lang.IllegalArgumentException: Key is too long (maxlen = 250) > 2017-12-18 15:12:50,966 DEBUG [org.apereo.cas. > AbstractCentralAuthenticationService] - <Publishing > [org.apereo.cas.support.events.ticket.CasTicketGrantingTicketCreated > Event@41e218bd[ticketGrantingTicket=********* > ************************************************************ > **********************]]> > 2017-12-18 15:12:50,966 INFO > [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] > - <Audit trail record BEGIN > > ============================================================= > WHO: USER > WHAT: ************************************************************ > ******************************* > ACTION: TICKET_GRANTING_TICKET_CREATED > APPLICATION: CAS > WHEN: Mon Dec 18 15:13:10 MYT 2017 > CLIENT IP ADDRESS: 127.0.0.1 > SERVER IP ADDRESS: 127.0.0.1 > > > > I should also mention that I don't see any ST created in the log too. I > want to create the ST is well to validate the service. > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cas-user+unsubscr...@apereo.org. > To view this discussion on the web visit https://groups.google.com/a/ > apereo.org/d/msgid/cas-user/242eb0e3-4e51-4709-9f71- > bdc0782e74bd%40apereo.org > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/242eb0e3-4e51-4709-9f71-bdc0782e74bd%40apereo.org?utm_medium=email&utm_source=footer> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAP279LzYvp-%2BVY5nD0kVe1_d4FB9fhm%3Dep%3D6h%3DtQgw3S8Pkxww%40mail.gmail.com.
