Hi Everyone, I would like to add the possibility to use JWT Authentication to my CAS Server, i followed this link https://apereo.github.io/cas/4.2.x/installation/JWT-Authentication.html but it's not working.
Im using CAS Version 4.2.7 and Java Version : 1.8.0_40, i followed this steps below : *Step 1 : adding the token dependency to my pom.xml * *<dependency> <groupId>org.jasig.cas</groupId> <artifactId>cas-server-support-token-webflow</artifactId> <version>${cas.version}</version></dependency>* *Step 2 : adding the alas name in my deployerConfigContext.xml* NB : i'm already using this in my config : * <util:map id="authenticationHandlersResolvers"> <entry key-ref="proxyAuthenticationHandler" value-ref="proxyPrincipalResolver" /> <entry key-ref="primaryAuthenticationHandler" value-ref="primaryPrincipalResolver" /> <entry key-ref="ldapAuthenticationHandler" value="#{null}" /></util:map>* * <alias name="acceptUsersAuthenticationHandler" alias="primaryAuthenticationHandler" /> <alias name="personDirectoryPrincipalResolver" alias="primaryPrincipalResolver" />* * <alias name="tokenAuthenticationHandler" alias="primaryAuthenticationHandler" />* So when i restart my CAS server, logs says : *Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'authenticationHandlersResolvers': Cannot resolve reference to bean 'primaryAuthenticationHandler' while setting bean property 'sourceMap'; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'tokenAuthenticationHandler' is defined* So I added the bean id below : *<bean id="tokenAuthenticationHandler"class="org.jasig.cas.services.DefaultRegisteredServiceProperty" />* Then after restarted, it's ok no more logs. *Step 3 : adding the secret in my HTTPSandIMAPS-10000001.json* "properties" : { "@class" : "java.util.HashMap", "jwtSigningSecret" : { "@class" : "org.jasig.cas.services.DefaultRegisteredServiceProperty", "values" : [ "java.util.HashSet", [ "my_secret_key" ] ] }, *Step 4 : generating my token using my secret key with https://www.npmjs.com/package/jwtgen*For example : jwtgen -a HS256 -s "my_secret_key" -p -e 9200 -v *algorithm: HS256claims: { "iat": 1519642449, "exp": 1519651650}headers: { "typ": "JWT", "alg": "HS256"}token:eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE1MTk2NDI0NDksImV4cCI6MTUxOTY1MTY1MH0.G7JjoEu......* *Step 5 : curling my CAS Server with one of my service using my token* curl -i "https://myserver/cas/login?service=https://my_url_service *&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE1MTk2NDI0NDksImV4cCI6MTUxOTY1MTY1MH0.G7JjoEu* ......" CAS Logs : *2018-02-26 11:58:12,570 INFO [org.jasig.cas.web.flow.InitialFlowSetupAction] - <Setting path for cookies for warn cookie generator to: /cas/ >2018-02-26 11:58:12,570 INFO [org.jasig.cas.web.flow.InitialFlowSetupAction] - <Setting path for cookies for TGC cookie generator to: /cas/ >2018-02-26 11:58:12,574 DEBUG [org.jasig.cas.web.support.DefaultArgumentExtractor] - <Created https://my_url_service based on org.jasig.cas.authentication.principal.WebApplicationServiceFactory@2fe3ffc2>2018-02-26 11:58:12,575 DEBUG [org.jasig.cas.web.support.DefaultArgumentExtractor] - <Extractor generated service for: https://my_url_service>2018-02-26 11:58:12,581 DEBUG [org.jasig.cas.util.RegexUtils] - <Pattern ^https://www.apereo.org is a valid regex.>2018-02-26 11:58:12,582 DEBUG [org.jasig.cas.util.RegexUtils] - <Pattern ^(http?|https?)://.* is a valid regex.>2018-02-26 11:58:12,801 DEBUG [org.jasig.cas.services.web.RegisteredServiceThemeBasedViewResolver] - <View resolved: /WEB-INF/view/jsp/default/ui/casLoginView.jsp>2018-02-26 11:58:12,940 DEBUG [org.jasig.cas.web.view.CasReloadableMessageBundle] - <No properties file found for [classpath:custom_messages_en] - neither plain properties nor XML>2018-02-26 11:58:12,941 DEBUG [org.jasig.cas.web.view.CasReloadableMessageBundle] - <No properties file found for [classpath:custom_messages] - neither plain properties nor XML>2018-02-26 11:58:12,942 DEBUG [org.jasig.cas.web.view.CasReloadableMessageBundle] - <No properties file found for [classpath:messages_en] - neither plain properties nor XML>2018-02-26 11:58:12,942 DEBUG [org.jasig.cas.web.view.CasReloadableMessageBundle] - <Loading properties [messages.properties] with encoding 'UTF-8'>2018-02-26 11:58:13,002 WARN [org.jasig.cas.web.view.CasReloadableMessageBundle] - <The code [login.forgot.password] cannot be found in the default language bundle and will be used as the message itself.>2018-02-26 11:58:13,002 WARN [org.jasig.cas.web.view.CasReloadableMessageBundle] - <The code [login.not.subscribed] cannot be found in the default language bundle and will be used as the message itself.>2018-02-26 11:58:13,003 WARN [org.jasig.cas.web.view.CasReloadableMessageBundle] - <The code [login.subscribe] cannot be found in the default language bundle and will be used as the message itself.>2018-02-26 11:58:13,003 WARN [org.jasig.cas.web.view.CasReloadableMessageBundle] - <The code [login.help.question] cannot be found in the default language bundle and will be used as the message itself.>2018-02-26 11:58:13,004 WARN [org.jasig.cas.web.view.CasReloadableMessageBundle] - <The code [login.contact] cannot be found in the default language bundle and will be used as the message itself.>2018-02-26 11:58:15,243 DEBUG [org.jasig.cas.util.CasSpringBeanJobFactory] - <Created job org.jasig.cas.services.DefaultServicesManagerImpl$ServiceRegistryReloaderJob@5784c77a for bundle org.quartz.spi.TriggerFiredBundle@5ffb6449>2018-02-26 11:58:15,245 DEBUG [org.jasig.cas.util.CasSpringBeanJobFactory] - <Autowired job per the application context>*No tickets are created, am i missing something ? Kind Regards, Michael -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1b79aa7a-48b6-4057-a66f-72ca450e29c7%40apereo.org.