Here is my entire CAS configuration. This does not reflect the real deployment but is what I used for testing.
cas.server.name: https://cas.example.org:8443 cas.server.prefix: https://cas.example.org:8443/cas ## # CAS Server Context Configuration # server.context-path=/cas server.port=444 server.ssl.key-store=file:C:/tomcat/conf/keystore.jks server.ssl.key-store-password=REMOVED server.ssl.key-password=REMOVED server.tomcat.accesslog.enabled=false management.context-path=/status ## # CAS Log4j Configuration # logging.config=file:C:/etc/cas/config/log4j2.xml logging.level.org.apereo.cas=ERROR cas.log.level=WARN server.context-parameters.isLog4jAutoInitializationDisabled=true #Disable default casuser cas.authn.accept.users= cas.authn.ldap[0].type=AUTHENTICATED cas.authn.ldap[0].ldapUrl=ldaps://REMOVED cas.authn.ldap[0].baseDn=OU=TAP,DC=tap,DC=test cas.authn.ldap[0].userFilter=sAMAccountName={user} cas.authn.ldap[0].usePasswordPolicy=true cas.authn.ldap[0].bindDn=CN=ESI7,OU=Service,OU=Users,OU=TAP,DC=tap,DC=test cas.authn.ldap[0].bindCredential=REMOVED cas.authn.ldap[0].allowMultiplePrincipalAttributeValues=true cas.authn.ldap[0].principalAttributeList=sn,cn:commonName,givenName,memberOf cas.authn.ldap[0].trustCertificates=file:C:/etc/cas/config/ldap.cer cas.adminPagesSecurity.ip=0\.0\.0\.0 cas.adminPagesSecurity.loginUrl=https://REMOVED:444/cas/login cas.adminPagesSecurity.service=https://REMOVED:444/cas/status cas.adminPagesSecurity.users=file:C:/etc/cas/config/adminusers.properties cas.adminPagesSecurity.adminRoles=ROLE_ADMIN cas.adminPagesSecurity.actuatorEndpointsEnabled=true cas.serviceRegistry.config.location=file:C:/etc/cas/config cas.logout.followServiceRedirects=true # Sessions are terminated if no new tickets are requested in one minute cas.ticket.tgt.timeToKillInSeconds=60 # Sessions can last a full week if used continuously cas.ticket.tgt.maxTimeToLiveInSeconds=604800 # Service tickets can only be used once cas.ticket.st.numberOfUses=1 # Service tickets expire after five seconds if not used cas.ticket.st.timeToKillInSeconds=5 -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/e767e2bd-aa90-45a8-af33-9d1b3b0ee3cd%40apereo.org.