Rhfbc On Thu, Apr 12, 2018, 01:40 William E. <wre0...@uah.edu> wrote:
> Hi all, > > > I am trying to follow the CAS docs to configure a service to return jwt's > but not having much success. > > Docs I am reading on this: > > > https://apereo.github.io/cas/5.2.x/installation/Configure-ServiceTicket-JWT.html > > https://apereo.github.io/2017/10/17/cas-jwt-authn-with-duo/ (JWT Service > Tickets portion) > > > My cas.properties has: > > cas.authn.token.crypto.enabled=true > cas.authn.token.crypto.encryptionEnabled=true > cas.authn.token.crypto.signing.key=/etc/cas/config/token-signing.jwk > cas.authn.token.crypto.signing.keySize=512 > cas.authn.token.crypto.encryption.key=/etc/cas/config/token-encryption.jwk > cas.authn.token.crypto.encryption.keySize=256 > cas.authn.token.crypto.alg=AES > > > jwk's generated per docs: > > wget https://raw.githubusercontent.com/apereo/cas/master/etc/jwk-gen.jar > java -jar jwk-gen.jar -t oct -s 512 >/etc/cas/config/token-signing.jwk > java -jar jwk-gen.jar -t oct -s 256 >/etc/cas/config/token-encryption.jwk > > $ file /etc/cas/config/token* > /etc/cas/config/token-encryption.jwk: ASCII text > /etc/cas/config/token-signing.jwk: ASCII text > > > Using maven overlay, my pom.xml has the rest snippet: > > <dependency> > <groupId>org.apereo.cas</groupId> > <artifactId>cas-server-support-token-tickets</artifactId> > <version>${cas.version}</version> > </dependency> > > > My service has the jwt as ticket property: > > properties: > { > @class: java.util.LinkedHashMap > jwtAsServiceTicket: > { > @class: org.apereo.cas.services.DefaultRegisteredServiceProperty > values: > [ > java.util.HashSet > [ > "true" > ] > ] > } > } > > In the CAS CLI I can generate a jwt that appears valid. But when I use my > service via web browser I see no header or cookie referencing a ticket with > JWT- prefix, nor a jwt formatted base64 string, I just see the normal ST- > ticket. I'm using a simple tomcat webapp wit cas client filters and > java-cas-client 3.5.0. > > Anyone made JWT's work yet for cas 5.2.3? Any idea what step I missed? > > Thanks, > William > > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cas-user+unsubscr...@apereo.org. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/2ce63d92-fef6-41c4-9167-9c388f73d3e7%40apereo.org > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/2ce63d92-fef6-41c4-9167-9c388f73d3e7%40apereo.org?utm_medium=email&utm_source=footer> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CALm%2ByJ0J5P6me6cOtoEgA_YKUTD0AF2B9eF-QMqBf_PrciCzQA%40mail.gmail.com.
