[cas-user] Connecting SAML SP to CAS 6

[Fabian Schipp]

Hi everyone,

I am currently trying to connect Confluence as SAML SP with a CAS 6 
instance.
CAS Server on its own is running fine. I added a SAML service I created 
using the docs chapter on SAML services:
https://apereo.github.io/cas/6.0.x/installation/Configuring-SAML2-Authentication.html#saml-services

My SAML service:
{
        "@class" : 
"org.apereo.cas.support.saml.services.SamlRegisteredService",
        "serviceId" : "https://<CONFLUENCE_DOMAIN>/plugins/servlet/samlsso",
        "name" : "dev Confluence Application",
        "id" : 1558621301329267,
        "metadataLocation" : 
"https://<CONFLUENCE_DOMAIN>/plugins/servlet/samlsso/metadata",
        "evaluationOrder" : 10
}

But CAS does load the service but it looks like it is malformed in some way.

I checked some things that might have gone wrong:
- the metadata-URL does link to the correct metadata of the SP
- the serviceId matches the corresponding URL from the confluence system
- the id field matches the name of the service-filename (it is called 
devConfluence-1558621301329267.json)

The output I get is this:
2019-06-06 14:56:58,002 DEBUG 
[org.apereo.cas.support.saml.web.idp.profile.AbstractSamlProfileHandlerController]
 
- <Located issuer [https://<CONFLUENCE_DOMAIN>/plugins/servlet/samlsso] 
from authentication request>

2019-06-06 14:56:58,004 DEBUG 
[org.apereo.cas.support.saml.web.idp.profile.AbstractSamlProfileHandlerController]
 
- <Checking service access in CAS service registry for 
[AbstractWebApplicationService(id=https://<CONFLUENCE_DOMAIN>/plugins/servlet/samlsso,
 
originalUrl=https://<CONFLUENCE_DOMAIN>/plugins/servlet/samlsso, 
artifactId=null, principal=null, source=null, loggedOutAlready=false, 
format=XML, attributes={})]>

2019-06-06 14:56:58,024 WARN 
[org.apereo.cas.support.saml.web.idp.profile.AbstractSamlProfileHandlerController]
 
- <[https://<CONFLUENCE_DOMAIN>/plugins/servlet/samlsso] is not found in 
the registry or service access is denied. Ensure service is registered in 
service registry>

So there is another service registry I have to register my service in?
Are there any more fields that are mandatory to include in the service? If 
so I can't find the correct pafe on the docs that says so.

I am realy lost on this one. Any help is appreciated.

Thank you very much.

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/6e6aa989-c395-4166-a130-61d1f01722b5%40apereo.org.