Is the devConfluence-1558621301329267.json file readable for whatever user/service is running CAS? When I forget to change ownership of my json files to the tomcat user, I run into the same issue.
On Thursday, June 6, 2019 at 7:06:50 AM UTC-6, Fabian Schipp wrote: > > Hi everyone, > > I am currently trying to connect Confluence as SAML SP with a CAS 6 > instance. > CAS Server on its own is running fine. I added a SAML service I created > using the docs chapter on SAML services: > > https://apereo.github.io/cas/6.0.x/installation/Configuring-SAML2-Authentication.html#saml-services > > My SAML service: > { > "@class" : > "org.apereo.cas.support.saml.services.SamlRegisteredService", > "serviceId" : "https://<CONFLUENCE_DOMAIN>/ > plugins/servlet/samlsso", > "name" : "dev Confluence Application", > "id" : 1558621301329267, > "metadataLocation" : > "https://<CONFLUENCE_DOMAIN>/plugins/servlet/samlsso/metadata", > "evaluationOrder" : 10 > } > > But CAS does load the service but it looks like it is malformed in some > way. > > I checked some things that might have gone wrong: > - the metadata-URL does link to the correct metadata of the SP > - the serviceId matches the corresponding URL from the confluence system > - the id field matches the name of the service-filename (it is called > devConfluence-1558621301329267.json) > > The output I get is this: > 2019-06-06 14:56:58,002 DEBUG > [org.apereo.cas.support.saml.web.idp.profile.AbstractSamlProfileHandlerController] > > - <Located issuer [https://<CONFLUENCE_DOMAIN>/plugins/servlet/samlsso] > from authentication request> > > 2019-06-06 14:56:58,004 DEBUG > [org.apereo.cas.support.saml.web.idp.profile.AbstractSamlProfileHandlerController] > > - <Checking service access in CAS service registry for > [AbstractWebApplicationService(id=https://<CONFLUENCE_DOMAIN>/plugins/servlet/samlsso, > > originalUrl=https://<CONFLUENCE_DOMAIN>/plugins/servlet/samlsso, > artifactId=null, principal=null, source=null, loggedOutAlready=false, > format=XML, attributes={})]> > > 2019-06-06 14:56:58,024 WARN > [org.apereo.cas.support.saml.web.idp.profile.AbstractSamlProfileHandlerController] > > - <[https://<CONFLUENCE_DOMAIN>/plugins/servlet/samlsso] is not found in > the registry or service access is denied. Ensure service is registered in > service registry> > > So there is another service registry I have to register my service in? > Are there any more fields that are mandatory to include in the service? If > so I can't find the correct pafe on the docs that says so. > > I am realy lost on this one. Any help is appreciated. > > Thank you very much. > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/55b99f7f-6030-4d96-8f0a-43650df62375%40apereo.org.
