I did find these…

cd /etc/

[root@appdev-523 etc]# grep -r cas.example *

cas/config/services/RegexRegisteredService-8396761148980578304.json:  
serviceId: https://cas.example.org:8443/cas/oauth2.0/callbackAuthorize.*

cas/config/services/RegexRegisteredService-7398083621929947136.json:  
serviceId: https://cas.example.org:8443/cas/oauth2.0/callbackAuthorize.*

cas/config/services/RegexRegisteredService-1905997417559537664.json:  
serviceId: https://cas.example.org:8443/cas/oauth2.0/callbackAuthorize.*

cas/config/services/RegexRegisteredService-4418765845257222144.json:  
serviceId: https://cas.example.org:8443/cas/oauth2.0/callbackAuthorize.*

cas/config/services/RegexRegisteredService-5291673557665746944.json:  
serviceId: https://cas.example.org:8443/cas/oauth2.0/callbackAuthorize.*

cas/config/services/RegexRegisteredService-7671336329000167424.json:  
serviceId: https://cas.example.org:8443/cas/oauth2.0/callbackAuthorize.*

These are apparently auto-generated. As far as I know I have not configured CAS 
to create these service entries, nor do they show up in the management 
interface.
The time stamps on the files appear to be related to restarts. This may be by 
design. I still can’t find the bit to set the proper server name though.

Thanks,

Erik Mallory
Server Analyst
Wichita State University


From: "'Mallory, Erik' via CAS Community" <cas-user@apereo.org>
Reply-To: "cas-user@apereo.org" <cas-user@apereo.org>
Date: Wednesday, August 28, 2019 at 1:03 PM
To: "cas-user@apereo.org" <cas-user@apereo.org>
Subject: Re: [cas-user] CAS 6.1-RC4 OIDC configuration

I double checked that I didn’t have an errant file somewhere that would 
override the config. I un jared the cas.war file and grepped for 
cas.example.org JIC.
All settings are loaded from the location below. CAS is running with embedded 
tomcat and is started by systemd.
# The configuration directory where CAS should monitor to locate settings.
spring.cloud.config.server.native.searchLocations=file:///etc/cas/config

/bin/java --add-modules java.se --add-exports 
java.base/jdk.internal.ref=ALL-UNNAMED --add-opens 
java.base/java.lang=ALL-UNNAMED --add-opens java.base/java.nio=ALL-UNNAMED 
--add-opens java.base/sun.nio.ch=ALL-UNNAMED --add-opens 
java.management/sun.management=ALL-UNNAMED --add-opens 
jdk.management/com.sun.management.internal=ALL-UNNAMED -Dhttp.proxySet=true 
-Dhttps.proxySet=true -Dhttp.proxyHost=proxysvc-501.wichita.edu 
-Dhttps.proxyHost=proxysvc-501.wichita.edu -Dhttp.proxyPort=8080 
-Dhttps.proxyPort=8080 
-Djava.util.logging.config.file=/etc/cas/config/logging.properties -jar 
/data/cas/bin/cas.war

Thanks Again,
Erik Mallory
Server Analyst
Wichita State University
316.978.3502


From: <cas-user@apereo.org> on behalf of Misagh Moayyed 
<misagh.moay...@gmail.com>
Reply-To: "cas-user@apereo.org" <cas-user@apereo.org>
Date: Wednesday, August 28, 2019 at 3:35 AM
To: CAS Community <cas-user@apereo.org>
Subject: Re: [cas-user] CAS 6.1-RC4 OIDC configuration

Are you certain your configuration values are not overridden by something else?



On Aug 28, 2019, at 1:30 AM, 'Mallory, Erik' via CAS Community 
<cas-user@apereo.org<mailto:cas-user@apereo.org>> wrote:

Yes.
# OpenID Authentication
cas.authn.oidc.issuer=http://cas-dev.wichita.edu/cas/oidc
# Skew ID tokens in minutes
cas.authn.oidc.skew=5

cas.authn.oidc.jwksFile=file:/etc/cas/config/keystore.jwks
cas.authn.oidc.jwksCacheInMinutes=60

#cas.authn.oidc.dynamicClientRegistrationMode=OPEN|PROTECTED
cas.authn.oidc.dynamicClientRegistrationMode=PROTECTED

cas.authn.oidc.subjectTypes=public,pairwise

Erik Mallory
Server Analyst
Wichita State University
316.978.3502


From: <cas-user@apereo.org<mailto:cas-user@apereo.org>> on behalf of Misagh 
Moayyed <misagh.moay...@gmail.com<mailto:misagh.moay...@gmail.com>>
Reply-To: "cas-user@apereo.org<mailto:cas-user@apereo.org>" 
<cas-user@apereo.org<mailto:cas-user@apereo.org>>
Date: Tuesday, August 27, 2019 at 2:59 AM
To: CAS Community <cas-user@apereo.org<mailto:cas-user@apereo.org>>
Subject: Re: [cas-user] CAS 6.1-RC4 OIDC configuration

Have you defined an issuer?
https://apereo.github.io/cas/development/configuration/Configuration-Properties.html#openid-connect




On Aug 27, 2019, at 2:23 AM, 'Mallory, Erik' via CAS Community 
<cas-user@apereo.org<mailto:cas-user@apereo.org>> wrote:

Hello,
I'm trying to configure oAuth/OIDC and I'm running into a head scratcher.
The CAS oidc/.well-known endpoint returns 
cas.example.org:8443<http://cas.example.org:8443/> for all of the related 
endpoints.
Example:
{"issuer":"http://cas-dev.wichita.edu/cas/oidc","scopes_supported":["openid","profile","email","address","phone","offline_access"],"response_types_supported":["code","token","id_token
 
token"],"subject_types_supported":["public","pairwise"],"claim_types_supported":["normal"],"claims_supported":["sub","name","preferred_username","family_name","given_name","middle_name","given_name","profile","picture","nickname","website","zoneinfo","locale","updated_at","birthdate","email","email_verified","phone_number","phone_number_verified","address","gender"],"grant_types_supported":["authorization_code","password","client_credentials","refresh_token"],"id_token_signing_alg_values_supported":["none","RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512","HS256","HS384","HS512"],"id_token_encryption_alg_values_supported":["RSA1_5","RSA-OAEP","RSA-OAEP-256","A128KW","A192KW","A256KW","A128GCMKW","A192GCMKW","A256GCMKW","ECDH-ES","ECDH-ES+A128KW","ECDH-ES+A192KW","ECDH-ES+A256KW"],"id_token_encryption_enc_values_supported":["A128CBC-HS256","A192CBC-HS384","A256CBC-HS512","A128GCM","A192GCM","A256GCM"],"userinfo_signing_alg_values_supported":["none","RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512","HS256","HS384","HS512"],"userinfo_encryption_alg_values_supported":["RSA1_5","RSA-OAEP","RSA-OAEP-256","A128KW","A192KW","A256KW","A128GCMKW","A192GCMKW","A256GCMKW","ECDH-ES","ECDH-ES+A128KW","ECDH-ES+A192KW","ECDH-ES+A256KW"],"userinfo_encryption_enc_values_supported":["A128CBC-HS256","A192CBC-HS384","A256CBC-HS512","A128GCM","A192GCM","A256GCM"],"introspection_endpoint_auth_methods_supported":["client_secret_basic"],"token_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt"],"claims_parameter_supported":true,"request_parameter_supported":false,"authorization_endpoint":"https://cas.example.org:8443/cas/oidc/authorize","token_endpoint":"https://cas.example.org:8443/cas/oidc/accessToken","userinfo_endpoint":"https://cas.example.org:8443/cas/oidc/profile","registration_endpoint":"https://cas.example.org:8443/cas/oidc/register","end_session_endpoint":"https://cas.example.org:8443/cas/oidc/logout","introspection_endpoint":"https://cas.example.org:8443/cas/oidc/introspect","revocation_endpoint":"https://cas.example.org:8443/cas/oidc/revoke","jwks_uri":"https://cas.example.org:8443/cas/oidc/jwks"}


I thought this value was controlled by the cas.server.name property. But I 
guess it's elsewhere?

server.context-path=/cas
server.port=443
cas.server.name=https://cas-dev.wichita.edu<https://cas-dev.wichita.edu/>
cas.server.prefix=https://cas-dev.wichita.edu/cas
cas.host.name=cas-dev.wichita.edu<http://cas-dev.wichita.edu/>

Hopefully someone can shine a light on this for me.
Thanks,
Erik Mallory
Server Analyst
Wichita State University


--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org<mailto:cas-user+unsubscr...@apereo.org>.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/3B7E953C-586C-41E3-BB3A-73A53D433AB0%40wichita.edu.

--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org<mailto:cas-user+unsubscr...@apereo.org>.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/375F9DAF-027B-4CE0-A5F3-AE84255B3C99%40gmail.com<https://groups.google.com/a/apereo.org/d/msgid/cas-user/375F9DAF-027B-4CE0-A5F3-AE84255B3C99%40gmail.com?utm_medium=email&utm_source=footer>.




--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org<mailto:cas-user+unsubscr...@apereo.org>.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/E63C583B-638A-4E54-A7C4-BC772DF53CB2%40wichita.edu<https://groups.google.com/a/apereo.org/d/msgid/cas-user/E63C583B-638A-4E54-A7C4-BC772DF53CB2%40wichita.edu?utm_medium=email&utm_source=footer>.

--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org<mailto:cas-user+unsubscr...@apereo.org>.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/DF7A72D8-CDF2-4BDA-B302-8A9E5A1A9E48%40gmail.com<https://groups.google.com/a/apereo.org/d/msgid/cas-user/DF7A72D8-CDF2-4BDA-B302-8A9E5A1A9E48%40gmail.com?utm_medium=email&utm_source=footer>.


--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org<mailto:cas-user+unsubscr...@apereo.org>.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/1FA38A82-12AA-4D92-BE6F-25755490942A%40wichita.edu<https://groups.google.com/a/apereo.org/d/msgid/cas-user/1FA38A82-12AA-4D92-BE6F-25755490942A%40wichita.edu?utm_medium=email&utm_source=footer>.

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/5B8CDEF2-9CAC-4647-9AFC-D8E6B1649F9E%40wichita.edu.

Reply via email to