I did find these… cd /etc/
[root@appdev-523 etc]# grep -r cas.example * cas/config/services/RegexRegisteredService-8396761148980578304.json: serviceId: https://cas.example.org:8443/cas/oauth2.0/callbackAuthorize.* cas/config/services/RegexRegisteredService-7398083621929947136.json: serviceId: https://cas.example.org:8443/cas/oauth2.0/callbackAuthorize.* cas/config/services/RegexRegisteredService-1905997417559537664.json: serviceId: https://cas.example.org:8443/cas/oauth2.0/callbackAuthorize.* cas/config/services/RegexRegisteredService-4418765845257222144.json: serviceId: https://cas.example.org:8443/cas/oauth2.0/callbackAuthorize.* cas/config/services/RegexRegisteredService-5291673557665746944.json: serviceId: https://cas.example.org:8443/cas/oauth2.0/callbackAuthorize.* cas/config/services/RegexRegisteredService-7671336329000167424.json: serviceId: https://cas.example.org:8443/cas/oauth2.0/callbackAuthorize.* These are apparently auto-generated. As far as I know I have not configured CAS to create these service entries, nor do they show up in the management interface. The time stamps on the files appear to be related to restarts. This may be by design. I still can’t find the bit to set the proper server name though. Thanks, Erik Mallory Server Analyst Wichita State University From: "'Mallory, Erik' via CAS Community" <cas-user@apereo.org> Reply-To: "cas-user@apereo.org" <cas-user@apereo.org> Date: Wednesday, August 28, 2019 at 1:03 PM To: "cas-user@apereo.org" <cas-user@apereo.org> Subject: Re: [cas-user] CAS 6.1-RC4 OIDC configuration I double checked that I didn’t have an errant file somewhere that would override the config. I un jared the cas.war file and grepped for cas.example.org JIC. All settings are loaded from the location below. CAS is running with embedded tomcat and is started by systemd. # The configuration directory where CAS should monitor to locate settings. spring.cloud.config.server.native.searchLocations=file:///etc/cas/config /bin/java --add-modules java.se --add-exports java.base/jdk.internal.ref=ALL-UNNAMED --add-opens java.base/java.lang=ALL-UNNAMED --add-opens java.base/java.nio=ALL-UNNAMED --add-opens java.base/sun.nio.ch=ALL-UNNAMED --add-opens java.management/sun.management=ALL-UNNAMED --add-opens jdk.management/com.sun.management.internal=ALL-UNNAMED -Dhttp.proxySet=true -Dhttps.proxySet=true -Dhttp.proxyHost=proxysvc-501.wichita.edu -Dhttps.proxyHost=proxysvc-501.wichita.edu -Dhttp.proxyPort=8080 -Dhttps.proxyPort=8080 -Djava.util.logging.config.file=/etc/cas/config/logging.properties -jar /data/cas/bin/cas.war Thanks Again, Erik Mallory Server Analyst Wichita State University 316.978.3502 From: <cas-user@apereo.org> on behalf of Misagh Moayyed <misagh.moay...@gmail.com> Reply-To: "cas-user@apereo.org" <cas-user@apereo.org> Date: Wednesday, August 28, 2019 at 3:35 AM To: CAS Community <cas-user@apereo.org> Subject: Re: [cas-user] CAS 6.1-RC4 OIDC configuration Are you certain your configuration values are not overridden by something else? On Aug 28, 2019, at 1:30 AM, 'Mallory, Erik' via CAS Community <cas-user@apereo.org<mailto:cas-user@apereo.org>> wrote: Yes. # OpenID Authentication cas.authn.oidc.issuer=http://cas-dev.wichita.edu/cas/oidc # Skew ID tokens in minutes cas.authn.oidc.skew=5 cas.authn.oidc.jwksFile=file:/etc/cas/config/keystore.jwks cas.authn.oidc.jwksCacheInMinutes=60 #cas.authn.oidc.dynamicClientRegistrationMode=OPEN|PROTECTED cas.authn.oidc.dynamicClientRegistrationMode=PROTECTED cas.authn.oidc.subjectTypes=public,pairwise Erik Mallory Server Analyst Wichita State University 316.978.3502 From: <cas-user@apereo.org<mailto:cas-user@apereo.org>> on behalf of Misagh Moayyed <misagh.moay...@gmail.com<mailto:misagh.moay...@gmail.com>> Reply-To: "cas-user@apereo.org<mailto:cas-user@apereo.org>" <cas-user@apereo.org<mailto:cas-user@apereo.org>> Date: Tuesday, August 27, 2019 at 2:59 AM To: CAS Community <cas-user@apereo.org<mailto:cas-user@apereo.org>> Subject: Re: [cas-user] CAS 6.1-RC4 OIDC configuration Have you defined an issuer? https://apereo.github.io/cas/development/configuration/Configuration-Properties.html#openid-connect On Aug 27, 2019, at 2:23 AM, 'Mallory, Erik' via CAS Community <cas-user@apereo.org<mailto:cas-user@apereo.org>> wrote: Hello, I'm trying to configure oAuth/OIDC and I'm running into a head scratcher. The CAS oidc/.well-known endpoint returns cas.example.org:8443<http://cas.example.org:8443/> for all of the related endpoints. Example: {"issuer":"http://cas-dev.wichita.edu/cas/oidc","scopes_supported":["openid","profile","email","address","phone","offline_access"],"response_types_supported":["code","token","id_token token"],"subject_types_supported":["public","pairwise"],"claim_types_supported":["normal"],"claims_supported":["sub","name","preferred_username","family_name","given_name","middle_name","given_name","profile","picture","nickname","website","zoneinfo","locale","updated_at","birthdate","email","email_verified","phone_number","phone_number_verified","address","gender"],"grant_types_supported":["authorization_code","password","client_credentials","refresh_token"],"id_token_signing_alg_values_supported":["none","RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512","HS256","HS384","HS512"],"id_token_encryption_alg_values_supported":["RSA1_5","RSA-OAEP","RSA-OAEP-256","A128KW","A192KW","A256KW","A128GCMKW","A192GCMKW","A256GCMKW","ECDH-ES","ECDH-ES+A128KW","ECDH-ES+A192KW","ECDH-ES+A256KW"],"id_token_encryption_enc_values_supported":["A128CBC-HS256","A192CBC-HS384","A256CBC-HS512","A128GCM","A192GCM","A256GCM"],"userinfo_signing_alg_values_supported":["none","RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512","HS256","HS384","HS512"],"userinfo_encryption_alg_values_supported":["RSA1_5","RSA-OAEP","RSA-OAEP-256","A128KW","A192KW","A256KW","A128GCMKW","A192GCMKW","A256GCMKW","ECDH-ES","ECDH-ES+A128KW","ECDH-ES+A192KW","ECDH-ES+A256KW"],"userinfo_encryption_enc_values_supported":["A128CBC-HS256","A192CBC-HS384","A256CBC-HS512","A128GCM","A192GCM","A256GCM"],"introspection_endpoint_auth_methods_supported":["client_secret_basic"],"token_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt"],"claims_parameter_supported":true,"request_parameter_supported":false,"authorization_endpoint":"https://cas.example.org:8443/cas/oidc/authorize","token_endpoint":"https://cas.example.org:8443/cas/oidc/accessToken","userinfo_endpoint":"https://cas.example.org:8443/cas/oidc/profile","registration_endpoint":"https://cas.example.org:8443/cas/oidc/register","end_session_endpoint":"https://cas.example.org:8443/cas/oidc/logout","introspection_endpoint":"https://cas.example.org:8443/cas/oidc/introspect","revocation_endpoint":"https://cas.example.org:8443/cas/oidc/revoke","jwks_uri":"https://cas.example.org:8443/cas/oidc/jwks"} I thought this value was controlled by the cas.server.name property. But I guess it's elsewhere? server.context-path=/cas server.port=443 cas.server.name=https://cas-dev.wichita.edu<https://cas-dev.wichita.edu/> cas.server.prefix=https://cas-dev.wichita.edu/cas cas.host.name=cas-dev.wichita.edu<http://cas-dev.wichita.edu/> Hopefully someone can shine a light on this for me. Thanks, Erik Mallory Server Analyst Wichita State University -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org<mailto:cas-user+unsubscr...@apereo.org>. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/3B7E953C-586C-41E3-BB3A-73A53D433AB0%40wichita.edu. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org<mailto:cas-user+unsubscr...@apereo.org>. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/375F9DAF-027B-4CE0-A5F3-AE84255B3C99%40gmail.com<https://groups.google.com/a/apereo.org/d/msgid/cas-user/375F9DAF-027B-4CE0-A5F3-AE84255B3C99%40gmail.com?utm_medium=email&utm_source=footer>. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org<mailto:cas-user+unsubscr...@apereo.org>. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/E63C583B-638A-4E54-A7C4-BC772DF53CB2%40wichita.edu<https://groups.google.com/a/apereo.org/d/msgid/cas-user/E63C583B-638A-4E54-A7C4-BC772DF53CB2%40wichita.edu?utm_medium=email&utm_source=footer>. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org<mailto:cas-user+unsubscr...@apereo.org>. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/DF7A72D8-CDF2-4BDA-B302-8A9E5A1A9E48%40gmail.com<https://groups.google.com/a/apereo.org/d/msgid/cas-user/DF7A72D8-CDF2-4BDA-B302-8A9E5A1A9E48%40gmail.com?utm_medium=email&utm_source=footer>. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org<mailto:cas-user+unsubscr...@apereo.org>. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1FA38A82-12AA-4D92-BE6F-25755490942A%40wichita.edu<https://groups.google.com/a/apereo.org/d/msgid/cas-user/1FA38A82-12AA-4D92-BE6F-25755490942A%40wichita.edu?utm_medium=email&utm_source=footer>. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/5B8CDEF2-9CAC-4647-9AFC-D8E6B1649F9E%40wichita.edu.