Hi Rod,
Usually this happen when you setup your CAS as *http *instead of https.
- When CAS is in http, SSO will not work. Making sure it is https should
make it work again.
- The services you provided seems fine, didn't see any issue on them.
- But the ssoEnabled part should be not neccesary since that would be the
default
If the above still not able to solve your issue, then you might need to
provide a little bit more information, like a full cas.properties
(sensitive data removed of course).
Cheers!
- Andy
On Thursday, 2 December 2021 at 08:49:09 UTC+8 rodbal...@gmail.com wrote:
> Hello Everyone!
>
> I'm held up deploying 6.4.2 so I'm back on 6.1 for the Google App
> integration provided by it.
>
> I'm able to log into a testing site in the /etc/cas/services directory.
> I'm redirected to the CAS login page. Once I authenticate, I continue to
> the testing site.
>
> I'm also able to log into Google calendar where I'm redirected to the CAS
> login page. Once I authenticate I continue to the Google calendar.
>
> However, when I log into the testing site and then attempt on another tab
> go to Google calendar, I'm redirected to the CAS login page and not SSO'd
> into Google Calendar.
>
> This happens also if I log into Google Calendar and then attempt to access
> the testing site.
>
> I believe this is the relevant bits of the /etc/cas/config/cas.properties
> file (I could be missing something)
>
>
> cas.tgc.crypto.encryption.key=**redacted**
> cas.tgc.crypto.signing.key=**redacted**
> cas.webflow.crypto.signing.key=**redacted**
> cas.webflow.crypto.encryption.key=**redacted**
>
> This is how it looks for the two /etc/cas/services JSON files:
>
> google_apps-44.json
>
> {
>
> "@class" : "org.apereo.cas.services.RegexRegisteredService",
> "serviceId" : "https://www.google.com/a/example.com/acs";,
> "name" : "Google Apps",
> "theme" : "ourschool",
> "id" : 44,
> "accessStrategy" : {
> "@class" :
> "org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy",
> "ssoEnabled" : true
> }
> "evaluationOrder" : 10
> }
> For the test site:
>
> {
> "@class" : "org.apereo.cas.services.RegexRegisteredService"
> "serviceId" : "http://cas-test.dev.ourschool.ca/wp-login.php*";,
> "name" : "CasTest",
> "id" : 1,
> "accessStrategy" : {
> "@class" : "org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy"
> "ssoEnabled" : true
> }
> "theme" : "ourschool"
> "evaluationOrder" : 1
> }
> I'm thinking I'm missing something in cas.properties as I don't think I
> need to put in the accessStrategy part, I was just seeing if it would work.
>
> I do see that a TGC cookie is granted on the browser.
>
> Thank you for any suggestions and help.
>
> Rod
>
>
>
>
>
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/599c1e2d-625d-4468-b341-f3cf57549128n%40apereo.org.
