Re: [cas-user] cas 5.2.x leaking connections

On Mon, Jan 13, 2020 at 11:26 AM Trenton D. Adams wrote: > We are using Java 8 though, and we are using the UnboundIDProvider. > Can you post some logs that demonstrate the problem? Both application logs and OS netstat logs would be useful. --Daniel Fisher -- - Website: https://apereo.github.

Re: [cas-user] cas 5.2.x leaking connections

We are using Java 8 though, and we are using the UnboundIDProvider. On 2020-01-11 8:25 a.m., Daniel Fisher wrote: On Fri, Jan 10, 2020 at 5:40 PM Trenton D. Adams mailto:tre...@athabascau.ca>> wrote: Below is the configuration we're using for both LDAP and the password manager. We were hoping

Re: [cas-user] cas 5.2.x leaking connections

On Fri, Jan 10, 2020 at 5:40 PM Trenton D. Adams wrote: > Below is the configuration we're using for both LDAP and the password > manager. We were hoping someone understand why this could be happening, as > the CAS documentation is not very good for these settings, and neither are > the javadoc

Re: [cas-user] cas 5.2.x leaking connections

Those docs appear to imply that passivators are essentially require, or authenticated state information gets shared, no? From: cas-user@apereo.org on behalf of David Curry Sent: January 10, 2020 5:15 PM To: CAS Community Subject: Re: [cas-user] cas 5.2.x

Re: [cas-user] cas 5.2.x leaking connections

You might want to experiment with turning the passivator off, or changing its setting. Not sure that's it, but it might help? https://apereo.github.io/cas/5.2.x/installation/Configuration-Properties.html#why-passivators -- DAVID A. CURRY, CISSP *DIRECTOR • INFORMATION SECURITY & PRIVACY* THE NE

[cas-user] cas 5.2.x leaking connections

Good day, We are having some problems with CAS 5.2.x leaking connections in our production environment. We're not sure how or why this is happening. What we do know is that they are no longer part of the pool, because if they were we'd run out of connections in the pool. However, there is a

Re: [cas-user] CAS 5.2.x OAuth2 Server support

Hi Rao, Can you share the sample request? It would be helpful for me. Thanks, Gandhi Reddy P. On Thu, Oct 17, 2019 at 9:57 PM Mr Rao wrote: > Hi Gandhi, > > Thank you for your quick response. Actually its working when you pass in > the body instead of params. I tried using Postman to test it.

Re: [cas-user] CAS 5.2.x OAuth2 Server support

Hi Gandhi, Thank you for your quick response. Actually its working when you pass in the body instead of params. I tried using Postman to test it. Rao On Wednesday, October 16, 2019 at 9:50:42 PM UTC-7, Gandhi wrote: > > Hi Rao, > > Yes, I faced the same issue as the sensitive information is pas

Re: [cas-user] CAS 5.2.x OAuth2 Server support

Hi Rao, Yes, I faced the same issue as the sensitive information is passed over request params. You can configure Tomcat to not log the request params as below: In tomcat server.xml, at the end of the file, find the below entry and update it to Hope this helps. Thanks, Ga

[cas-user] CAS 5.2.x OAuth2 Server support

Hi, Currently we use CAS for SSO between web applications, now I'm trying to use for restful webservices token based authentication using OAuth2/JWT tokens. When I was playing with it I noticed that for accessing token we need to pass client_id, client_secret for Grant type client c

[cas-user] CAS 5.2.x does not support Oracle DB for service registry, specially in case of SAML?

We are trying to setup CAS 5.2.x using oracle DB as service registry storage. We are not using SAML as of now for CAS Server so it seems to be working fine. But cas-management server on start up tries to load some properties from RegexRegisteredService which are way long more that permitted 30

[cas-user] CAS 5.2.x as IDP using SAML 2.0

Hello everyone, We are recently in process of upgrading from CAS3.5 to CAS5.2 as part of this effort we need to provide support of SAML authentication to an external application (say 'abc' application). Here 'abc' will be the SP and new CAS5.x will be the identity provider. Could someone guide

[cas-user] CAS 5.2.x oauth property set doesn't work

Hi I'm trying to set the grant types and response types but something is wrong I put the bellow configuration in my OAuthRegisteredService json: "supported_grants" : ["authorization_code", "password", "client_credentials", "refresh_token"], "supported_responses" : ["code", "token", "id_toke

Re: [cas-user] [CAS 5.2.x] [OAuth] [Theme] How to make custom theme for OAuth sp

Hi Manfredo, Thank you for this suggestion, but what if I need to change my site url, or the refirect_uri, or the client_name changed? This method seems like too hard code, but I will use it if no other choice. Thanks you! On Wednesday, 28 February 2018 21:07:58 UTC+8, Manfredo Hopp wrote: > >

Re: [cas-user] [CAS 5.2.x] [OAuth] [Theme] How to make custom theme for OAuth sp

Try with https://mysite.example.com:443/cas/oauth2.0/callbackAuthorize ? client_name=XXX& client_id=OAuthApp& redirect_uri=http://www.example.com/sp&; response_type=code as serviceId El miércoles, 28 de febrero de 2018, Andy Ng e

Re: [cas-user] [CAS 5.2.x] [OAuth] [Theme] How to make custom theme for OAuth sp

Hi Manfredo, I have the custom theme loaded no problem without oauth, is just that when I do it with oauth, setting the theme seems like a difficult task. -Andy On Wednesday, 28 February 2018 11:55:23 UTC+8, Manfredo Hopp wrote: > > open browser developper tool to see if itheme gets loaded > >

Re: [cas-user] [CAS 5.2.x] [OAuth] [Theme] How to make custom theme for OAuth sp

open browser developper tool to see if itheme gets loaded El miércoles, 28 de febrero de 2018, Man H escribió: > Cant you just build a simple webapp with index.html > > El miércoles, 28 de febrero de 2018, Andy Ng escribió: > >> Thanks Manfedo, >> >> Do you mean that I should: >> - Redirect us

Re: [cas-user] [CAS 5.2.x] [OAuth] [Theme] How to make custom theme for OAuth sp

Cant you just build a simple webapp with index.html El miércoles, 28 de febrero de 2018, Andy Ng escribió: > Thanks Manfedo, > > Do you mean that I should: > - Redirect user to login using Non Oauth Service first (with theme) > - Then redirect user to login using Oauth Service for actual Oauth l

Re: [cas-user] [CAS 5.2.x] [OAuth] [Theme] How to make custom theme for OAuth sp

Thanks Manfedo, Do you mean that I should: - Redirect user to login using Non Oauth Service first (with theme) - Then redirect user to login using Oauth Service for actual Oauth login Am I correct? I would prefer not to do the above, since that mean the service provider need to change their cod

Re: [cas-user] [CAS 5.2.x] [OAuth] [Theme] How to make custom theme for OAuth sp

Try to.load that theme on a regular service, that is non oauth El miércoles, 28 de febrero de 2018, Andy Ng escribió: > Hi all, > > I am using CAS 5.2.x, and using OAuth for one service provider. The > provider now would like to have a custom theme. > > I thought I can just do this: > > { > "@

[cas-user] [CAS 5.2.x] [OAuth] [Theme] How to make custom theme for OAuth sp

Hi all, I am using CAS 5.2.x, and using OAuth for one service provider. The provider now would like to have a custom theme. I thought I can just do this: { "@class" : "org.apereo.cas.support.oauth.services.OAuthRegisteredService", "clientId": "OAuthApp", "clientSecret": "xx",

Re: [SOLVED] Re: [cas-user] CAS 5.2.x SAML IdP Issues

ebruary 15, 2018 11:46:57 AM > Subject: Re: [SOLVED] Re: [cas-user] CAS 5.2.x SAML IdP Issues > I'm writing a SAML authentication extension for the Guacamole Project > (http://guacamole.apache.org). > -Nick > On Thursday, February 15, 2018 at 1:24:24 PM UTC-5, Misagh Moayyed wrote:

Re: [SOLVED] Re: [cas-user] CAS 5.2.x SAML IdP Issues

- > > *From: *"vnick" > > *To: *"CAS Community" > > *Cc: *"Misagh Moayyed" > > *Sent: *Thursday, February 15, 2018 10:48:25 AM > *Subject: *[SOLVED] Re: [cas-user] CAS 5.2.x SAML IdP Issues > > Well, this put me on the right path -

Re: [SOLVED] Re: [cas-user] CAS 5.2.x SAML IdP Issues

Cool. Who exactly is the SP in this scenario? --Misagh > From: "vnick" > To: "CAS Community" > Cc: "Misagh Moayyed" > Sent: Thursday, February 15, 2018 10:48:25 AM > Subject: [SOLVED] Re: [cas-user] CAS 5.2.x SAML IdP Issues > Well, this pu

[SOLVED] Re: [cas-user] CAS 5.2.x SAML IdP Issues

> > --Misagh > > -- > > *From: *"vnick" > > *To: *"CAS Community" > > *Sent: *Thursday, February 15, 2018 10:15:40 AM > *Subject: *[cas-user] CAS 5.2.x SAML IdP Issues > > Hey, everyone, > I'm trying to get SAML2 authentication

Re: [cas-user] CAS 5.2.x SAML IdP Issues

" > > *Sent: *Thursday, February 15, 2018 10:15:40 AM > *Subject: *[cas-user] CAS 5.2.x SAML IdP Issues > > Hey, everyone, > I'm trying to get SAML2 authentication working against my CAS server. > I've got CAS protocol authentications working just fine, bu

Re: [cas-user] CAS 5.2.x SAML IdP Issues

Do you have other JSON service definitions in the registry? Anything with a lower evaluation order or a more relaxed regex pattern? --Misagh > From: "vnick" > To: "CAS Community" > Sent: Thursday, February 15, 2018 10:15:40 AM > Subject: [cas-user] CAS 5.2.x

[cas-user] CAS 5.2.x SAML IdP Issues

Hey, everyone, I'm trying to get SAML2 authentication working against my CAS server. I've got CAS protocol authentications working just fine, but am struggling getting the SAML IdP configured correctly. I have the following items configured in my main CAS configuration: ## SAML Provider cas.a

[cas-user] CAS 5.2.x Could not update the account password

I am using CAS 5.2.x. For reset password, I get the reset password email and from the link I can get to the reset password page where I enter my new password and retype it but I get this error on the browser "Could not update the account password" and nothing in the server log. I am using LDAP

Re: [cas-user] CAS 5.2.x

District of Philadelphia Work # 215-400-5025 Cell # 215-301-6571 From: "David Curry" To: "cas-user" Sent: Thursday, February 8, 2018 12:31:22 PM Subject: Re: [cas-user] CAS 5.2.x It's a pain in the butt, mostly. :-) One of these days we're going to consolidat

Re: [cas-user] CAS 5.2.x

as-user" Sent: Thursday, February 8, 2018 11:38:10 AM Subject: Re: [cas-user] CAS 5.2.x All we do to build just the cas.war file is run this command in the directory with the pom.xml file & our src overlay directory: mvn clean package then it will poop out the warfile in target/cas.

Re: [cas-user] CAS 5.2.x

;source=g> > +1 212 229-5300 x4728 • david.cu...@newschool.edu > > [image: The New School] > > On Thu, Feb 8, 2018 at 11:54 AM, Cheltenham, Chris < > ccheltenham-...@philasd.org> wrote: > >> David, >> >> Would you be able to share your Cas 5 cas.proper

Re: [cas-user] CAS 5.2.x

-- > *From: *"David Curry" > *To: *"cas-user" > *Sent: *Thursday, February 8, 2018 12:13:48 PM > > *Subject: *Re: [cas-user] CAS 5.2.x > > These could probably be shortened up in a couple of ways by: > >- combining the [0] and [2] Active Directory

Re: [cas-user] CAS 5.2.x

Philadelphia Work # 215-400-5025 Cell # 215-301-6571 From: "David Curry" To: "cas-user" Sent: Thursday, February 8, 2018 12:13:48 PM Subject: Re: [cas-user] CAS 5.2.x These could probably be shortened up in a couple of ways by: * combining the [0] and [2] Acti

Re: [cas-user] CAS 5.2.x

"cas-user" Sent: Thursday, February 8, 2018 12:13:48 PM Subject: Re: [cas-user] CAS 5.2.x These could probably be shortened up in a couple of ways by: * combining the [0] and [2] Active Directory configs, which go against different OUs of the same directory (but are other

Re: [cas-user] CAS 5.2.x

ict of Philadelphia > > Work # 215-400-5025 > Cell # 215-301-6571 > > -- > *From: *"David Curry" > *To: *"cas-user" > *Sent: *Thursday, February 8, 2018 11:27:48 AM > > *Subject: *Re: [cas-user] CAS 5.2.x > > &g

Re: [cas-user] CAS 5.2.x

: "David Curry" To: "cas-user" Sent: Thursday, February 8, 2018 11:27:48 AM Subject: Re: [cas-user] CAS 5.2.x I'm afraid Gradle is a complete mystery to me. Hopefully someone else can jump in. --Dave -- DAVID A. CURRY, CISSP DIRECTOR OF INFORMATION SECURITY IN

Re: [cas-user] CAS 5.2.x

build cas.properties because the maven build >> wiped it out. >> Bummer ... >> >> Hope this is the issue. >> >> Thanks David. >> >> >> >> === >> >> Thank You; >> >> Chris Cheltenham >> Tec

Re: [cas-user] CAS 5.2.x

m > Technology Services > The School District of Philadelphia > > Work # 215-400-5025 > Cell # 215-301-6571 > > ---------- > *From: *"David Curry" > *To: *"cas-user" > *Sent: *Thursday, February 8, 2018 10:49:08 AM > > *Subjec

Re: [cas-user] CAS 5.2.x

. === Thank You; Chris Cheltenham Technology Services The School District of Philadelphia Work # 215-400-5025 Cell # 215-301-6571 From: "David Curry" To: "cas-user" Sent: Thursday, February 8, 2018 10:49:08 AM Subject: Re: [cas-user] CAS

Re: [cas-user] CAS 5.2.x

25 > Cell # 215-301-6571 > > ------ > *From: *"David Curry" > *To: *"cas-user" > *Sent: *Thursday, February 8, 2018 10:18:41 AM > > *Subject: *Re: [cas-user] CAS 5.2.x > > I do not see this one: > > cas-server-support-lda

Re: [cas-user] CAS 5.2.x

incorrect or CAS cannot find authentication handler that > supports [ccheltenham-ext] of type [UsernamePasswordCredential].> > > === > > Thank You; > > Chris Cheltenham > Technology Services > The School District of Philadelphia > > Work

Re: [cas-user] CAS 5.2.x

ot;David Curry" < david.cu...@newschool.edu > To: "cas-user" < cas-user@apereo.org > Sent: Thursday, February 8, 2018 7:54:21 AM Subject: Re: [cas-user] CAS 5.2.x $ jar tvf cas.war | grep ldap WEB-INF/lib/cas-server-support-ldap-5.2.2.jar WEB-INF/lib/cas-server-supp

Re: [cas-user] CAS 5.2.x

; *cas.authn.ldap[0].baseDn=dc=philasd,dc=org* > > === > > Thank You; > > Chris Cheltenham > Technology Services > The School District of Philadelphia > > Work # 215-400-5025 > Cell # 215-301-6571 > > ------------------ > *From:

Re: [cas-user] CAS 5.2.x

delphia Work # 215-400-5025 Cell # 215-301-6571 From: "Man H" To: "cas-user" Sent: Thursday, February 8, 2018 10:17:57 AM Subject: Re: [cas-user] CAS 5.2.x this is an Ldap error check your properties probably baseDn 2018-02-08 12:00 GMT-03:00 Cheltenham, Chris < cc

Re: [cas-user] CAS 5.2.x

ntime === Thank You; Chris Cheltenham Technology Services The School District of Philadelphia Work # 215-400-5025 Cell # 215-301-6571 From: "David Curry" To: "cas-user" Sent: Thursday, February 8, 2018 10:18:41 AM Subject: Re: [cas-user] CAS 5.2.

Re: [cas-user] CAS 5.2.x

nd authentication handler that > supports [ccheltenham-ext] of type [UsernamePasswordCredential].> > > === > > Thank You; > > Chris Cheltenham > Technology Services > The School District of Philadelphia > > Work # 215-400-5025 > Cell # 215-301-6

Re: [cas-user] CAS 5.2.x

nham-ext] of type [UsernamePasswordCredential].> > > === > > Thank You; > > Chris Cheltenham > Technology Services > The School District of Philadelphia > > Work # 215-400-5025 > Cell # 215-301-6571 > > --

Re: [cas-user] CAS 5.2.x

"David Curry" To: "cas-user" Sent: Thursday, February 8, 2018 7:54:21 AM Subject: Re: [cas-user] CAS 5.2.x $ jar tvf cas.war | grep ldap WEB-INF/lib/cas-server-support-ldap-5.2.2.jar WEB-INF/lib/cas-server-support-ldap-core-5.2.2.jar WEB-INF/lib/ldaptive-1.2.3.jar WEB-

Re: [cas-user] CAS 5.2.x

bject: Re: [cas-user] CAS 5.2.x $ jar tvf cas.war | grep ldap WEB-INF/lib/cas-server-support-ldap-5.2.2.jar WEB-INF/lib/cas-server-support-ldap-core-5.2.2.jar WEB-INF/lib/ldaptive-1.2.3.jar WEB-INF/lib/ldaptive-beans-1.2.3.jar WEB-INF/lib/ldaptive-unboundid-1.2.3.jar WEB-INF/lib/unboundid-ld

Re: [cas-user] CAS 5.2.x

$ jar tvf cas.war | grep ldap WEB-INF/lib/cas-server-support-ldap-5.2.2.jar WEB-INF/lib/cas-server-support-ldap-core-5.2.2.jar WEB-INF/lib/ldaptive-1.2.3.jar WEB-INF/lib/ldaptive-beans-1.2.3.jar WEB-INF/lib/ldaptive-unboundid-1.2.3.jar WEB-INF/lib/unboundid-ldapsdk-4.0.1.jar WEB-INF/lib/ldaptive-ap

Re: [cas-user] CAS 5.2.x

If you are using UNIX-like, do: $ 7z l cas_without_ldap_support.war >cas_without_ldap_support_listing $ 7z l cas_supposedly_with_ldap_support.war >cas_supposedly_with_ldap_support_listing $ diff cas_*_listing > [...]ldap[...] $ _ If you are not, you can easily get a Cygwin equivalent of that. Ux

[cas-user] CAS 5.2.x

Hello folks, I think I have been confusing everyone with too much incongruent information. If I may I will ask things in a more logical manner. I an still not able to connect with CAS 5 via LDAP. My first question is , how do I know the ldap dependency was built into the cas.war file?

Re: [cas-user] CAS 5.2.x Password management

That is only achieved through extending CA's functionality which means development. This could be an enhancement for future versions if Cas people agree its worth. El martes, 6 de febrero de 2018, casuser escribió: > thanks for the answer but I am not sure how to do that? is there any > example

Re: [cas-user] CAS 5.2.x Password management

thanks for the answer but I am not sure how to do that? is there any example that I can follow? _Fazla On Tuesday, February 6, 2018 at 10:41:40 AM UTC+8, Manfredo Hopp wrote: > > I think this would be posible only if you include pm properties as part of > LDAP properties > > El lunes, 5 de feb

Re: [cas-user] CAS 5.2.x Password management

I think this would be posible only if you include pm properties as part of LDAP properties El lunes, 5 de febrero de 2018, casuser escribió: > How to set a LDAP password management for 2 different OU's? Using the > current documentation password management can be configured for one OU and > it w

[cas-user] CAS 5.2.x Password management

How to set a LDAP password management for 2 different OU's? Using the current documentation password management can be configured for one OU and it works. but like the authentication there is an option LDAP[0], LDAP[1] there is no such option for password management. So the authentication works

Re: [cas-user] CAS 5.2.x

== > > Thank You; > > Chris Cheltenham > Technology Services > The School District of Philadelphia > > Work # 215-400-5025 > Cell # 215-301-6571 > > *From:* cas-user@apereo.org [mailto:cas-user@apereo.org] *On Behalf Of *David > Curry > *Sent:* Monday, Feb

RE: [cas-user] CAS 5.2.x

Curry Sent: Monday, February 5, 2018 1:57 PM To: cas-user@apereo.org Subject: Re: [cas-user] CAS 5.2.x Chris, Are you using the Gradle overlay because you need to, or because you don't know which one to use. IMHO, unless you're going to be building CAS from source, the Maven overlay

Re: [cas-user] CAS 5.2.x

ns. > > > > > > === > > Thank You; > > Chris Cheltenham > Technology Services > The School District of Philadelphia > > Work # 215-400-5025 > Cell # 215-301-6571 > > *From:* cas-user@apereo.org [mailto:cas-user@apereo.org] *O

RE: [cas-user] CAS 5.2.x

Technology Services The School District of Philadelphia Work # 215-400-5025 Cell # 215-301-6571 From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of Man H Sent: Monday, February 5, 2018 1:38 PM To: cas-user@apereo.org Subject: Re: [cas-user] CAS 5.2.x dee https://github.com/apereo

Re: [cas-user] CAS 5.2.x

215-400-5025 > Cell # 215-301-6571 > > *From:* cas-user@apereo.org [mailto:cas-user@apereo.org] *On Behalf Of *Man > H > *Sent:* Monday, February 5, 2018 1:21 PM > *To:* cas-user@apereo.org > *Subject:* Re: [cas-user] CAS 5.2.x > > > > just add > >

RE: [cas-user] CAS 5.2.x

-6571 From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of Man H Sent: Monday, February 5, 2018 1:21 PM To: cas-user@apereo.org Subject: Re: [cas-user] CAS 5.2.x just add org.apereo.cas cas-server-support-ldap 2018-02-05 15:14 GMT-03:00 Chris

Re: [cas-user] CAS 5.2.x

just add org.apereo.cas cas-server-support-ldap 2018-02-05 15:14 GMT-03:00 Chris Cheltenham : > Hello, > > I am not understanding how to bundle the LDAP authentication handler into > the cas.war file. > > Any suggestions? > > > -- > - Website: https://apereo.gith

[cas-user] CAS 5.2.x

Hello, I am not understanding how to bundle the LDAP authentication handler into the cas.war file. Any suggestions? -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG ---

[cas-user] CAS 5.2.X service theme workaround

"theme" : "classpath:apereo", The solution is very simple, add “classpath:” as theme name prefix. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this