date:20180516

[cas-user] SPNEGO Client Selection Strategy

2018-05-16 Thread Nicholas Wylie

Hi CAS Community,

I've successfully configured CAS 5.2 with LDAP/SPNEGO authentication 
against our Active Directory.

What we have noticed though is that non-domain joined computers see a 
pop-up prompt for credentials when they visit the CAS login page. From my 
reading, I believe we can fix this by configuring the LDAP Client Selection 
Strategy for SPNEGO, but the documentation for which properties need to be 
configured seems to be a bit scarce.

Can someone offer any guidance (or a link to some documentation) as to 
which properties I need to configure to use the LDAP Client Selection 
Strategy?

Thanks,
Nicholas

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/524f8da7-688e-47f2-90b1-bf2649d80a2e%40apereo.org.

[cas-user] CAS 5.2.3 IpAddress blocking& Password expiry messages & Service Maintenance notifications

2018-05-16 Thread Mr Rao

Hi,
I've been migrating from CAS 3.2.5 to CAS 5.2.3. We have below requirements 
in current code and need help on how to implement these in new version of 
CAS.

1) IP address blocking per user basis , error message should be added 
dynamically instead of using messages.properties.

2) After successful login before redirecting user to Service we want to 
display Application Maintenance notification. Info messages should be added 
dynamically instead of using messages.properties.

3)  After successful logic before redirecting user to Service we want to 
display  password expiration warning and user must be able click on change 
password to reset password. Error message should be added dynamically 
instead of using messages.properties.

I tried to modify AbstractAuthenticationAction class like below and I'm 
unable to add  my custom error message instead of using 
messages.properties.  

Whats the best practice to implement these?

Thanks
Rao


 protected Event doExecute(final RequestContext requestContext) {
final String agent = 
WebUtils.getHttpServletRequestUserAgentFromRequestContext();
final GeoLocationRequest geoLocation = 
WebUtils.getHttpServletRequestGeoLocationFromRequestContext();

// TODo  -  Ip address Checking.
Event event = iPAddressCasWebflowSupport.doExecute(requestContext);
if (event != null) {
return event;
}


if (!adaptiveAuthenticationPolicy.apply(agent, geoLocation)) {
final String msg = "Adaptive authentication policy does not 
allow this request for " + agent + " and " + geoLocation;
final Map map = 
CollectionUtils.wrap(

UnauthorizedAuthenticationException.class.getSimpleName(),
UnauthorizedAuthenticationException.class);
final AuthenticationException error = new 
AuthenticationException(msg, map, new HashMap<>(0));
return new Event(this, 
CasWebflowConstants.TRANSITION_ID_AUTHENTICATION_FAILURE,
new 
LocalAttributeMap(CasWebflowConstants.TRANSITION_ID_ERROR, error));
}

final Event serviceTicketEvent = 
this.serviceTicketRequestWebflowEventResolver.resolveSingle(requestContext);
if (serviceTicketEvent != null) {
fireEventHooks(serviceTicketEvent, requestContext);
return serviceTicketEvent;
}


final Event finalEvent = 
this.initialAuthenticationAttemptWebflowEventResolver.resolveSingle(requestContext);

fireEventHooks(finalEvent, requestContext);

event = notificationsCasWebflowSupport.doExecute(requestContext, 
this);

if (event != null) {
fireEventHooks(event, requestContext);
return event;
}





-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/47cbd0bb-2924-4c81-9c90-9eb6b803688d%40apereo.org.

[cas-user] Size of maven cas-overlay-template

2018-05-16 Thread Sam Erie

I am putting together CAS version 5.2.4.x, and I would like to run it as an
executable war, however the size of the built project is still too big for
the server I am developing it for. I have taken out as many of the
obviously unneeded dependancies from pom.xml as I can, but I can not seem
to get build any smaller than 309 MB.

Is there any documentation on minimal builds? Or does that seem like a
minimal size? Any information on how I could go about pairing down the
final build size and still be able to run as executable war would be
appreciated.

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAMM6z%2BLgLZcqMHP6cNOAnKo2r-3%2Bshye_Sa%2BDbermH8dK3e%2BJg%40mail.gmail.com.

[cas-user] Could not get type for name org.apereo.cas.authentication.support.password.PasswordPolicyConfiguration

2018-05-16 Thread Jann Malenkoff

Hi Lists:

When starting the cas-management service --- the following WARN message 
appears in the 'catalina.out' (highlighted yellow).

The cas-management service works and we are not sure when the message 
started appear (we had may rebuilds).

Would anyone be able to guide us where to look to resolve?



2018-05-16 15:28:47,513 INFO 
[org.apereo.cas.configuration.config.CasCoreBootstrapStandaloneConfiguration] 
- 
2018-05-16 15:28:47,639 INFO 
[org.apereo.cas.configuration.config.CasCoreBootstrapStandaloneConfiguration] 
- 
2018-05-16 15:28:55,116 DEBUG 
[org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - 
2018-05-16 15:28:55,139 DEBUG 
[org.apereo.cas.ticket.registry.support.JpaLockingStrategy] - <[cas1r7] 
trying to acquire [cas-ticket-registry-cleaner] lock.>
2018-05-16 15:28:55,142 DEBUG 
[org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - 
2018-05-16 15:28:55,172 DEBUG [org.apereo.cas.ticket.DefaultTicketCatalog] 
- 
2018-05-16 15:28:55,717 INFO 
[org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <[0] 
expired tickets removed.>
2018-05-16 15:28:55,717 DEBUG 
[org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - 
2018-05-16 15:28:55,718 DEBUG 
[org.apereo.cas.ticket.registry.support.JpaLockingStrategy] - 
2018-05-16 15:28:55,718 DEBUG 
[org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - 
2018-05-16 15:28:56,465 WARN [org.reflections.Reflections] - 
org.reflections.ReflectionsException: could not get type for name 
org.apereo.cas.authentication.support.password.PasswordPolicyConfiguration
at org.reflections.ReflectionUtils.forName(ReflectionUtils.java:390) 
[reflections-0.9.11.jar:?]
at org.reflections.Reflections.expandSuperTypes(Reflections.java:381) 
[reflections-0.9.11.jar:?]
at org.reflections.Reflections.(Reflections.java:126) 
[reflections-0.9.11.jar:?]
at 
org.apereo.cas.config.JpaServiceRegistryConfiguration.jpaServicePackagesToScan(JpaServiceRegistryConfiguration.java:59)
 
[cas-server-support-jpa-service-registry-5.2.3.jar:5.2.3]
at 
org.apereo.cas.config.JpaServiceRegistryConfiguration$$EnhancerBySpringCGLIB$$9fd49902.CGLIB$jpaServicePackagesToScan$4()
 
[cas-server-support-jpa-service-registry-5.2.3.jar:5.2.3]
at 
org.apereo.cas.config.JpaServiceRegistryConfiguration$$EnhancerBySpringCGLIB$$9fd49902$$FastClassBySpringCGLIB$$7888d1ee.invoke()
 
[cas-server-support-jpa-service-registry-5.2.3.jar:5.2.3]
at 
org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228) 
[spring-core-4.3.14.RELEASE.jar:4.3.14.RELEASE]

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/b77cfe18-7347-4d7c-9ab3-91e7f2b18aef%40apereo.org.

Re: [cas-user] cas 3.5.2 integration with Blackboard 9 - timing out during exams

2018-05-16 Thread Ray Bon

Jen,

How long is the session in the exam service?
Do you have a 'keep me signed in' option for CAS?


Ray

On Wed, 2018-05-16 at 10:53 -0700, Jennifer LaVoie wrote:
Has anyone else seen this?

We get students who are taking exams and writing discussion posts.  They get 
"timed out" or "logged out".  It is my understanding that once you have a 
ticket in your browser, you don't communicate with CAS again.  I guess we are 
trying to exclude CAS from our troubleshooting.

Thanks
Jen

--
Ray Bon
Programmer analyst
Development Services, University Systems
2507218831 | CLE 019 | r...@uvic.ca

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/1526494241.1817.51.camel%40uvic.ca.

Re: [cas-user] cas 3.5.2 integration with Blackboard 9 - timing out during exams

2018-05-16 Thread Richard Frovarp

Do you have single logout enabled in Blackboard configuration? Is that 
something that could be triggered from some location?


On 05/16/2018 12:53 PM, Jennifer LaVoie wrote:

Has anyone else seen this?

We get students who are taking exams and writing discussion posts.  
They get "timed out" or "logged out".  It is my understanding that 
once you have a ticket in your browser, you don't communicate with CAS 
again.  I guess we are trying to exclude CAS from our troubleshooting.


Thanks
Jen
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google 
Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send 
an email to cas-user+unsubscr...@apereo.org 
.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/d6dafd28-1a8f-4f0d-9650-59e146db74fd%40apereo.org 
.



--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS Community" group.

To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/e8b70971-527c-265a-0226-b47de5e5f9d7%40ndsu.edu.

[cas-user] cas 3.5.2 integration with Blackboard 9 - timing out during exams

2018-05-16 Thread Jennifer LaVoie

Has anyone else seen this?

We get students who are taking exams and writing discussion posts.  They 
get "timed out" or "logged out".  It is my understanding that once you have 
a ticket in your browser, you don't communicate with CAS again.  I guess we 
are trying to exclude CAS from our troubleshooting.

Thanks
Jen

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/d6dafd28-1a8f-4f0d-9650-59e146db74fd%40apereo.org.

Re: [cas-user] User Attributes for SAML 2.0

2018-05-16 Thread John D Giotta

I've had very little success making the management service work (like other 
things).
I try to follow the documentation, but something is always amiss. 

My personal problem is that I'm very much a TDD developer. I have issues 
not being able to effectively test what I'm doing. 

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/a0525a68-a6b8-4044-af29-6901cde48562%40apereo.org.

Re: [cas-user] User Attributes for SAML 2.0

2018-05-16 Thread David Curry

I'm not sure I understand the question. If you mean could you copy the
example I provided directly into a jdbc/jpa service registry, then I have
to say I don't know, because I don't know how the information is stored in
the database.

The first example I gave (the Apache one) is a json file from a json
service registry, so if you know how to "import" from a json service
registry to your database-backed one, then yeah, I guess you could do that.

The second example I gave is incomplete; I went to my CAS dashboard and
clicked on the "Registered Services" button, which dumped the entire
registry as JSON, and then I copied that particular entry into the email,
and deleted lots of irrelevant bits. So I would not recommend directly
using that for anything.

If you're to the point of adding "real" services instead of just a couple
of test entities, I suggest you get the management webapp working, and then
use that to manage your services. It's MUCH easier, as it takes care of all
the complexities; you just point-n-click, for the most part.

That's probably a longer answer than you were looking for. :-)

--Dave

--

DAVID A. CURRY, CISSP
*DIRECTOR OF INFORMATION SECURITY*
INFORMATION TECHNOLOGY

71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 212 229-5300 x4728 • david.cu...@newschool.edu

[image: The New School]

On Wed, May 16, 2018 at 11:56 AM, John D Giotta  wrote:

> Would this example you provided be applicable to a jdbc backend?
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/92238712-c2e6-4f29-90e8-
> 955050c92cbc%40apereo.org
> 
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XAOjEvPjEdgTBvEUhJ3T%2B7FM%3DqXnOAXd2hyMJtGw6Md6xA%40mail.gmail.com.

Re: [cas-user] User Attributes for SAML 2.0

2018-05-16 Thread John D Giotta

Would this example you provided be applicable to a jdbc backend?

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/92238712-c2e6-4f29-90e8-955050c92cbc%40apereo.org.

Re: [cas-user] cas-overlay-template sutck with warnings

2018-05-16 Thread Érico

Thks for David Curry's site. I will follow it

It is ok for me to use 8443 . I tried before posting to the group :

https://localhost:8443/cas

but I get the following error :

SSL_ERROR_NO_CYPHER_OVERLAP

2018-05-16 11:57 GMT-03:00 Matthew Uribe :

> Érico,
>
> Based on this https://github.com/apereo/cas-overlay-template I would say
> that 8080 and 8443 should both be open while the overlay embedded Tomcat is
> running. However, it's also my understanding that CAS requires SSL, so the
> fact that you have no process listening on port 8080, but java is listening
> on 8443 is not too surprising to me. Someone with more experience using the
> embedded Tomcat can correct me if I'm wrong. Why don't you want to use
> 8443? If SSL cert is the issue, a self-signed cert should be suitable for
> test/dev purposes.
>
> When I started in CAS 5, not long ago, I was on a similar track. The guide
> that David Curry put together is super helpful. Have you taken the time to
> look at it?
> https://dacurry-tns.github.io/deploying-apereo-cas/
> introduction_overview.html
>
>
> [image: Aims Community College Top Work Places 2018 - The Denver Post]
> Matt Uribe
> Programmer Analyst II
> Information Technology
> Aims Community College
> 970.339.6375
> matthew.ur...@aims.edu 
> 5401 W. 20th Street
> 
> Greeley, CO, 80634
> 
> www.aims.edu
> 
>
>
> *IT staff will never ask you for your username and password. *
>
>
> *Always decline to provide the information and report such attempts to the 
> Help Desk (x6380).*
>
>
> On Wed, May 16, 2018 at 8:28 AM, Érico Teixeira 
> wrote:
>
>> Hello Matt
>>
>> Thks for the reply
>>
>> I try to access through browser but nothing happens :
>> http://localhost:8080/cas
>>
>> My /etc/cas/config/cas.properties content is the following :
>>
>> #cas.server.name: https://cas.example.org:8443
>> #cas.server.prefix: https://cas.example.org:8443/cas
>>
>> cas.server.name: http://localhost:8080
>> cas.server.prefix: http://localhost:8080/cas
>>
>> cas.server.http.port=8080
>>
>> cas.adminPagesSecurity.ip=127\.0\.0\.1
>>
>> cas.authn.accept.users=
>>
>> logging.config: file:/etc/cas/config/log4j2.xml
>> # cas.serviceRegistry.config.location: classpath:/services
>>
>> is that ok ?
>>
>>
>> shouldn't 8080 port been open ?
>>
>> cas-overlay-template-master ericomartins$ lsof -i :8080
>> ---  no result here 
>>
>> cas-overlay-template-master ericomartins$ lsof -i :8443
>> COMMAND   PID USER   FD   TYPE DEVICE SIZE/OFF NODE
>> NAME
>> java26098 ericomartins   32u  IPv6 0xff2c21fe03059105  0t0  TCP
>> *:pcsync-https (LISTEN)
>>
>>
>> Thks
>>
>>
>> Em quarta-feira, 16 de maio de 2018 11:05:15 UTC-3, Matthew Uribe
>> escreveu:
>>>
>>> Have you tried going to the CAS webpage? It should load.
>>>
>>> The warnings are just letting you know that since you didn't define the
>>> keys in cas.properties, it's created them for you.
>>>
>>> If I recall from my experience with ./build.sh run, it will sit on the
>>> console because the process is still running. That's normal in the console
>>> while the process continues to run.
>>>
>>> [image: Aims Community College Top Work Places 2018 - The Denver Post]
>>> Matt Uribe
>>> Programmer Analyst II
>>> Information Technology
>>> Aims Community College
>>> 970.339.6375
>>> matthe...@aims.edu
>>> 5401 W. 20th Street
>>> 
>>> Greeley, CO, 80634
>>> 
>>> www.aims.edu
>>> 
>>>
>>>
>>> *IT staff will never ask you for your username and password. *
>>>
>>>
>>> *Always decline to provide the information and report such attempts to the 
>>> Help Desk (x6380).*
>>>
>>>
>>> On Wed, May 16, 2018 at 7:43 AM, Érico Teixeira 
>>> wrote:
>>>
 Hello

 I've downloaded cas-overlay-template from
 https://github.com/apereo/cas-gradle-overlay-template

Re: [cas-user] cas-overlay-template sutck with warnings

2018-05-16 Thread Matthew Uribe

Érico,

Based on this https://github.com/apereo/cas-overlay-template I would say
that 8080 and 8443 should both be open while the overlay embedded Tomcat is
running. However, it's also my understanding that CAS requires SSL, so the
fact that you have no process listening on port 8080, but java is listening
on 8443 is not too surprising to me. Someone with more experience using the
embedded Tomcat can correct me if I'm wrong. Why don't you want to use
8443? If SSL cert is the issue, a self-signed cert should be suitable for
test/dev purposes.

When I started in CAS 5, not long ago, I was on a similar track. The guide
that David Curry put together is super helpful. Have you taken the time to
look at it?
https://dacurry-tns.github.io/deploying-apereo-cas/introduction_overview.html


[image: Aims Community College Top Work Places 2018 - The Denver Post]
Matt Uribe
Programmer Analyst II
Information Technology
Aims Community College
970.339.6375
matthew.ur...@aims.edu 
5401 W. 20th Street

Greeley, CO, 80634

www.aims.edu



*IT staff will never ask you for your username and password. *


*Always decline to provide the information and report such attempts to
the Help Desk (x6380).*


On Wed, May 16, 2018 at 8:28 AM, Érico Teixeira  wrote:

> Hello Matt
>
> Thks for the reply
>
> I try to access through browser but nothing happens :
> http://localhost:8080/cas
>
> My /etc/cas/config/cas.properties content is the following :
>
> #cas.server.name: https://cas.example.org:8443
> #cas.server.prefix: https://cas.example.org:8443/cas
>
> cas.server.name: http://localhost:8080
> cas.server.prefix: http://localhost:8080/cas
>
> cas.server.http.port=8080
>
> cas.adminPagesSecurity.ip=127\.0\.0\.1
>
> cas.authn.accept.users=
>
> logging.config: file:/etc/cas/config/log4j2.xml
> # cas.serviceRegistry.config.location: classpath:/services
>
> is that ok ?
>
>
> shouldn't 8080 port been open ?
>
> cas-overlay-template-master ericomartins$ lsof -i :8080
> ---  no result here 
>
> cas-overlay-template-master ericomartins$ lsof -i :8443
> COMMAND   PID USER   FD   TYPE DEVICE SIZE/OFF NODE
> NAME
> java26098 ericomartins   32u  IPv6 0xff2c21fe03059105  0t0  TCP
> *:pcsync-https (LISTEN)
>
>
> Thks
>
>
> Em quarta-feira, 16 de maio de 2018 11:05:15 UTC-3, Matthew Uribe escreveu:
>>
>> Have you tried going to the CAS webpage? It should load.
>>
>> The warnings are just letting you know that since you didn't define the
>> keys in cas.properties, it's created them for you.
>>
>> If I recall from my experience with ./build.sh run, it will sit on the
>> console because the process is still running. That's normal in the console
>> while the process continues to run.
>>
>> [image: Aims Community College Top Work Places 2018 - The Denver Post]
>> Matt Uribe
>> Programmer Analyst II
>> Information Technology
>> Aims Community College
>> 970.339.6375
>> matthe...@aims.edu
>> 5401 W. 20th Street
>> 
>> Greeley, CO, 80634
>> 
>> www.aims.edu
>> 
>>
>>
>> *IT staff will never ask you for your username and password. *
>>
>>
>> *Always decline to provide the information and report such attempts to the 
>> Help Desk (x6380).*
>>
>>
>> On Wed, May 16, 2018 at 7:43 AM, Érico Teixeira 
>> wrote:
>>
>>> Hello
>>>
>>> I've downloaded cas-overlay-template from https://github.com/apereo/cas-
>>> gradle-overlay-template
>>> 
>>>
>>> Then copied the project config folder to /etc/cas grating reading perms
>>> to its content
>>>
>>> I'm using macOS High Sierra
>>>
>>> Trying run cas-overlay-template through:
>>> /build.sh run;
>>>
>>> It builds the package but when starting it shows some warnings like :
>>>
>>> WARN [org.apereo.cas.config.CasCoreTicketsConfiguration] - >> memory is used as the persistence storage for retrieving and

Re: [cas-user] User Attributes for SAML 2.0

2018-05-16 Thread David Curry

Here's a JSON definition for an Apache HTTPD with the Shibboleth
mod_shib/shibd plug-in:

{
  "@class" : "org.apereo.cas.support.saml.services.SamlRegisteredService",
  "serviceId" : "https://casdev-samlsp.newschool.edu/shibboleth;,
  "name" : "Apache Secured By SAML",
  "id" : 1509030300,
  "description" : "CAS development Apache mod_shib/shibd server with
username/password protection",
  "metadataLocation" : "
https://casdev-samlsp.newschool.edu/Shibboleth.sso/Metadata;,
  "attributeReleasePolicy" : {
"@class" : "org.apereo.cas.services.ReturnMappedAttributeReleasePolicy",
"allowedAttributes" : {
  "@class" : "java.util.TreeMap",
  "cn" : "urn:oid:2.5.4.3",
  "displayName" : "urn:oid:2.16.840.1.113730.3.1.241",
  "givenName" : "urn:oid:2.5.4.42",
  "mail" : "urn:oid:0.9.2342.19200300.100.1.3",
  "role" : "urn:newschool:attribute-def:role",
  "sn" : "urn:oid:2.5.4.4",
  "uid" : "urn:oid:0.9.2342.19200300.100.1.1",
  "UDC_IDENTIFIER": "urn:newschool:attribute-def:UDC_IDENTIFIER"
}
  },
  "evaluationOrder" : 1125
}

But if your SP doesn't care about the funky notation, you can just do it
the "regular" way... here's a definition for a test SP created via RSA's
free IAMShowcase site (this is a cut-down copy of the entire registry entry
to show the part you're interested in):

{
"serviceId": "IAMShowcase",
"name": "RSA SAML Test Service Provider",
"theme": null,
"informationUrl": null,
"privacyUrl": null,
"id": 1202469081,
"description": "The URL for the SP that talks to this service is
https://sptest.iamshowcase.com/ixs?idp=",
"evaluationOrder": -1,
"attributeReleasePolicy": {
"@class":
"org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy",
"allowedAttributes": [
"displayName",
"givenName",
"sn",
"uid"
]
}
}


--Dave





--

DAVID A. CURRY, CISSP
*DIRECTOR OF INFORMATION SECURITY*
INFORMATION TECHNOLOGY

71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 212 229-5300 x4728 • david.cu...@newschool.edu

[image: The New School]

On Wed, May 16, 2018 at 9:07 AM, John D Giotta  wrote:

> Do you have an example of this?
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/3a71f33b-cc77-4c2a-be89-
> b712229a227a%40apereo.org
> 
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XANXC62rntdWM3Mi7Xosa_UvROR-tRDHFw_OEQh0Y_C7pA%40mail.gmail.com.

Re: [cas-user] cas-overlay-template sutck with warnings

2018-05-16 Thread Érico Teixeira

Hello Matt

Thks for the reply 

I try to access through browser but nothing happens :
http://localhost:8080/cas

My /etc/cas/config/cas.properties content is the following : 

#cas.server.name: https://cas.example.org:8443
#cas.server.prefix: https://cas.example.org:8443/cas

cas.server.name: http://localhost:8080
cas.server.prefix: http://localhost:8080/cas

cas.server.http.port=8080

cas.adminPagesSecurity.ip=127\.0\.0\.1

cas.authn.accept.users=

logging.config: file:/etc/cas/config/log4j2.xml
# cas.serviceRegistry.config.location: classpath:/services

is that ok ? 


shouldn't 8080 port been open ? 

cas-overlay-template-master ericomartins$ lsof -i :8080
---  no result here  

cas-overlay-template-master ericomartins$ lsof -i :8443
COMMAND   PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
java26098 ericomartins   32u  IPv6 0xff2c21fe03059105  0t0  TCP 
*:pcsync-https (LISTEN)


Thks


Em quarta-feira, 16 de maio de 2018 11:05:15 UTC-3, Matthew Uribe escreveu:
>
> Have you tried going to the CAS webpage? It should load.
>
> The warnings are just letting you know that since you didn't define the 
> keys in cas.properties, it's created them for you.
>
> If I recall from my experience with ./build.sh run, it will sit on the 
> console because the process is still running. That's normal in the console 
> while the process continues to run.
>
> [image: Aims Community College Top Work Places 2018 - The Denver Post] 
> Matt Uribe
> Programmer Analyst II
> Information Technology
> Aims Community College
> 970.339.6375
> matthe...@aims.edu 
> 5401 W. 20th Street 
> 
> Greeley, CO, 80634 
> 
> www.aims.edu
> 
>
>
> *IT staff will never ask you for your username and password. *
>
>
> *Always decline to provide the information and report such attempts to the 
> Help Desk (x6380).*
>
>
> On Wed, May 16, 2018 at 7:43 AM, Érico Teixeira  > wrote:
>
>> Hello
>>
>> I've downloaded cas-overlay-template from 
>> https://github.com/apereo/cas-gradle-overlay-template
>>
>> Then copied the project config folder to /etc/cas grating reading perms 
>> to its content 
>>
>> I'm using macOS High Sierra
>>
>> Trying run cas-overlay-template through:
>> /build.sh run;
>>
>> It builds the package but when starting it shows some warnings like :
>>
>> WARN [org.apereo.cas.config.CasCoreTicketsConfiguration] - > memory is used as the persistence storage for retrieving and managing 
>> tickets. Tickets that are issued during runtime will be LOST upon container 
>> restarts. This MAY impact SSO functionality.>
>> 2018-05-16 10:31:01,136 WARN 
>> [org.apereo.cas.config.CasCoreServicesConfiguration] - > used as the persistence storage for retrieving and persisting service 
>> definitions. Changes that are made to service definitions during runtime 
>> WILL be LOST upon container restarts. Ideally for production, you need to 
>> choose a storage option (JDBC, etc) to store and track service definitions.>
>> 2018-05-16 10:31:02,386 WARN 
>> [org.apereo.cas.util.cipher.BaseStringCipherExecutor] - > encryption is not defined for [Ticket-granting Cookie]; CAS will attempt to 
>> auto-generate the encryption key>
>> 2018-05-16 10:31:02,423 WARN 
>> [org.apereo.cas.util.cipher.BaseStringCipherExecutor] - > encryption key [ddpmDx_7JI_BNeK365hI-EVbHwatnX8KhuTYLjQDp10] of size [256] 
>> for [Ticket-granting Cookie]. The generated key MUST be added to CAS 
>> settings under setting [cas.tgc.crypto.encryption.key].>
>> 2018-05-16 10:31:02,438 WARN 
>> [org.apereo.cas.util.cipher.BaseStringCipherExecutor] - > signing is not defined for [Ticket-granting Cookie]. CAS will attempt to 
>> auto-generate the signing key>
>> 2018-05-16 10:31:02,447 WARN 
>> [org.apereo.cas.util.cipher.BaseStringCipherExecutor] - > key 
>> [AYJxpl7vcsvagtFtWZ9RG6DUJ7k5xjy-5Bzt9wUsCuUeawEtP0VHJB3XlP7YF7yOPDAmAxtLALqPN_K7p3g86w]
>>  
>> of size [512] for [Ticket-granting Cookie]. The generated key MUST be added 
>> to CAS settings under setting [cas.tgc.crypto.signing.key].>
>> 2018-05-16 10:31:03,421 WARN 
>> [org.apereo.cas.util.cipher.BaseBinaryCipherExecutor] - > signing is not defined under [cas.webflow.crypto.signing.key]. CAS will 
>> attempt to auto-generate the signing key>
>> 2018-05-16 10:31:03,424 WARN 
>> [org.apereo.cas.util.cipher.BaseBinaryCipherExecutor] - > key 
>> [1Ys3L97Olngrj6vOOhBk5QaO6rGEDSA0AsQfbBkEryN_5RlgMlUAXzc8fZeaFzez-JQKm9_ID4g0JDBWfHQsFQ]
>>  
>> of size [512]. The generated key MUST be added to CAS settings under 
>> setting [cas.webflow.crypto.signing.key].>
>> 2018-05-16 10:31:03,424 WARN 
>> [org.apereo.cas.util.cipher.BaseBinaryCipherExecutor] - > encryption is not defined under [cas.webflow.crypto.encryption.key]. CAS 
>> will attempt to auto-generate the encryption key>
>> 2018-05-16 10:31:03,443

Re: [cas-user] InCommon Federation

2018-05-16 Thread Greg Booth

Hi, Scott,

We were able to set up InCommon Federation on CAS 5.1.x (we're in the
process up updating to 5.2.x, but are not there yet). We ended up having 3
service files in /etc/cas/services - one file covers nearly all our
InCommon SPs, but two of the vendors had special requirements that
necessitated breaking each of them out into a separate file (more on that
later). The basic process we followed was:

1) Set up InCommon initially, by adding the InCommon config lines (as noted
here -
https://apereo.github.io/cas/5.1.x/installation/Configuration-Properties.html#incommon
) to cas.properties and restarting CAS. This auto-generated a service
definition file, /etc/cas/services/InCommonAggregate-1.json, and set up
the InCommon metadata, including making it refresh periodically.

2) Delete the InCommon lines from cas.properties so we can manage the
service definition file ourselves rather than auto-generate it.

3) Edit the InCommonAggregate-1.json file. Mostly, we changed the
following things:

3a) Replaced the serviceId and metadataCriteriaPattern attribute with a
list of our vendor's entityIDs, separated by pipes. For example,

serviceId:
https://federation.campuslabs.com/shibboleth|https://cms.omniupdate.com/shibboleth|htt...
and so on.
metadataCriteriaPattern:
https://federation.campuslabs.com/shibboleth|https://cms.omniupdate.com/shibboleth|htt...
and so on.

I believe this is what is meant by "EntityIds can be regular expression
patterns and are mapped to CAS’ serviceId field in the registry." from the
docs.

3b) Set up our attributes to be released, including mapping them by OID.
For example,

  allowedAttributes:
  {
@class: java.util.TreeMap
eduPersonPrincipalName: urn:oid:1.3.6.1.4.1.5923.1.1.1.6
givenName: urn:oid:2.5.4.42
mail: urn:oid:0.9.2342.19200300.100.1.3
sn: urn:oid:2.5.4.4
uid: urn:oid:0.9.2342.19200300.100.1.1
  }

3c) Put in semi-generic name, description, and logo lines. These are
generally specified by the vendor in the InCommon metadata, but if the
vendor did not include these, the valuse you put in here will be displayed
on the login page.

4) Tested out all our vendors' logins. Two of these vendors each required
an extra thing, so we copied InCommonAggregate-1.json for each of them,
replaced the list of serviceId and metadataCriteriaPattern entityIDs with
just that vendors' (and removed that vendor's entityID from
InCommonAggregate-1.json),
and added the thing they required. For example,

 InCommonAggregate-10001.json has the following lines:

serviceId:
https://cm.maxient.com/simplesaml/module.php/saml/sp/metadata.php/maxient-sp
metadataCriteriaPattern:
https://cm.maxient.com/simplesaml/module.php/saml/sp/metadata.php/maxient-sp
requiredNameIdFormat: urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified

...this is because Maxient requires nameid-format to be 'unspecified'.

 InCommonAggregate-10002.json has the following lines:
serviceId: https://shib.lynda.com/shibboleth-sp
requiredNameIdFormat: https://shib.lynda.com/shibboleth-sp
attributeNameFormats:
  {
@class: java.util.HashMap
"urn:oid:1.3.6.1.4.1.5923.1.1.1.6" :uri
"urn:oid:2.5.4.42" :uri
"urn:oid:0.9.2342.19200300.100.1.3" :uri
"urn:oid:2.5.4.4" :uri
"urn:oid:0.9.2342.19200300.100.1.1" :uri
  }

...this is because lynda.com requires an attributeNameFormat of 'uri'.

You could also break out separate files if you want to release different
sets of attributes to different vendors.

I'm not sure this is the 'correct' or 'best' way to set this up, but it
works for us and allowed us to go to one SSO system instead of having
separate CAS and Shib systems.

Greg

On Tue, May 15, 2018 at 1:07 PM, Scott Green  wrote:

> Has anyone here had success in getting the InCommon Federation setup to
> use the Shibboleth side of CAS 5.2.X?  If so are you having to add each
> entity individually, or were you able to use a single entry to get the
> entire scope?  We are looking at migrating our instance out of ADFS, and
> into CAS, but if that's not possible we may abandon both in favor of
> Shibboleth.  I'm just looking for any help on that, as I feel like CAS is
> our best option for IDP.
>
> Thanks,
>
> Scott
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/f2b829fe-993a-47f8-9815-
> aa079933e207%40apereo.org
>

Re: [cas-user] cas-overlay-template sutck with warnings

2018-05-16 Thread Matthew Uribe

Have you tried going to the CAS webpage? It should load.

The warnings are just letting you know that since you didn't define the
keys in cas.properties, it's created them for you.

If I recall from my experience with ./build.sh run, it will sit on the
console because the process is still running. That's normal in the console
while the process continues to run.

[image: Aims Community College Top Work Places 2018 - The Denver Post]
Matt Uribe
Programmer Analyst II
Information Technology
Aims Community College
970.339.6375
matthew.ur...@aims.edu 
5401 W. 20th Street

Greeley, CO, 80634

www.aims.edu



*IT staff will never ask you for your username and password. *


*Always decline to provide the information and report such attempts to
the Help Desk (x6380).*


On Wed, May 16, 2018 at 7:43 AM, Érico Teixeira  wrote:

> Hello
>
> I've downloaded cas-overlay-template from https://github.com/apereo/cas-
> gradle-overlay-template
>
> Then copied the project config folder to /etc/cas grating reading perms to
> its content
>
> I'm using macOS High Sierra
>
> Trying run cas-overlay-template through:
> /build.sh run;
>
> It builds the package but when starting it shows some warnings like :
>
> WARN [org.apereo.cas.config.CasCoreTicketsConfiguration] -  memory is used as the persistence storage for retrieving and managing
> tickets. Tickets that are issued during runtime will be LOST upon container
> restarts. This MAY impact SSO functionality.>
> 2018-05-16 10:31:01,136 WARN 
> [org.apereo.cas.config.CasCoreServicesConfiguration]
> -  persisting service definitions. Changes that are made to service
> definitions during runtime WILL be LOST upon container restarts. Ideally
> for production, you need to choose a storage option (JDBC, etc) to store
> and track service definitions.>
> 2018-05-16 10:31:02,386 WARN 
> [org.apereo.cas.util.cipher.BaseStringCipherExecutor]
> -  CAS will attempt to auto-generate the encryption key>
> 2018-05-16 10:31:02,423 WARN 
> [org.apereo.cas.util.cipher.BaseStringCipherExecutor]
> -  of size [256] for [Ticket-granting Cookie]. The generated key MUST be added
> to CAS settings under setting [cas.tgc.crypto.encryption.key].>
> 2018-05-16 10:31:02,438 WARN 
> [org.apereo.cas.util.cipher.BaseStringCipherExecutor]
> -  will attempt to auto-generate the signing key>
> 2018-05-16 10:31:02,447 WARN 
> [org.apereo.cas.util.cipher.BaseStringCipherExecutor]
> -  5Bzt9wUsCuUeawEtP0VHJB3XlP7YF7yOPDAmAxtLALqPN_K7p3g86w] of size [512] for
> [Ticket-granting Cookie]. The generated key MUST be added to CAS settings
> under setting [cas.tgc.crypto.signing.key].>
> 2018-05-16 10:31:03,421 WARN 
> [org.apereo.cas.util.cipher.BaseBinaryCipherExecutor]
> -  [cas.webflow.crypto.signing.key].
> CAS will attempt to auto-generate the signing key>
> 2018-05-16 10:31:03,424 WARN 
> [org.apereo.cas.util.cipher.BaseBinaryCipherExecutor]
> -  5RlgMlUAXzc8fZeaFzez-JQKm9_ID4g0JDBWfHQsFQ] of size [512]. The generated
> key MUST be added to CAS settings under setting [cas.webflow.crypto.signing.
> key].>
> 2018-05-16 10:31:03,424 WARN 
> [org.apereo.cas.util.cipher.BaseBinaryCipherExecutor]
> -  [cas.webflow.crypto.encryption.key].
> CAS will attempt to auto-generate the encryption key>
> 2018-05-16 10:31:03,443 WARN 
> [org.apereo.cas.util.cipher.BaseBinaryCipherExecutor]
> -  generated key MUST be added to CAS settings under setting
> [cas.webflow.crypto.encryption.key].>
>
> and gets stuck on the console for ever
>
> the are no errors on CAS log files
>
> Please can someone help me out on this?
>
> --
> - Website: https://apereo.github.io/cas
> 
> - Gitter Chatroom: https://gitter.im/apereo/cas
> 
> - List Guidelines: https://goo.gl/1VRrw7
> 
> - Contributions: https://goo.gl/mh7qDG
> 
> ---
> You received this message because you are subscribed to the Google Groups

[cas-user] cas-overlay-template sutck with warnings

2018-05-16 Thread Érico Teixeira

Hello

I've downloaded cas-overlay-template from 
https://github.com/apereo/cas-gradle-overlay-template

Then copied the project config folder to /etc/cas grating reading perms to 
its content 

I'm using macOS High Sierra

Trying run cas-overlay-template through:
/build.sh run;

It builds the package but when starting it shows some warnings like :

WARN [org.apereo.cas.config.CasCoreTicketsConfiguration] - 
2018-05-16 10:31:01,136 WARN 
[org.apereo.cas.config.CasCoreServicesConfiguration] - 
2018-05-16 10:31:02,386 WARN 
[org.apereo.cas.util.cipher.BaseStringCipherExecutor] - 
2018-05-16 10:31:02,423 WARN 
[org.apereo.cas.util.cipher.BaseStringCipherExecutor] - 
2018-05-16 10:31:02,438 WARN 
[org.apereo.cas.util.cipher.BaseStringCipherExecutor] - 
2018-05-16 10:31:02,447 WARN 
[org.apereo.cas.util.cipher.BaseStringCipherExecutor] - 
2018-05-16 10:31:03,421 WARN 
[org.apereo.cas.util.cipher.BaseBinaryCipherExecutor] - 
2018-05-16 10:31:03,424 WARN 
[org.apereo.cas.util.cipher.BaseBinaryCipherExecutor] - 
2018-05-16 10:31:03,424 WARN 
[org.apereo.cas.util.cipher.BaseBinaryCipherExecutor] - 
2018-05-16 10:31:03,443 WARN 
[org.apereo.cas.util.cipher.BaseBinaryCipherExecutor] - 

and gets stuck on the console for ever

the are no errors on CAS log files 

Please can someone help me out on this? 

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/d8bb88b5-8c58-4590-aacc-6e207e08aa9d%40apereo.org.

Re: [cas-user] User Attributes for SAML 2.0

2018-05-16 Thread John D Giotta

Do you have an example of this?

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/3a71f33b-cc77-4c2a-be89-b712229a227a%40apereo.org.

[cas-user] Re: Error - Service Registry json

2018-05-16 Thread Jay

Sure David, I got that. Thank you again for helping me here.

Thanks,
Jay

On Tuesday, May 15, 2018 at 11:23:28 AM UTC-5, Jay wrote:
>
> Hi Everyone,
> Could someone help me to get this ERROR fixed.
>
> Below is the entry from my json file
> Filename: serviceRegistry-1524464822.json
> [
> {
> "@class" : "org.apereo.cas.services.RegexRegisteredService",
> "serviceId" : "^(https|imaps|http)://.*",
> "name" : "HTTPS/IMAPS wildcard",
> "id" : 20170905111650,
> "evaluationOrder" : 9
> },
> {
> "@class" : "org.apereo.cas.services.RegexRegisteredService",
> "serviceId" : "https://www.google.com/a/dev..com/acs",
> "name" : "googleApps",
> "id" : 1000,
> "evaluationOrder" : 10
> }
> ]
>
> I see this error in the logs.
> [1;31m2018-05-15 11:14:10,091 ERROR 
> [org.apereo.cas.util.serialization.AbstractJacksonBackedStringSerializer] - 
>  [[{"@class":"org.apereo.cas.services.RegexRegisteredService","serviceId":"^(https|imaps|http)://.*","name":"HTTPS/IMAPS
>  
> wil...] to deserialize into type [interface 
> org.apereo.cas.services.RegisteredService]. This may be caused in the 
> absence of a configuration/support module that knows how to interpret the 
> fragment, specially if the fragment describes a CAS registered service 
> definition. Internal parsing error is [Unexpected token (START_OBJECT), 
> expected VALUE_STRING: need JSON String that contains type id (for subtype 
> of org.apereo.cas.services.RegisteredService)
>  at [Source: 
> (String)"[{"@class":"org.apereo.cas.services.RegexRegisteredService","serviceId":"^(https|imaps|http)://.*","name":"HTTPS/IMAPS
>  
> wildcard","id":20170905111650,"evaluationOrder":9},{"@class":"org.apereo.cas.services.RegexRegisteredService","serviceId":"
> https://www.google.com/a/dev..com/acs","name":"googleApps","id":1000,"evaluationOrder":10}]";
>  
> line: 1, column: 2]]> [m
> [36m2018-05-15 11:14:10,091 DEBUG 
> [org.apereo.cas.util.serialization.AbstractJacksonBackedStringSerializer] - 
>  that contains type id (for subtype of 
> org.apereo.cas.services.RegisteredService)
>  at [Source: 
> (String)"[{"@class":"org.apereo.cas.services.RegexRegisteredService","serviceId":"^(https|imaps|http)://.*","name":"HTTPS/IMAPS
>  
> wildcard","id":20170905111650,"evaluationOrder":9},{"@class":"org.apereo.cas.services.RegexRegisteredService","serviceId":"
> https://www.google.com/a/dev..com/acs","name":"googleApps","id":1000,"evaluationOrder":10}]";
>  
> line: 1, column: 2]> [m
> com.fasterxml.jackson.databind.exc.MismatchedInputException: Unexpected 
> token (START_OBJECT), expected VALUE_STRING: need JSON String that contains 
> type id (for subtype of org.apereo.cas.services.RegisteredService)
>  at [Source: 
> (String)"[{"@class":"org.apereo.cas.services.RegexRegisteredService","serviceId":"^(https|imaps|http)://.*","name":"HTTPS/IMAPS
>  
> wildcard","id":20170905111650,"evaluationOrder":9},{"@class":"org.apereo.cas.services.RegexRegisteredService","serviceId":"
> https://www.google.com/a/dev..com/acs","name":"googleApps","id":1000,"evaluationOrder":10}]";
>  
> line: 1, column: 2]
> at 
> com.fasterxml.jackson.databind.exc.MismatchedInputException.from(MismatchedInputException.java:59)
>  
> ~[jackson-databind-2.9.3.jar:2.9.3]
> at 
> com.fasterxml.jackson.databind.DeserializationContext.wrongTokenException(DeserializationContext.java:1498)
>  
> ~[jackson-databind-2.9.3.jar:2.9.3]
> at 
> com.fasterxml.jackson.databind.DeserializationContext.reportWrongTokenException(DeserializationContext.java:1273)
>  
> ~[jackson-databind-2.9.3.jar:2.9.3]
> at 
> com.fasterxml.jackson.databind.jsontype.impl.AsArrayTypeDeserializer._locateTypeId(AsArrayTypeDeserializer.java:151)
>  
> ~[jackson-databind-2.9.3.jar:2.9.3]
> at 
> com.fasterxml.jackson.databind.jsontype.impl.AsArrayTypeDeserializer._deserialize(AsArrayTypeDeserializer.java:96)
>  
> ~[jackson-databind-2.9.3.jar:2.9.3]
> at 
> com.fasterxml.jackson.databind.jsontype.impl.AsArrayTypeDeserializer.deserializeTypedFromAny(AsArrayTypeDeserializer.java:71)
>  
> ~[jackson-databind-2.9.3.jar:2.9.3]
> at 
> com.fasterxml.jackson.databind.jsontype.impl.AsPropertyTypeDeserializer._deserializeTypedUsingDefaultImpl(AsPropertyTypeDeserializer.java:148)
>  
> ~[jackson-databind-2.9.3.jar:2.9.3]
> at 
> com.fasterxml.jackson.databind.jsontype.impl.AsPropertyTypeDeserializer.deserializeTypedFromObject(AsPropertyTypeDeserializer.java:88)
>  
> ~[jackson-databind-2.9.3.jar:2.9.3]
> at 
> com.fasterxml.jackson.databind.deser.AbstractDeserializer.deserializeWithType(AbstractDeserializer.java:254)
>  
> ~[jackson-databind-2.9.3.jar:2.9.3]
> at 
> com.fasterxml.jackson.databind.deser.impl.TypeWrappedDeserializer.deserialize(TypeWrappedDeserializer.java:68)
>  
> ~[jackson-databind-2.9.3.jar:2.9.3]
> at 
> com.fasterxml.jackson.databind.ObjectMapper._readMapAndClose(ObjectMapper.java:4001)
>  
> ~[jackson-databind-2.9.3.jar:2.9.3]
> at 
> com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:2992) 
>

Re: [cas-user] Re: Error - Service Registry json

2018-05-16 Thread David Curry

Yes, but the rest of the name has to match the service name, as well. Again,

JSON fileName = serviceName + "-" + serviceNumericId + ".json"

so  based on your first post in this thread, you should have two files:

The first file, called HTTPSIMAPSwildcard-20170905111650.json, contains

{
"@class" :
"org.apereo.cas.services.RegexRegisteredService",
"serviceId" : "^(https|imaps|http)://.*",
"name" :  "HTTPS IMAPS wildcard",
"id" :20170905111650,
"evaluationOrder" :   9
}

Note that I changed the name of the service from "HTTPS/IMAPS wildcard" to
"HTTPS IMAPS wildcard", because '/' is not allowed in file names.

The second file should be called googleApps-1000.json that contains

{
"@class" :
"org.apereo.cas.services.RegexRegisteredService",
"serviceId" : "https://www.google.com/a/dev
..com/acs",
"name" :  "googleApps",
"id" :1000,
"evaluationOrder" :   10
}

and both of those files should be in /etc/cas/services (or whatever you've
set cas.serviceRegistry.json.location to).

All of the above is documented here:
https://apereo.github.io/cas/development/installation/JSON-Service-Management.html



--

DAVID A. CURRY, CISSP
*DIRECTOR OF INFORMATION SECURITY*
INFORMATION TECHNOLOGY

71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 212 229-5300 x4728 • david.cu...@newschool.edu

[image: The New School]

On Wed, May 16, 2018 at 5:41 AM, Jay 
wrote:

> Thank you David.
>
> So as I understand.
> The id inside the json file servicenumericId in the file name should
> match. Something like below:
> serviceRegistry-1524464822.json
> "id" : 1524464822
>
> Thanks
> Jay
>
> On Tuesday, May 15, 2018 at 11:23:28 AM UTC-5, Jay wrote:
>>
>> Hi Everyone,
>> Could someone help me to get this ERROR fixed.
>>
>> Below is the entry from my json file
>> Filename: serviceRegistry-1524464822.json
>> [
>> {
>> "@class" : "org.apereo.cas.services.RegexRegisteredService",
>> "serviceId" : "^(https|imaps|http)://.*",
>> "name" : "HTTPS/IMAPS wildcard",
>> "id" : 20170905111650,
>> "evaluationOrder" : 9
>> },
>> {
>> "@class" : "org.apereo.cas.services.RegexRegisteredService",
>> "serviceId" : "https://www.google.com/a/dev..com/acs",
>> "name" : "googleApps",
>> "id" : 1000,
>> "evaluationOrder" : 10
>> }
>> ]
>>
>> I see this error in the logs.
>> [1;31m2018-05-15 11:14:10,091 ERROR [org.apereo.cas.util.serializa
>> tion.AbstractJacksonBackedStringSerializer] - > [[{"@class":"org.apereo.cas.services.RegexRegisteredService"
>> ,"serviceId":"^(https|imaps|http)://.*","name":"HTTPS/IMAPS wil...] to
>> deserialize into type [interface org.apereo.cas.services.RegisteredService].
>> This may be caused in the absence of a configuration/support module that
>> knows how to interpret the fragment, specially if the fragment describes a
>> CAS registered service definition. Internal parsing error is [Unexpected
>> token (START_OBJECT), expected VALUE_STRING: need JSON String that contains
>> type id (for subtype of org.apereo.cas.services.RegisteredService)
>>  at [Source: (String)"[{"@class":"org.apereo.cas.services.RegexRegistered
>> Service","serviceId":"^(https|imaps|http)://.*","name":"HTTPS/IMAPS
>> wildcard","id":20170905111650,"evaluationOrder":9},{"@cl
>> ass":"org.apereo.cas.services.RegexRegisteredService","serviceId":"
>> https://www.google.com/a/dev..com/acs","name"
>> :"googleApps","id":1000,"evaluationOrder":10}]"; line: 1, column: 2]]> [m
>> [36m2018-05-15 11:14:10,091 DEBUG [org.apereo.cas.util.serializa
>> tion.AbstractJacksonBackedStringSerializer] - > (START_OBJECT), expected VALUE_STRING: need JSON String that contains type
>> id (for subtype of org.apereo.cas.services.RegisteredService)
>>  at [Source: (String)"[{"@class":"org.apereo.cas.services.RegexRegistered
>> Service","serviceId":"^(https|imaps|http)://.*","name":"HTTPS/IMAPS
>> wildcard","id":20170905111650,"evaluationOrder":9},{"@cl
>> ass":"org.apereo.cas.services.RegexRegisteredService","serviceId":"
>> https://www.google.com/a/dev..com/acs","name"
>> :"googleApps","id":1000,"evaluationOrder":10}]"; line: 1, column: 2]> [m
>> com.fasterxml.jackson.databind.exc.MismatchedInputException: Unexpected
>> token (START_OBJECT), expected VALUE_STRING: need JSON String that contains
>> type id (for subtype of org.apereo.cas.services.RegisteredService)
>>  at [Source: (String)"[{"@class":"org.apereo.cas.services.RegexRegistered
>> Service","serviceId":"^(https|imaps|http)://.*","name":"HTTPS/IMAPS
>> wildcard","id":20170905111650,"evaluationOrder":9},{"@cl
>> ass":"org.apereo.cas.services.RegexRegisteredService","serviceId":"
>> https://www.google.com/a/dev..com/acs","name"
>> :"googleApps","id":1000,"evaluationOrder":10}]"; line: 1, column: 2]
>> at com.fasterxml.jackson.databind.exc.MismatchedInputException.
>> from(MismatchedInputException.java:59)

[cas-user] Re: Error - Service Registry json

2018-05-16 Thread Jay

Thank you David.

So as I understand.
The id inside the json file servicenumericId in the file name should match. 
Something like below:
serviceRegistry-1524464822.json
"id" : 1524464822

Thanks
Jay

On Tuesday, May 15, 2018 at 11:23:28 AM UTC-5, Jay wrote:
>
> Hi Everyone,
> Could someone help me to get this ERROR fixed.
>
> Below is the entry from my json file
> Filename: serviceRegistry-1524464822.json
> [
> {
> "@class" : "org.apereo.cas.services.RegexRegisteredService",
> "serviceId" : "^(https|imaps|http)://.*",
> "name" : "HTTPS/IMAPS wildcard",
> "id" : 20170905111650,
> "evaluationOrder" : 9
> },
> {
> "@class" : "org.apereo.cas.services.RegexRegisteredService",
> "serviceId" : "https://www.google.com/a/dev..com/acs",
> "name" : "googleApps",
> "id" : 1000,
> "evaluationOrder" : 10
> }
> ]
>
> I see this error in the logs.
> [1;31m2018-05-15 11:14:10,091 ERROR 
> [org.apereo.cas.util.serialization.AbstractJacksonBackedStringSerializer] - 
>  [[{"@class":"org.apereo.cas.services.RegexRegisteredService","serviceId":"^(https|imaps|http)://.*","name":"HTTPS/IMAPS
>  
> wil...] to deserialize into type [interface 
> org.apereo.cas.services.RegisteredService]. This may be caused in the 
> absence of a configuration/support module that knows how to interpret the 
> fragment, specially if the fragment describes a CAS registered service 
> definition. Internal parsing error is [Unexpected token (START_OBJECT), 
> expected VALUE_STRING: need JSON String that contains type id (for subtype 
> of org.apereo.cas.services.RegisteredService)
>  at [Source: 
> (String)"[{"@class":"org.apereo.cas.services.RegexRegisteredService","serviceId":"^(https|imaps|http)://.*","name":"HTTPS/IMAPS
>  
> wildcard","id":20170905111650,"evaluationOrder":9},{"@class":"org.apereo.cas.services.RegexRegisteredService","serviceId":"
> https://www.google.com/a/dev..com/acs","name":"googleApps","id":1000,"evaluationOrder":10}]";
>  
> line: 1, column: 2]]> [m
> [36m2018-05-15 11:14:10,091 DEBUG 
> [org.apereo.cas.util.serialization.AbstractJacksonBackedStringSerializer] - 
>  that contains type id (for subtype of 
> org.apereo.cas.services.RegisteredService)
>  at [Source: 
> (String)"[{"@class":"org.apereo.cas.services.RegexRegisteredService","serviceId":"^(https|imaps|http)://.*","name":"HTTPS/IMAPS
>  
> wildcard","id":20170905111650,"evaluationOrder":9},{"@class":"org.apereo.cas.services.RegexRegisteredService","serviceId":"
> https://www.google.com/a/dev..com/acs","name":"googleApps","id":1000,"evaluationOrder":10}]";
>  
> line: 1, column: 2]> [m
> com.fasterxml.jackson.databind.exc.MismatchedInputException: Unexpected 
> token (START_OBJECT), expected VALUE_STRING: need JSON String that contains 
> type id (for subtype of org.apereo.cas.services.RegisteredService)
>  at [Source: 
> (String)"[{"@class":"org.apereo.cas.services.RegexRegisteredService","serviceId":"^(https|imaps|http)://.*","name":"HTTPS/IMAPS
>  
> wildcard","id":20170905111650,"evaluationOrder":9},{"@class":"org.apereo.cas.services.RegexRegisteredService","serviceId":"
> https://www.google.com/a/dev..com/acs","name":"googleApps","id":1000,"evaluationOrder":10}]";
>  
> line: 1, column: 2]
> at 
> com.fasterxml.jackson.databind.exc.MismatchedInputException.from(MismatchedInputException.java:59)
>  
> ~[jackson-databind-2.9.3.jar:2.9.3]
> at 
> com.fasterxml.jackson.databind.DeserializationContext.wrongTokenException(DeserializationContext.java:1498)
>  
> ~[jackson-databind-2.9.3.jar:2.9.3]
> at 
> com.fasterxml.jackson.databind.DeserializationContext.reportWrongTokenException(DeserializationContext.java:1273)
>  
> ~[jackson-databind-2.9.3.jar:2.9.3]
> at 
> com.fasterxml.jackson.databind.jsontype.impl.AsArrayTypeDeserializer._locateTypeId(AsArrayTypeDeserializer.java:151)
>  
> ~[jackson-databind-2.9.3.jar:2.9.3]
> at 
> com.fasterxml.jackson.databind.jsontype.impl.AsArrayTypeDeserializer._deserialize(AsArrayTypeDeserializer.java:96)
>  
> ~[jackson-databind-2.9.3.jar:2.9.3]
> at 
> com.fasterxml.jackson.databind.jsontype.impl.AsArrayTypeDeserializer.deserializeTypedFromAny(AsArrayTypeDeserializer.java:71)
>  
> ~[jackson-databind-2.9.3.jar:2.9.3]
> at 
> com.fasterxml.jackson.databind.jsontype.impl.AsPropertyTypeDeserializer._deserializeTypedUsingDefaultImpl(AsPropertyTypeDeserializer.java:148)
>  
> ~[jackson-databind-2.9.3.jar:2.9.3]
> at 
> com.fasterxml.jackson.databind.jsontype.impl.AsPropertyTypeDeserializer.deserializeTypedFromObject(AsPropertyTypeDeserializer.java:88)
>  
> ~[jackson-databind-2.9.3.jar:2.9.3]
> at 
> com.fasterxml.jackson.databind.deser.AbstractDeserializer.deserializeWithType(AbstractDeserializer.java:254)
>  
> ~[jackson-databind-2.9.3.jar:2.9.3]
> at 
> com.fasterxml.jackson.databind.deser.impl.TypeWrappedDeserializer.deserialize(TypeWrappedDeserializer.java:68)
>  
> ~[jackson-databind-2.9.3.jar:2.9.3]
> at 
> com.fasterxml.jackson.databind.ObjectMapper._readMapAndClose(ObjectMapper.java:4001)
>  
>

[cas-user] Re: File Not Found Exception thrown when login to CAS management web application

2018-05-16 Thread Ankit Rathore

Hi Pedric,

*I am also facing same issue. you have to find any solution.*

*Thanks!*

*Best Regards,*
*Karan*

On Thursday, May 11, 2017 at 8:03:06 PM UTC+5:30, Pedric Kng wrote:
>
> Does anyone has this issue with CAS management web application login ? I 
> believe that it has to do with the resolving of the service ticket, 
> pointing it to the demo server for sso login actually works fine.
>
>
> 2017-05-11 22:25:06,967 INFO 
> [org.apereo.cas.mgmt.web.CasManagementWebApplicationServletInitializer] - 
> Started CasManagementWebApplicationServletInitializer in 24.75 seconds (JVM 
> running for 2073.808)
> 2017-05-11 22:25:22,014 INFO 
> [org.apereo.cas.services.DefaultServicesManager] - Loaded [2] service(s) 
> from [JpaServiceRegistryDaoImpl].
> 2017-05-11 22:25:35,607 ERROR 
> [org.apereo.cas.mgmt.services.web.AbstractManagementController] - 
> java.lang.RuntimeException: java.io.FileNotFoundException: 
> https://localhost:8443/cas/p3/serviceValidate?ticket=ST-2-Obd5xdXhpuUaKdFbU2sM-cas=https%3A%2F%2Flocalhost%3A8443%2Fcas-management%2Fmanage.html
> org.pac4j.core.exception.TechnicalException: java.lang.RuntimeException: 
> java.io.FileNotFoundException: 
> https://localhost:8443/cas/p3/serviceValidate?ticket=ST-2-Obd5xdXhpuUaKdFbU2sM-cas=https%3A%2F%2Flocalhost%3A8443%2Fcas-management%2Fmanage.html
> at 
> org.pac4j.core.engine.DefaultSecurityLogic.perform(DefaultSecurityLogic.java:165)
>  
> ~[pac4j-core-2.0.0.jar:?]
> at 
> org.pac4j.springframework.web.SecurityInterceptor.preHandle(SecurityInterceptor.java:65)
>  
> ~[spring-webmvc-pac4j-2.0.0.jar:?]
> at 
> org.springframework.web.servlet.HandlerExecutionChain.applyPreHandle(HandlerExecutionChain.java:134)
>  
> ~[spring-webmvc-4.3.8.RELEASE.jar:4.3.8.RELEASE]
> at 
> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:958)
>  
> ~[spring-webmvc-4.3.8.RELEASE.jar:4.3.8.RELEASE]
> at 
> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:897)
>  
> ~[spring-webmvc-4.3.8.RELEASE.jar:4.3.8.RELEASE]
> at 
> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970)
>  
> ~[spring-webmvc-4.3.8.RELEASE.jar:4.3.8.RELEASE]
> at 
> org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:861)
>  
> ~[spring-webmvc-4.3.8.RELEASE.jar:4.3.8.RELEASE]
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:635) 
> ~[servlet-api.jar:?]
> at 
> org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846)
>  
> ~[spring-webmvc-4.3.8.RELEASE.jar:4.3.8.RELEASE]
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:742) 
> ~[servlet-api.jar:?]
> at 
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
>  
> ~[catalina.jar:8.5.14]
> at 
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>  
> ~[catalina.jar:8.5.14]
> at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) 
> ~[tomcat-websocket.jar:8.5.14]
> at 
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>  
> ~[catalina.jar:8.5.14]
> at 
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>  
> ~[catalina.jar:8.5.14]
> at 
> org.springframework.boot.web.filter.ApplicationContextHeaderFilter.doFilterInternal(ApplicationContextHeaderFilter.java:55)
>  
> ~[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
> at 
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>  
> ~[spring-web-4.3.8.RELEASE.jar:4.3.8.RELEASE]
> at 
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>  
> ~[catalina.jar:8.5.14]
> at 
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>  
> ~[catalina.jar:8.5.14]
> at 
> org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:64)
>  
> ~[inspektr-common-1.7.GA.jar:1.7.GA]
> at 
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>  
> ~[catalina.jar:8.5.14]
> at 
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>  
> ~[catalina.jar:8.5.14]
> at 
> org.springframework.boot.actuate.trace.WebRequestTraceFilter.doFilterInternal(WebRequestTraceFilter.java:110)
>  
> ~[spring-boot-actuator-1.5.3.RELEASE.jar:1.5.3.RELEASE]
> at 
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>  
> ~[spring-web-4.3.8.RELEASE.jar:4.3.8.RELEASE]
> at 
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>  
> ~[catalina.jar:8.5.14]
> at 
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>  
> ~[catalina.jar:8.5.14]
> at 
>

[cas-user] Re: File Not Found Exception thrown when login to CAS management web application

2018-05-16 Thread Ankit Rathore

Hi Pedric,
*please ignore previous comment.*
*I am also facing same issue. you have to find any solution.*

*Thanks!*

*Best Regards,*
*Ankit Rathore*

On Wednesday, May 16, 2018 at 2:51:13 PM UTC+5:30, Ankit Rathore wrote:
>
> Hi Pedric,
>
> *I am also facing same issue. I have to find any solution.*
>
> *Thanks!*
>
> *Best Regards,*
>
> *Ankit Rathore*
> On Thursday, May 11, 2017 at 8:03:06 PM UTC+5:30, Pedric Kng wrote:
>>
>> Does anyone has this issue with CAS management web application login ? I 
>> believe that it has to do with the resolving of the service ticket, 
>> pointing it to the demo server for sso login actually works fine.
>>
>>
>> 2017-05-11 22:25:06,967 INFO 
>> [org.apereo.cas.mgmt.web.CasManagementWebApplicationServletInitializer] - 
>> Started CasManagementWebApplicationServletInitializer in 24.75 seconds (JVM 
>> running for 2073.808)
>> 2017-05-11 22:25:22,014 INFO 
>> [org.apereo.cas.services.DefaultServicesManager] - Loaded [2] service(s) 
>> from [JpaServiceRegistryDaoImpl].
>> 2017-05-11 22:25:35,607 ERROR 
>> [org.apereo.cas.mgmt.services.web.AbstractManagementController] - 
>> java.lang.RuntimeException: java.io.FileNotFoundException: 
>> https://localhost:8443/cas/p3/serviceValidate?ticket=ST-2-Obd5xdXhpuUaKdFbU2sM-cas=https%3A%2F%2Flocalhost%3A8443%2Fcas-management%2Fmanage.html
>> org.pac4j.core.exception.TechnicalException: java.lang.RuntimeException: 
>> java.io.FileNotFoundException: 
>> https://localhost:8443/cas/p3/serviceValidate?ticket=ST-2-Obd5xdXhpuUaKdFbU2sM-cas=https%3A%2F%2Flocalhost%3A8443%2Fcas-management%2Fmanage.html
>> at 
>> org.pac4j.core.engine.DefaultSecurityLogic.perform(DefaultSecurityLogic.java:165)
>>  
>> ~[pac4j-core-2.0.0.jar:?]
>> at 
>> org.pac4j.springframework.web.SecurityInterceptor.preHandle(SecurityInterceptor.java:65)
>>  
>> ~[spring-webmvc-pac4j-2.0.0.jar:?]
>> at 
>> org.springframework.web.servlet.HandlerExecutionChain.applyPreHandle(HandlerExecutionChain.java:134)
>>  
>> ~[spring-webmvc-4.3.8.RELEASE.jar:4.3.8.RELEASE]
>> at 
>> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:958)
>>  
>> ~[spring-webmvc-4.3.8.RELEASE.jar:4.3.8.RELEASE]
>> at 
>> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:897)
>>  
>> ~[spring-webmvc-4.3.8.RELEASE.jar:4.3.8.RELEASE]
>> at 
>> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970)
>>  
>> ~[spring-webmvc-4.3.8.RELEASE.jar:4.3.8.RELEASE]
>> at 
>> org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:861)
>>  
>> ~[spring-webmvc-4.3.8.RELEASE.jar:4.3.8.RELEASE]
>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:635) 
>> ~[servlet-api.jar:?]
>> at 
>> org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846)
>>  
>> ~[spring-webmvc-4.3.8.RELEASE.jar:4.3.8.RELEASE]
>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:742) 
>> ~[servlet-api.jar:?]
>> at 
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
>>  
>> ~[catalina.jar:8.5.14]
>> at 
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>  
>> ~[catalina.jar:8.5.14]
>> at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) 
>> ~[tomcat-websocket.jar:8.5.14]
>> at 
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>>  
>> ~[catalina.jar:8.5.14]
>> at 
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>  
>> ~[catalina.jar:8.5.14]
>> at 
>> org.springframework.boot.web.filter.ApplicationContextHeaderFilter.doFilterInternal(ApplicationContextHeaderFilter.java:55)
>>  
>> ~[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
>> at 
>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>>  
>> ~[spring-web-4.3.8.RELEASE.jar:4.3.8.RELEASE]
>> at 
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>>  
>> ~[catalina.jar:8.5.14]
>> at 
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>  
>> ~[catalina.jar:8.5.14]
>> at 
>> org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:64)
>>  
>> ~[inspektr-common-1.7.GA.jar:1.7.GA]
>> at 
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>>  
>> ~[catalina.jar:8.5.14]
>> at 
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>  
>> ~[catalina.jar:8.5.14]
>> at 
>> org.springframework.boot.actuate.trace.WebRequestTraceFilter.doFilterInternal(WebRequestTraceFilter.java:110)
>>  
>> ~[spring-boot-actuator-1.5.3.RELEASE.jar:1.5.3.RELEASE]
>> at 
>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>>  
>>

[cas-user] Re: File Not Found Exception thrown when login to CAS management web application

2018-05-16 Thread Ankit Rathore

Hi Pedric,

*I am also facing same issue. I have to find any solution.*

*Thanks!*

*Best Regards,*

*Ankit Rathore*
On Thursday, May 11, 2017 at 8:03:06 PM UTC+5:30, Pedric Kng wrote:
>
> Does anyone has this issue with CAS management web application login ? I 
> believe that it has to do with the resolving of the service ticket, 
> pointing it to the demo server for sso login actually works fine.
>
>
> 2017-05-11 22:25:06,967 INFO 
> [org.apereo.cas.mgmt.web.CasManagementWebApplicationServletInitializer] - 
> Started CasManagementWebApplicationServletInitializer in 24.75 seconds (JVM 
> running for 2073.808)
> 2017-05-11 22:25:22,014 INFO 
> [org.apereo.cas.services.DefaultServicesManager] - Loaded [2] service(s) 
> from [JpaServiceRegistryDaoImpl].
> 2017-05-11 22:25:35,607 ERROR 
> [org.apereo.cas.mgmt.services.web.AbstractManagementController] - 
> java.lang.RuntimeException: java.io.FileNotFoundException: 
> https://localhost:8443/cas/p3/serviceValidate?ticket=ST-2-Obd5xdXhpuUaKdFbU2sM-cas=https%3A%2F%2Flocalhost%3A8443%2Fcas-management%2Fmanage.html
> org.pac4j.core.exception.TechnicalException: java.lang.RuntimeException: 
> java.io.FileNotFoundException: 
> https://localhost:8443/cas/p3/serviceValidate?ticket=ST-2-Obd5xdXhpuUaKdFbU2sM-cas=https%3A%2F%2Flocalhost%3A8443%2Fcas-management%2Fmanage.html
> at 
> org.pac4j.core.engine.DefaultSecurityLogic.perform(DefaultSecurityLogic.java:165)
>  
> ~[pac4j-core-2.0.0.jar:?]
> at 
> org.pac4j.springframework.web.SecurityInterceptor.preHandle(SecurityInterceptor.java:65)
>  
> ~[spring-webmvc-pac4j-2.0.0.jar:?]
> at 
> org.springframework.web.servlet.HandlerExecutionChain.applyPreHandle(HandlerExecutionChain.java:134)
>  
> ~[spring-webmvc-4.3.8.RELEASE.jar:4.3.8.RELEASE]
> at 
> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:958)
>  
> ~[spring-webmvc-4.3.8.RELEASE.jar:4.3.8.RELEASE]
> at 
> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:897)
>  
> ~[spring-webmvc-4.3.8.RELEASE.jar:4.3.8.RELEASE]
> at 
> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970)
>  
> ~[spring-webmvc-4.3.8.RELEASE.jar:4.3.8.RELEASE]
> at 
> org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:861)
>  
> ~[spring-webmvc-4.3.8.RELEASE.jar:4.3.8.RELEASE]
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:635) 
> ~[servlet-api.jar:?]
> at 
> org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846)
>  
> ~[spring-webmvc-4.3.8.RELEASE.jar:4.3.8.RELEASE]
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:742) 
> ~[servlet-api.jar:?]
> at 
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
>  
> ~[catalina.jar:8.5.14]
> at 
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>  
> ~[catalina.jar:8.5.14]
> at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) 
> ~[tomcat-websocket.jar:8.5.14]
> at 
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>  
> ~[catalina.jar:8.5.14]
> at 
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>  
> ~[catalina.jar:8.5.14]
> at 
> org.springframework.boot.web.filter.ApplicationContextHeaderFilter.doFilterInternal(ApplicationContextHeaderFilter.java:55)
>  
> ~[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
> at 
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>  
> ~[spring-web-4.3.8.RELEASE.jar:4.3.8.RELEASE]
> at 
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>  
> ~[catalina.jar:8.5.14]
> at 
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>  
> ~[catalina.jar:8.5.14]
> at 
> org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:64)
>  
> ~[inspektr-common-1.7.GA.jar:1.7.GA]
> at 
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>  
> ~[catalina.jar:8.5.14]
> at 
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>  
> ~[catalina.jar:8.5.14]
> at 
> org.springframework.boot.actuate.trace.WebRequestTraceFilter.doFilterInternal(WebRequestTraceFilter.java:110)
>  
> ~[spring-boot-actuator-1.5.3.RELEASE.jar:1.5.3.RELEASE]
> at 
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>  
> ~[spring-web-4.3.8.RELEASE.jar:4.3.8.RELEASE]
> at 
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>  
> ~[catalina.jar:8.5.14]
> at 
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>  
> ~[catalina.jar:8.5.14]
> at 
>

[cas-user] SPNEGO Client Selection Strategy

[cas-user] CAS 5.2.3 IpAddress blocking& Password expiry messages & Service Maintenance notifications

[cas-user] Size of maven cas-overlay-template

[cas-user] Could not get type for name org.apereo.cas.authentication.support.password.PasswordPolicyConfiguration

Re: [cas-user] cas 3.5.2 integration with Blackboard 9 - timing out during exams

Re: [cas-user] cas 3.5.2 integration with Blackboard 9 - timing out during exams

[cas-user] cas 3.5.2 integration with Blackboard 9 - timing out during exams

Re: [cas-user] User Attributes for SAML 2.0

Re: [cas-user] User Attributes for SAML 2.0

Re: [cas-user] User Attributes for SAML 2.0

Re: [cas-user] cas-overlay-template sutck with warnings

Re: [cas-user] cas-overlay-template sutck with warnings

Re: [cas-user] User Attributes for SAML 2.0

Re: [cas-user] cas-overlay-template sutck with warnings

Re: [cas-user] InCommon Federation

Re: [cas-user] cas-overlay-template sutck with warnings

[cas-user] cas-overlay-template sutck with warnings

Re: [cas-user] User Attributes for SAML 2.0

[cas-user] Re: Error - Service Registry json

Re: [cas-user] Re: Error - Service Registry json

[cas-user] Re: Error - Service Registry json

[cas-user] Re: File Not Found Exception thrown when login to CAS management web application

[cas-user] Re: File Not Found Exception thrown when login to CAS management web application

[cas-user] Re: File Not Found Exception thrown when login to CAS management web application

24 matches

Site Navigation

Mail list logo

Footer information