[cas-user] Re: CAS ReST - Adding New Service
When calling the REST endpoint, I´ve passed the credentials using the basic
authentication header.
The user:password has been encoded in Base64.
My REST call is as follows:
curl -X POST \
https://localhost:8443/sso/v1/services/ \
-H 'Authorization: Basic cm9nZXJpby5iaW9uZGlAbHVpemFsYWJzLmNvbTpwYXNz' \
-H 'Content-Type: application/json' \
-H 'cache-control: no-cache' \
-d '{
"@class" : "org.apereo.cas.services.RegexRegisteredService",
"serviceId" : "test",
"name" : "test",
"id" : 1,
"description": "Teste"
}'
When calling the message in the log confirms that the user is authenticated:
2019-04-25 11:51:30,371 INFO
[org.apereo.cas.authentication.PolicyBasedAuthenticationManager] -
2019-04-25 11:51:30,371 INFO
[org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] -
> I'm facing the same issue. Does anyone figured out how to configure the
> properties:
>
> cas.rest.attributeName=
> cas.rest.attributeValue=
>
>
> I'm using CAS version 6.0.x and authentication via jdbc/query. My
> properties os cas.properties are:
>
> cas.authn.jdbc.query[0].sql=SELECT * FROM `users` WHERE `user`=?
> cas.authn.jdbc.query[0].url=jdbc:mysql://*:3306/db
> cas.authn.jdbc.query[0].driverClass=com.mysql.cj.jdbc.Driver
> cas.authn.jdbc.query[0].dialect=org.hibernate.dialect.MySQL57InnoDBDialect
> cas.authn.jdbc.query[0].user=user
> cas.authn.jdbc.query[0].password=
> cas.authn.jdbc.query[0].autocommit=true
> cas.authn.jdbc.query[0].fieldPassword=password
> cas.authn.jdbc.query[0].passwordEncoder.type=DEFAULT
> cas.authn.jdbc.query[0].passwordEncoder.encodingAlgorithm=MD5
> cas.authn.jdbc.query[0].passwordEncoder.characterEncoding=UTF-8
> cas.authn.jdbc.query[0].order=0
>
> Best regards,
> Rogério
>
>
> On Thursday, April 27, 2017 at 4:02:39 AM UTC-3, Yashwant Anandan wrote:
>>
>> Hi,
>>
>> I am trying to add a new service via the CAS ReST Service. I have a few
>> doubts
>>
>> 1. What should be attributeName and attributeValue ? I have kept it as
>> "skip" and "enabled.+" respectively.
>> 2. I am getting "Request is not authorized" when I give a request to add
>> a service. I thought it could be because of TGT, but I found that TGT is
>> not the issue here. How to solve this ?
>>
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/b947e897-2784-40ad-af90-d824ef49eb49%40apereo.org.
Re: [cas-user] Mandatory entry point before authentication
Thanks Ray but that's not exactly my use case.
Your use case admit that users can authenticate from any service, on my
case I need that they must come from one service to be able to
authenticate. But your redirect is welcome !
Thanks
Julien
Le 17/04/2019 à 20:57, Ray Bon a écrit :
Julien,
Check this setting:
cas.view.defaultRedirectUrl=https://${cas.server.name}/mypage
If user goes to CAS first (without a service), they get redirected to
defaultRedirectUrl.
Ray
On Wed, 2019-04-17 at 16:56 +0200, Julien Gribonvald wrote:
Hi,
Is there a simple way to force user to come from a service before to
authenticate ?
I mean before accessing to some services (not all) a user should come
from an entry point (a service on which he will be authenticated after,
like a portal), if not he should be redirected to this entry point.
If not is it the a thing to define a service policy from the service
management to do that ? Or are you seing a better way ?
Thanks,
--
Julien Gribonvald
--
Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE 019 | r...@uvic.ca
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google
Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to cas-user+unsubscr...@apereo.org
.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/6f6cdffc229472b76ba097cf453afd8990093e18.camel%40uvic.ca
.
--
Julien Gribonvald
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/6a2a583f-13fc-53b3-486f-17f916b6c067%40recia.fr.
[cas-user] Re: CAS ReST - Adding New Service
I'm facing the same issue. Does anyone figured out how to configure the properties: cas.rest.attributeName= cas.rest.attributeValue= I'm using CAS version 6.0.x and authentication via jdbc/query. My properties os cas.properties are: cas.authn.jdbc.query[0].sql=SELECT * FROM `users` WHERE `user`=? cas.authn.jdbc.query[0].url=jdbc:mysql://*:3306/db cas.authn.jdbc.query[0].driverClass=com.mysql.cj.jdbc.Driver cas.authn.jdbc.query[0].dialect=org.hibernate.dialect.MySQL57InnoDBDialect cas.authn.jdbc.query[0].user=user cas.authn.jdbc.query[0].password= cas.authn.jdbc.query[0].autocommit=true cas.authn.jdbc.query[0].fieldPassword=password cas.authn.jdbc.query[0].passwordEncoder.type=DEFAULT cas.authn.jdbc.query[0].passwordEncoder.encodingAlgorithm=MD5 cas.authn.jdbc.query[0].passwordEncoder.characterEncoding=UTF-8 cas.authn.jdbc.query[0].order=0 Best regards, Rogério On Thursday, April 27, 2017 at 4:02:39 AM UTC-3, Yashwant Anandan wrote: > > Hi, > > I am trying to add a new service via the CAS ReST Service. I have a few > doubts > > 1. What should be attributeName and attributeValue ? I have kept it as > "skip" and "enabled.+" respectively. > 2. I am getting "Request is not authorized" when I give a request to add > a service. I thought it could be because of TGT, but I found that TGT is > not the issue here. How to solve this ? > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/7e63278b-2cbc-410d-9d44-c27cf0e8b447%40apereo.org.
Re: [cas-user] Where is AbstractCasWebflowConfigurer
Add a maven dependency on cas-server-core-webflow-api module.
Best,
D.
From: Michael MacEachran
Reply: cas-user@apereo.org
Date: April 24, 2019 at 10:48:37 PM
To: cas-user@apereo.org
Subject: [cas-user] Where is AbstractCasWebflowConfigurer
According to the documentation
https://apereo.github.io/cas/6.0.x/webflow/Webflow-Customization-Extensions.html
to inject an action into the webflow, I extend AbstractCasWebflowConfigurer
like this:
public class SomethingWebflowConfigurer extends AbstractCasWebflowConfigurer {
But I cannot import that class. I have the dependency
org.apereo.cas
cas-server-core-webflow
${cas.version}
in my pom.
Where is this class? Can someone give me the full import? Do I have the
right dependency?
Michael
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAN9%2B60pFzwo1gyxzO5040QrobmSeFbZCYOfRK6oo1t03YHWOmA%40mail.gmail.com.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/etPan.5cc1a4f9.79933b94.25b%40unicon.net.
[cas-user] Administrative Endpoints & Monitoring Authentication with LDAP fails in CAS 6.x
I am getting the following when attempting to configure LDAP authentication to the CAS and Spring endpoints. 2019-04-25 17:51:08,236 ERROR [org.apereo.cas.web.security.authentication.MonitorEndpointLdapAuthenticationProvider] - java.lang.NullPointerException: null at org.apereo.cas.util.LdapUtils.lambda$newLdaptiveSearchFilter$3(LdapUtils.java:530) ~[cas-server-support-ldap-core-6.0.3.jar!/:6.0.3] at java.util.stream.Streams$RangeIntSpliterator.forEachRemaining(Streams.java:104) ~[?:?] at java.util.stream.IntPipeline$Head.forEach(IntPipeline.java:593) ~[?:?] at org.apereo.cas.util.LdapUtils.newLdaptiveSearchFilter(LdapUtils.java:529) ~[cas-server-support-ldap-core-6.0.3.jar!/:6.0.3] at org.apereo.cas.authorization.BaseUseAttributesAuthorizationGenerator.generate(BaseUseAttributesAuthorizationGenerator.java:69) ~[cas-server-support-ldap-core-6.0.3.jar!/:6.0.3] at org.apereo.cas.web.security.authentication.MonitorEndpointLdapAuthenticationProvider.authenticate(MonitorEndpointLdapAuthenticationProvider.java:72) ~[cas-server-webapp-config-6.0.3.jar!/:6.0.3] at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:175) ~[spring-security-core-5.1.5.RELEASE.jar!/:5.1.5.RELEASE] at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:200) ~[spring-security-core-5.1.5.RELEASE.jar!/:5.1.5.RELEASE] at org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter.attemptAuthentication(UsernamePasswordAuthenticationFilter.java:94) ~[spring-security-web-5.1.5.RELEASE.jar!/:5.1.5.RELEASE] at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:212) ~[spring-security-web-5.1.5.RELEASE.jar!/:5.1.5.RELEASE] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.1.5.RELEASE.jar!/:5.1.5.RELEASE] at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105) ~[spring-security-web-5.1.5.RELEASE.jar!/:5.1.5.RELEASE] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.1.5.RELEASE.jar!/:5.1.5.RELEASE] at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56) ~[spring-security-web-5.1.5.RELEASE.jar!/:5.1.5.RELEASE] at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-5.1.6.RELEASE.jar!/:5.1.6.RELEASE] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.1.5.RELEASE.jar!/:5.1.5.RELEASE] at org.springframework.security.web.access.channel.ChannelProcessingFilter.doFilter(ChannelProcessingFilter.java:157) ~[spring-security-web-5.1.5.RELEASE.jar!/:5.1.5.RELEASE] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.1.5.RELEASE.jar!/:5.1.5.RELEASE] at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215) ~[spring-security-web-5.1.5.RELEASE.jar!/:5.1.5.RELEASE] at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178) ~[spring-security-web-5.1.5.RELEASE.jar!/:5.1.5.RELEASE] at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:357) ~[spring-web-5.1.6.RELEASE.jar!/:5.1.6.RELEASE] at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:270) ~[spring-web-5.1.6.RELEASE.jar!/:5.1.6.RELEASE] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17] at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99) ~[spring-web-5.1.6.RELEASE.jar!/:5.1.6.RELEASE] at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-5.1.6.RELEASE.jar!/:5.1.6.RELEASE] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17] at
