Re: [cas-user] Unauthorized Service Access. Service [] is not found in service registry
Please show us the debug log and your service json, or else really hard to help you debug: To enable debug log, see https://apereo.github.io/cas/5.3.x/installation/Troubleshooting-Guide.html#review-logs Cheers! - Andy -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/b4e0d1b1-e720-4751-8fd8-0a9c04abc026%40apereo.org.
Re: [cas-user] Can't disable static authentication?
I suspect the same thing as Ray do, your cas.properties should be put relative to your root directoary instead of in the cas project folder: e.g. if you are using Windows, it default should be C:/etc/cas/config instead of C:/YOUR_CAS_DIRECTORY/etc/cas/config See if the above problem is your case. Cheers! - Andy -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/d826d5d3-1aa7-4942-bc87-f278d8ab5d52%40apereo.org.
Re: [cas-user] Re: How do I enable cas/status page with CAS 5.3.2?
Don't change the default configuration. Add the service to your service
registry, wherever that is. If you don't have a service registry, you
should set one of those up first.
And unless the CAS server actually has an SSL certificate with
localhost. as a valid CN, you should be using the actual hostname of
the CAS server.
--
DAVID A. CURRY, CISSP
*DIRECTOR • INFORMATION SECURITY & PRIVACY*
THE NEW SCHOOL • INFORMATION TECHNOLOGY
71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 646 909-4728 • david.cu...@newschool.edu
On Fri, Jun 28, 2019 at 7:45 AM 123 456 wrote:
> {
> "services":[
> {
> "@class":"org.apereo.cas.services.RegexRegisteredService",
> "id":123456789,
> "serviceId":"https://localhost:/cas/status/dashboard";,
> "name":"cas_status",
> "description":"CAS dashboard and administrative endpoints"
> }
> ]
> }
>
> I get the following error as well:
>
> ERROR
> [org.apereo.cas.util.serialization.AbstractJacksonBackedStringSerializer] -
> [{"services":[{"@class":"org.apereo.cas.services.RegexRegisteredService","id":123456789,"serviceId":"https://localhost:...]
> to deserialize into type [interface
> org.apereo.cas.services.RegisteredService]. This may be caused in the
> absence of a configuration/support module that knows how to interpret the
> JSON fragment, specially if the fragment describes a CAS registered service
> definition. Internal parsing error is [Missing type id when trying to
> resolve subtype of [simple type, class
> org.apereo.cas.services.RegisteredService]: missing type id property
> '@class'
> at [Source:
> (String)"{"services":[{"@class":"org.apereo.cas.services.RegexRegisteredService","id":123456789,"serviceId":"
> https://localhost:8443/cas/status/dashboard","name":"cas_status","description":"CAS
> dashboard and administrative endpoints"}]}"; line: 1, column: 226]]>
>
>
> In which folder should I be making the changes to the default
> configurations?
>
>
> quarta-feira, 26 de Junho de 2019 às 17:09:20 UTC+1, 123 456 escreveu:
>>
>> Template: https://github.com/apereo/cas-gradle-overlay-template
>>
>> #=
>> # cas.properties
>> #=
>>
>>
>> server.port =
>> cas.server.name: https://{server}:
>> cas.server.prefix: https://{server}:/cas
>>
>> cas.adminPagesSecurity.ip=127\.0\.0\.1
>>
>> logging.config: file:/etc/cas/config/log4j2.xml
>> #cas.serviceRegistry.json.location: classpath:/etc/cas/services-repo
>>
>> # SSL
>> server.ssl.enabled=true
>> server.ssl.keyStore=file:/etc/cas/thekeystore
>> server.ssl.keyStorePassword=changeit
>> server.ssl.keyPassword=changeit
>>
>> cas.authn.accept.users=
>>
>> #
>> # Service Registry
>> #
>> cas.serviceRegistry.watcherEnabled=true
>> cas.serviceRegistry.initFromJson=true
>> cas.serviceRegistry.json.location=classpath:/etc/cas/services
>>
>> #==
>> # Status
>> #==
>>
>> cas.adminPagesSecurity.actuatorEndpointsEnabled=true
>> cas.monitor.endpoints.enabled=true
>> endpoints.enabled=true
>>
>> cas.monitor.endpoints.sensitive=false
>> endpoints.sensitive=false
>> cas.monitor.endpoints.status.enabled=false
>> cas.monitor.endpoints.status.sensitive=true
>>
>> cas.adminPagesSecurity.loginUrl=https://{server}/cas/login
>> cas.adminPagesSecurity.service=https://{server}/cas/status
>> cas.adminPagesSecurity.users=file:/etc/cas/config/admusers.properties
>> cas.adminPagesSecurity.adminRoles[0]=ROLE_ADMIN
>>
>>
>> ***
>>
>>
>> #
>> # admnusers.properties
>> #
>>
>> # This file lists the users who are allowed access to the CAS /status/*
>> # endpoints ("adminpages").
>> #
>> # The syntax for each line is:
>> #
>> # username=password,grantedAuthority[,grantedAuthority][,enabled|disabled]
>> #
>> casuser=notused,ROLE_ADMIN
>>
>>
>>
>>
>>
>>
>>
>> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/9adce229-6461-4ad4-bd57-c6263915a4af%40apereo.org
>
> .
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https
[cas-user] CAS 5.3.x - TGT as JWT on REST Protocol
Hi, I've configured CAS to return TGT as JWT adding the dependency on the
maven overlay:
org.apereo.cas
cas-server-support-rest-tokens
${cas.version}
Info:
https://apereo.github.io/cas/5.3.x/protocol/REST-Protocol.html#jwt-ticket-granting-tickets
I've configured CAS to return a JWT Signed with HS512.
ST granting works fine (with standard TGT).
Every time I try to get a TGT in JWT with the following REST call:
POST /cas/v1/tickets HTTP/1.0
username=battags&password=password&token=true&additionalParam1=paramvalue
I receive this error:
Unauthorized Service Access. Service [] is not found in service registry.
If I omit or set the token param to "false", the standard TGT is granted
correctly.
What's wrong with that?
Thank you very much
Bye
K
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/ea19dc2c-26ae-4831-bc7b-5a2131257149%40apereo.org.
[cas-user] Re: How do I enable cas/status page with CAS 5.3.2?
{
"services":[
{
"@class":"org.apereo.cas.services.RegexRegisteredService",
"id":123456789,
"serviceId":"https://localhost:/cas/status/dashboard";,
"name":"cas_status",
"description":"CAS dashboard and administrative endpoints"
}
]
}
I get the following error as well:
ERROR
[org.apereo.cas.util.serialization.AbstractJacksonBackedStringSerializer] -
https://localhost:...]
to deserialize into type [interface
org.apereo.cas.services.RegisteredService]. This may be caused in the
absence of a configuration/support module that knows how to interpret the
JSON fragment, specially if the fragment describes a CAS registered service
definition. Internal parsing error is [Missing type id when trying to
resolve subtype of [simple type, class
org.apereo.cas.services.RegisteredService]: missing type id property
'@class'
at [Source:
(String)"{"services":[{"@class":"org.apereo.cas.services.RegexRegisteredService","id":123456789,"serviceId":"https://localhost:8443/cas/status/dashboard","name":"cas_status","description":"CAS
dashboard and administrative endpoints"}]}"; line: 1, column: 226]]>
In which folder should I be making the changes to the default
configurations?
quarta-feira, 26 de Junho de 2019 às 17:09:20 UTC+1, 123 456 escreveu:
>
> Template: https://github.com/apereo/cas-gradle-overlay-template
>
> #=
> # cas.properties
> #=
>
>
> server.port =
> cas.server.name: https://{server}:
> cas.server.prefix: https://{server}:/cas
>
> cas.adminPagesSecurity.ip=127\.0\.0\.1
>
> logging.config: file:/etc/cas/config/log4j2.xml
> #cas.serviceRegistry.json.location: classpath:/etc/cas/services-repo
>
> # SSL
> server.ssl.enabled=true
> server.ssl.keyStore=file:/etc/cas/thekeystore
> server.ssl.keyStorePassword=changeit
> server.ssl.keyPassword=changeit
>
> cas.authn.accept.users=
>
> #
> # Service Registry
> #
> cas.serviceRegistry.watcherEnabled=true
> cas.serviceRegistry.initFromJson=true
> cas.serviceRegistry.json.location=classpath:/etc/cas/services
>
> #==
> # Status
> #==
>
> cas.adminPagesSecurity.actuatorEndpointsEnabled=true
> cas.monitor.endpoints.enabled=true
> endpoints.enabled=true
>
> cas.monitor.endpoints.sensitive=false
> endpoints.sensitive=false
> cas.monitor.endpoints.status.enabled=false
> cas.monitor.endpoints.status.sensitive=true
>
> cas.adminPagesSecurity.loginUrl=https://{server}/cas/login
> cas.adminPagesSecurity.service=https://{server}/cas/status
> cas.adminPagesSecurity.users=file:/etc/cas/config/admusers.properties
> cas.adminPagesSecurity.adminRoles[0]=ROLE_ADMIN
>
>
> ***
>
>
> #
> # admnusers.properties
> #
>
> # This file lists the users who are allowed access to the CAS /status/*
> # endpoints ("adminpages").
> #
> # The syntax for each line is:
> #
> # username=password,grantedAuthority[,grantedAuthority][,enabled|disabled]
> #
> casuser=notused,ROLE_ADMIN
>
>
>
>
>
>
>
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/9adce229-6461-4ad4-bd57-c6263915a4af%40apereo.org.
[cas-user] Re: How do I enable cas/status page with CAS 5.3.2?
I've already installed version 5.2 and I'm still getting the same error
page. I've changed the ip as well and doesn't work.
quarta-feira, 26 de Junho de 2019 às 17:09:20 UTC+1, 123 456 escreveu:
>
> Template: https://github.com/apereo/cas-gradle-overlay-template
>
> #=
> # cas.properties
> #=
>
>
> server.port =
> cas.server.name: https://{server}:
> cas.server.prefix: https://{server}:/cas
>
> cas.adminPagesSecurity.ip=127\.0\.0\.1
>
> logging.config: file:/etc/cas/config/log4j2.xml
> #cas.serviceRegistry.json.location: classpath:/etc/cas/services-repo
>
> # SSL
> server.ssl.enabled=true
> server.ssl.keyStore=file:/etc/cas/thekeystore
> server.ssl.keyStorePassword=changeit
> server.ssl.keyPassword=changeit
>
> cas.authn.accept.users=
>
> #
> # Service Registry
> #
> cas.serviceRegistry.watcherEnabled=true
> cas.serviceRegistry.initFromJson=true
> cas.serviceRegistry.json.location=classpath:/etc/cas/services
>
> #==
> # Status
> #==
>
> cas.adminPagesSecurity.actuatorEndpointsEnabled=true
> cas.monitor.endpoints.enabled=true
> endpoints.enabled=true
>
> cas.monitor.endpoints.sensitive=false
> endpoints.sensitive=false
> cas.monitor.endpoints.status.enabled=false
> cas.monitor.endpoints.status.sensitive=true
>
> cas.adminPagesSecurity.loginUrl=https://{server}/cas/login
> cas.adminPagesSecurity.service=https://{server}/cas/status
> cas.adminPagesSecurity.users=file:/etc/cas/config/admusers.properties
> cas.adminPagesSecurity.adminRoles[0]=ROLE_ADMIN
>
>
> ***
>
>
> #
> # admnusers.properties
> #
>
> # This file lists the users who are allowed access to the CAS /status/*
> # endpoints ("adminpages").
> #
> # The syntax for each line is:
> #
> # username=password,grantedAuthority[,grantedAuthority][,enabled|disabled]
> #
> casuser=notused,ROLE_ADMIN
>
>
>
>
>
>
>
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/751d5620-11a2-4e1b-9a7f-d8a8c47eab95%40apereo.org.
