[cas-user] cas.server.tomcat.rewriteValve.location
Hi! I just want to find out if anyone is using the rewrite on the embedded tomcat(CAS 6.1.4). For some reason, it is not picking up my rewrite below. cas.properties cas.server.tomcat.rewriteValve.location=file:/etc/cas/rewrite.config rewrite.config RewriteRule ^/idp/(.*) /cas/idp/$1 [L] RewriteRule ^/$/cas/login [L] Thank you in advance. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/d8a6c045-b023-4625-853c-bb2e3a1fb8f6%40apereo.org.
[cas-user] Unable to send SMS via REST interface
Hi All, Using CAS 6.1.4, I've been attempting to get the "simple multifactor authentication" to send SMS via a RESTful interface. I'm able to get it to send via email, and I'm able to curl the provider with a hand-crafted version of the JSON that CAS should be sending - both work, but it appears that that the REST call is never sent from CAS for sending SMS. The log files are not helpful (they simple say that CAS failed to send via SMS or Mail). My configuration is: cas.authn.mfa.simple=mfa-simple cas.authn.mfa.simple.order=2 cas.authn.mfa.simple.timeToKillInSeconds=60 cas.authn.mfa.simple.tokenLength=6 cas.authn.mfa.simple.sms.from=1XX cas.authn.mfa.simple.sms.text=Your one-time authorization token is: %s cas.authn.mfa.simple.sms.attributeName=mobile cas.smsProvider.rest.method=POST cas.smsProvider.rest.basicAuthUsername=X cas.smsProvider.rest.basicAuthPassword= cas.smsProvider.rest.url=https://myprovider.com/endpoint The log files show the attribute 'mobile' has the proper value in it. Has anyone managed to get this working? What am I doing incorrectly? -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/297b702a-1a55-4234-965e-5c489361a830%40apereo.org.
Re: [cas-user] CAS 6.1.4 - Unable to resolve Duo and Hazelcast dependencies
Did you submit a pull request with the typo fixed?
On Fri, Feb 28, 2020 at 4:39 PM Bryan Wooten wrote:
> Much appreciated
>
> I found our error. Looking at:
> https://apereo.github.io/2019/01/07/cas61-gettingstarted-overlay/#dependencies
>
> We cut and pasted: compile
> "org.apereo.cas:cas-server-support-hazlcast-ticket-registry:${casServerVersion}"
>
> There is a slight typo, "hazlcast" vs. "hazelcast".
>
> We are good to go now.. :)
>
> Cheers,
>
> -Bryan
>
>
> On Tue, Feb 25, 2020 at 3:41 AM Jérôme LELEU wrote:
>
>> Hi,
>>
>> The Hazelcast dependency is available in the Maven central repository as
>> most dependencies.
>> Thanks.
>> Best regards,
>> Jérôme
>>
>>
>> Le lun. 24 févr. 2020 à 17:43, Bryan Wooten a
>> écrit :
>>
>>> Thanks for the fast reply!
>>>
>>> They URL you sent was added to the build.gradle and resolved the Duo
>>> issue.
>>>
>>> Unfortunately, the build is still failing on the Hazelcast dependency.
>>>
>>> -Bryan
>>>
>>> On Mon, Feb 24, 2020 at 9:34 AM Jérôme LELEU wrote:
>>>
Hi,
You need to add the Unicon repository:
https://github.com/apereo/cas/blob/master/gradle/maven.gradle#L197
Thanks.
Best regards,
Jérôme
Le lun. 24 févr. 2020 à 17:14, Bryan Wooten a
écrit :
> Following the instructions here:
>
>
> https://apereo.github.io/2019/01/07/cas61-gettingstarted-overlay/#dependencies
>
>
> We are trying to add dependencies for Hazelcast and Duo by adding to
> the build.gradle file:
>
> compile "org.apereo.cas:cas-server-support-duo:${casServerVersion}"
>
> compile
> "org.apereo.cas:cas-server-support-hazlcast-ticket-registry:${casServerVersion}"
>
> Any help appreciated,
>
> -Bryan
>
> But we get these errors:
>
> Could not resolve all files for configuration ':runtimeClasspath'.
>> Could not resolve
> org.apereo.cas:cas-server-support-hazlcast-ticket-registry:6.1.4.
> Required by:
> project :
> > Could not resolve
> org.apereo.cas:cas-server-support-hazlcast-ticket-registry:6.1.4.
> > Could not get resource '
> https://oss.jfrog.org/artifactory/oss-snapshot-local/org/apereo/cas/cas-server-support-hazlcast-ticket-registry/6.1.4/cas-server-support-hazlcast-ticket-registry-6.1.4.pom'
> .
> > Could not GET '
> https://oss.jfrog.org/artifactory/oss-snapshot-local/org/apereo/cas/cas-server-support-hazlcast-ticket-registry/6.1.4/cas-server-support-hazlcast-ticket-registry-6.1.4.pom'.
> Received
> status code 409 from server:
>> Could not resolve net.unicon.iam:duo-client:0.2.2.
> Required by:
> project : > org.apereo.cas:cas-server-support-duo:6.1.4 >
> org.apereo.cas:cas-server-support-duo-core:6.1.4
> > Could not resolve net.unicon.iam:duo-client:0.2.2.
> > Could not get resource '
> https://oss.jfrog.org/artifactory/oss-snapshot-local/net/unicon/iam/duo-client/0.2.2/duo-client-0.2.2.pom'
> .
> > Could not HEAD '
> https://oss.jfrog.org/artifactory/oss-snapshot-local/net/unicon/iam/duo-client/0.2.2/duo-client-0.2.2.pom'.
> Received
> status code 409 from server:
>
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google
> Groups "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAG9x2GX1wMGVBYDp1FQvsgopoek4C57yLSoSTc9CkguQyT5YMQ%40mail.gmail.com
>
> .
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google
Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAP279LyS78qvpKf_vh375g_vR3R3Y5YCr_zfq0Owk%2B3_eJXx9A%40mail.gmail.com
.
>>> --
>>> - Website: https://apereo.github.io/cas
>>> - Gitter Chatroom: https://gitter.im/apereo/cas
>>> - List
Re: [cas-user] CAS 6.1.4 - Unable to resolve Duo and Hazelcast dependencies
Much appreciated
I found our error. Looking at:
https://apereo.github.io/2019/01/07/cas61-gettingstarted-overlay/#dependencies
We cut and pasted: compile
"org.apereo.cas:cas-server-support-hazlcast-ticket-registry:${casServerVersion}"
There is a slight typo, "hazlcast" vs. "hazelcast".
We are good to go now.. :)
Cheers,
-Bryan
On Tue, Feb 25, 2020 at 3:41 AM Jérôme LELEU wrote:
> Hi,
>
> The Hazelcast dependency is available in the Maven central repository as
> most dependencies.
> Thanks.
> Best regards,
> Jérôme
>
>
> Le lun. 24 févr. 2020 à 17:43, Bryan Wooten a
> écrit :
>
>> Thanks for the fast reply!
>>
>> They URL you sent was added to the build.gradle and resolved the Duo
>> issue.
>>
>> Unfortunately, the build is still failing on the Hazelcast dependency.
>>
>> -Bryan
>>
>> On Mon, Feb 24, 2020 at 9:34 AM Jérôme LELEU wrote:
>>
>>> Hi,
>>>
>>> You need to add the Unicon repository:
>>> https://github.com/apereo/cas/blob/master/gradle/maven.gradle#L197
>>> Thanks.
>>> Best regards,
>>> Jérôme
>>>
>>>
>>> Le lun. 24 févr. 2020 à 17:14, Bryan Wooten a
>>> écrit :
>>>
Following the instructions here:
https://apereo.github.io/2019/01/07/cas61-gettingstarted-overlay/#dependencies
We are trying to add dependencies for Hazelcast and Duo by adding to
the build.gradle file:
compile "org.apereo.cas:cas-server-support-duo:${casServerVersion}"
compile
"org.apereo.cas:cas-server-support-hazlcast-ticket-registry:${casServerVersion}"
Any help appreciated,
-Bryan
But we get these errors:
Could not resolve all files for configuration ':runtimeClasspath'.
> Could not resolve
org.apereo.cas:cas-server-support-hazlcast-ticket-registry:6.1.4.
Required by:
project :
> Could not resolve
org.apereo.cas:cas-server-support-hazlcast-ticket-registry:6.1.4.
> Could not get resource '
https://oss.jfrog.org/artifactory/oss-snapshot-local/org/apereo/cas/cas-server-support-hazlcast-ticket-registry/6.1.4/cas-server-support-hazlcast-ticket-registry-6.1.4.pom'
.
> Could not GET '
https://oss.jfrog.org/artifactory/oss-snapshot-local/org/apereo/cas/cas-server-support-hazlcast-ticket-registry/6.1.4/cas-server-support-hazlcast-ticket-registry-6.1.4.pom'.
Received
status code 409 from server:
> Could not resolve net.unicon.iam:duo-client:0.2.2.
Required by:
project : > org.apereo.cas:cas-server-support-duo:6.1.4 >
org.apereo.cas:cas-server-support-duo-core:6.1.4
> Could not resolve net.unicon.iam:duo-client:0.2.2.
> Could not get resource '
https://oss.jfrog.org/artifactory/oss-snapshot-local/net/unicon/iam/duo-client/0.2.2/duo-client-0.2.2.pom'
.
> Could not HEAD '
https://oss.jfrog.org/artifactory/oss-snapshot-local/net/unicon/iam/duo-client/0.2.2/duo-client-0.2.2.pom'.
Received
status code 409 from server:
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google
Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAG9x2GX1wMGVBYDp1FQvsgopoek4C57yLSoSTc9CkguQyT5YMQ%40mail.gmail.com
.
>>> --
>>> - Website: https://apereo.github.io/cas
>>> - Gitter Chatroom: https://gitter.im/apereo/cas
>>> - List Guidelines: https://goo.gl/1VRrw7
>>> - Contributions: https://goo.gl/mh7qDG
>>> ---
>>> You received this message because you are subscribed to the Google
>>> Groups "CAS Community" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to cas-user+unsubscr...@apereo.org.
>>> To view this discussion on the web visit
>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAP279LyS78qvpKf_vh375g_vR3R3Y5YCr_zfq0Owk%2B3_eJXx9A%40mail.gmail.com
>>>
>>> .
>>>
>> --
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from
[cas-user] Re: SAML functions very slow
Update: I'm not really sure why, but changing my deployment totally solved this issue, as well as other general sluggishness. I was deploying using the Spring Boot Embedded Tomcat instance, but switching to deploying to an external Tomcat instance with no embedded server has drastically increased performance. Consider trying that if you're having the same issue. On Thursday, February 27, 2020 at 3:49:03 PM UTC-5, Hayden Sartoris wrote: > > Sort of glad to hear that other people have this problem. > > I've narrowed it down to AbstractSamlObjectBuilder, in > org.apereo.cas.support.saml.util. Specifically, in > constructDocumentFromXml, JDOM SAXBuilder is used to deserialize a String > containing the XML data to a JDOM Document object. I have a local > development instance, and I've tried a lot of things to get this to speed > up, including disabling validation in every way possible, specifying a > Xerces parser, upgrading from JDOM 1.1 to 2.0.6, etc.. No matter what I do, > the call to SAXBuilder.build(String xmlString) takes either ~6.5 seconds or > almost no time at all, very rarely anything in between. > > I need to hook this up to a debugger and break during execution or > something, but I don't have an appropriate Java development environment > handy. This is pretty ridiculous; we're talking about ~440 characters of > XML taking nearly seven seconds to parse. > > On Thursday, February 27, 2020 at 11:44:19 AM UTC-5, bcolly wrote: >> >> Yes, I am seeing the same delays with CAS as a SAML SP. >> Thanks for mentioning this. >> >> On Thursday, February 27, 2020 at 8:21:43 AM UTC-7, Hayden Sartoris wrote: >>> >>> Morning, >>> >>> I'm running a CAS 6 server that's kept pretty aggressively up to date. >>> Since ~November 2019, SAML >>> functionality has been very slow, as has the /cas/samlValidate endpoint. >>> I suspect XML parsing and >>> serialization is to blame, but I'm hard pressed to identify exactly >>> where or how. >>> >>> The server generally takes either ~7 or ~14 seconds to serve a response, >>> and one CPU core is usually >>> maxed out while processing. Has anyone else run into this issue? It's >>> making SAML integrations nigh >>> unusable. >>> >>> Best, >>> Hayden Sartoris >>> >> -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/c87ada33-8923-4bac-9223-a6f616e31568%40apereo.org.
[cas-user] JDBC attribute repository id
Hi,
I've found an issue when setting id for a JDBC attribute repository. The id
is not applied correctly. I'm using CAS 6.1.1 and here is a sample of
config:
cas.authn.attributeRepository.jdbc[0].id=*MyDB*
cas.authn.attributeRepository.jdbc[0].url=...
cas.personDirectory.attributeResolutionEnabled=false
...
In my service:
{
"@class" : "org.apereo.cas.services.RegexRegisteredService",
"serviceId" : "https://app.example.org;,
"name" : "ExampleApplication",
"id" : 1,
"attributeReleasePolicy" : {
"@class" : "org.apereo.cas.services.ReturnAllAttributeReleasePolicy",
"principalAttributesRepository" : {
"@class" :
"org.apereo.cas.authentication.principal.DefaultPrincipalAttributesRepository",
"attributeRepositoryIds": ["java.util.HashSet", [ "*MyDB*" ]]
}
}
}
It's not working the atttribute resolution for that repository.
The issue could be resolved by replacing
in
support/cas-server-support-person-directory/src/main/java/org/apereo/cas/config/CasPersonDirectoryConfiguration.java
(line 241) the following:
public List jdbcAttributeRepositories() {
val list = new ArrayList();
val attrs = casProperties.getAuthn().getAttributeRepository();
attrs.getJdbc()
.stream()
.filter(jdbc -> StringUtils.isNotBlank(jdbc.getSql()) &&
StringUtils.isNotBlank(jdbc.getUrl()))
.forEach(jdbc -> {
val jdbcDao = createJdbcPersonAttributeDao(jdbc);
*FunctionUtils.doIfNotNull(jdbcDao.getId(),
jdbcDao::setId);*
with:
*FunctionUtils.doIfNotNull(jdbc.getId(), jdbcDao::setId);*
Hope it helps.
Thanks
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/f5426151-0c53-48a5-9c41-7743bd744808%40apereo.org.
