Re: [cas-user] help with SAML rule
When entering the urn attribute names, the following error is displayed: 2020-10-07 18:16:48,464 ERROR [org.jasig.cas.client.util.XmlUtils] - org.xml.sax.SAXParseException: Element or attribute do not match QName production: QName::=(NCName':')?NCName. I found the following information about it. https://groups.google.com/a/apereo.org/forum/#!topic/cas-user/fc_biQnh1l4 Any of you know, if this bug has been fixed in version 6.0.8.1? El 07-10-2020 a las 17:42, 'Alexi Pascual' via CAS Community escribió: Hello, We are implementing an access rule in cas 6.0.8. The SP requires specific names (urn) to integrate. For example, the current rule delivers: ext-t...@xxx.cl and they request us: NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"> ext-t...@xxx.cl Some of you have experience in creating these specific rules, and you can help me. thanks, -- Alexi Pascual -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org <mailto:cas-user+unsubscr...@apereo.org>. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/00c458e9-36cc-07e5-8464-465b264900dc%40uc.cl <https://groups.google.com/a/apereo.org/d/msgid/cas-user/00c458e9-36cc-07e5-8464-465b264900dc%40uc.cl?utm_medium=email_source=footer>. -- Alexi Pascual García Jefe de Arquitectura e Integración Subdirección de Operaciones y Plataforma Dirección de Informática Pontificia Universidad Católica de Chile Teléfono: (56 2) 2354 5759 -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/5fce1e4d-89e1-720a-5187-8af873ca3f90%40uc.cl.
[cas-user] help with SAML rule
Hello, We are implementing an access rule in cas 6.0.8. The SP requires specific names (urn) to integrate. For example, the current rule delivers: ext-t...@xxx.cl and they request us: NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"> ext-t...@xxx.cl Some of you have experience in creating these specific rules, and you can help me. thanks, -- Alexi Pascual -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/00c458e9-36cc-07e5-8464-465b264900dc%40uc.cl.
Re: [cas-user] Received status code 429 from server: Too Many Requests
Hello, I have the same error: > Could not HEAD 'https://oss.sonatype.org/content/repositories/snapshots/org/apereo/cas/cas-mgmt-webapp/6.0.2-SNAPSHOT/cas-mgmt-webapp-6.0.2-20190530.181055-3.war'. Received status code 429 from server: Too Many Requests El 11-09-19 a las 13:47, 'Mallory, Erik' via CAS Community escribió: Hello, I’m trying to build a cas.war and I’m getting 429 errors Could not HEAD 'https://oss.sonatype.org/content/repositories/snapshots/org/apereo/cas/cas-server-core-audit/6.1.0-RC6-SNAPSHOT/cas-server-core-audit-6.1.0-RC6-20190911.130548-10.pom'. Received status code 429 from server: Too Many Requests Is there a workaround? Thanks, Erik Mallory Server Analyst Wichita State University -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org <mailto:cas-user+unsubscr...@apereo.org>. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/DF8BBE62-1754-4A7F-920E-790FCC4FBC61%40wichita.edu <https://groups.google.com/a/apereo.org/d/msgid/cas-user/DF8BBE62-1754-4A7F-920E-790FCC4FBC61%40wichita.edu?utm_medium=email_source=footer>. -- Alexi Pascual García Jefe de Arquitectura e Integración Subdirección de Operaciones y Plataforma Dirección de Informática Pontificia Universidad Católica de Chile Teléfono: (56 2) 2354 5759 -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/8c38a8e7-87c9-d806-5e20-e8273b5d8537%40uc.cl.
Re: [cas-user] case-management 6.x
With this parameter, you are sure to download all dependencies of
cas-management. Now you can add the necessary dependencies in your
build.gradle
dependencies {
if (project.hasProperty("external")) {
compile
"org.apereo.cas:cas-mgmt-webapp:${project.'casmgmt.version'}"
} else {
compile
"org.apereo.cas:cas-mgmt-webapp${project.appServer}:${project.'casmgmt.version'}"
}
compile
"org.apereo.cas:cas-server-support-ldap:${project.'casmgmt.version'}"
compile
"org.apereo.cas:cas-server-support-json-service-registry:${project.'casmgmt.version'}"
}
remember to change 'cas.version' to 'casmgmt.version' when you configure
dependencies on cas-management.
regards,
El 02-07-19 a las 10:34, alain ubfc escribió:
Thank you for your reply.
I put in my file : /opt/cas-management-overlay/gradle.properties
# Versions
casmgmt.version=6.1.0-RC4
springBootVersion=2.2.0.M3
appServer=-tomcat
sourceCompatibility=11
targetCompatibility=11
gradleVersion=5.4.1
external = false
How to do ?
Alain
Le mar. 2 juil. 2019 à 16:03, 'Alexi Pascual' via CAS Community
mailto:cas-user@apereo.org>> a écrit :
Hi alain,
I solved the problem by adding:
external = false
in gradle.properties
regards,
El 10-06-19 a las 10:15, alain ubfc escribió:
Hello everyone,
I would like to install case-management 6.x but with every move I
make:
|
|
|
./build.sh package
|
I have this error message:
|
|
|
|
Task:bootWar FAILED
:bootWar (Thread[Daemonworker
Thread2,5,main])completed.Took5.182secs.
FAILURE:Buildfailed withan exception.
*Whatwent wrong:
Couldnotresolve all files forconfiguration ':runtimeClasspath'.
>Couldnotresolve org.apereo.cas:cas-mgmt-webapp-tomcat:5.3.6.
Requiredby:
project :
>Couldnotresolve org.apereo.cas:cas-mgmt-webapp-tomcat:5.3.6.
>Couldnotgetresource
'https://oss.jfrog.org/artifactory/oss-snapshot-local/org/apereo/cas/cas-mgmt-webapp-tomcat/5.3.6/cas-mgmt-webapp-tomcat-5.3.6.pom'.
>CouldnotGET
'https://oss.jfrog.org/artifactory/oss-snapshot-local/org/apereo/cas/cas-mgmt-webapp-tomcat/5.3.6/cas-mgmt-webapp-tomcat-5.3.6.pom'.Receivedstatus
code 409fromserver:
|
|
|In my file _*gradle.properties*_ to know the version I go to the
site *http://repo1.maven.org/maven2/org/apereo/cas/cas-mgmt/*
|
|
# Versions
# casmgmt.version=6.1.0-RC3-SNAPSHOT
casmgmt.version=6.0.1
springBootVersion=2.1.3.RELEASE
appServer=-tomcat
sourceCompatibility=11
targetCompatibility=11
gradleVersion=5.2.1
|
In my_*build.gradle*_ file in dependency I have:
|
|
|
dependencies {
if(project.hasProperty("external")){
compile
"org.apereo.cas:cas-mgmt-webapp:${project.'casmgmt.version'}"
}else{
compile
"org.apereo.cas:cas-mgmt-webapp${project.appServer}:${project.'casmgmt.version'}"
}|||
compile
"org.apereo.cas:cas-management-webapp-support-ldap:${project.'cas.version'}"
|||}
|
Why do I have this error?
thank you so much||
Best regards
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the
Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it,
send an email to cas-user+unsubscr...@apereo.org
<mailto:cas-user+unsubscr...@apereo.org>.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/ec74e817-9b35-4d57-9905-e4051fd49c79%40apereo.org
<https://groups.google.com/a/apereo.org/d/msgid/cas-user/ec74e817-9b35-4d57-9905-e4051fd49c79%40apereo.org?utm_medium=email_source=footer>.
--
Alexi
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google
Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it,
send an email to cas-user+unsubscr...@apereo.org
<mailto:cas-user+unsubscr...@apereo.org>.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/e2085391-c053-14c9-9ecf-e1e77a6d28d9%40uc.cl
<https://groups.google.com/a/apereo.org/d/msgid/cas-user/e2085391-c053-14c9-9ecf-e1e77a6d28d9%40uc.cl?utm_medium=email_source=footer>.
--
__
Alain
Re: [cas-user] case-management 6.x
Hi alain,
I solved the problem by adding:
external = false
in gradle.properties
regards,
El 10-06-19 a las 10:15, alain ubfc escribió:
Hello everyone,
I would like to install case-management 6.x but with every move I make:
|
|
|
./build.sh package
|
I have this error message:
|
|
|
|
Task:bootWar FAILED
:bootWar (Thread[Daemonworker Thread2,5,main])completed.Took5.182secs.
FAILURE:Buildfailed withan exception.
*Whatwent wrong:
Couldnotresolve all files forconfiguration ':runtimeClasspath'.
>Couldnotresolve org.apereo.cas:cas-mgmt-webapp-tomcat:5.3.6.
Requiredby:
project :
>Couldnotresolve org.apereo.cas:cas-mgmt-webapp-tomcat:5.3.6.
>Couldnotgetresource
'https://oss.jfrog.org/artifactory/oss-snapshot-local/org/apereo/cas/cas-mgmt-webapp-tomcat/5.3.6/cas-mgmt-webapp-tomcat-5.3.6.pom'.
>CouldnotGET
'https://oss.jfrog.org/artifactory/oss-snapshot-local/org/apereo/cas/cas-mgmt-webapp-tomcat/5.3.6/cas-mgmt-webapp-tomcat-5.3.6.pom'.Receivedstatus
code 409fromserver:
|
|
|In my file _*gradle.properties*_ to know the version I go to the site
*http://repo1.maven.org/maven2/org/apereo/cas/cas-mgmt/*
|
|
# Versions
# casmgmt.version=6.1.0-RC3-SNAPSHOT
casmgmt.version=6.0.1
springBootVersion=2.1.3.RELEASE
appServer=-tomcat
sourceCompatibility=11
targetCompatibility=11
gradleVersion=5.2.1
|
In my_*build.gradle*_ file in dependency I have:
|
|
|
dependencies {
if(project.hasProperty("external")){
compile
"org.apereo.cas:cas-mgmt-webapp:${project.'casmgmt.version'}"
}else{
compile
"org.apereo.cas:cas-mgmt-webapp${project.appServer}:${project.'casmgmt.version'}"
}|||
compile
"org.apereo.cas:cas-management-webapp-support-ldap:${project.'cas.version'}"
|||}
|
Why do I have this error?
thank you so much||
Best regards
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google
Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to cas-user+unsubscr...@apereo.org
.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/ec74e817-9b35-4d57-9905-e4051fd49c79%40apereo.org
.
--
Alexi
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/e2085391-c053-14c9-9ecf-e1e77a6d28d9%40uc.cl.
[cas-user] Migrate CAS 5.2.8 to cas 6.0.4
Hi, I try to migrate CAS 5.2.8 to CAS 6.0.4, but I have an error uploading the service with access rules: - Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'scopedTarget.servicesManager' defined in class path resource [org/apereo/cas/config/CasCoreServicesConfiguration.class]: Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: No enum constant org.apereo.cas.services.RegisteredServiceMultifactorPolicy.FailureModes.NOT_SET at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1745) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:576) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:498) at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$1(AbstractBeanFactory.java:356) at org.springframework.cloud.context.scope.GenericScope$BeanLifecycleWrapper.getBean(GenericScope.java:390) at org.springframework.cloud.context.scope.GenericScope.get(GenericScope.java:184) at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:353) at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:199) at org.springframework.context.support.AbstractApplicationContext.getBean(AbstractApplicationContext.java:1083) at org.springframework.cloud.context.scope.refresh.RefreshScope.eagerlyInitialize(RefreshScope.java:130) at org.springframework.cloud.context.scope.refresh.RefreshScope.start(RefreshScope.java:121) at org.springframework.cloud.context.scope.refresh.RefreshScope.onApplicationEvent(RefreshScope.java:115) at org.springframework.cloud.context.scope.refresh.RefreshScope.onApplicationEvent(RefreshScope.java:71) at org.springframework.context.event.SimpleApplicationEventMulticaster.doInvokeListener(SimpleApplicationEventMulticaster.java:172) at org.springframework.context.event.SimpleApplicationEventMulticaster.invokeListener(SimpleApplicationEventMulticaster.java:165) at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:139) at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:398) at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:355) at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:882) at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.finishRefresh(ServletWebServerApplicationContext.java:163) at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:549) at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:142) at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:775) at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:397) at org.springframework.boot.SpringApplication.run(SpringApplication.java:316) at org.springframework.boot.web.servlet.support.SpringBootServletInitializer.run(SpringBootServletInitializer.java:157) at org.springframework.boot.web.servlet.support.SpringBootServletInitializer.createRootApplicationContext(SpringBootServletInitializer.java:137) at org.springframework.boot.web.servlet.support.SpringBootServletInitializer.onStartup(SpringBootServletInitializer.java:91) at org.springframework.web.SpringServletContainerInitializer.onStartup(SpringServletContainerInitializer.java:171) at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5139) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183) -- When deploy cas-manager-overlay 6.x, errors are also presented (new database in mongodb), which have been reported by other users. Did any of you have to do a migration of the access rules? Did you follow a guide that can help me? Regards, -- Alexi Pascual García Jefe de Arquitectura e Integración Subdirección de Operaciones y Plataforma Dirección de Informática Pontificia Universidad Católica de Chile Teléfono: (56 2) 2354 5759 -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiv
Re: [cas-user] Re: cas-management 6.0 + MongoDB
ster.java:139)~[spring-context-5.1.3.RELEASE.jar:5.1.3.RELEASE] at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:398)~[spring-context-5.1.3.RELEASE.jar:5.1.3.RELEASE] at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:355)~[spring-context-5.1.3.RELEASE.jar:5.1.3.RELEASE] at org.springframework.boot.context.event.EventPublishingRunListener.running(EventPublishingRunListener.java:105)~[spring-boot-2.1.1.RELEASE.jar:2.1.1.RELEASE] at org.springframework.boot.SpringApplicationRunListeners.running(SpringApplicationRunListeners.java:78)~[spring-boot-2.1.1.RELEASE.jar:2.1.1.RELEASE] at org.springframework.boot.SpringApplication.run(SpringApplication.java:332)[spring-boot-2.1.1.RELEASE.jar:2.1.1.RELEASE] at org.springframework.boot.web.servlet.support.SpringBootServletInitializer.run(SpringBootServletInitializer.java:157)[spring-boot-2.1.1.RELEASE.jar:2.1.1.RELEASE] at org.springframework.boot.web.servlet.support.SpringBootServletInitializer.createRootApplicationContext(SpringBootServletInitializer.java:137)[spring-boot-2.1.1.RELEASE.jar:2.1.1.RELEASE] at org.springframework.boot.web.servlet.support.SpringBootServletInitializer.onStartup(SpringBootServletInitializer.java:91)[spring-boot-2.1.1.RELEASE.jar:2.1.1.RELEASE] at org.springframework.web.SpringServletContainerInitializer.onStartup(SpringServletContainerInitializer.java:171)[spring-web-5.1.3.RELEASE.jar:5.1.3.RELEASE] | When i pick up this version of cas-management.war https://mvnrepository.com/artifact/org.apereo.cas/cas-mgmt-webapp/6.0.1 <https://mvnrepository.com/artifact/org.apereo.cas/cas-mgmt-webapp/6.0.1> everything works, but I don't have the mongoDB support included in the war file. If someone can help :) Florent -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org <mailto:cas-user+unsubscr...@apereo.org>. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/446747f7-2ba0-47eb-9fb0-e1bac432f62d%40apereo.org <https://groups.google.com/a/apereo.org/d/msgid/cas-user/446747f7-2ba0-47eb-9fb0-e1bac432f62d%40apereo.org?utm_medium=email_source=footer>. -- Alexi Pascual García Jefe de Arquitectura e Integración Subdirección de Operaciones y Plataforma Dirección de Informática Pontificia Universidad Católica de Chile Teléfono: (56 2) 2354 5759 -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/534b75be-93c5-fa53-fe8f-a43c5e4c8684%40uc.cl.
Re: [cas-user] Re: Error SAML 2.0 + Access Strategy
Thanks Misagh. We did some tests with version 5.3.4, and found the same error. However, in this version we were able to detect the problem. The problem occurs when we try to make a use an access rule with requiredAttributes, and we have not sent this attribute via attributeReleasePolicy. Without this the parameter arrives in white in the SAMLRequest. regards, El 31/10/18 a las 16:22, Misagh Moayyed escribió: I can't recall specifically, but I do know this has been fixed in later versions of 5.3.x. On Tuesday, October 30, 2018 at 7:48:43 PM UTC+3:30, Alexi Pascual wrote: hi, We have a SAML 2.0 integration with Coursera and it works well. However, when I add an access rule, the following error appears: URL: https://server.cl/cas/idp/profile/SAML2/Callback.+?entityId=https%3A%2F%2Fshibboleth.coursera.org%2Fsp=PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48c2FtbHA6QXV0aG5SZXF1ZXN0IHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIEFzc2VydGlvbkNvbnN1bWVyU2VydmljZVVSTD0iaHR0cHM6Ly93d3cuY291cnNlcmEub3JnL2FwaS9zYW1sTG9naW4udjEvbG9naW4iIERlc3RpbmF0aW9uPSJodHRwczovL3Nzby51Yy5jbC9jYXMvaWRwL3Byb2ZpbGUvU0FNTDIvUmVkaXJlY3QvU1NPIiBGb3JjZUF1dGhuPSIwIiBJRD0ieUhsVjEwYWVTOS14YjhQLW5sUVhkZyIgSXNzdWVJbnN0YW50PSIyMDE4LTEwLTMwVDE2OjA5OjA3WiIgUHJvdG9jb2xCaW5kaW5nPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YmluZGluZ3M6SFRUUC1QT1NUIiBWZXJzaW9uPSIyLjAiPjxzYW1sOklzc3VlciB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj5odHRwczovL3NoaWJib2xldGguY291cnNlcmEub3JnL3NwPC9zYW1sOklzc3Vlcj48c2FtbHA6TmFtZUlEUG9saWN5IEFsbG93Q3JlYXRlPSIxIi8%2BPC9zYW1scDpBdXRoblJlcXVlc3Q%2B=ST-1586-5sU7YpMxhVf22toid1e1msEd8oM-sso-prod3 <https://server.cl/cas/idp/profile/SAML2/Callback.+?entityId=https%3A%2F%2Fshibboleth.coursera.org%2Fsp=PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48c2FtbHA6QXV0aG5SZXF1ZXN0IHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIEFzc2VydGlvbkNvbnN1bWVyU2VydmljZVVSTD0iaHR0cHM6Ly93d3cuY291cnNlcmEub3JnL2FwaS9zYW1sTG9naW4udjEvbG9naW4iIERlc3RpbmF0aW9uPSJodHRwczovL3Nzby51Yy5jbC9jYXMvaWRwL3Byb2ZpbGUvU0FNTDIvUmVkaXJlY3QvU1NPIiBGb3JjZUF1dGhuPSIwIiBJRD0ieUhsVjEwYWVTOS14YjhQLW5sUVhkZyIgSXNzdWVJbnN0YW50PSIyMDE4LTEwLTMwVDE2OjA5OjA3WiIgUHJvdG9jb2xCaW5kaW5nPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YmluZGluZ3M6SFRUUC1QT1NUIiBWZXJzaW9uPSIyLjAiPjxzYW1sOklzc3VlciB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj5odHRwczovL3NoaWJib2xldGguY291cnNlcmEub3JnL3NwPC9zYW1sOklzc3Vlcj48c2FtbHA6TmFtZUlEUG9saWN5IEFsbG93Q3JlYXRlPSIxIi8%2BPC9zYW1scDpBdXRoblJlcXVlc3Q%2B=ST-1586-5sU7YpMxhVf22toid1e1msEd8oM-sso-prod3> org.jasig.cas.client.validation.TicketValidationException: UNAUTHORIZED_SERVICE at org.jasig.cas.client.validation.Cas20ServiceTicketValidator.parseResponseFromServer(Cas20ServiceTicketValidator.java:84) at org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:201) at org.apereo.cas.support.saml.web.idp.profile.sso.SSOSamlProfileCallbackHandlerController.validateRequestAndBuildCasAssertion(SSOSamlProfileCallbackHandlerController.java:149) at org.apereo.cas.support.saml.web.idp.profile.sso.SSOSamlProfileCallbackHandlerController.handleCallbackProfileRequest(SSOSamlProfileCallbackHandlerController.java:115) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:333) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190) at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:741) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) at org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:133) at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:121) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:673) at org.apereo.cas.support.saml.web.idp.profile.sso.SSOSamlProfileCallbackHandlerController$$EnhancerBySpringCGLIB$$4a57c9b7.handleCallbackProfileRequest() at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.j
Re: [cas-user] Error SAML 2.0 + Access Strategy
Sorry, I'm missing add our version of CAS. It is 5.2.8
El 30/10/18 a las 13:18, Alexi Pascual escribió:
hi,
We have a SAML 2.0 integration with Coursera and it works well.
However, when I add an access rule, the following error appears:
URL:
https://server.cl/cas/idp/profile/SAML2/Callback.+?entityId=https%3A%2F%2Fshibboleth.coursera.org%2Fsp=PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48c2FtbHA6QXV0aG5SZXF1ZXN0IHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIEFzc2VydGlvbkNvbnN1bWVyU2VydmljZVVSTD0iaHR0cHM6Ly93d3cuY291cnNlcmEub3JnL2FwaS9zYW1sTG9naW4udjEvbG9naW4iIERlc3RpbmF0aW9uPSJodHRwczovL3Nzby51Yy5jbC9jYXMvaWRwL3Byb2ZpbGUvU0FNTDIvUmVkaXJlY3QvU1NPIiBGb3JjZUF1dGhuPSIwIiBJRD0ieUhsVjEwYWVTOS14YjhQLW5sUVhkZyIgSXNzdWVJbnN0YW50PSIyMDE4LTEwLTMwVDE2OjA5OjA3WiIgUHJvdG9jb2xCaW5kaW5nPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YmluZGluZ3M6SFRUUC1QT1NUIiBWZXJzaW9uPSIyLjAiPjxzYW1sOklzc3VlciB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj5odHRwczovL3NoaWJib2xldGguY291cnNlcmEub3JnL3NwPC9zYW1sOklzc3Vlcj48c2FtbHA6TmFtZUlEUG9saWN5IEFsbG93Q3JlYXRlPSIxIi8%2BPC9zYW1scDpBdXRoblJlcXVlc3Q%2B=ST-1586-5sU7YpMxhVf22toid1e1msEd8oM-sso-prod3
org.jasig.cas.client.validation.TicketValidationException: UNAUTHORIZED_SERVICE
at
org.jasig.cas.client.validation.Cas20ServiceTicketValidator.parseResponseFromServer(Cas20ServiceTicketValidator.java:84)
at
org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:201)
at
org.apereo.cas.support.saml.web.idp.profile.sso.SSOSamlProfileCallbackHandlerController.validateRequestAndBuildCasAssertion(SSOSamlProfileCallbackHandlerController.java:149)
at
org.apereo.cas.support.saml.web.idp.profile.sso.SSOSamlProfileCallbackHandlerController.handleCallbackProfileRequest(SSOSamlProfileCallbackHandlerController.java:115)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at
org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:333)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190)
at
org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:741)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
at
org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:133)
at
org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:121)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at
org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:673)
at
org.apereo.cas.support.saml.web.idp.profile.sso.SSOSamlProfileCallbackHandlerController$$EnhancerBySpringCGLIB$$4a57c9b7.handleCallbackProfileRequest()
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at
org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205)
at
org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:133)
at
org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:97)
at
org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:827)
at
org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:738)
at
org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85)
The rule is as follows:
"requiredAttributes" : {
"@class" : "java.util.HashMap",
"employeeType" : [
"java.util.HashSet",
[
"1",
"2",
"3"
]
]
}
We can not continue with the integration without having resolved the
Access Strategy, so I would appreciate any help.
regards
[cas-user] Error SAML 2.0 + Access Strategy
hi,
We have a SAML 2.0 integration with Coursera and it works well. However,
when I add an access rule, the following error appears:
URL:
https://server.cl/cas/idp/profile/SAML2/Callback.+?entityId=https%3A%2F%2Fshibboleth.coursera.org%2Fsp=PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48c2FtbHA6QXV0aG5SZXF1ZXN0IHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIEFzc2VydGlvbkNvbnN1bWVyU2VydmljZVVSTD0iaHR0cHM6Ly93d3cuY291cnNlcmEub3JnL2FwaS9zYW1sTG9naW4udjEvbG9naW4iIERlc3RpbmF0aW9uPSJodHRwczovL3Nzby51Yy5jbC9jYXMvaWRwL3Byb2ZpbGUvU0FNTDIvUmVkaXJlY3QvU1NPIiBGb3JjZUF1dGhuPSIwIiBJRD0ieUhsVjEwYWVTOS14YjhQLW5sUVhkZyIgSXNzdWVJbnN0YW50PSIyMDE4LTEwLTMwVDE2OjA5OjA3WiIgUHJvdG9jb2xCaW5kaW5nPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YmluZGluZ3M6SFRUUC1QT1NUIiBWZXJzaW9uPSIyLjAiPjxzYW1sOklzc3VlciB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj5odHRwczovL3NoaWJib2xldGguY291cnNlcmEub3JnL3NwPC9zYW1sOklzc3Vlcj48c2FtbHA6TmFtZUlEUG9saWN5IEFsbG93Q3JlYXRlPSIxIi8%2BPC9zYW1scDpBdXRoblJlcXVlc3Q%2B=ST-1586-5sU7YpMxhVf22toid1e1msEd8oM-sso-prod3
org.jasig.cas.client.validation.TicketValidationException: UNAUTHORIZED_SERVICE
at
org.jasig.cas.client.validation.Cas20ServiceTicketValidator.parseResponseFromServer(Cas20ServiceTicketValidator.java:84)
at
org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:201)
at
org.apereo.cas.support.saml.web.idp.profile.sso.SSOSamlProfileCallbackHandlerController.validateRequestAndBuildCasAssertion(SSOSamlProfileCallbackHandlerController.java:149)
at
org.apereo.cas.support.saml.web.idp.profile.sso.SSOSamlProfileCallbackHandlerController.handleCallbackProfileRequest(SSOSamlProfileCallbackHandlerController.java:115)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at
org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:333)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190)
at
org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:741)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
at
org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:133)
at
org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:121)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at
org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:673)
at
org.apereo.cas.support.saml.web.idp.profile.sso.SSOSamlProfileCallbackHandlerController$$EnhancerBySpringCGLIB$$4a57c9b7.handleCallbackProfileRequest()
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at
org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205)
at
org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:133)
at
org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:97)
at
org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:827)
at
org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:738)
at
org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85)
The rule is as follows:
"requiredAttributes" : {
"@class" : "java.util.HashMap",
"employeeType" : [
"java.util.HashSet",
[
"1",
"2",
"3"
]
]
}
We can not continue with the integration without having resolved the
Access Strategy, so I would appreciate any help.
regards,
--
Alexi Pascual
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/ape
