[cas-user] Angular
Hi Cas 5.3.x uses angular?what version? and cas 6? regards -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/d5a5afd4-239b-4b74-85ee-5e94cf8323dc%40apereo.org.
[cas-user] override DefaultCasConfigurationPropertiesSourceLocator
I need to load MyCasConfigurationPropertiesSourceLocator instead of DefaultCasConfigurationPropertiesSourceLocator. I tried to add a "MyCasCoreBootstrapStandaloneConfiguration" class add the annotation @AutoConfigureBefore (DefaultCasConfigurationPropertiesSourceLocator.class) and add it to spring.factories, but not work. In the log, I always read DefaultCasConfigurationPropertiesSourceLocator any suggestions? Regards Giuseppe -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/657180c7-117e-40c3-a9b5-599da427d5cc%40apereo.org.
[cas-user] Cas 5.3 change password webflow
Hi Someone knows how to enable change password webflow I only find the forget. Thank you Giuseppe -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/094cb9ab-fc39-40b8-a716-2aa8ce5c4b91%40apereo.org.
Re: [cas-user] Re: JWT without encryption key
i'm using io.jsonwebtoken.jjwt library Jwts.parser().setSigningKey().parseClaimsJws(); Il giorno venerdì 14 dicembre 2018 14:02:14 UTC+1, Devendra Sisodia ha scritto: > > Hello, > > Big Thanks for sharing configuration and as a result JWT is not encrypted > and only signed. > > But now I face strange issue. when I try to verify signature it fails. I > am using AES and single key to sign and JWT is generated. But the generate > JWT fails signature verification. > > JWT generated as below: > 2018-12-14 12:33:00,684 DEBUG [org.apereo.cas.token.JWTTokenTicketBuilder] > - http://localhost:/api] in service registry> > 2018-12-14 12:33:00,685 DEBUG [org.apereo.cas.token.JWTTokenTicketBuilder] > - http://localhost:/api] in service registry> > 2018-12-14 12:33:00,690 WARN > [org.apereo.cas.util.cipher.BaseStringCipherExecutor] - enabled for [Token/JWT Tickets]. The cipher > [RegisteredServiceTokenTicketCipherExecutor] will only attempt to produce > signed objects> > 2018-12-14 12:33:00,690 WARN > [org.apereo.cas.util.cipher.BaseStringCipherExecutor] - enabled for [Token/JWT Tickets]. The cipher > [RegisteredServiceTokenTicketCipherExecutor] will attempt to produce plain > objects> > 2018-12-14 12:33:00,690 DEBUG [org.apereo.cas.token.JWTTokenTicketBuilder] > - http://localhost:/api]> > 2018-12-14 12:33:00,734 DEBUG > [org.apereo.cas.authentication.principal.DefaultResponse] - for redirect response is [http://localhost:/api]> > 2018-12-14 12:33:00,736 DEBUG > [org.apereo.cas.authentication.principal.DefaultResponse] - response is [ > http://localhost:/api?redirect=true=eyJhbGciOiJSUzUxMiJ9 > > Verfication code used is: > final Key key = new AesKey(jwtSigning.getBytes(StandardCharsets.UTF_8)); > > final JsonWebSignature jws = new JsonWebSignature(); > jws.setCompactSerialization(secureJwt); > jws.setKey(key); > if (!jws.verifySignature()) { > throw new Exception("JWT verification failed"); > } > > On Thu, Dec 13, 2018 at 3:40 PM Giuseppe Infurna > wrote: > >> >> yes >> >> >> ###Token/JWT Tickets ENCRIPTION >> cas.authn.token.crypto.enabled=true >> >> cas.authn.token.crypto.signing-enabled=true >> cas.authn.token.crypto.signing.key= >> Dkkpi7iUKqidOXXmeAbr4RyHirYmgQgqqUrIo6q_JPNks2iqX2l95jVVoZQDWLNiFnhQF43agCtdMxRnIXOO9g >> >> cas.authn.token.crypto.encryption-enabled=false >> cas.authn.token.crypto.encryption.key= >> >> and >> >> { >> "@class" : "org.apereo.cas.services.RegexRegisteredService", >> "serviceId" : "^(http|https)://?localhost(:8081|:9060|:9000)?/.*", >> "name" : "myApplication", >> "theme" : "myApplication", >> "id" : 1003, >> "description" : "My Application", >> "evaluationOrder" : 1, >> "usernameAttributeProvider" : { >> "@class" : >> "org.jasig.cas.services.DefaultRegisteredServiceUsernameProvider" >> }, >> "attributeReleasePolicy" : { >> "@class" : "org.apereo.cas.services.ReturnAllAttributeReleasePolicy" >> }, >> "accessStrategy" : { >> "@class" : >> "org.jasig.cas.services.DefaultRegisteredServiceAccessStrategy", >> "enabled" : true, >> "ssoEnabled" : true >> }, >> "proxyPolicy" : { >> "@class" : >> "org.jasig.cas.services.RegexMatchingRegisteredServiceProxyPolicy", >> "pattern" : "^(http|https)?://.*" >> }, >> "properties" : { >> "@class" : "java.util.HashMap", >> "jwtAsServiceTicket" : { >> "@class" : >> "org.apereo.cas.services.DefaultRegisteredServiceProperty", >> "values" : [ "java.util.HashSet", [ "true" ] ] >> } >> } >> } >> >> >> >> Il giorno giovedì 13 dicembre 2018 14:55:49 UTC+1, Devendra Sisodia ha >> scritto: >>> >>> Sorry, but this does not work. >>> How's your service(one with definition of 'jwtAsServiceTicket', etc) >>> looks like ? >>> >>> >>> On Thu, Dec 13, 2018 at 2:09 PM Giuseppe Infurna >>> wrote: >>> >>>> Hi all, >>>> I'm work fine with >>>> >>>> cas.authn.token.crypto.encryption-enabled=false >>>> cas.authn.token.crypto.encryptio
Re: [cas-user] Re: JWT without encryption key
yes ###Token/JWT Tickets ENCRIPTION cas.authn.token.crypto.enabled=true cas.authn.token.crypto.signing-enabled=true cas.authn.token.crypto.signing.key= Dkkpi7iUKqidOXXmeAbr4RyHirYmgQgqqUrIo6q_JPNks2iqX2l95jVVoZQDWLNiFnhQF43agCtdMxRnIXOO9g cas.authn.token.crypto.encryption-enabled=false cas.authn.token.crypto.encryption.key= and { "@class" : "org.apereo.cas.services.RegexRegisteredService", "serviceId" : "^(http|https)://?localhost(:8081|:9060|:9000)?/.*", "name" : "myApplication", "theme" : "myApplication", "id" : 1003, "description" : "My Application", "evaluationOrder" : 1, "usernameAttributeProvider" : { "@class" : "org.jasig.cas.services.DefaultRegisteredServiceUsernameProvider" }, "attributeReleasePolicy" : { "@class" : "org.apereo.cas.services.ReturnAllAttributeReleasePolicy" }, "accessStrategy" : { "@class" : "org.jasig.cas.services.DefaultRegisteredServiceAccessStrategy", "enabled" : true, "ssoEnabled" : true }, "proxyPolicy" : { "@class" : "org.jasig.cas.services.RegexMatchingRegisteredServiceProxyPolicy", "pattern" : "^(http|https)?://.*" }, "properties" : { "@class" : "java.util.HashMap", "jwtAsServiceTicket" : { "@class" : "org.apereo.cas.services.DefaultRegisteredServiceProperty", "values" : [ "java.util.HashSet", [ "true" ] ] } } } Il giorno giovedì 13 dicembre 2018 14:55:49 UTC+1, Devendra Sisodia ha scritto: > > Sorry, but this does not work. > How's your service(one with definition of 'jwtAsServiceTicket', etc) looks > like ? > > > On Thu, Dec 13, 2018 at 2:09 PM Giuseppe Infurna > wrote: > >> Hi all, >> I'm work fine with >> >> cas.authn.token.crypto.encryption-enabled=false >> cas.authn.token.crypto.encryption.key= >> >> >> Il giorno lunedì 12 novembre 2018 16:44:10 UTC+1, Xavier Rodríguez ha >> scritto: >>> >>> I'm configuring Cas Server 5.3.3. In one service I need to response a >>> JWT without encryption. Is it possible? >>> >>> I have changed in cas.properties: >>> >>> cas.authn.token.crypto.encryptionEnabled=false >>> >>> But it not has effect. In my service I don't configure the property too: >>> >>> "jwtAsServiceTicketEncryptionKey" >>> >>> How can I disable this property? >>> >>> Regards! >>> >>> - Xavier - >>> >> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to cas-user+u...@apereo.org . >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/0cdbba7e-75b3-4a5f-9e4b-c68b9e8a233a%40apereo.org >> >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/0cdbba7e-75b3-4a5f-9e4b-c68b9e8a233a%40apereo.org?utm_medium=email_source=footer> >> . >> > > > -- > Thanks & regards, > Devendra > Mobile: +49 1748437888 > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/dc5f9360-536c-4c27-89bd-d6b69c99089f%40apereo.org.
[cas-user] Re: JWTs and Microservice
OK, so what is a good practice with microservice and cas authentication.and authorization? regards Giuseppe Il giorno martedì 4 dicembre 2018 13:40:59 UTC+1, Misagh Moayyed ha scritto: > > It shouldn't have to be registered, and no it's not considered "correct > practice" to share in most cases. > > On Thursday, November 29, 2018 at 2:26:10 AM UTC-7, Giuseppe Infurna wrote: >> >> Hi, >> I have a web application connected with Cas 5.3.5 and it works. >> After logging into Cas, I return to my application with >> redirect=true=eiyece . in url address >> Web application validates the jwt and creates a session cookie as >> explained here. >> >> https://apereo.github.io/cas/5.3.x/installation/Configure-ServiceTicket-JWT.html >> >> >> Now, from my application I want to invoke remote microservices on a my >> third app passing the jwt (ticket) that cas had provided me. >> This remote app valid the jwt and ok, but it should be registered on >> cas? is it a correct practice? >> >> Regards >> Giuseppe >> > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/4213cb61-1ca7-4f1b-8d9a-d4621025d866%40apereo.org.
[cas-user] JWTs and Microservice
Hi, I have a web application connected with Cas 5.3.5 and it works. After logging into Cas, I return to my application with redirect=true=eiyece . in url address Web application validates the jwt and creates a session cookie as explained here. https://apereo.github.io/cas/5.3.x/installation/Configure-ServiceTicket-JWT.html Now, from my application I want to invoke remote microservices on a my third app passing the jwt (ticket) that cas had provided me. This remote app valid the jwt and ok, but it should be registered on cas? is it a correct practice? Regards Giuseppe -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/167911d8-755e-4fa1-a945-866e4b95143b%40apereo.org.
[cas-user] Re: CAS client changes required to use JWT service ticket in CAS 5.3?
Hi, try to read Jwt-validation aes https://apereo.github.io/cas/5.3.x/installation/Configure-ServiceTicket-JWT.html#jwt-validation---aes By Giuseppe Il giorno venerdì 7 settembre 2018 17:18:13 UTC+2, Yan Zhou ha scritto: > > Hello, > > I am enabling JWT Service Ticket in CAS 5.3 server. My flow stops here: > > http://localhost:8080/myapp/login/cas?redirect=true= > > I suppose the client (myapp) has to change something in order to read the > JWT ticket? But I did not see any documentation on that, does App need to > include a different CAS-client library for JWT service ticket? > > Thx! > Yan > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/0847ce8f-a3d0-4472-be10-58167ff5bed7%40apereo.org.
[cas-user] deploy CAS 5.3.4 overlay on wildfly 10
Hi, i've need to deploy cas ear on wildfly 10, so someone can explain how to do: - put war in ear - deploy it on wildfly Regards G -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/ba053f47-3924-4e6e-850c-0e302a02af55%40apereo.org.