[cas-user] CAS 6.04 login page works fine. Status page reports 503 - SERVICE_UNAVAILABLE how to troubleshoot?

2019-08-22 Thread Glenn Levine 
Hello,

We're configuring CAS 6.04. The login page works fine. but the 
/actuator/status page reports 
"status":503,"description":"SERVICE_UNAVAILABLE","health":"DOWN". 
Does anyone have ideas on how to troubleshoot?

Glenn

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/bd9fb79c-b825-4e93-b5bb-d8057b6393c4%40apereo.org.

[cas-user] Question on AD memberOf CAS multiple attributes

2019-04-17 Thread Glenn Levine 
Question on AD memberOf CAS multiple attributes:

We are configuring CAS 5.3. In a service registry .json file, within the 
"ReturnMappedAttributeReleasePolicy" allowed attributes, the memberOf array 
comes across from AD where each of the multiple attributes are enclosed in 
separated tags:
membership1 Name
membership2 Name
membership3 Name
membership4 Name

Can anyone tell me how to prevent this and to basically get memberOf to 
come accross similar to how it used to in CAS 3 as just an array containing 
attributes?

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/a0780761-8162-4327-9edd-5d53a94fa075%40apereo.org.

[cas-user] Re: CAS 5.3.3 / Login process failed after SAML Response

2018-11-02 Thread Glenn Levine 
I get this same error. Is it an issue of missing key / certificate in 
keystore?


On Tuesday, October 9, 2018 at 5:38:56 AM UTC-7, Oussama Benjemaa wrote:
>
> Hi  All , 
>
>
> I configured CAS Apereo 5.3.3 with a web application , and tried to login.
>
> In login , process , i get the saml2 response with the good attribute i 
> configured , but , i got an exception as following : 
>
> 2018-10-09 08:25:29,503 DEBUG 
> [org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner]
>  
> -  http://www.w3.org/2001/04/xmlenc#sha256, 
> http://www.w3.org/2001/04/xmldsig-more#sha384, 
> http://www.w3.org/2001/04/xmlenc#sha512, 
> http://www.w3.org/2000/09/xmldsig#sha1]]>
> 2018-10-09 08:25:29,522 DEBUG 
> [org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner]
>  
> -  [/etc/cas/saml/idp-signing.key]]>
> 2018-10-09 08:25:29,523 DEBUG 
> [org.apereo.cas.util.crypto.PrivateKeyFactoryBean] -  PEM [file [/etc/cas/saml/idp-signing.key]]>
> 2018-10-09 08:25:29,839 DEBUG 
> [org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner]
>  
> - 
> 2018-10-09 08:25:29,855 DEBUG 
> [org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner]
>  
> - 
> 2018-10-09 08:25:29,858 WARN 
> [org.opensaml.xmlsec.impl.BasicSignatureSigningParametersResolver] - 
> 
> 2018-10-09 08:25:29,858 INFO 
> [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] -  trail record BEGIN
> =
> WHO: audit:unknown
> WHAT: java.lang.NullPointerException
> ACTION: SAML2_RESPONSE_FAILED
> APPLICATION: CAS
> WHEN: Tue Oct 09 08:25:29 EDT 2018
> CLIENT IP ADDRESS: 172.16.16.58
> SERVER IP ADDRESS: 172.16.16.63
> =
>
> >
> 2018-10-09 08:25:29,864 DEBUG 
> [org.apereo.cas.web.FlowExecutionExceptionResolver] -  received exception due to a type mismatch>
> java.lang.NullPointerException: null
> at 
> org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner.buildSignatureSigningParameters(SamlIdPObjectSigner.java:233)
>  
> ~[cas-server-support-saml-idp-web-5.3.3.jar!/:5.3.3]
> at 
> org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner.prepareSecurityParametersContext(SamlIdPObjectSigner.java:185)
>  
> ~[cas-server-support-saml-idp-web-5.3.3.jar!/:5.3.3]
> at 
> org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner.encode(SamlIdPObjectSigner.java:121)
>  
> ~[cas-server-support-saml-idp-web-5.3.3.jar!/:5.3.3]
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
> ~[?:1.8.0_181]
> at 
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) 
> ~[?:1.8.0_181]
> at 
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>  
> ~[?:1.8.0_181]
> at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_181]
> at 
> org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:216)
>  
> ~[spring-core-4.3.19.RELEASE.jar!/:4.3.19.RELEASE]
> at 
> org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:470)
>  
> ~[spring-cloud-context-1.3.0.RELEASE.jar!/:1.3.0.RELEASE]
> at 
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
>  
> ~[spring-aop-4.3.19.RELEASE.jar!/:4.3.19.RELEASE]
> at 
> org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:671)
>  
> ~[spring-aop-4.3.19.RELEASE.jar!/:4.3.19.RELEASE]
> at 
> org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner$$EnhancerBySpringCGLIB$$41f95fb1.encode()
>  
> ~[cas-server-support-saml-idp-web-5.3.3.jar!/:5.3.3]
> at 
> org.apereo.cas.support.saml.web.idp.profile.builders.response.SamlProfileSaml2ResponseBuilder.buildResponse(SamlProfileSaml2ResponseBuilder.java:112)
>  
> ~[cas-server-support-saml-idp-web-5.3.3.jar!/:5.3.3]
> at 
> org.apereo.cas.support.saml.web.idp.profile.builders.response.SamlProfileSaml2ResponseBuilder.buildResponse(SamlProfileSaml2ResponseBuilder.java:48)
>  
> ~[cas-server-support-saml-idp-web-5.3.3.jar!/:5.3.3]
> at 
> org.apereo.cas.support.saml.web.idp.profile.builders.response.BaseSamlProfileSamlResponseBuilder.build(BaseSamlProfileSamlResponseBuilder.java:87)
>  
> ~[cas-server-support-saml-idp-web-5.3.3.jar!/:5.3.3]
> at 
> org.apereo.cas.support.saml.web.idp.profile.builders.response.BaseSamlProfileSamlResponseBuilder$$FastClassBySpringCGLIB$$f1322d9c.invoke()
>  
> ~[cas-server-support-saml-idp-web-5.3.3.jar!/:5.3.3]
>
>
> is it an issue of missing key / certificate  in keystore ?
>
>
>  
>
>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Con