[cas-user] CAS, Chrome 80 and SameSite cookies policy
Hi! I'm wondering what impact the new same site cookie policy in Chrome 80, to be released soon, will have? I get warnings in the chrome console regarding CAS cookies without SameSite attribute. But I'm having trouble finding any information regarding this. Should I be worried and how can I solve this? Any help would be greatly appreciated! Thanks! /Tobias -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/221198ba-1cb6-42e8-ae57-8193c32176f5%40apereo.org.
[cas-user] CAS 6.0.3 - The request was rejected because the URL was not normalized.
] at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17] at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17] at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:678) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17] at org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:679) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17] at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17] at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:408) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17] at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17] at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:834) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17] at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1415) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17] at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) ~[?:?] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) ~[?:?] at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) ~[tomcat-embed-core-9.0.17.jar!/:9.0.17] at java.lang.Thread.run(Thread.java:834) [?:?] I think it has to do with the autoconfiguration of spring boot security, but not able to find a solution. Anyone had the same problem? Solution? Any help would be greatly appreceiated! Best Regards Tobias Johansson -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/b4e6be23-9d50-484a-bdfa-d712a40d3230%40apereo.org.
[cas-user] CAS 5.3.5 delegated authentication with saml invalid assertion?
Hi! Is there a way to exclude the NameQualifier from the issuer-tag in a saml2 assertion in CAS 5.3.5? My issuer-tag looks like this: urn:mace:saml:pac4j.org And my saml2 idp does not allow it, because it violates the saml-specs. I know it can be done in 6.x, but upgrading is not an easy option at this time. Any help would be greatly appreciated! Best Regards Tobias Johansson -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/b95a62b3-83c8-44f2-9ceb-e6a31f8b793a%40apereo.org.
Re: [cas-user] CAS for Jira 7
Hey Ashis, did you solve this issue? I'm facing the same problem right now. Could you may share the configs needed to fix this issue? Thanks in advance! Am Mittwoch, 25. Oktober 2017 09:30:55 UTC+2 schrieb Ashis: > > Micheal can you please help.. > > I have integrated CAS with JIRA. But when I open jira, user redirected > to /secure/Dashboard.jspa which has jira login page, On clicking login from > top right corner, cas page is opening and after successful logged in user > is redirected back to CAS but again i see JIRA login page and user not > logged in? > > Have you also faced this issue? > > > I have also checked > http://www.ascendintegrated.com/integrating-jira-sso-using-cas/ but no > success in integration > > On Monday, October 2, 2017 at 12:24:07 AM UTC+5:30, Michael Brown wrote: >> >> Also, I found a workaround for the Login gadget appearing at times. You >> can simply hide it: >> https://confluence.atlassian.com/jirakb/howto-hide-the-login-gadget-from-the-system-dashboard-in-jira-5-1-305037906.html >> >> Mike >> >> On Saturday, September 30, 2017 at 4:47:44 PM UTC-4, Michael Brown wrote: >>> >>> Hi Marco, We are experience the same issues with the CAS integration as >>> well. >>> >>> We did put together some instructions on modifying / updating the >>> seraph-config.xml and web.xml files, and you can download the .JAR files we >>> used here: >>> https://bitbucket.org/mbrown_ascend/jira-cas-integration/downloads/. >>> Although I'm not sure how to fix those issues other than adding "/*" >>> instead of default.jsp in the filter mapping for the >>> CasSingleSignOutFilter, >>> CasAuthenticationFilter, and CasValidationFilter. >>> >>> By adding /* though, it breaks the Dashboard all over again and the _MSG >>> error appear. >>> >>> Hope this helps a little, but we are also experiencing the same issue. >>> >>> Mike >>> >>> On Thursday, April 27, 2017 at 5:09:59 AM UTC-4, Marco Osorio wrote: Hello, I have a problem with jira + cas authentication. I've followed the setup instructions that come up with two things. 1. In the web.xml configuration, if I comment the CasValidationFilter filter, JIRA v7.3.1 starts correctly if errors. When authentic with CAS takes me to the DashBoard but the login widget keeps appearing without content and does not allow me to visualize anything else, as if I was waiting to validate the login. 2. If I activate the CasValidationFilter filter, when authenticating with CAS, it generates a double ticket validation error with this trace: Org.jasig.cas.client.validation.TicketValidationException: Ticket 'ST-380-eMVDywffQFkJ0W6DYY5f-DVMAPL207' not recognized The versions of cas-client-core-3.2.1.jar and cas-client-integration-atlassian-3.4.2.jar libraries Is there any missing configuration changes to avoid this double ticket validation? Thank you El viernes, 9 de diciembre de 2016, 23:04:05 (UTC+1), Jason Hitt escribió: > > I've created a pull request for a new Jira7CasAuthenticator at > https://github.com/apereo/java-cas-client/pull/197 > > There is example seraph-config.xml code in the comment. Using this > authenticator, you do not need any servlet filter updates in web.xml to > get > SSO. > > If you want single sign-out support you should still include those > filters and handlers. > If you want transparent SSO at your default URL (instead of seeing the > login page and having to click 'Login'), use the CasAuthenticationFilter > i > listed previously, but change the filter mapping from /* to /default.jsp. > > This configuration is working 100% with JIRA 7 for us on our test > server. > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/35af4393-c42f-4b19-ab80-7634ff768302%40apereo.org.