Re: [cas-user] Extending CAS 5 Webflows - build instructions?

2018-01-12 Thread dkopylenko 







Correct. 
D. 









On Fri, Jan 12, 2018 at 1:10 AM -0500, "Pablo Vidaurri"  
wrote:










Just to confirm, in CAS 5.1.x and 5.2.x there is no absolute requirement to 
have classes in org/apereo/cas package ... correct?

On Friday, May 12, 2017 at 10:25:41 AM UTC-5, Dmitriy Kopylenko wrote:Try this 
one for the info on configuration mechanism: 
https://apereo.github.io/2017/02/21/cas-autocfg-strategy/ Note, this applies to 
CAS 5.1. In CAS 5.0.x line, the configuration classes are contributed to Spring 
app ctx. by means of component scanning, so in order for CAS to pick ‘em up in 
5.0.x, put your custom @Configuration classes in `org/apereo.cas` base package
Best,D. 
  
From: Adam Causey 
Reply: cas-...@apereo.org 
Date: May 12, 2017 at 11:16:44 AM
To: cas-...@apereo.org 
Subject:  [cas-user] Extending CAS 5 Webflows - build instructions? 

 






I've gone through the blog entry
"Extending CAS 5 Webflows" 
(https://apereo.github.io/2016/10/07/webflow-extcfg/),
but I can't figure out where I put my module code and how to I
build it?  I attempted putting my Java files in their own
project and then adding the jar as a dependency to my WAR overlay,
but it doesn't pickup the @Configuration class.


Has anyone customized the webflow in
this manner?


Thanks,
Adam

--

- CAS gitter chatroom: https://gitter.im/apereo/cas


- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html


- CAS documentation website: https://apereo.github.io/cas


- CAS project website: https://github.com/apereo/cas


---

You received this message because you are subscribed to the Google
Groups "CAS Community" group.

To unsubscribe from this group and stop receiving emails from it,
send an email to cas-user+u...@apereo.org.


To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAN6MV5OFzsdefiRdx9B2gw4YL2%3Dk0BknqnBPtqXuPy0bagm5Ew%40mail.gmail.com.









-- 

- Website: https://apereo.github.io/cas

- Gitter Chatroom: https://gitter.im/apereo/cas

- List Guidelines: https://goo.gl/1VRrw7

- Contributions: https://goo.gl/mh7qDG

--- 

You received this message because you are subscribed to the Google Groups "CAS 
Community" group.

To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.

To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/af845086-8ce2-49f1-9112-9d68072b7e77%40apereo.org.






-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/77BFF63A37AFBC73.9789E60D-664B-4992-862E-D21A3DD69C98%40mail.outlook.com.

Re: [cas-user] CAS 5 loading ALL spring boot profiles

2017-10-04 Thread dkopylenko 







spring.profiles.active=ldap
D. 









On Wed, Oct 4, 2017 at 5:04 AM -0400, "Charl Thiem"  
wrote:










Hi
I'm having a hard time getting CAS (5.1.4 using overlay) to read the config 
files as expected.
I currently have the following (snippet) in my application.yml file which is in 
/etc/cas/config/
spring:
  profiles: ldap
cas:
  authn:
ldap:
- ldapUrl: ldaps://devldap.myorg.co.za:636But starting CAS without even 
specifying any spring profile it still reads the profile as if it was 
activated.Even worse is, when I try and add another profile (separating by a 
--- yml section) it reads the next profile too. It's like spring is set to read 
ALL PROFILES instead of only selecting the ones activated.
E.g.spring:
  profiles: ldap
cas:
  authn:
ldap:
- ldapUrl: ldaps://devldap.myorg.co.za:636
---
spring:
  profiles: ldap-production
cas:
  authn:
ldap:
- ldapUrl: ldaps://ldap.myorg.co.za:636

I tried running cas with java -Dspring.profiles.include=ldap -jar cas.war but 
then it fails with
***APPLICATION FAILED TO 
START***
Description:
Field configurationPropertiesEnvironmentManager in 
org.apereo.cas.config.CasConfigurationSupportUtilitiesConfiguration$CasCoreConfigurationWatchConfiguration
 required a bean of type 
'org.apereo.cas.configuration.CasConfigurationPropertiesEnvironmentManager' 
that could not be found.

Action:
Consider defining a bean of type 
'org.apereo.cas.configuration.CasConfigurationPropertiesEnvironmentManager' in 
your configuration.
The application did start withbefore it failed with the above
My CAS is running fine. ldap integration, logins etc works great when not 
trying to use profiles and just having all in one section. But now that I got 
CAS running, I'd like to use profiles for different configuration setups.
Any ideas / things to try, would be appreciated.
Regards / GroeteCharl ThiemSenior DeveloperIT Infrastructure Manager









See OpenCollab email disclaimer at http://www.opencollab.co.za/email-disclaimer





-- 

- Website: https://apereo.github.io/cas

- Gitter Chatroom: https://gitter.im/apereo/cas

- List Guidelines: https://goo.gl/1VRrw7

- Contributions: https://goo.gl/mh7qDG

--- 

You received this message because you are subscribed to the Google Groups "CAS 
Community" group.

To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.

To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAK5fTW6mZ_nf78i3eTnWuuC4aaB4oANpsrdSPpVvVLeY0oayfQ%40mail.gmail.com.






-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/D5BBD223FBD5BCE6.5DBD6586-8795-4662-94AE-FC8702FD9014%40mail.outlook.com.

Re: [cas-user] JVM Heap Kept Growing every day

2017-08-19 Thread dkopylenko 







OK,
there is a significant memory leak in the version of Thymeleaf layout dialect 
used by versions of CAS prior to 5.0.7. Since 5.0.7 it's been updated to the 
layout dialect version containing the memory leak fix. 
This is most likely what you are experiencing. 
Cheers,D. 









On Sat, Aug 19, 2017 at 4:53 AM -0400, "David Malia"  wrote:










It probably is a good idea to move Hazelcast to its own jvm at a minimum.  It 
looks like the default behavior is to fill the cache until its at 85% of heap 
space.
  I got this by looking 
athttps://apereo.github.io/cas/5.0.x/installation/Configuration-Properties.html#hazelcast-ticket-registry,so
 I could be wrong.


On Fri, Aug 18, 2017 at 10:51 AM, Oschwald Robert  
wrote:
You can get the amount of objects in Hazelcast using Hazelcast Management 
Center or VM tools like visualvm.

I’m not sure if Hazelcast Management Center is available for Open Source 
License usage, or in Hazelcast Enterprise, only.



I strongly recommend to NOT use the Hazelcast  embedded mode, as it is not 
optimal for production.

Better to setup a hazelcast Cluster, so run a Hazelcast “Client Plus Member” 
Topology.



See https://hazelcast.com/resources/hazelcast-deployment-operations-guide/



Robert



--

- CAS gitter chatroom: https://gitter.im/apereo/cas

- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html

- CAS documentation website: https://apereo.github.io/cas

- CAS project website: https://github.com/apereo/cas

---

You received this message because you are subscribed to the Google Groups "CAS 
Community" group.

To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.

To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/E1910550-B266-448A-A09B-3C32FFB0A59A%40gmail.com.








-- 

- CAS gitter chatroom: https://gitter.im/apereo/cas

- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html

- CAS documentation website: https://apereo.github.io/cas

- CAS project website: https://github.com/apereo/cas

--- 

You received this message because you are subscribed to the Google Groups "CAS 
Community" group.

To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.

To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAL3JkELjWgjBjsVsCru9FRSZGRdWgp%3D%2B5M%3DRrcxBo%3D8tVjEdSw%40mail.gmail.com.






-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/D5BBD223FBD5BCE6.C72A3F6A-13CE-41A8-9121-A06158620A74%40mail.outlook.com.

Re: [cas-user] No ConditionalOnMissingBean for argumentExtractor

2017-06-23 Thread dkopylenko 
I'll just add my 2c. here.

The "CAS5 overlay is the hell for deployers..." is of course a highly 
subjective statement. First and foremost, CAS5 generation was designed with 
ease of deployment and "intention-driven configuration" model in mind, and NOT 
as a software "leaking" its internals to everyone enabling them to "easily" 
re-write every aspect of it.

Second, the Spring annotation-based configuration model is very much a modern 
DI that STILL enables you to wire, re-wire, inject, re-inject, and all that 
other goodness of Spring DI if you desire to - just in the more powerful and 
modern fashion. Besides, if you HAVE TO for whatever reason re-implement and 
re-wire dozens of CAS classes, why not let Java instead of XML assemble them 
together in a type-safe fashion.

And finally, here's a good blog post touching upon the rational behind CAS5 
config design decisions: 
https://apereo.github.io/2017/02/21/cas-autocfg-strategy/

Good weekend!

D.

On Jun 23, 2017, 18:19 -0400, Yaroslav Panych , wrote:
> Well,sometimes redefining bean in deployerContextConfig.xml works.
> Just override configuration itself. Copy it from cas sources into your
> project, modify and build it. Final .war will contain your .class in
> root(/WEB-INF/classes/..), which has higher priority than one packed
> in .jar. Unfortunatelly it is only possible way to customize
> cas(except forking), since devs got rid of xml spring context
> configurations. I already have patched two dozens of classes this way
> in cas 5.0.x branch. In modern cas Spring plays role of web framework,
> but not as component (de)coupling mechanism, since component wiring
> hardcoded into class files, and cannot be done in xml files by
> declareing new bean and changing references. Overlay method of using
> cas is actually hell for customizer. Every other bean you have
> override using described here method, becuase other methods to patch
> components DI are not working. The same can be applied for
> login-webflow.xml - it is almost empty, most states are dynamically
> build during cas startup, and it is impossible to control flow.
>
> 2017-06-24 0:30 GMT+03:00 Geoff :
> > Hello,
> >
> > I'd like to implement my own version of WebApplicationServiceFactory and
> > SamlServiceFactory in CAS 5.1.0 however I don't see a way to make CAS my
> > implementations instead of the out of the box versions.
> >
> > In my CAS 4 implementation this was accomplished by specifying custom
> > ArgumentExtractors in argumentExtractorsConfiguration.xml. In CAS 5 it
> > looks like a single argument extractor is defined in CasCoreWebConfiguration
> > and it effectively uses ServiceFactories found on any configuration classes
> > that implement ServiceFactoryConfigurer. This provides a nice mechanism to
> > add new ServiceFactories but I don't see a way to override the existing
> > ones.
> >
> > It seems like an easy way to allow this sort of customization would be to
> > annotate the ArgumentExtractor defined in CasCoreWebConfiguration with
> > ConditionalOnMissingBean so that it could be overriden. Or maybe I'm
> > overlooking an easier way of modifying the behavior in
> > WebApplicationServiceFactory and SamlServiceFactory?
> >
> > Thanks!
> >
> > Geoff
> >
> > --
> > - CAS gitter chatroom: https://gitter.im/apereo/cas
> > - CAS mailing list guidelines:
> > https://apereo.github.io/cas/Mailing-Lists.html
> > - CAS documentation website: https://apereo.github.io/cas
> > - CAS project website: https://github.com/apereo/cas
> > ---
> > You received this message because you are subscribed to the Google Groups
> > "CAS Community" group.
> > To unsubscribe from this group and stop receiving emails from it, send an
> > email to cas-user+unsubscr...@apereo.org.
> > To view this discussion on the web visit
> > https://groups.google.com/a/apereo.org/d/msgid/cas-user/e415701d-7aa7-46d9-b529-a27dfafd30f4%40apereo.org.
>
> --
> - CAS gitter chatroom: https://gitter.im/apereo/cas
> - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
> - CAS documentation website: https://apereo.github.io/cas
> - CAS project website: https://github.com/apereo/cas
> ---
> You received this message because you are subscribed to the Google Groups 
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit 
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAGbteJJncdf2Pn_V7ZwBGzsp%2BdfWShL-%3DBNZdW8OL5S6ApSeqw%40mail.gmail.com.

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and

Re: [cas-user] CAS itself doing AuthZ (deny users)

2017-06-23 Thread dkopylenko 
https://apereo.github.io/cas/5.1.x/installation/Configuring-Service-Access-Strategy.html

D.

On Jun 23, 2017, 15:59 -0400, Bryan Wooten , wrote:
> I just got this request from one our developers:
>
> "The QA-team has an app called “QA Dashboard”.  They have asked us to CASify 
> it, we’re assigning that work to BobtheDev.  But the app does have to be 
> constrained to a very narrow set of authorized users.  Of course we could 
> create a table to manage this, or develop an LDAP-attribute and then have CAS 
> do CAS-AR, but I’m curious about the ability (or not?) to just have CAS 
> auto-deny anyone who doesn’t have a specific LDAP-attribute?  Is that 
> something CAS is capable of doing?  If not, is there a better approach than 
> the LDAP/CAS-AR one?"
>
> Has anyone done anything like this? BTW, this would be with CAS 5.1.
>
> TIA,
>
> Bryan
> --
> - CAS gitter chatroom: https://gitter.im/apereo/cas
> - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
> - CAS documentation website: https://apereo.github.io/cas
> - CAS project website: https://github.com/apereo/cas
> ---
> You received this message because you are subscribed to the Google Groups 
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit 
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAG9x2GWuRcZhS_k2D%2BdoqKUYM41p66ApAgW8e6RXT%3DwAS%2B%2B0UA%40mail.gmail.com.

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/b76017d4-d0a7-4b40-892a-4e6d8e2d9b48%40Spark.

Re: [cas-user] CAS 3.5.3 not releasing AD attributes to version 3 WordPress CAS plugin

2017-06-19 Thread dkopylenko 
The confusion here is "version of what" is being talked about. The version 3 
there refers to "CAS protocol" version, which has been only available since 
"CAS server" version 4. You have CAS server version 3, which is a) "end of 
life" and b) does not have CAS protocol version 3 implemented.

HTH,
D.

On Jun 19, 2017, 15:22 -0400, Brian Gibson , 
wrote:
> Hi All,
>
> Be gentle with me I'm not a CAS guru :-)
>
> We are running CAS 3.5.3 and our web team is trying to configure a WordPress 
> plugin for CAS version 3 to authenticate users and receive AD attributes. If 
> they switch the CAS plugin to CAS version 2 the user authenticates fine. When 
> they test using the version 2 CAS plugin by going to this URL
>
> /cas/serviceValidate
>
> they do receive the XML response they are expecting.
> If they go to this URL
> /cas/p3/serviceValidate
> they just get redirected back to the CAS login screen or, if they are already 
> logged in, they end up on the "Log In Successful" screen.
>
> According to this URL
>
> https://apereo.github.io/cas/4.2.x/protocol/CAS-Protocol-Specification.html
>
> under the section labeled "2.5.6 URL examples of /serviceValidate"
>
> it says, with CAS version 3, they should get some XML with attribute data.
> What is odd is I've setup the TestApp1 and TestApp2 applications on the CAS 
> server and they do return AD attributes (along with a 3rd party app, CAS 
> releases attributes to it as well.)
>
> The service entry I have for this test service is set to release attributes 
> so that shouldn't be the issue.
> Any suggestions on how to troubleshoot with this cas plugin?
> Thx!
>
>
> --
> - CAS gitter chatroom: https://gitter.im/apereo/cas
> - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
> - CAS documentation website: https://apereo.github.io/cas
> - CAS project website: https://github.com/apereo/cas
> ---
> You received this message because you are subscribed to the Google Groups 
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit 
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAH9ZEH1MRVS3Bn6Lx_cCrQoOm__gBDY_5z6yQ_nvRgjHGs_fXw%40mail.gmail.com.

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/1440e910-4698-4a3b-9260-d6a74768d5ab%40Spark.

Re: [cas-user] Failing authentication after applying Database Authentication configuration

2017-02-03 Thread dkopylenko 
Have you included CAS' JDBC authentication module dependency in your overlay's 
build config (Maven or Gradle)?

Best,
D.

On Feb 3, 2017, 03:04 -0500, Jihad Talic , wrote:
> Hello,
>
> I am experiencing issues regarding my Database authentication configuration 
> in my CAS 5.0.1 server. The database I'm connecting with my CAS server uses 
> PostgreSQL, and deploying the overlay build in Tomcat 8.5. First of all, I 
> have enabled Database Authentication in the application.properties, 
> specifically the Encode handler, since the database uses a salt value for 
> hashing the password. As far as I know, I have applied the most basic 
> configuration for the database authentication setup, but if I try to 
> authenticate directly against the CAS server (not redirected from any url), 
> it always end up not being successful. I am very sure that I am using the 
> correct credentials, but I still experience an invalid authentication.
>
> Originally, I am accessing the database from a remote, but I also tried using 
> a local PostgreSQL database with similar unfortunate results. This is the 
> basic configuration I'm using in the application.properties (I purposely used 
> my local setup and some example values here):
>
> cas.authn.jdbc.encode[0].sql=SELECT password FROM public.user WHERE email=?
> cas.authn.jdbc.encode[0].url=jdbc:postgresql://localhost:5432/tracking
> cas.authn.jdbc.encode[0].driverClass=org.postgresql.Driver
> cas.authn.jdbc.encode[0].user=sample_username
> cas.authn.jdbc.encode[0].password=sample_password
> cas.authn.jdbc.encode[0].saltFieldName=salt
> cas.authn.jdbc.encode[0].passwordFieldName=password
>
>
> cas.authn.jdbc.encode[0].passwordEncoder.type=DEFAULT
> cas.authn.jdbc.encode[0].passwordEncoder.characterEncoding=UTF-8
> cas.authn.jdbc.encode[0].passwordEncoder.encodingAlgorithm=SHA
>
>
> The password encoder setup should be right since the database uses SHA-1 
> password encryption.
>
> This is what the tomcat logs says about:
>
> 2017-02-03 15:06:33,024 WARN 
> [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - 
>  authentication handler that supports [jihad] of type 
> [UsernamePasswordCredential], which suggests a configuration problem.>
> 2017-02-03 15:06:33,075 INFO 
> [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] -  trail record BEGIN
> =
> WHO: jihad
> WHAT: Supplied credentials: [jihad]
> ACTION: AUTHENTICATION_FAILED
> APPLICATION: CAS
> WHEN: Fri Feb 03 15:06:33 PHT 2017
> CLIENT IP ADDRESS: 127.0.0.1
> SERVER IP ADDRESS: 127.0.0.1
> =
>
> >
> 2017-02-03 15:06:33,210 ERROR 
> [org.apereo.cas.web.flow.AuthenticationExceptionHandler] -  translate handler errors of the authentication exception 
> org.apereo.cas.authentication.AuthenticationException: 1 errors, 0 successes. 
> Returning UNKNOWN by default...>
>
>
> I am hoping someone could help about this issue. Thank you in advance.
>
> --Jihad
>
>
>
>
> --
> - CAS gitter chatroom: https://gitter.im/apereo/cas
> - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
> - CAS documentation website: https://apereo.github.io/cas
> - CAS project website: https://github.com/apereo/cas
> ---
> You received this message because you are subscribed to the Google Groups 
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to cas-user+unsubscr...@apereo.org 
> (mailto:cas-user+unsubscr...@apereo.org).
> To view this discussion on the web visit 
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/b82b736e-7389-46a3-872b-53778b6acd64%40apereo.org
>  
> (https://groups.google.com/a/apereo.org/d/msgid/cas-user/b82b736e-7389-46a3-872b-53778b6acd64%40apereo.org?utm_medium=email_source=footer).

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/14ea95a6-970a-40d0-a8a4-5f9df8e098a7%40Spark.

Re: [cas-user] Not able to return user_roles from CAS Server to the Client.

2017-01-31 Thread dkopylenko 
https://apereo.github.io/cas/5.0.x/integration/Attribute-Release.html

Best,
D.

On Jan 31, 2017, 12:28 -0500, Suman , wrote:
> Hi All,
> I am using CAS Overlay project version 5.0.0.RC1.
>
> I am not able to send user attributes other than name from the CAS Server to 
> the client.
> I am storing the user details in Database and using CAS JDBC Authentication.
>
> Please help.
>
>
>
> --
> - CAS gitter chatroom: https://gitter.im/apereo/cas
> - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
> - CAS documentation website: https://apereo.github.io/cas
> - CAS project website: https://github.com/apereo/cas
> ---
> You received this message because you are subscribed to the Google Groups 
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to cas-user+unsubscr...@apereo.org 
> (mailto:cas-user+unsubscr...@apereo.org).
> To view this discussion on the web visit 
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/f3ca485c-e796-43d7-9037-ed9d3bcfb128%40apereo.org
>  
> (https://groups.google.com/a/apereo.org/d/msgid/cas-user/f3ca485c-e796-43d7-9037-ed9d3bcfb128%40apereo.org?utm_medium=email_source=footer).

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/9ab02fa2-d559-4f1d-b173-63be78f27db2%40Spark.

Re: [cas-user] CAS 5.0.2 compilation and deployment

2017-01-30 Thread dkopylenko 
Please share what areas are confusing and where you are finding the 
difficulties in getting CAS5 overlay to run.

Best,
D.

On Jan 30, 2017, 08:46 -0500, Alberto Cabello Sánchez , wrote:
> On Thu, 26 Jan 2017 06:03:46 -0500
> dkopyle...@unicon.net wrote:
> >
> > On Jan 26, 2017, 05:57 -0500, Jean-Michel Zigna , wrote:
> > >
> > > I started with the
> > > cas-server-webapp/build/libs/cas-server-webapp-5.0.2.war, but it seems
> > > to be not sufficient because I can't find the cas.properties
> > > configuration file for instance.
> > >
> > > Could you please tell me how to complete the instalation/configuration
> > > to connect to an LDAP?
> > >
> > https://apereo.github.io/cas/5.0.x/installation/Maven-Overlay-Installation.html
>
> Am I the only one who finds that page utterly confusing? I did a few CAS 4
> deployments and suddenly I can't grasp anything about how to get CAS 5 up
> and running.
>
> --
> Alberto Cabello Sánchez
> Universidad de Extremadura
>
> --
> - CAS gitter chatroom: https://gitter.im/apereo/cas
> - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
> - CAS documentation website: https://apereo.github.io/cas
> - CAS project website: https://github.com/apereo/cas
> ---
> You received this message because you are subscribed to the Google Groups 
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit 
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/20170130144646.7d14ecdfc00d028f9e79ac30%40unex.es.

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/9233de26-df9e-42b8-9402-2233a7728a38%40Spark.

Re: [cas-user] CASifying Peoplesoft

2017-01-27 Thread dkopylenko 
For completeness - here's the Apereo session that Bryan was referring to 
(although the slides are not visible)

https://youtu.be/NsVVvxW7pBw

Best,
D.

On Jan 27, 2017, 17:38 -0500, Bryan Wooten , wrote:
>
> I did it myself a few years ago and actually gave a presentation at an Apereo 
> conference with Unicon. You should be able to find the presentation on 
> youtube.
>
>
>
>
>
>
> We are trying a new configuration using mod_auth_cas on Apache. If we can 
> make this work I think it will a better solution than hacking the Weblogic 
> web.xml and adding the Java client to the class path.
>
>
>
>
>
>
> If this does not work we will try putting it all behind a Shib SP.
>
>
>
>
>
>
> At some point I will give a write up of our experience.
>
>
>
>
>
>
> Cheers,
>
>
>
>
>
>
> Bryan
>
>
>
> On Thu, Jan 26, 2017 at 1:56 PM, Joel Levin  (mailto:joel.aaron.le...@gmail.com)> wrote:
> > This won't answer your questions -- only as an FYI.
> >
> > The consultants working on this gave a large price tag (with the associated 
> > backend authorizations etc)-- as it is not part of the usual PeopleSoft 
> > supported flow.
> >
> > So we went with LDAP.
> >
> >
> > On Thu, Jan 26, 2017 at 10:23 AM, Bryan Wooten  > (mailto:ttbaja...@gmail.com)> wrote:
> > > We have our Peoplesoft environment CASified by adding CAS filters to the 
> > > Weblogin web.xml and writing some custom signon Peoplecode. It works well.
> > >
> > > Any we doing a proof of concept where the Weblogic is behind Apache. We 
> > > have installed mod_auth_cas on the Apache. REMOTE_USER is getting set.
> > >
> > > But for some reason either Weblogic is ignoring this header or is 
> > > dropping it.
> > >
> > > Our custom signon Peoplcode depends on REMOTE_USER being set.
> > >
> > > Does anyone have any ideas or suggestions>
> > >
> > > Thanks,
> > >
> > > Bryan
> > >
> > > University of Utah
> > >
> > >
> > >
> > > --
> > > - CAS gitter chatroom: https://gitter.im/apereo/cas
> > > - CAS mailing list guidelines: 
> > > https://apereo.github.io/cas/Mailing-Lists.html
> > > - CAS documentation website: https://apereo.github.io/cas
> > > - CAS project website: https://github.com/apereo/cas
> > > ---
> > > You received this message because you are subscribed to the Google Groups 
> > > "CAS Community" group.
> > > To unsubscribe from this group and stop receiving emails from it, send an 
> > > email to cas-user+unsubscr...@apereo.org 
> > > (mailto:cas-user+unsubscr...@apereo.org).
> > > To view this discussion on the web visit 
> > > https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAG9x2GUnMyXx%2B7Hm0e6jGt7jAnVjM9q-FuJu8EgMMp%2BX3nOYSw%40mail.gmail.com
> > >  
> > > (https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAG9x2GUnMyXx%2B7Hm0e6jGt7jAnVjM9q-FuJu8EgMMp%2BX3nOYSw%40mail.gmail.com?utm_medium=email_source=footer).
> >
> >
> >
> >
> > --
> > - CAS gitter chatroom: https://gitter.im/apereo/cas
> > - CAS mailing list guidelines: 
> > https://apereo.github.io/cas/Mailing-Lists.html
> > - CAS documentation website: https://apereo.github.io/cas
> > - CAS project website: https://github.com/apereo/cas
> > ---
> > You received this message because you are subscribed to the Google Groups 
> > "CAS Community" group.
> > To unsubscribe from this group and stop receiving emails from it, send an 
> > email to cas-user+unsubscr...@apereo.org 
> > (mailto:cas-user+unsubscr...@apereo.org).
> > To view this discussion on the web visit 
> > https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAGfxv%2B_maSQf1mr__uw8bXjGxDH2CgiSGF-J6Bbuhgd%2Bs-q6pg%40mail.gmail.com
> >  
> > (https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAGfxv%2B_maSQf1mr__uw8bXjGxDH2CgiSGF-J6Bbuhgd%2Bs-q6pg%40mail.gmail.com?utm_medium=email_source=footer).
>
>
>
>
> --
> - CAS gitter chatroom: https://gitter.im/apereo/cas
> - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
> - CAS documentation website: https://apereo.github.io/cas
> - CAS project website: https://github.com/apereo/cas
> ---
> You received this message because you are subscribed to the Google Groups 
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to cas-user+unsubscr...@apereo.org 
> (mailto:cas-user+unsubscr...@apereo.org).
> To view this discussion on the web visit 
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAG9x2GUBvwurf2hK-REfcoTC5kWgEzkL175WpFYKohopgBp%2BTw%40mail.gmail.com
>  
> (https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAG9x2GUBvwurf2hK-REfcoTC5kWgEzkL175WpFYKohopgBp%2BTw%40mail.gmail.com?utm_medium=email_source=footer).

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are

Re: [cas-user] Beginner help for CAS

2017-01-19 Thread dkopylenko 
You are following the wrong guide. Use this one: 
https://apereo.github.io/cas/development/installation/Maven-Overlay-Installation.html

Cheers,
D.

From: Bryan Wooten Reply: Bryan Wooten

On Jan 18, 2017, 20:43 -0500, Tsogbadrakh Chinzorig , 
wrote:
> Hello CASers
>
> I'm newbie for CAS and SSO server. So I tried to install CAS on my local 
> environment.
> I'm using following introduction, but I couldn't understand how to deploy it.
> https://apereo.github.io/cas/developer/Build-Process.html
>
> CD cas-server-webapp ./gradlew build bootRun --parallel -x test 
> -DskipCheckstyle=true -x javadoc -DskipFindbugs=true
>
> Is "cas-server-webapp" folder is inside of cas-server ?
>
> Is there any good step by step document?
>
> Thank you.
>
>
>
> --
> - CAS gitter chatroom: https://gitter.im/apereo/cas 
> (https://urldefense.proofpoint.com/v2/url?u=https-3A__gitter.im_apereo_cas=DQMFaQ=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM=NeOhtG7JadMqRwtu4bCNTA6HnM4JYyThlnXiNOyRVUI=UxSWXpEJjRxqXVRuRjllQ1F0xPl-x82ikC1W6-ezGNM=RSGItlFL9rlhqdyNqA5UCu5wl8tHLrG6yTGXxoGZOBQ=)
> - CAS mailing list guidelines: 
> https://apereo.github.io/cas/Mailing-Lists.html 
> (https://urldefense.proofpoint.com/v2/url?u=https-3A__apereo.github.io_cas_Mailing-2DLists.html=DQMFaQ=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM=NeOhtG7JadMqRwtu4bCNTA6HnM4JYyThlnXiNOyRVUI=UxSWXpEJjRxqXVRuRjllQ1F0xPl-x82ikC1W6-ezGNM=bUJLV2Qzk5fN93wEptnmzdxH5eBvYsrM5F_y-fUkEhs=)
> - CAS documentation website: https://apereo.github.io/cas 
> (https://urldefense.proofpoint.com/v2/url?u=https-3A__apereo.github.io_cas=DQMFaQ=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM=NeOhtG7JadMqRwtu4bCNTA6HnM4JYyThlnXiNOyRVUI=UxSWXpEJjRxqXVRuRjllQ1F0xPl-x82ikC1W6-ezGNM=qamQB53BP3X6qEWnFcGqeEpSFDxePqfOxbsK6Ao74KY=)
> - CAS project website: https://github.com/apereo/cas 
> (https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_apereo_cas=DQMFaQ=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM=NeOhtG7JadMqRwtu4bCNTA6HnM4JYyThlnXiNOyRVUI=UxSWXpEJjRxqXVRuRjllQ1F0xPl-x82ikC1W6-ezGNM=p7y6iNZ9QhlIiUGhAbeveMix0Y90iTfUnH73UrkSXRc=)
> ---
> You received this message because you are subscribed to the Google Groups 
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to cas-user+unsubscr...@apereo.org 
> (mailto:cas-user+unsubscr...@apereo.org).
> To view this discussion on the web visit 
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/3a17aa2d-742a-4896-a96a-1ec45fa21c28%40apereo.org
>  
> (https://groups.google.com/a/apereo.org/d/msgid/cas-user/3a17aa2d-742a-4896-a96a-1ec45fa21c28%40apereo.org?utm_medium=email_source=footer).

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/f0a5d69f-1a8f-4b1b-b1e1-810ed15b3ca5%40Spark.

Re: [cas-user] Cas 5 : How can I modify default flow

2016-12-23 Thread dkopylenko 
Just FYI, the 'org.apereo.cas.*' package scanning for configuration classes 
won't be a requirement any more starting from 5.1 as the mechanism has been 
refactored to use Boot's META-INF/spring.factories discovery facility.

Happy Holidays,
D.

On Dec 23, 2016, 06:55 -0500, Yauheni Sidarenka , 
wrote:
> You are welcome! And one more thing. While writing your 
> SomethingConfiguration class with @Configuration annotation please note that 
> your class should be in package org.apereo.cas or its subpackages (according 
> to this: 
> https://groups.google.com/a/apereo.org/forum/#!topic/cas-user/WKzqlZrmvS8 )
>
> Regards,
> Yauheni
>
> On Friday, December 23, 2016 at 1:48:44 PM UTC+3, Gokhan Mansuroglu wrote:
> > Though expected to see more information, I am very surprised to see 
> > Turkey's Tombili in this blog :)
> >
> > Thank you.
> >
> > 23 Aralık 2016 Cuma 12:33:09 UTC+3 tarihinde Yauheni Sidarenka yazdı:
> > > Hello,
> > >
> > > Please read this https://apereo.github.io/2016/10/07/webflow-extcfg/ 
> > > (https://www.google.com/url?q=https%3A%2F%2Fapereo.github.io%2F2016%2F10%2F07%2Fwebflow-extcfg%2F=D=1=AFQjCNH6c7KJdnDfuBDjIvp5neKU7Wbj7A)
> > >  if you have not read yet. I believe it may help you.
> > >
> > >
> > > > As far as I can see, I can only add new transtions and modifying an 
> > > > existing one is not possible.
> > > I am using CAS 5.0.0 and I have this in my web flow configurer:
> > >
> > > final Flow flow = super.getLoginFlow();
> > > final TransitionSet ts = 
> > > flow.getTransitionableState("handleAuthenticationFailure").getTransitionSet();
> > > final Iterator it = ts.iterator();
> > > while (it.hasNext()) {
> > > if 
> > > ("AccountLockedException".equals(it.next().getMatchingCriteria().toString()))
> > >  {
> > > it.remove();
> > > }
> > > }
> > > final Transition t = createTransition("AccountLockedException", 
> > > "initializeLoginForm");
> > > ts.add(t);
> > > So I removed old default transition and added my custom one.
> > >
> > > Regards,
> > > Yauheni
> > >
> > > On Friday, December 23, 2016 at 9:47:36 AM UTC+3, Gokhan Mansuroglu wrote:
> > > > Hi Ray,
> > > >
> > > > Modifying the weblow.xml does not work since the flow is configured by 
> > > > the DefaultWebflowConfigurer. Even the viewGenericLoginSuccess state 
> > > > doesn't appear in the xml, it is added programmatically.
> > > >
> > > > Actually I could modify the transitions as below :
> > > >
> > > > private void modifyTransitionDefinition(Flow flow, String stateId, 
> > > > String eventId, String targetStateId) {
> > > > TransitionableState state = (TransitionableState) 
> > > > flow.getState(stateId);
> > > > if (state != null) ((Transition) 
> > > > state.getTransition(eventId)).setTargetStateResolver(new 
> > > > DefaultTargetStateResolver(targetStateId));
> > > > }
> > > >
> > > >
> > > > But this is really complicated because you can't see the complete flow 
> > > > in the login-flow.xml. I think this is an important issue. I am trying 
> > > > to upgrade my cas version from 3.3.3 to 5.0.0 and in the 3.3.3 I can 
> > > > see the overall flow in one xml file, now It seems to be impossible.
> > > >
> > > > I don't know if I am doing something wrong but doesn't anyone have the 
> > > > same requirement ?
> > > >
> > > >
> > > > 22 Aralık 2016 Perşembe 19:26:20 UTC+3 tarihinde Ray Bon yazdı:
> > > > > Gokhan,
> > > > >
> > > > > You can, of course, modify the classes for viewGenericLoginSuccess or 
> > > > > create your own phase and modify the webflow.xml to point to your 
> > > > > classes.
> > > > > @see 
> > > > > https://apereo.github.io/cas/4.1.x/installation/Webflow-Customization.html
> > > > > and 
> > > > > https://apereo.github.io/cas/5.0.x/installation/Webflow-Customization.html
> > > > >
> > > > > Ray
> > > > >
> > > > > On 2016-12-21 23:41, Gokhan Mansuroglu wrote:
> > > > > > Hello,
> > > > > >
> > > > > > In the following default flow I need to change the 
> > > > > > viewGenericLoginSuccess transition. As far as I can see, I can only 
> > > > > > add new transtions and modifying an existing one is not possible. 
> > > > > > Is there any solution ?
> > > > > >
> > > > > > Thank you.
> > > > > >
> > > > > > 2016-12-22 09:36:03,065 DEBUG [DecisionState] -  > > > > > 'serviceCheck' of flow 'login'>
> > > > > > 2016-12-22 09:36:03,065 DEBUG [Transition] -  > > > > > [Transition@a6925f on = *, to = viewGenericLoginSuccess]>
> > > > > > 2016-12-22 09:36:03,065 DEBUG [Transition] -  > > > > > 'serviceCheck'>
> > > > > > 2016-12-22 09:36:03,065 DEBUG [EndState] -  > > > > > 'viewGenericLoginSuccess' of flow 'login'>
> > > > > >
> > > > > >
> > > > > >
> > > > > > --
> > > > > > - CAS gitter chatroom: https://gitter.im/apereo/cas
> > > > > > - CAS mailing list guidelines: 
> > > > > > https://apereo.github.io/cas/Mailing-Lists.html
> > > > > > - CAS documentation website: https://apereo.github.io/cas
> > > > > > - CAS project website: https://github.com/apereo/cas
> > > > > > ---

Re: [cas-user] Commercial companies using CAS?

2016-12-13 Thread dkopylenko 
The statements like "It's pretty raw for commercial use" and "not mature ticket 
registry architecture" are vague and speculative. There are plenty of big 
commercial CAS deployments that scale to millions of authentication 
transactions (I am not going to name them here).

So, as CAS software is friendly open source, instead of just complaining, you 
are more than welcome to participate and contribute to make it better.

Best,
D.

On Dec 13, 2016, 06:34 -0500, Yaroslav Panych , wrote:
> It is pretty raw for safe commercial use. I use it(4.0.x branch) sso
> for personal cabinet for local telco(and related applications), and I
> was forced to rewrite some parts. And some critical parts are pending.
> Most problems caused by not mature ticket registry architecture. It is
> just will not work if tickets stored in "distributed" backends(and
> Default storage is not usable because I use multi-node cas
> deployment). Ticket-interfaces should be extended to support
> "distributed" usage, not only storing. And 4.1.x, 4.2.x, 5.x branches
> are not better.
>
> 2016-12-13 1:11 GMT+02:00, Yan Zhou :
> > Hello,
> >
> > I have noticed that CAS is very popular in academic world, with lots of
> > universities using it.
> >
> > I do not see much use of CAS in commercial world, there maybe one or two,
> > but that is really it. I personally like CAS and we are actively adopting
> > it in the corporate world.
> >
> > Has anyone have explanation why it is not as popular in commercial world?
> >
> > Thx!
> > Yan
> >
> > --
> > - CAS gitter chatroom: https://gitter.im/apereo/cas
> > - CAS mailing list guidelines:
> > https://apereo.github.io/cas/Mailing-Lists.html
> > - CAS documentation website: https://apereo.github.io/cas
> > - CAS project website: https://github.com/apereo/cas
> > ---
> > You received this message because you are subscribed to the Google Groups
> > "CAS Community" group.
> > To unsubscribe from this group and stop receiving emails from it, send an
> > email to cas-user+unsubscr...@apereo.org.
> > To view this discussion on the web visit
> > https://groups.google.com/a/apereo.org/d/msgid/cas-user/c407b1bf-607a-4ae4-8d3f-dc3d022cdfa8%40apereo.org.
> >
>
> --
> - CAS gitter chatroom: https://gitter.im/apereo/cas
> - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
> - CAS documentation website: https://apereo.github.io/cas
> - CAS project website: https://github.com/apereo/cas
> ---
> You received this message because you are subscribed to the Google Groups 
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit 
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAGbteJ%2BOF6cnVtdtySo-qEOgXyKhCnd4WY0scGYWP7%2BazA38nA%40mail.gmail.com.

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/c4fe3a64-e479-4d69-8fce-a9fba79a5657%40Spark.

Re: [cas-user] CAS 5.0.0 with Active Directory Authentication

2016-12-13 Thread dkopylenko 
Basically different ldaptive Authenticator implementation is instantiated under 
the hood, based on the value.

If you want to learn the details there are two options: a) Dive deep into the 
CAS server code and learn yourself b) higher some CAS experts to do the 
training and explain all of this to you.

Best,
D.

On Dec 13, 2016, 05:46 -0500, mohammad almodallal , wrote:
> Hell,
>
> it works with cas.authn.ldap[0].type=AUTHENTICATED not with AD
> what is the difference between them?
>
> Thanks.
>
> On Tuesday, December 13, 2016 at 1:40:46 PM UTC+3, mohammad almodallal wrote:
> > already set
> > cas.authn.ldap[0].type=AD
> >
> > On Tuesday, December 13, 2016 at 1:38:08 PM UTC+3, dkopy...@unicon.net 
> > wrote:
> > > You want to make sure that the following property is set: 
> > > cas.authn.ldap[0].type
> > > with either one of these values: AD, AUTHENTICATED, DIRECT, ANONYMOUS, 
> > > SASL
> > >
> > > Best,
> > > D.
> > >
> > > On Dec 13, 2016, 04:20 -0500, mohammad almodallal , 
> > > wrote:
> > > > Hello Philippe,
> > > >
> > > > the cas.properties was containing cas.authn.attributeRepository instead 
> > > > of cas.authn.ldap[0]
> > > > anyway I'm using Active Directory does this make diffrence?
> > > > for the cas-server-support-ldap yes it is already included
> > > >
> > > > but I still get errors like
> > > >
> > > > 2016-12-13 12:14:20,367 INFO 
> > > > [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - 
> > > > 
> > > > 2016-12-13 12:14:20,368 WARN 
> > > > [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - 
> > > >  > > > find authentication handler that supports [testuser] of type 
> > > > [UsernamePasswordCredential], which suggests a configuration problem.>
> > > >
> > > >
> > > >
> > > > have you any idea could help?
> > > >
> > > > Thanks.
> > > >
> > > > 2016-12-13 12:14:20,367 INFO 
> > > > [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - 
> > > > 
> > > > 2016-12-13 12:14:20,368 WARN 
> > > > [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - 
> > > >  > > > find authentication handler that supports [testuser] of type 
> > > > [UsernamePasswordCredential], which suggests a configuration problem.>
> > > >
> > > > On Monday, December 12, 2016 at 2:11:50 PM UTC+3, Philippe MARASSE 
> > > > wrote:
> > > > > Hello,
> > > > >
> > > > > The reference documentation is 
> > > > > https://apereo.github.io/cas/development/installation/Configuration-Properties.html#ldap
> > > > >
> > > > > cas.authn.ldap[0].ldapUrl=ldap://ldap1.mydomain.com 
> > > > > ldap://ldap2.mydomain.com
> > > > > cas.authn.ldap[0].useSsl=false
> > > > > cas.authn.ldap[0].useStartTls=false
> > > > > cas.authn.ldap[0].providerClass=org.ldaptive.provider.unboundid.UnboundIDProvider
> > > > >
> > > > > Others parameters depend upon your AD configuration.
> > > > >
> > > > > According to your log, it seems that LDAP support is not configured. 
> > > > > Do you use maven overlay method ? If so, do you have a dependency 
> > > > > section like :
> > > > >
> > > > > 
> > > > > org.apereo.cas
> > > > > cas-server-support-ldap
> > > > > ${cas.version}
> > > > > 
> > > > >
> > > > > Regards.
> > > > >
> > > > > Le 12/12/2016 (tel:12/12/2016) à 11:10, mohammad almodallal a écrit :
> > > > > > Hello Philippe,
> > > > > >
> > > > > > also, please I've already configure the cas.properties and still 
> > > > > > getting the following logs for authentication
> > > > > >
> > > > > > er.support.HttpBasedServiceCredentialsAuthenticationHandler@6537e53c,
> > > > > >  
> > > > > > org.apereo.cas.authentication.AcceptUsersAuthenticationHandler@594da5db]>
> > > > > > 2016-12-12 13:01:13,716 DEBUG 
> > > > > > [org.apereo.cas.authentication.AcceptUsersAuthenticationHandler] - 
> > > > > > 
> > > > > > 2016-12-12 13:01:13,718 INFO 
> > > > > > [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - 
> > > > > > 
> > > > > > 2016-12-12 13:01:13,719 DEBUG 
> > > > > > [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - 
> > > > > >  > > > > > found in backing map.>
> > > > > > 2016-12-12 13:01:13,721 WARN 
> > > > > > [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - 
> > > > > >  > > > > > cannot find authentication handler that supports [testuser] of type 
> > > > > > [UsernamePasswordCredential], which suggests a configuration 
> > > > > > problem.>
> > > > > > 2016-12-12 13:01:13,722 DEBUG 
> > > > > > [org.apereo.cas.audit.spi.ThreadLocalPrincipalResolver] - 
> > > > > >  > > > > > org.apereo.cas.authentication.AbstractAuthenticationManager.authenticate(AuthenticationTransaction))]
> > > > > >  with thrown exception 
> > > > > > [org.apereo.cas.authentication.AuthenticationException: 1 errors, 0 
> > > > > > successes]>
> > > > > >
> > > > > > Thanks.
> > > > > > On Monday, December 12, 2016 at 12:58:08 PM UTC+3, mohammad 
> > > > > > almodallal wrote:
> > > > > > > Hell Philippe,
> > > > > > >
> > > > >

Re: [cas-user] CAS 5.0.0 with Active Directory Authentication

2016-12-13 Thread dkopylenko 
You want to make sure that the following property is set: cas.authn.ldap[0].type
with either one of these values: AD, AUTHENTICATED, DIRECT, ANONYMOUS, SASL

Best,
D.

On Dec 13, 2016, 04:20 -0500, mohammad almodallal , wrote:
> Hello Philippe,
>
> the cas.properties was containing cas.authn.attributeRepository instead of 
> cas.authn.ldap[0]
> anyway I'm using Active Directory does this make diffrence?
> for the cas-server-support-ldap yes it is already included
>
> but I still get errors like
>
> 2016-12-13 12:14:20,367 INFO 
> [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - 
> 
> 2016-12-13 12:14:20,368 WARN 
> [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - 
>  authentication handler that supports [testuser] of type 
> [UsernamePasswordCredential], which suggests a configuration problem.>
>
>
>
> have you any idea could help?
>
> Thanks.
>
> 2016-12-13 12:14:20,367 INFO 
> [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - 
> 
> 2016-12-13 12:14:20,368 WARN 
> [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - 
>  authentication handler that supports [testuser] of type 
> [UsernamePasswordCredential], which suggests a configuration problem.>
>
> On Monday, December 12, 2016 at 2:11:50 PM UTC+3, Philippe MARASSE wrote:
> > Hello,
> >
> > The reference documentation is 
> > https://apereo.github.io/cas/development/installation/Configuration-Properties.html#ldap
> >
> > cas.authn.ldap[0].ldapUrl=ldap://ldap1.mydomain.com 
> > ldap://ldap2.mydomain.com
> > cas.authn.ldap[0].useSsl=false
> > cas.authn.ldap[0].useStartTls=false
> > cas.authn.ldap[0].providerClass=org.ldaptive.provider.unboundid.UnboundIDProvider
> >
> > Others parameters depend upon your AD configuration.
> >
> > According to your log, it seems that LDAP support is not configured. Do you 
> > use maven overlay method ? If so, do you have a dependency section like :
> >
> > 
> > org.apereo.cas
> > cas-server-support-ldap
> > ${cas.version}
> > 
> >
> > Regards.
> >
> > Le 12/12/2016 (tel:12/12/2016) à 11:10, mohammad almodallal a écrit :
> > > Hello Philippe,
> > >
> > > also, please I've already configure the cas.properties and still getting 
> > > the following logs for authentication
> > >
> > > er.support.HttpBasedServiceCredentialsAuthenticationHandler@6537e53c, 
> > > org.apereo.cas.authentication.AcceptUsersAuthenticationHandler@594da5db]>
> > > 2016-12-12 13:01:13,716 DEBUG 
> > > [org.apereo.cas.authentication.AcceptUsersAuthenticationHandler] - 
> > > 
> > > 2016-12-12 13:01:13,718 INFO 
> > > [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - 
> > > 
> > > 2016-12-12 13:01:13,719 DEBUG 
> > > [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - 
> > >  > > in backing map.>
> > > 2016-12-12 13:01:13,721 WARN 
> > > [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - 
> > >  > > find authentication handler that supports [testuser] of type 
> > > [UsernamePasswordCredential], which suggests a configuration problem.>
> > > 2016-12-12 13:01:13,722 DEBUG 
> > > [org.apereo.cas.audit.spi.ThreadLocalPrincipalResolver] -  > > principal at audit point [execution(Authentication 
> > > org.apereo.cas.authentication.AbstractAuthenticationManager.authenticate(AuthenticationTransaction))]
> > >  with thrown exception 
> > > [org.apereo.cas.authentication.AuthenticationException: 1 errors, 0 
> > > successes]>
> > >
> > > Thanks.
> > > On Monday, December 12, 2016 at 12:58:08 PM UTC+3, mohammad almodallal 
> > > wrote:
> > > > Hell Philippe,
> > > >
> > > > So how to we can configure the LDAP authentication handler?
> > > >
> > > > Thanks.
> > > >
> > > >
> > > >
> > > > On Monday, December 12, 2016 at 12:01:20 PM UTC+3, Philippe MARASSE 
> > > > wrote:
> > > > > Hello,
> > > > >
> > > > > No, it's neither required nor recommended with this version of CAS.
> > > > >
> > > > > Regards
> > > > >
> > > > > Le 12/12/2016 (tel:12/12/2016) à 08:19, mohammad almodallal a écrit :
> > > > > > Hello,
> > > > > >
> > > > > > should we use the deployerConfigContext.xml in CAS-5.0.0 to 
> > > > > > integrate with Active Directory?
> > > > > >
> > > > > > Thanks. --
> > > > > > - CAS gitter chatroom: https://gitter.im/apereo/cas
> > > > > > - CAS mailing list guidelines: 
> > > > > > https://apereo.github.io/cas/Mailing-Lists.html
> > > > > > - CAS documentation website: https://apereo.github.io/cas
> > > > > > - CAS project website: https://github.com/apereo/cas
> > > > > > ---
> > > > > > You received this message because you are subscribed to the Google 
> > > > > > Groups "CAS Community" group.
> > > > > > To unsubscribe from this group and stop receiving emails from it, 
> > > > > > send an email to cas-user+u...@apereo.org.
> > > > > > To view this discussion on the web visit 
> > > > > > https://groups.google.com/a/apereo.org/d/msgid/cas-user/b613c270-c10a-44c5-ba96-de42a546f57f%40apereo.org
> > > > > >  
> > > > > >

Re: [cas-user] After a month, no tickets created in 4.2.2?

2016-11-02 Thread dkopylenko 
4.2.2, right? One other suggestion would be to get on the latest release in the 
4.2.x series, that is 4.2.6 ... or even get on the v5 bandwagon

Cheers,
D.

On Nov 1, 2016, 21:24 -0400, Jeffrey Wong , wrote:
> This issue occurred again tonight. Nothing of note in the logs again, with 
> plenty of jvm memory + disk space left. It just will start redirecting users 
> to the login page as if a failed login occurred, but without displaying any 
> error messages.
>
> Typing in an incorrect password is caught and the error is displayed as 
> expected with an authentication failed audit. Typing in a correct password 
> will log a successful authentication, but not generate/validate any service 
> tickets in the audit.
>
> This is not related to any LDAP connectivity (this was my reason for updating 
> in the first place) as I also tested on local password storage during this 
> outage as well. Swapping ticketing systems does not seem to have helped.
>
> Any suggestions of what else I should try? Would getting out of tomcat and 
> running it under a separate container help?
>
> On Friday, September 23, 2016 at 3:45:49 PM UTC-7, Jeffrey Wong wrote:
> > On suggestions from another user with similar issues using JPA, I have 
> > changed and deployed CAS using a hazelcast ticketing database.
> >
> > I'll let you know if I have any success with this configuration.
> >
> > On Thursday, September 22, 2016 at 11:55:16 AM UTC-7, Jeffrey Wong wrote:
> > > Hi again,
> > >
> > > It's been about a month and have regularly screened the JVM memory - it 
> > > looks fine since the memory bumps, running CAS v4.2.4.
> > >
> > > However, the server fell over again (using the JPA ticket registry), with 
> > > the same behavior: upon entering correct credentials, a user is 
> > > redirected back to the login page rather than logging in. I'm not sure 
> > > where to go from here to ensure a more reliable service, and would like 
> > > to hear your input.
> > >
> > > While digging, I've found three types of exceptions in the logs:
> > >
> > > 1: deadlocks
> > > SEVERE: Servlet.service() for servlet [cas] in context with path [/cas] 
> > > threw exception [Request processing failed; nested exception is 
> > > org.springframework.webflow.execution.ActionExecutionException: Exception 
> > > thrown executing 
> > > org.jasig.cas.web.flow.GenerateServiceTicketAction@4805bd13 in state 
> > > 'generateServiceTicket' of flow 'login' -- action execution attributes 
> > > were 'map[[empty]]'] with root cause
> > > com.mysql.jdbc.exceptions.jdbc4.MySQLTransactionRollbackException: 
> > > Deadlock found when trying to get lock; try restarting transaction 
> > > [265/9592]
> > > at sun.reflect.GeneratedConstructorAccessor127.newInstance(Unknown Source)
> > > at 
> > > sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
> > > at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
> > > at com.mysql.jdbc.Util.handleNewInstance(Util.java:404)
> > > at com.mysql.jdbc.Util.getInstance(Util.java:387)
> > > at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:946)
> > > at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3878)
> > > at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3814)
> > > at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:2478)
> > > at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:2625)
> > > at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2551)
> > > at 
> > > com.mysql.jdbc.PreparedStatement.executeInternal(PreparedStatement.java:1861)
> > > at 
> > > com.mysql.jdbc.PreparedStatement.executeUpdateInternal(PreparedStatement.java:2073)
> > > at 
> > > com.mysql.jdbc.PreparedStatement.executeBatchSerially(PreparedStatement.java:1751)
> > > at 
> > > com.mysql.jdbc.PreparedStatement.executeBatchInternal(PreparedStatement.java:1257)
> > > at com.mysql.jdbc.StatementImpl.executeBatch(StatementImpl.java:959)
> > > at 
> > > com.mchange.v2.c3p0.impl.NewProxyPreparedStatement.executeBatch(NewProxyPreparedStatement.java:2544)
> > >
> > >
> > > 2: badly formatted keys
> > > SEVERE: Servlet.service() for servlet [cas] in context with path [/cas] 
> > > threw exception [Request processing failed; nested exception is 
> > > org.springframework.webflow.execution.repository.BadlyFormattedFlowExecution
> > > KeyException: Badly formatted flow execution key '', the expected format 
> > > is '_'] with root cause
> > > org.springframework.webflow.execution.repository.BadlyFormattedFlowExecutionKeyException:
> > >  Badly formatted flow execution key '', the expected format is 
> > > '_'
> > > at 
> > > org.jasig.spring.webflow.plugin.ClientFlowExecutionKey.parse(ClientFlowExecutionKey.java:102)
> > > at 
> > > org.jasig.spring.webflow.plugin.ClientFlowExecutionRepository.parseFlowExecutionKey(ClientFlowExecutionRepository.java:74)
> > > at 
> > >

Re: [cas-user] Does it exist a way to access the Principal inside the flowscope ?

2016-10-19 Thread dkopylenko 
Not directly - i.e. neither Authentication nor Principal objects are stored in 
the flow scope.

However you could use this API to access objects associated with TGT (via the 
TGT id, which is available in the flow scope):

https://github.com/apereo/cas/blob/v4.2.6/cas-server-core-api-ticket/src/main/java/org/jasig/cas/ticket/registry/TicketRegistrySupport.java

Cheers,

D.

On Oct 19, 2016, 02:23 -0400, Claude Viéville , 
wrote:
> HI,
>
> I am running the CAS 4.2.6 and i would like to modify the login-webflow to 
> check several principal's attribitutes before sending TGT to the browser.
>
> Infortunately, I am not able to retrieve the Authentication or Principal 
> inside the flowscope.
>
> Does it exist a way to access the Principal inside the flowscope ?
>
> Thanks you for your help
>
> Have a nice day,
>
> Claude
>
>
>
> --
> CAS gitter chatroom: https://gitter.im/apereo/cas
> CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
> CAS documentation website: https://apereo.github.io/cas
> CAS project website: https://github.com/apereo/cas
> ---
> You received this message because you are subscribed to the Google Groups 
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to cas-user+unsubscr...@apereo.org 
> (mailto:cas-user+unsubscr...@apereo.org).
> To post to this group, send email to cas-user@apereo.org 
> (mailto:cas-user@apereo.org).
> Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
> To view this discussion on the web visit 
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/16b6aa1b-07b3-4b3a-99f6-71e86b668a21%40apereo.org
>  
> (https://groups.google.com/a/apereo.org/d/msgid/cas-user/16b6aa1b-07b3-4b3a-99f6-71e86b668a21%40apereo.org?utm_medium=email_source=footer).
> For more options, visit https://groups.google.com/a/apereo.org/d/optout.

-- 
CAS gitter chatroom: https://gitter.im/apereo/cas
CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
CAS documentation website: https://apereo.github.io/cas
CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/7ddc32c5-b8dc-496e-bdfd-1685550fba69%40Spark.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

Re: [cas-user] Request a feature

2016-10-10 Thread dkopylenko 
https://github.com/apereo/cas/issues

D.

On Oct 7, 2016, 17:35 -0400, pouria Mahmoudi , wrote:
> Hi,
> Do you guys know where can I ask to add a feature? I am expecting a JIRA-ish 
> website so that I can explain what is needed and follow up with it.
>
> Thanks
>
>
>
> --
> CAS gitter chatroom: https://gitter.im/apereo/cas
> CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
> CAS documentation website: https://apereo.github.io/cas
> CAS project website: https://github.com/apereo/cas
> ---
> You received this message because you are subscribed to the Google Groups 
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to cas-user+unsubscr...@apereo.org 
> (mailto:cas-user+unsubscr...@apereo.org).
> To post to this group, send email to cas-user@apereo.org 
> (mailto:cas-user@apereo.org).
> Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
> To view this discussion on the web visit 
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/052621e2-812a-44b4-8451-e49708f14b9c%40apereo.org
>  
> (https://groups.google.com/a/apereo.org/d/msgid/cas-user/052621e2-812a-44b4-8451-e49708f14b9c%40apereo.org?utm_medium=email_source=footer).
> For more options, visit https://groups.google.com/a/apereo.org/d/optout.

-- 
CAS gitter chatroom: https://gitter.im/apereo/cas
CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
CAS documentation website: https://apereo.github.io/cas
CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/6adbe5c5-4972-4553-ae9e-67a6d861854b%40Spark.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.