Re: [cas-user] Using session_id() variabel as Global Session variable.

2015-07-24 Thread Andi Zulfadli 
This is my script in other additional script.
__
 

i do not understand why the session is not readable.

this is my login script.
___
{ location.href=\"index.php\";
self.focus(); }";

 echo $_SESSION['id'].'';
 echo $_SESSION['username'].'';

}

?>
__

in this login script, I try to print my $_SESSION['id'] variable after i
login in cas server through phpCAS client.

and it works. the session is readable.

so i think the session variabel works. but. when i show in the others
simple page like above. it is not readable even i append session_start
script.

thank you very much for your help Sir.

Best Regards

Andi Zulfadli

2015-07-23 12:56 GMT-07:00 Neil Sabol :

>  Hi Andi,
>
>
>
> I am not an expert, but it looks like you may be missing
> “session_start();” in your code to create the PHP session.
>
>
>
> Hope that helps.
>
>
>
> Thanks,
>
> -Neil
>
>
>
> *From:* Andi Zulfadli [mailto:andi.zulfa...@gmail.com]
> *Sent:* Thursday, July 23, 2015 1:36 PM
> *To:* cas-user@lists.jasig.org
> *Subject:* [cas-user] Using session_id() variabel as Global Session
> variable.
>
>
>
> Dear Master.
>
> Please Your Help.
>
> I am using phpCAS Client 1.3.3 with simple authentication to CAS server
> with LDAP backend.
>
> and i have successfull authentication and get return ticket / session id
> variabel. ex: "ST-404-sKkVIrpxuedp52YOtjGs-caspoliupgacid"
>
> my problem is, i want to use the ticket / session id variabel as global
> session variabel and use the session for build other page in my application.
>
> I do not know what the cause why in other pages session is not readable.
>
>
>
> plese your help.
>
> Thank you.
>
>
>   My "index.php" Code :
>
> _
>
> // Load the settings from the central config file
>
> require_once 'config.php';
>
>
>
> // Load the CAS lib
>
> require_once $phpcas_path . 'CAS.php';
>
>
>
> // Enable debugging
>
> phpCAS::setDebug();
>
>
>
> // Initialize phpCAS
>
> phpCAS::client(CAS_VERSION_2_0, 'cas.poliupg.ac.id', 8443, $cas_context);
>
>
>
> phpCAS::handleLogoutRequests(true, "cas.poliupg.ac.id");
>
>
>
> phpCAS::setNoCasServerValidation();
>
>
>
> // force CAS authentication
>
>
>
> phpCAS::forceAuthentication();
>
>
>
>
>
> // logout if desired
>
> if (isset($_REQUEST['logout'])) {
>
> session_destroy();
>
> phpCAS::logout();
>
> }
>
>
>
> // for this test, simply print that the authentication was successfull
>
>
>
> $_SESSION['id'] = session_id();
>
> $_SESSION['username'] = phpCAS::getUser();
>
> $_SESSION['name'] = session_name();
>
> $_SESSION['version'] = phpCAS::getVersion();
>
> _
>
>
>
>
>
>
>
>
>
>
>
> --
>
> You are currently subscribed to cas-user@lists.jasig.org as: nssa...@unm.edu
>
> To unsubscribe, change settings or access archives, see 
> http://www.ja-sig.org/wiki/display/JSG/cas-user
>
>  --
> You are currently subscribed to cas-user@lists.jasig.org as: 
> jasig-cas-user+garchive-5...@googlegroups.com
> To unsubscribe, change settings or access archives, see 
> http://www.ja-sig.org/wiki/display/JSG/cas-user
>
>  --
> You received this message because you are subscribed to a topic in the
> Google Groups "jasig-cas-user" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/jasig-cas-user/CtDFf4fPs8w/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> jasig-cas-user+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You are currently subscribed to cas-user@lists.jasig.org as: 
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

RE: [cas-user] Using session_id() variabel as Global Session variable.

2015-07-24 Thread Neil Sabol 
Ok thanks for trying – that was a wager but seems to be not the root cause.

Does the same thing happen if you uncomment session_start(); in your login 
script and comment it in your additional script?

Thanks,
-Neil

From: Andi Zulfadli [mailto:andi.zulfa...@gmail.com]
Sent: Friday, July 24, 2015 1:27 AM
To: cas-user@lists.jasig.org
Cc: cas-user@lists.jasig.org
Subject: Re: [cas-user] Using session_id() variabel as Global Session variable.

This is my script in other additional script.
__
 

i do not understand why the session is not readable.

this is my login script.
___
http://cas.poliupg.ac.id>', 
8443, $cas_context);

phpCAS::handleLogoutRequests(true, 
"cas.poliupg.ac.id");

phpCAS::handleLogoutRequests();

phpCAS::setNoCasServerValidation();

// force CAS authentication

phpCAS::forceAuthentication();

// at this step, the user has been authenticated by the CAS server
// and the user's login name can be read with phpCAS::getUser().

 //phpCAS::handleLogoutRequests(true, 
array("cas.poliupg.ac.id"));

// logout if desired
if (isset($_REQUEST['logout'])) {
  phpCAS::logout();
  session_destroy();
}


 $_SESSION['id'] = session_id();
 $_SESSION['username'] = phpCAS::getUser();


if (isset($_SESSION['id'])) {

 // echo "{ location.href=\"index.php\"; 
self.focus(); }";

 echo $_SESSION['id'].'';
 echo $_SESSION['username'].'';

}

?>
__

in this login script, I try to print my $_SESSION['id'] variable after i login 
in cas server through phpCAS client.

and it works. the session is readable.

so i think the session variabel works. but. when i show in the others simple 
page like above. it is not readable even i append session_start script.

thank you very much for your help Sir.

Best Regards

Andi Zulfadli

2015-07-23 12:56 GMT-07:00 Neil Sabol mailto:nssa...@unm.edu>>:
Hi Andi,

I am not an expert, but it looks like you may be missing “session_start();” in 
your code to create the PHP session.

Hope that helps.

Thanks,
-Neil

From: Andi Zulfadli 
[mailto:andi.zulfa...@gmail.com]
Sent: Thursday, July 23, 2015 1:36 PM
To: cas-user@lists.jasig.org
Subject: [cas-user] Using session_id() variabel as Global Session variable.

Dear Master.

Please Your Help.

I am using phpCAS Client 1.3.3 with simple authentication to CAS server with 
LDAP backend.

and i have successfull authentication and get return ticket / session id 
variabel. ex: "ST-404-sKkVIrpxuedp52YOtjGs-caspoliupgacid"

my problem is, i want to use the ticket / session id variabel as global session 
variabel and use the session for build other page in my application.

I do not know what the cause why in other pages session is not readable.

plese your help.

Thank you.

My "index.php" Code :
_
// Load the settings from the central config file
require_once 'config.php';

// Load the CAS lib
require_once $phpcas_path . 'CAS.php';

// Enable debugging
phpCAS::setDebug();

// Initialize phpCAS
phpCAS::client(CAS_VERSION_2_0, 'cas.poliupg.ac.id', 
8443, $cas_context);

phpCAS::handleLogoutRequests(true, 
"cas.poliupg.ac.id");

phpCAS::setNoCasServerValidation();

// force CAS authentication

phpCAS::forceAuthentication();


// logout if desired
if (isset($_REQUEST['logout'])) {
session_destroy();
phpCAS::logout();
}

// for this test, simply print that the authentication was successfull

$_SESSION['id'] = session_id();
$_SESSION['username'] = phpCAS::getUser();
$_SESSION['name'] = session_name();
$_SESSION['version'] = phpCAS::getVersion();
_







--

You are currently subscribed to 
cas-user@lists.jasig.org as: 
nssa...@unm.edu

To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

--

You are currently subscribed to 
cas-user@lists.jasig.org as: 
jasig-cas-user+garchive-5...@googlegroups.com

To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You received this message because you are subscribed to a topic in the Google 
Groups "jasig-cas-user" group.
To unsubscribe from this topic, visit 
https://groups.google.com/d/topic/jasig-cas-user/CtDFf4fPs8w/unsubscribe.
To unsubscribe from this group and all its topics, send an email to 
jasig-cas-user+unsubscr...@googlegroups.com.
For more opti

Re: [cas-user] Using session_id() variabel as Global Session variable.

2015-07-24 Thread Andi Zulfadli 
Dear Sir Neil

Yes. noting change.

in login.php script show :

*Notice*: A session had already been started - ignoring session_start() in
*D:\Workspace\demo\ta\login.php* on line *65*
ST-16-6uVfdkqBhVSZNWbunEkT-caspoliupgacid
syarif
___

butin my addtional script nothing session value show Sir.

what is the problem sir?
do I need to send my client script to you?

Thank you very much.

Thank you

Best Regards

Andi Zulfadli









2015-07-24 7:10 GMT-07:00 Neil Sabol :

>  Ok thanks for trying – that was a wager but seems to be not the root
> cause.
>
>
>
> Does the same thing happen if you uncomment session_start(); in your login
> script and comment it in your additional script?
>
>
>
> Thanks,
>
> -Neil
>
>
>
> *From:* Andi Zulfadli [mailto:andi.zulfa...@gmail.com]
> *Sent:* Friday, July 24, 2015 1:27 AM
> *To:* cas-user@lists.jasig.org
> *Cc:* cas-user@lists.jasig.org
> *Subject:* Re: [cas-user] Using session_id() variabel as Global Session
> variable.
>
>
>
> This is my script in other additional script.
> __
>
>  
>
>
>  session_start();
>
>
>
>  if (isset($_SESSION['id'])) {
>
>  echo $_SESSION['id'];
>
>  }
>
>
>
> ?>
>
> 
>
> i do not understand why the session is not readable.
>
> this is my login script.
> ___
>
> 
>
>
> //session_start();
>
>
>
> // Load the settings from the central config file
>
> require_once 'config.php';
>
> // Load the CAS lib
>
> require_once $phpcas_path . 'CAS.php';
>
>
>
> // Enable debugging
>
> phpCAS::setDebug();
>
>
>
> // Initialize phpCAS
>
> phpCAS::client(CAS_VERSION_2_0, 'cas.poliupg.ac.id', 8443, $cas_context);
>
>
>
> phpCAS::handleLogoutRequests(true, "cas.poliupg.ac.id");
>
>
>
> phpCAS::handleLogoutRequests();
>
>
>
> phpCAS::setNoCasServerValidation();
>
>
>
> // force CAS authentication
>
>
>
> phpCAS::forceAuthentication();
>
>
>
> // at this step, the user has been authenticated by the CAS server
>
> // and the user's login name can be read with phpCAS::getUser().
>
>
>
>  //phpCAS::handleLogoutRequests(true, array("cas.poliupg.ac.id"));
>
>
>
> // logout if desired
>
> if (isset($_REQUEST['logout'])) {
>
>   phpCAS::logout();
>
>   session_destroy();
>
> }
>
>
>
>
>
>  $_SESSION['id'] = session_id();
>
>  $_SESSION['username'] = phpCAS::getUser();
>
>
>
>
>
> if (isset($_SESSION['id'])) {
>
>
>
>  // echo "{ location.href=\"index.php\";
> self.focus(); }";
>
>
>
>  echo $_SESSION['id'].'';
>
>  echo $_SESSION['username'].'';
>
>
>
> }
>
>
>
> ?>
>
> __
>
> in this login script, I try to print my $_SESSION['id'] variable after i
> login in cas server through phpCAS client.
>
> and it works. the session is readable.
>
> so i think the session variabel works. but. when i show in the others
> simple page like above. it is not readable even i append session_start
> script.
>
> thank you very much for your help Sir.
>
> Best Regards
>
> Andi Zulfadli
>
>
>
> 2015-07-23 12:56 GMT-07:00 Neil Sabol :
>
>  Hi Andi,
>
>
>
> I am not an expert, but it looks like you may be missing
> “session_start();” in your code to create the PHP session.
>
>
>
> Hope that helps.
>
>
>
> Thanks,
>
> -Neil
>
>
>
> *From:* Andi Zulfadli [mailto:andi.zulfa...@gmail.com]
> *Sent:* Thursday, July 23, 2015 1:36 PM
> *To:* cas-user@lists.jasig.org
> *Subject:* [cas-user] Using session_id() variabel as Global Session
> variable.
>
>
>
> Dear Master.
>
> Please Your Help.
>
> I am using phpCAS Client 1.3.3 with simple authentication to CAS server
> with LDAP backend.
>
> and i have successfull authentication and get return ticket / session id
> variabel. ex: "ST-404-sKkVIrpxuedp52YOtjGs-caspoliupgacid"
>
> my problem is, i want to use the ticket / session id variabel as global
> session variabel and use the session for build other page in my application.
>
> I do not know what the cause why in other pages session is not readable.
>
>
>
> plese your help.
>
> Thank you.
>
>   My "index.php" Code :
>
> _
>
> // Load the settings from the central config file
>
> require_once 'config.php';
>
>
>
> // Load the CAS lib
>
> require_once $phpcas_path . 'CAS.php';
>
>
>
> // Enable debugging
>
> phpCAS::setDebug();
>
>
>
> // Initialize phpCAS
>
> phpCAS::client(CAS_VERSION_2_0, 'cas.poliupg.ac.id', 8443, $cas_context);
>
>
>
> phpCAS::handleLogoutRequests(true, "cas.poliupg.ac.id");
>
>
>
> phpCAS::setNoCasServerValidation();
>
>
>
> // force CAS authentication
>
>
>
> phpCAS::forceAuthentication();
>
>
>
>
>
> // logout if desired
>
> if (isset($_REQUEST['logout'])) {
>
>

RE: [cas-user] Cas changing password

2015-07-24 Thread Misagh Moayyed 
The detection of account status is only provided via LPPE and Ldap by 
default, but the machinery for it is shared by all authentication handlers. 
So you’ll need to code some sort of custom JDBC handler that inherits the 
password policy configuration and take it from there to detect the account 
status.



From: Manfredo Hopp [mailto:mhopp.coni...@gmail.com]
Sent: Thursday, July 23, 2015 8:57 AM
To: cas-user@lists.jasig.org
Subject: Re: [cas-user] Cas changing password



Hi, continuing with this issue, I see links are for LDAP but unfortunately 
our authentication/principal resolution goes through JDBC!

Is it possible to adapt Ldap (or other) configuration in this case?



Thank you



2015-06-16 16:10 GMT-03:00 Mailvaganam, Hari mailto:hari.mailvaga...@ubc.ca> >:

http://jasig.github.io/cas/4.0.x/installation/LDAP-Authentication.html



From: Manfredo Hopp [mailto:mhopp.coni...@gmail.com 
 ]
Sent: June-16-15 7:41 AM
To: cas-user@lists.jasig.org 
Subject: [cas-user] Cas changing password



Hello, we are considering using Cas as primary authentication system going 
through Cas login cutomized page.

In general authentication systems consider changin password during 
authentication process.

Therefore some kind of changing password process is triggered.



Does Cas provide something to achieve this?



Regards Manfredo


-- 
You are currently subscribed to cas-user@lists.jasig.org 
  as: hari.mailvaga...@ubc.ca 

To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user
-- 
You are currently subscribed to cas-user@lists.jasig.org 
  as: mhopp.coni...@gmail.com 

To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user




-- 
You are currently subscribed to cas-user@lists.jasig.org 
  as: mmoay...@unicon.net 

To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

-- 
You are currently subscribed to cas-user@lists.jasig.org as: 
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

RE: [cas-user] Logout not following service redirects

2015-07-24 Thread Misagh Moayyed 
Your logout url should receive a "service" parameter and that service
needs to be authorized in your registry. That should make it work. 

 

From: Bryan Wooten [mailto:bryan.woo...@utah.edu] 
Sent: Thursday, July 23, 2015 8:13 AM
To: cas-user@lists.jasig.org
Subject: [cas-user] Logout not following service redirects

 

Running CAS 3.5.x and I have

 

cas.logout.followServiceRedirects=true

 

in my cas.properties. But it doesn't seem to work. Any ideas?

 

Bryan Wooten

Tel: (801)585-9323

Email: bryan.woo...@utah.edu  

 



 

 
-- 
You are currently subscribed to cas-user@lists.jasig.org
  as: mmoay...@unicon.net
 
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user

-- 
You are currently subscribed to cas-user@lists.jasig.org as: 
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

RE: [cas-user] Using session_id() variabel as Global Session variable.

2015-07-24 Thread Neil Sabol 
Hi Andi,

I stand corrected – looks like session_start is needed in each. I was able to 
obtain session variables with this setup:

Login.php
';
echo $_SESSION['username'].'';
}
echo "Other page";
?>


Other.php
';
echo $_SESSION['username'].'';
}
?>


Navigating to Login.php prompts for CAS login and displays session/username 
upon success. Then, clicking the Other page links takes me to Other.php and the 
session data is printed to the screen.

Let me know if that helps. Apologies for the ambiguity in my initial replies.

Thanks,
-Neil

From: Andi Zulfadli [mailto:andi.zulfa...@gmail.com]
Sent: Friday, July 24, 2015 8:28 AM
To: cas-user@lists.jasig.org
Subject: Re: [cas-user] Using session_id() variabel as Global Session variable.

Dear Sir Neil

Yes. noting change.

in login.php script show :

Notice: A session had already been started - ignoring session_start() in 
D:\Workspace\demo\ta\login.php on line 65
ST-16-6uVfdkqBhVSZNWbunEkT-caspoliupgacid
syarif
___

butin my addtional script nothing session value show Sir.

what is the problem sir?
do I need to send my client script to you?

Thank you very much.

Thank you

Best Regards

Andi Zulfadli







2015-07-24 7:10 GMT-07:00 Neil Sabol mailto:nssa...@unm.edu>>:
Ok thanks for trying – that was a wager but seems to be not the root cause.

Does the same thing happen if you uncomment session_start(); in your login 
script and comment it in your additional script?

Thanks,
-Neil

From: Andi Zulfadli 
[mailto:andi.zulfa...@gmail.com]
Sent: Friday, July 24, 2015 1:27 AM
To: cas-user@lists.jasig.org
Cc: cas-user@lists.jasig.org
Subject: Re: [cas-user] Using session_id() variabel as Global Session variable.

This is my script in other additional script.
__
 

i do not understand why the session is not readable.

this is my login script.
___
http://cas.poliupg.ac.id>', 
8443, $cas_context);

phpCAS::handleLogoutRequests(true, 
"cas.poliupg.ac.id");

phpCAS::handleLogoutRequests();

phpCAS::setNoCasServerValidation();

// force CAS authentication

phpCAS::forceAuthentication();

// at this step, the user has been authenticated by the CAS server
// and the user's login name can be read with phpCAS::getUser().

 //phpCAS::handleLogoutRequests(true, 
array("cas.poliupg.ac.id"));

// logout if desired
if (isset($_REQUEST['logout'])) {
  phpCAS::logout();
  session_destroy();
}


 $_SESSION['id'] = session_id();
 $_SESSION['username'] = phpCAS::getUser();


if (isset($_SESSION['id'])) {

 // echo "{ location.href=\"index.php\"; 
self.focus(); }";

 echo $_SESSION['id'].'';
 echo $_SESSION['username'].'';

}

?>
__

in this login script, I try to print my $_SESSION['id'] variable after i login 
in cas server through phpCAS client.

and it works. the session is readable.

so i think the session variabel works. but. when i show in the others simple 
page like above. it is not readable even i append session_start script.

thank you very much for your help Sir.

Best Regards

Andi Zulfadli

2015-07-23 12:56 GMT-07:00 Neil Sabol mailto:nssa...@unm.edu>>:
Hi Andi,

I am not an expert, but it looks like you may be missing “session_start();” in 
your code to create the PHP session.

Hope that helps.

Thanks,
-Neil

From: Andi Zulfadli 
[mailto:andi.zulfa...@gmail.com]
Sent: Thursday, July 23, 2015 1:36 PM
To: cas-user@lists.jasig.org
Subject: [cas-user] Using session_id() variabel as Global Session variable.

Dear Master.

Please Your Help.

I am using phpCAS Client 1.3.3 with simple authentication to CAS server with 
LDAP backend.

and i have successfull authentication and get return ticket / session id 
variabel. ex: "ST-404-sKkVIrpxuedp52YOtjGs-caspoliupgacid"

my problem is, i want to use the ticket / session id variabel as global session 
variabel and use the session for build other page in my application.

I do not know what the cause why in other pages session is not readable.

plese your help.

Thank you.
My "index.php" Code :
_
// Load the settings from the central config file
require_once 'config.php';

// Load the CAS lib
require_once $phpcas_path . 'CAS.php';

// Enable debugging
phpCAS::setDebug();

// Initialize phpCAS
phpCAS::client(CAS_VERSION_2_0, 'cas.poliupg.ac.id', 
8443, $cas_context);

phpCAS::h

Re: [cas-user] CAS 4 & LPPE & Active Directory, "accountState=null"

2015-07-24 Thread Daniel Fisher 
On Thu, Jul 23, 2015 at 3:37 PM, Mike Seiler 
wrote:

> I'm trying to get LPPE working with the new CAS 4.0 server, but am finding
> that the policies don't seem to be enforced, even though I have set the
> maximum password age (on the AD side) to 1 day.
>
>
Are you using the latest version? (4.0.3) The release notes indicate fixes
related LPPE.

--Daniel Fisher

-- 
You are currently subscribed to cas-user@lists.jasig.org as: 
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

RE: [cas-user] CAS 4 & LPPE & Active Directory, "accountState=null"

2015-07-24 Thread Misagh Moayyed 
Not sure the issue is related to the fix in 4.0.3 The log indicates that
no account state is passed back to CAS. Is your configuration using the
ActiveDirectory response handler? That might be relevant in passing back
the account state over to CAS. 

 

Something like this perhaps:

 















 

From: Daniel Fisher [mailto:dfis...@vt.edu] 
Sent: Friday, July 24, 2015 10:56 AM
To: cas-user@lists.jasig.org
Subject: Re: [cas-user] CAS 4 & LPPE & Active Directory,
"accountState=null"

 

On Thu, Jul 23, 2015 at 3:37 PM, Mike Seiler mailto:michaelsei...@fuller.edu> > wrote:

I'm trying to get LPPE working with the new CAS 4.0 server, but am finding
that the policies don't seem to be enforced, even though I have set the
maximum password age (on the AD side) to 1 day.

 

 

Are you using the latest version? (4.0.3) The release notes indicate fixes
related LPPE.

 

--Daniel Fisher

 

 
-- 
You are currently subscribed to cas-user@lists.jasig.org
  as: mmoay...@unicon.net
 
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user

-- 
You are currently subscribed to cas-user@lists.jasig.org as: 
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

[cas-user] Cas 4.0.3 and AD Config

2015-07-24 Thread Chris Irwin 
Please forgive me up front as i'm a CAS newbie.  I have a Windows Server 2012 
R2 server running Tomcat 8.  This seems to be working fine.  I have pulled down 
the CAS 4.0.3 war file from the maven repository and installed it.  Again this 
went fine, I can hit the logon page with no issues.  Now i'm following the 
directions on 
http://jasig.github.io/cas/4.0.x/installation/LDAP-Authentication.html

CAS - LDAP Authentication
CAS - Single Sign-On for the Web
Read 
more...


I have added the following to my pom.xml:


 
 org.jasig.cas
 cas-server-support-ldap
 ${cas.version}



as well as the suggested code for my deployerConfigContext.xml and 
cas.properties (attached).  Now i'm getting the following error when I start 
the services:


Caused by: java.lang.ClassNotFoundException: 
org.jasig.cas.authentication.support.UpnSearchEntryResolver
 at 
org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1305)
 at 
org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1157)
 at org.springframework.util.ClassUtils.forName(ClassUtils.java:257)
 at 
org.springframework.beans.factory.support.AbstractBeanDefinition.resolveBeanClass(AbstractBeanDefinition.java:416)
 at 
org.springframework.beans.factory.support.AbstractBeanFactory.doResolveBeanClass(AbstractBeanFactory.java:1302)
 at 
org.springframework.beans.factory.support.AbstractBeanFactory.resolveBeanClass(AbstractBeanFactory.java:1273)
 ... 73 more


I have attached all files and logs for review.  Any help would be greatly 
appreciated!

-- 
You are currently subscribed to cas-user@lists.jasig.org as: 
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user


cas.log
Description: cas.log


cas.properties
Description: cas.properties




http://www.springframework.org/schema/beans";
   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
   xmlns:p="http://www.springframework.org/schema/p";
   xmlns:c="http://www.springframework.org/schema/c";
   xmlns:tx="http://www.springframework.org/schema/tx";
   xmlns:util="http://www.springframework.org/schema/util";
   xmlns:sec="http://www.springframework.org/schema/security";
   xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
   http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.2.xsd
   http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd
   http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd";>
























































































 















  

  
  
  




http://maven.apache.org/POM/4.0.0"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd";>
  
org.jasig.cas
cas-server
4.0.0
  
  4.0.0
  cas-server-webapp
  war
  Jasig CAS Web Application
  

  org.jasig.cas
  cas-server-webapp-support
  ${project.version}
  compile


  org.springframework
  spring-expression
  ${spring.version}
  runtime


  javax.servlet
  jstl
  1.1.2
  jar
  runtime


  taglibs
  standard
  1.1.2
  jar
  runtime



 org.jasig.cas
 cas-server-support-ldap
 ${cas.version}

  

  

  
org.apache.maven.plugins
maven-war-plugin

  cas
  

  ${basedir}/src/main/webapp/WEB-INF
  true
  WEB-INF
  
**/web.xml
  

  

  

  

  
${project.parent.basedir}

Re:[cas-user] Cas 4.0.3 and AD Config

2015-07-24 Thread Chris Irwin 


Guess I should have said, i'm trying to authenticate to Active Directory.


Chris


From: Chris Irwin
Sent: Friday, July 24, 2015 3:06 PM
To: cas-user@lists.jasig.org
Subject: Cas 4.0.3 and AD Config


Please forgive me up front as i'm a CAS newbie.  I have a Windows Server 2012 
R2 server running Tomcat 8.  This seems to be working fine.  I have pulled down 
the CAS 4.0.3 war file from the maven repository and installed it.  Again this 
went fine, I can hit the logon page with no issues.  Now i'm following the 
directions on 
http://jasig.github.io/cas/4.0.x/installation/LDAP-Authentication.html

CAS - LDAP Authentication
CAS - Single Sign-On for the Web
Read 
more...


I have added the following to my pom.xml:


 
 org.jasig.cas
 cas-server-support-ldap
 ${cas.version}



as well as the suggested code for my deployerConfigContext.xml and 
cas.properties (attached).  Now i'm getting the following error when I start 
the services:


Caused by: java.lang.ClassNotFoundException: 
org.jasig.cas.authentication.support.UpnSearchEntryResolver
 at 
org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1305)
 at 
org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1157)
 at org.springframework.util.ClassUtils.forName(ClassUtils.java:257)
 at 
org.springframework.beans.factory.support.AbstractBeanDefinition.resolveBeanClass(AbstractBeanDefinition.java:416)
 at 
org.springframework.beans.factory.support.AbstractBeanFactory.doResolveBeanClass(AbstractBeanFactory.java:1302)
 at 
org.springframework.beans.factory.support.AbstractBeanFactory.resolveBeanClass(AbstractBeanFactory.java:1273)
 ... 73 more


I have attached all files and logs for review.  Any help would be greatly 
appreciated!

-- 
You are currently subscribed to cas-user@lists.jasig.org as: 
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

[cas-user] CAS-MFA (rc6) and Radius

2015-07-24 Thread Michael O Holstein 
Any ideas as to what I've done wrong here? .. this worked fine in RC2 .. but 
now I get a successful LDAP auth and a successful radiusOTP auth, but somewhere 
in the mix the principal gets lost.


CredentialsToPrincipalResolver gets invoked (and works fine on primary auth) .. 
how does it get lost during MFA?


2015-07-24 16:11:38,085 DEBUG 
[net.unicon.cas.mfa.authentication.radius.JRadiusServerImpl] - Authentication 
request succeeded for host: [myradius] and username [bob123]


2015-07-24 16:11:38,085 INFO 
[org.jasig.cas.authentication.AuthenticationManagerImpl] - 
org.jasig.cas.adaptors.radius.authentication.handler.support.RadiusAuthenticationHandler
 successfully authenticated [username: bob123]


2015-07-24 16:11:38,087 INFO 
[org.jasig.cas.authentication.AuthenticationManagerImpl] - Resolved principal 
null


2015-07-24 16:11:38,087 DEBUG 
[org.jasig.cas.authentication.AuthenticationManagerImpl] - 
CredentialsToPrincipalResolver found but no principal returned.


2015-07-24 16:11:38,102 ERROR 
[net.unicon.cas.mfa.web.flow.TerminatingMultiFactorAuthenticationViaFormAction] 
-

error.authentication.credentials.bad


TIA,


Michael Holstein

Cleveland State University

-- 
You are currently subscribed to cas-user@lists.jasig.org as: 
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Re: [cas-user] Cas 4.0.3 and AD Config

2015-07-24 Thread Mike Seiler 
Chris,

I just set up CAS with AD as well, and while I started with the first bit
of code, I ended up getting it to work with the second bit of code called
"LDAP Requiring Authenticated Search."

I also noticed that I had to change the DN of the authenticating user to
the "ldapad...@domain.com" instead of the "cn=LDAP Admin"... etc.

I'll forward you the email string to "cas-users" that helped me get it set
up.

The LDAP portion of my cas.properties file is below:
#
# General properties
#
ldap.url=ldaps://ad_server.fuller.edu
# LDAP connection timeout in milliseconds
ldap.connectTimeout=3000
# Whether to use StartTLS (probably needed if not SSL connection)
ldap.useStartTLS=false
#
# LDAP connection pool configuration
#
ldap.pool.minSize=3
ldap.pool.maxSize=10
ldap.pool.validateOnCheckout=false
ldap.pool.validatePeriodically=true
ldap.pool.blockWaitTime=3000
ldap.pool.validatePeriod=300
ldap.pool.prunePeriod=300
ldap.pool.idleTime=600
#
# Authentication
#
# Base DN of users to be authenticated
ldap.baseDn=ou=fuller,DC=id,DC=fuller,DC=edu
# Manager DN for authenticated searches
ldap.authn.managerDn=admin_acco...@id.fuller.edu
# Manager password for authenticated searches
ldap.authn.managerPassword=admin_password
# Search filter used for configurations that require searching for DNs
ldap.authn.searchFilter=(sAMAccountName={user})
# Domain Setting
ldap.domain=fuller.edu
ldap.trustedCert=file:/etc/cas/id_app.pem

And I'm attaching the final deployer file as well.  Hopefully that can help
you out.

Mike

On Fri, Jul 24, 2015 at 12:08 PM, Chris Irwin 
wrote:

>
>
> Guess I should have said, i'm trying to authenticate to Active Directory.
>
>
>  Chris
>  --
> *From:* Chris Irwin
> *Sent:* Friday, July 24, 2015 3:06 PM
> *To:* cas-user@lists.jasig.org
> *Subject:* Cas 4.0.3 and AD Config
>
>
> Please forgive me up front as i'm a CAS newbie.  I have a Windows Server
> 2012 R2 server running Tomcat 8.  This seems to be working fine.  I have
> pulled down the CAS 4.0.3 war file from the maven repository and installed
> it.  Again this went fine, I can hit the logon page with no issues.  Now
> i'm following the directions on
> http://jasig.github.io/cas/4.0.x/installation/LDAP-Authentication.html
>
>CAS - LDAP Authentication
>  CAS - Single Sign-On for the Web
>  Read more...
> 
>
>
> I have added the following to my pom.xml:
>
>
>   
>  org.jasig.cas
>  cas-server-support-ldap
>  ${cas.version}
> 
>
>
>  as well as the suggested code for my deployerConfigContext.xml and
> cas.properties (attached).  Now i'm getting the following error when I
> start the services:
>
>
>  Caused by: java.lang.ClassNotFoundException:
> org.jasig.cas.authentication.support.UpnSearchEntryResolver
>  at
> org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1305)
>  at
> org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1157)
>  at org.springframework.util.ClassUtils.forName(ClassUtils.java:257)
>  at
> org.springframework.beans.factory.support.AbstractBeanDefinition.resolveBeanClass(AbstractBeanDefinition.java:416)
>  at
> org.springframework.beans.factory.support.AbstractBeanFactory.doResolveBeanClass(AbstractBeanFactory.java:1302)
>  at
> org.springframework.beans.factory.support.AbstractBeanFactory.resolveBeanClass(AbstractBeanFactory.java:1273)
>  ... 73 more
>
>
>  I have attached all files and logs for review.  Any help would be
> greatly appreciated!
>
> --
> You are currently subscribed to cas-user@lists.jasig.org as: 
> michaelsei...@fuller.edu
> To unsubscribe, change settings or access archives, see 
> http://www.ja-sig.org/wiki/display/JSG/cas-user
>
>


-- 
*Michael Seiler*
--
Systems Integration Engineer
Fuller Theological Seminary
Phone: (970) 306-6105
michaelsei...@fuller.edu

*Fuller Summer Hours:* Please note that all Fuller offices will be closed
on Fridays from 7/3-8/28
*Mike's Vacation Notice:* From 7/3-8/28 I will also be taking Mondays off,
and will be out of the office for vacation 7/31 - 8/31

*Please NOTE:*
I respond to email at 8 AM, 1PM, and at 4:30PM.  If you need more immediate
help, please contact TSS (626.584.5675) and they can route the issue to the
appropriate person.  If this is a business process life or death emergency,
you may call me at the above number.

-- 
You are currently subscribed to cas-user@lists.jasig.org as: 
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user


http://www.springframework.org/schema/beans";
   xmlns:xsi="http://ww

Re: [cas-user] CAS 4 & LPPE & Active Directory, "accountState=null"

2015-07-24 Thread Mike Seiler 
Thanks Daniel & Misagh,

Just to be certain, I rebuilt with 4.0.3; I was already using Ldaptive
1.0.6.

My authentication response handler is in fact set to the
*ActiveDirectoryAuthenticationResponseHandler* in my deployer file.

Since I'm using the main AD server to test this out, the Windows admin made
a separate group policy with a 1 day expiration on passwords; my
"castester" user is the only person in that group and the only user that
the policy applies to.  Can/does CAS distinguish between group policies, or
only apply the policy for the entire OU?  My logs  come back with
accountState=null for the "castester" user.

When I log in with my own user account, I also get the accountState=null in
the logs, and I am not part of the same group as "castester."

Should the AD always come back with an accountState?  If so, should I have
the Windows admin double check the set up?

On Fri, Jul 24, 2015 at 11:34 AM, Misagh Moayyed 
wrote:

> Not sure the issue is related to the fix in 4.0.3 The log indicates that
> no account state is passed back to CAS. Is your configuration using the
> ActiveDirectory response handler? That might be relevant in passing back
> the account state over to CAS.
>
>
>
> Something like this perhaps:
>
>
>
> 
> c:resolver-ref="dnResolver"
>
> c:handler-ref="authHandler">
>
> 
>
> 
>
>  class="org.ldaptive.auth.ext.ActiveDirectoryAuthenticationResponseHandler"
> />
>
> 
>
> 
>
> 
>
>
>
> *From:* Daniel Fisher [mailto:dfis...@vt.edu]
> *Sent:* Friday, July 24, 2015 10:56 AM
> *To:* cas-user@lists.jasig.org
> *Subject:* Re: [cas-user] CAS 4 & LPPE & Active Directory,
> "accountState=null"
>
>
>
> On Thu, Jul 23, 2015 at 3:37 PM, Mike Seiler 
> wrote:
>
> I'm trying to get LPPE working with the new CAS 4.0 server, but am finding
> that the policies don't seem to be enforced, even though I have set the
> maximum password age (on the AD side) to 1 day.
>
>
>
>
>
> Are you using the latest version? (4.0.3) The release notes indicate fixes
> related LPPE.
>
>
>
> --Daniel Fisher
>
>
>
>
>
> --
>
> You are currently subscribed to cas-user@lists.jasig.org as: 
> mmoay...@unicon.net
>
> To unsubscribe, change settings or access archives, see 
> http://www.ja-sig.org/wiki/display/JSG/cas-user
>
> --
> You are currently subscribed to cas-user@lists.jasig.org as: 
> michaelsei...@fuller.edu
> To unsubscribe, change settings or access archives, see 
> http://www.ja-sig.org/wiki/display/JSG/cas-user
>
>


-- 
*Michael Seiler*
--
Systems Integration Engineer
Fuller Theological Seminary
Phone: (970) 306-6105
michaelsei...@fuller.edu

*Fuller Summer Hours:* Please note that all Fuller offices will be closed
on Fridays from 7/3-8/28
*Mike's Vacation Notice:* From 7/3-8/28 I will also be taking Mondays off,
and will be out of the office for vacation 7/31 - 8/31

*Please NOTE:*
I respond to email at 8 AM, 1PM, and at 4:30PM.  If you need more immediate
help, please contact TSS (626.584.5675) and they can route the issue to the
appropriate person.  If this is a business process life or death emergency,
you may call me at the above number.

-- 
You are currently subscribed to cas-user@lists.jasig.org as: 
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Re: [cas-user] CAS 4 & LPPE & Active Directory, "accountState=null"

2015-07-24 Thread Daniel Fisher 
On Fri, Jul 24, 2015 at 7:03 PM, Mike Seiler 
wrote:

> When I log in with my own user account, I also get the accountState=null
> in the logs, and I am not part of the same group as "castester."
>

Can you put the org.ldaptive package in debug and post those logs?

--Daniel Fisher

-- 
You are currently subscribed to cas-user@lists.jasig.org as: 
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user