RE: [cas-user] CAS for SAAS applications

2015-10-06 Thread Mahantesh Prasad Katti 
Thanks. Can you please provide the link to the issue being tracked? Also this 
run time decision of whether I want to go to CAS A / CAS B, is done by the CAS 
client right? So if I read what you said correctly, release 4.2 clients will be 
built for such a scenario?

Regards
Prasad,

From: Misagh Moayyed [mailto:mmoay...@unicon.net]
Sent: Wednesday, September 30, 2015 11:30 AM
To: cas-user@lists.jasig.org
Subject: RE: [cas-user] CAS for SAAS applications

If you are saying "Customer X needs to go to CAS A, while Customer Y needs to 
go to CAS B", that's something you have to take up with the SAAS application.

However, there are no multi-tenant CAS deployments that I am aware of [1]. 
Sounds like a pretty good use case for docker.

[1] There is an issue tracking this feature, and might get resolved for 4.2.

From: Mahantesh Prasad Katti [mailto:mahantesh.ka...@indecomm.net]
Sent: Tuesday, September 29, 2015 9:48 PM
To: cas-user@lists.jasig.org
Subject: [cas-user] CAS for SAAS applications

Hi All,

I am exploring the option of enabling CAS for SAAS applications. is there an 
option to specify multiple redirect urls [to cas servers ] in the SAAS 
application based on customer profiles. How do CAS/J2EE servers enable this? 
Have you solved this problem before?  If so I would appreciate some pointers on 
the same. The customers are enterprise users that belong to a particular 
organization.


Regards
Prasad



--

You are currently subscribed to 
cas-user@lists.jasig.org as: 
mmoay...@unicon.net

To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user



--

You are currently subscribed to cas-user@lists.jasig.org as: 
mahantesh.ka...@indecomm.net

To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

-- 
You are currently subscribed to cas-user@lists.jasig.org as: 
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

RE: [cas-user] cas 3.5.2 catalina logs

2015-10-06 Thread Chris Cheltenham 
Thanks Andy , much appreciated.


-Original Message-
From: Andrew Morgan [mailto:mor...@orst.edu] 
Sent: Monday, October 05, 2015 2:33 PM
To: cas-user@lists.jasig.org
Subject: RE: [cas-user] cas 3.5.2 catalina logs

On Sat, 3 Oct 2015, Chris Cheltenham wrote:

> Andy,
>
> Actually I have figured out the certificate issue.
>
> Thanks
>
> I have noticed each CAS session creates two tickets.
> One is on tomcat on the CAS server that one gets destroyed.
> There is another on /tmp/cas apache server which is a different box with 
> mod_auth_cas.
>
> That apache session file / ticket does not go away unless you manually delete 
> it.
>
> However, reading the docs it appears the ticket service is working as 
> advertised.
>
> Our client is asking for a way to delete the ticket in /tmp/cas as well.
> That is my issue ultimately.
>
> I thought it was because of the certificate error it could not redirect the 
> logout  back to the web server.
> However, fixing my cert error did not completely fix my problem.
>
> There must be another function to delete that session in /tmp/cas but 
> I cannot figure out what it is in the docs. Maybe it is SLO,

Correct.  The CAS client maintains its own session after the initial 
authentication.  According to the mod_auth_cas README:

* CAS single sign out is currently not functional and disabled.  It
   is only safe to use in the case where all requests are GET and not
   POST (the module inadvertently 'eats' some content of the POST
   request while determining if it should process it as a SAML logout
   request).


The docs for the SLO option:

Directive:  CASSSOEnabled
Default:Off
Description:If enabled, this activates support for Single Sign Out within 
the CAS
protocol.  Please note that this feature is currently 
experimental and
may mangle POST data.


So, you might be able to use SLO with mod_auth_cas if your application does not 
use POST requests.  Otherwise, perhaps a different CAS client could be used, 
such as the PHP or Java client.

Andy

--
You are currently subscribed to cas-user@lists.jasig.org as: 
cchelten...@swaintechs.com To unsubscribe, change settings or access archives, 
see http://www.ja-sig.org/wiki/display/JSG/cas-user

-- 
You are currently subscribed to cas-user@lists.jasig.org as: 
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Re: [cas-user] Error creating bean contextSource

2015-10-06 Thread Misagh Moayyed 
Seems like you downloaded the entire CAS source, which is the wrong way to go 
about the installation. See the Maven Overlay Installation docs for more info. 

- Misagh

> On Oct 6, 2015, at 12:33 PM, Skyler Sebastian Lindsey  
> wrote:
> 
> Hi,
>  
> I was able to resolve my error message. I was missing a 
> dependency in my pom.xml file. Specifically, I did not add the Spring LDAP 
> Core.
>  
> Thank you for your time.
>  
> Skyler S. Lindsey
> Systems Analyst I
> Emmanuel College
> 400 The Fenway
> Administration Building RM 128
> Boston, MA. 02115
> E-mail: linds...@emmanuel.edu 
> 
>  
> From: Skyler Sebastian Lindsey [mailto:linds...@emmanuel.edu 
> ] 
> Sent: Tuesday, October 06, 2015 9:12 AM
> To: cas-user@lists.jasig.org 
> Subject: [cas-user] Error creating bean contextSource
>  
> Hi, 
>  
> Hoping someone can help me with this error message I am getting when building 
> our cas-server-webapp version 4.0.0. I run mvn package install then get a 
> Build Failure for one of the test runs. I am attempting to setup access to 
> our AD server for authentication. My deployerConfigContext.xml file uses the 
> contextSource on the jasig site here: 
> https://wiki.jasig.org/display/CASUM/LDAP 
> 
>  
> Can anyone tell me if I am maybe using the wrong contextSource or if this 
> error is pointing at something else? I am unable to figure out how to fix it. 
> I was thinking that the context source I am using is incorrect. The 
> org.springframework.ldap is also defined in my pom.xml file.
>  
> Error message after build
> 
>  
> Surefire report error detail
> 
>  
> contextSource - I took out our url and username for safety.
> 
>  
> pom.xml
> 
>  
> Thank you for your time.
>  
> Skyler S. Lindsey
> Systems Analyst I
> Emmanuel College
> 400 The Fenway
> Administration Building RM 128
> Boston, MA. 02115
> E-mail: linds...@emmanuel.edu 
>  
> -- 
> You are currently subscribed to cas-user@lists.jasig.org 
>  as: linds...@emmanuel.edu 
> 
> To unsubscribe, change settings or access archives, see 
> http://www.ja-sig.org/wiki/display/JSG/cas-user 
> 
> -- 
> You are currently subscribed to cas-user@lists.jasig.org 
>  as: mmoay...@unicon.net 
> 
> To unsubscribe, change settings or access archives, see 
> http://www.ja-sig.org/wiki/display/JSG/cas-user 
> 

-- 
You are currently subscribed to cas-user@lists.jasig.org as: 
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Re: [cas-user] CAS for SAAS applications

2015-10-06 Thread Misagh Moayyed 

> On Oct 6, 2015, at 5:15 AM, Mahantesh Prasad Katti 
>  wrote:
> 
> Also this run time decision of whether I want to go to CAS A / CAS B, is done 
> by the CAS client right?

Yes. It’s done by whatever component that decides the need for authentication.

> So if I read what you said correctly, release 4.2 clients will be built for 
> such a scenario? 

4.2 release is about the server; not the client. That said, I don’t know if 
this feature will go into 4.2 yet because it will impact core APIs which we 
can’t change for a minor release. The idea is that you get to select the 
authentication strategy on a per-service basis. 

>  
> Regards
> Prasad,
>  
> From: Misagh Moayyed [mailto:mmoay...@unicon.net 
> ] 
> Sent: Wednesday, September 30, 2015 11:30 AM
> To: cas-user@lists.jasig.org 
> Subject: RE: [cas-user] CAS for SAAS applications
>  
> If you are saying “Customer X needs to go to CAS A, while Customer Y needs to 
> go to CAS B”, that’s something you have to take up with the SAAS application.
>  
> However, there are no multi-tenant CAS deployments that I am aware of [1]. 
> Sounds like a pretty good use case for docker.
>  
> [1] There is an issue tracking this feature, and might get resolved for 4.2.
>  
> From: Mahantesh Prasad Katti [mailto:mahantesh.ka...@indecomm.net 
> ] 
> Sent: Tuesday, September 29, 2015 9:48 PM
> To: cas-user@lists.jasig.org 
> Subject: [cas-user] CAS for SAAS applications
>  
> Hi All,
>  
> I am exploring the option of enabling CAS for SAAS applications. is there an 
> option to specify multiple redirect urls [to cas servers ] in the SAAS 
> application based on customer profiles. How do CAS/J2EE servers enable this? 
> Have you solved this problem before?  If so I would appreciate some pointers 
> on the same. The customers are enterprise users that belong to a particular 
> organization.
>  
>  
> Regards
> Prasad
>  
> -- 
> You are currently subscribed to cas-user@lists.jasig.org 
>  as: mmoay...@unicon.net 
> 
> To unsubscribe, change settings or access archives, see 
> http://www.ja-sig.org/wiki/display/JSG/cas-user 
> 
>  
> -- 
> You are currently subscribed to cas-user@lists.jasig.org 
>  as: mahantesh.ka...@indecomm.net 
> 
> To unsubscribe, change settings or access archives, see 
> http://www.ja-sig.org/wiki/display/JSG/cas-user 
> 
> -- 
> You are currently subscribed to cas-user@lists.jasig.org 
>  as: mmoay...@unicon.net 
> 
> To unsubscribe, change settings or access archives, see 
> http://www.ja-sig.org/wiki/display/JSG/cas-user 
> 

-- 
You are currently subscribed to cas-user@lists.jasig.org as: 
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user