[cas-user] Recording events to StatsD 5.x

I am using a metrics stack consisting of logstash, Riemann, statsd, influx, and grafana to display graphs. In your case, I'd be tempted to have a logstash agent watch the audit logs, grep for success/fail events, and forward to statsd. No changes or config in cas itself but it can get the job d

[cas-user] CAS - SAML 2.0, PHP and Facebook

Has anyone integrated CAS SSO to Facebook? Linda -- Linda Toth University of Alaska - Office of Information Technology (OIT) - Identity and Access Management 910 Yukon Drive, Suite 103 Fairbanks, Alaska 99775 Tel: 907-450-8320 Fax: 907-450-8381 linda.t...@alaska.edu | www.alaska.edu/oit/ -- - C

Re: [cas-user] Can application get TGT ticket?

Yan, If I understand correctly, you have deployed App A and App B. You are not able nor willing to change CAS config on App B because it breaches PCI compliance. It seems odd that PCI compliance would allow any user access but not allow a proxy. Did you create app A or are both apps from third par

Re: [cas-user] Dependency issues trying to enable SAML IdP support in 5.0 RC5-SNAPSHOT?

So the "hoping he's not doing something really dumb" part comes true with "posting to the list before checking the issues." :-) Sigh. Sorry 'bout that. --Dave On Wednesday, November 2, 2016 at 4:38:10 PM UTC-4, Misagh Moayyed wrote: > > https://github.com/apereo/cas/issues/2103 > > > > --Mi

RE: [cas-user] Dependency issues trying to enable SAML IdP support in 5.0 RC5-SNAPSHOT?

https://github.com/apereo/cas/issues/2103 --Misagh From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of David Curry Sent: Wednesday, November 2, 2016 1:12 PM To: CAS Community cas-user@apereo.org Subject: [cas-user] Dependency issues trying to enab

[cas-user] Dependency issues trying to enable SAML IdP support in 5.0 RC5-SNAPSHOT?

RedHat 7, OpenJDK 1.8.0_111, Tomcat 8.5.6 (non-embedded) If I build RC5-SNAPSHOT using the cas-overlay-template with only the addition of the "cas-server-support-ldap" dependency, everything builds and works fine (it did with RC4-SNAPSHOT, too). However, now I'm working on adding SAML IdP suppo

Re: [cas-user] Can application get TGT ticket?

thanks for the feedback. Unfortunately, we cannot use Proxy Authentication, due to PCI implication. A non PCI-compliant App proxy a PCI (credit card) service, that would not be allowed by PCI standards. The reason we run into problem with CAS protected REST services (App B, no UI), is that Ajax s

[cas-user] CAS 5.x MFA auditing

Is there a way to generate more audit logs of MFA in CAS 5.x? I'm guessing it might require changing code. With the Duo implementation (and perhaps others), there is only an audit entry for when it passes and is successful. All of the failures happen between the browser and Duo's system, and d

RE: [cas-user] CAS 5.x MFA auditing

I don't recall/think much of that is audited at that level, but you're welcome to submit an issue. --Misagh -Original Message- From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of Richard Frovarp Sent: Wednesday, November 2, 2016 11:28 AM To: CAS Community Subject: [cas

Re: [cas-user] After a month, no tickets created in 4.2.2?

I should clarify, this has been seen in v4.2.5, as that was the latest version of CAS at the time. 4.2.6 doesn't seem to have any commits targeting this issue specifically. I'm definitely gunning for v5 when it drops in GA. For now, I think I'm going to turn on max debug in production to see if

Re: [cas-user] Configuration management for properties - clue(s) needed

Thanks for the clarifications, Misagh. I think for the moment then, I may just kick this particular can down the road and just copy the properties file around. It's not like I don't have plenty of other features and settings and options to play around with. :-) --Dave On Wednesday, November 2,

[cas-user] CAS 3.4.3 - Delete session ticket

Hello, We have CAS 3.4.3 installed distributed in 4 different machines using the same data base. The data base has been upgraded from Oracle11 to Oracle 12c and since then, we are getting errors related to the deletion of the session TICKET. The driver version we’re using is 10.1.0.2.0.

RE: [cas-user] Configuration management for properties - clue(s) needed

But I don't see anything in the configuration management documentation analogous to this for properties. How do properties get added / changed / removed in MongoDB? By you. Manually, much like the current .properties file. * Will the CAS admin screens update the database when you ch

Re: [cas-user] Can application get TGT ticket?

Hi, Solutions: - proxy CAS: As the proxy ticket can only be validated once, you will need to cache the ticket, or create your own session - JWT: create a JWT and check it on app B. - oauth - JSONP login on app B. We are using this quite a lot. Simple and works great. Commits implementing this

[cas-user] Force lower case on principal username returned to application

Hello, We upgraded our CAS server from 3.5.2 to 4.2.6 and we observe a difference in the way the principal username is returned to CASsified app. Before, I think that CAS returned the username as it was typed in the login form by the user. But now, CAS returns the username (SAMAccountName in ou

Re: [cas-user] After a month, no tickets created in 4.2.2?

4.2.2, right? One other suggestion would be to get on the latest release in the 4.2.x series, that is 4.2.6 ... or even get on the v5 bandwagon Cheers, D. On Nov 1, 2016, 21:24 -0400, Jeffrey Wong , wrote: > This issue occurred again tonight. Nothing of note in the logs again, with > plenty of