[cas-user] Re: principal attributes from ldap in CAS 4.2

hello. I have come trouble when intergrate openLdap with 4.2. Can u show your detail deployerConfigContext.xml ? -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.githu

Re: [cas-user] CAS4 flow decode execution error, is this an issue?

Not unless you are doing OAuth or OpenID Connect and not unless you switch to a server-back session storage for webflow (which you probably can’t in 4 anyways) So, session affinity is NOT required for CAS to work correctly. Thx! On 1/5/2017 2:19 PM, Misagh Moayyed wrote: 1. Keys must be the s

Re: [cas-user] CAS4 flow decode execution error, is this an issue?

I see. There are two sets of keys. I am missing webflow..key ALL nodes SHARE the same key. For some reason, I thought each node will have a unique key, but obviously I was wrong. So, session affinity is NOT required for CAS to work correctly. Thx! On 1/5/2017 2:19 PM, Misagh Moayyed w

Re: [cas-user] CAS4 flow decode execution error, is this an issue?

1. Keys must be the same across all nodes.  2. Your previous error says something about webflow decryption. Your config has no keys defined for that purpose.  --  Misagh From: Yan Zhou Reply: cas-user@apereo.org Date: January 5, 2017 at 10:25:09 PM To: CAS Community Subject:  Re: [cas-user] C

Re: [cas-user] CAS4 flow decode execution error, is this an issue?

Hi, this is one server's cas.properties. the other server is very similar other than host name is dcasde02, and it has different signing key and encryption key, since they are unique per server. Is there any misconfiguration you can see? If CAS cluster can work without session affinity, h

Re: [cas-user] Re: CAS 5.0.0 JDBC authentication question

Are you using the gradle or maven overlay method? If so, you have add the cas jdbc dependencies in your cas/build.gradle of pom.xml file cas-server-support-jdbc cas-server-support-jdbc-drivers

Re: [cas-user] CAS4 flow decode execution error, is this an issue?

Hello Yan, you would have missed some configurations in cas.properties. Please share properties so that can we can review and let you know the issue. Thanks Seshu On 5 January 2017 at 20:17, Yan Zhou wrote: > Hello, > > When you submit CAS4 login page, sometimes you got “Decode flow execution

Re: [cas-user] Service Ticket Validation

As defined by the CAS protocol, Service Tickets can only be validated once. They cannot be reused. Andy On Thu, 5 Jan 2017, Gokhan Mansuroglu wrote: I am asking how to prevent someone reusing a ST from a different client IP. 5 Ocak 2017 Perşembe 19:50:03 UTC+3 tarihinde Ray Bon yazd

Re: [cas-user] Service Ticket Validation

I am asking how to prevent someone reusing a ST from a different client IP. 5 Ocak 2017 Perşembe 19:50:03 UTC+3 tarihinde Ray Bon yazdı: > > Gokhan, > > Are you ask how to reuse a ST or are you asking how to prevent someone > reusing a ST? > > I will answer the second. ST lifetime is short (10 se

Re: [cas-user] Service Ticket Validation

Gokhan, Are you ask how to reuse a ST or are you asking how to prevent someone reusing a ST? I will answer the second. ST lifetime is short (10 seconds by default, I think). Once a ST has been submitted to CAS for validation (step 4 below) or ticket lifetime has passed, CAS will mark the ST as ex

Re: [cas-user] inspektr-jdbc-audit-config.xml

Is the new data base being served from the same host URL and port that served the original one? In case not, have you checked JDBC connectivity to that target destination host from the desired source host using another JDBC tool (not Apereo CAS) like a CLI client (the SQL*plus like alternative

[cas-user] CAS4 flow decode execution error, is this an issue?

Hello, When you submit CAS4 login page, sometimes you got “Decode flow execution error”. For a long time, I have been struggling as to why this happens. I think we have an answer. This most likely happens in a cluster environment when you have multiple active CAS4 servers. They each has a d

[cas-user] Service Ticket Validation

Hi, I have an additional requirement for Cas protocol. I will simplify the protocol just to explain my case; 1. Client tries to access *https://app.example.com* 2. Browser redirected to *https://cas.example.com/cas/login?service=https://app.example.com* 3. User authenticates with username and p