Re: [cas-user] Mod_Auth_Cas logout issue

2018-02-15 Thread Ramakrishna G
Got it Ray. Thanks for clarifying. On Thu, Feb 15, 2018 at 10:56 PM, Ray Bon wrote: > Ramakrishna, > > Your application is responsible for destroying its own session and cookies. > CAS will send a logout request to each service configured to receive it > (on by default). > You will see this in

Re: [cas-user] [CAS-5.2.2] Jaas LDAP Authentication Prinicipal Attribute Resolve Issue

2018-02-15 Thread Soumya Tripathy
I want CAS should resolve the principal as *Soumya_Tripathy *instead of *CN=Soumya Ranjan Tripathy,OU=GEN,OU=Users,OU=XXX,OU=XXX,OU=XXX,DC=ad,DC=XXX,DC=com.,* How can I achieve the same in 5.2.2 version of CAS with Jaas LDAP? On Thursday, February 15, 2018 at 11:19:39 PM UTC+5:30, Manfredo Hopp

[cas-user] Re: [CAS-5.2.2] Jaas LDAP Authentication Prinicipal Attribute Resolve Issue

2018-02-15 Thread Soumya Tripathy
I want CAS should resolve the principal as *Soumya_Tripathy *instead of *CN=Soumya Ranjan Tripathy,OU=GEN,OU=Users,OU=XXX,OU=XXX,OU=XXX,DC=ad,DC=XXX,DC=com.,* How can I achieve the same in 5.2.2 version of CAS with Jaas LDAP? On Thursday, February 15, 2018 at 7:59:54 PM UTC+5:30, Soumya Tripa

Re: [cas-user] Re: Values are all ? for MFA-JDBC

2018-02-15 Thread Ray Bon
Justin, It may be possible to see the values that will replace the '?'. Perhaps the next few log lines will display the values. The '?' are just there as placeholders. Ray On Thu, 2018-02-15 at 14:13 -0800, Justin Andrews wrote: Here is another portion of the log showing that it knows who I am

Re: [cas-user] CAS google-authenticator removes tables???

2018-02-15 Thread Ray Bon
Tim, Once your tables are created you can change the value to anything and the tables will not be touched. (Try 'none' or 'dummy'.) With create, the tables are created every time but not dropped (on close). update will also work and will leave the tables untouched unless something changes, oper

Re: [cas-user] Cannot retrieve user attributes from PHP application behind mod_auth_cas

2018-02-15 Thread David Hawes
On Thu, Feb 15, 2018 at 2:51 PM, Mukunthini Jeyakumar wrote: > Thanks dhawes. > > I'm using the php code to print the values retuned in the header > foreach (getallheaders() as $name => $value) { > echo "$name: $value\n"; > } > ?> > > I've no issues if I use service

Re: [cas-user] War deployment to external container of choice - Tomcat

2018-02-15 Thread Richard Frovarp
I ran into something not working on Tomcat 7. Can't remember if it was the IdP or the management application. Either way I had to go to Tomcat 8.5. Don't think that's the problem here, but you may want to go to 8.5 anyway. On 02/14/2018 11:56 PM, Matthew Hannay wrote: We have the latest tom

[cas-user] Re: War deployment to external container of choice - Tomcat

2018-02-15 Thread Matthew Hannay
This is useful for modifying the POM to build a war for deployment to a tomcat or other container. https://spring.io/guides/gs/convert-jar-to-war/ --Matt On Thursday, 15 February 2018 15:56:19 UTC+10, Matthew Hannay wrote: > > > We have the latest tomcat 7 servers > > In my POM I have set >

Re: [cas-user] mod_auth_cas environnment variable

2018-02-15 Thread David Hawes
On Tue, Feb 13, 2018 at 10:23 AM, Fabio Martelli wrote: > Hi All, is there a way to force mod_auth_cas to put retrieved principal > attributes as env variable instead of headers? We're talking Apache environment variables, right? Do you need anything other than REMOTE_USER? That should be there

[cas-user] Re: Values are all ? for MFA-JDBC

2018-02-15 Thread Justin Andrews
Here is another portion of the log showing that it knows who I am, but the SQL select query doesn't know who I am. 2018-02-15 16:01:35,843 WARN [org.apereo.cas.trusted.web.flow.MultifactorAuthenticationVerifyTrustAction] - 2018-02-15 16:01:35,844 DEBUG [org.springframework.orm.jpa.JpaTransact

RE: [cas-user] CAS google-authenticator removes tables???

2018-02-15 Thread Tim Tyler
Ray, YES! That fixed that aspect by using create for the value. Except now we are finding that the data entries are now removed on startup though the tables remain. Are we also missing something for startup that cleans. Or should we use update instead of create? Tim *From:* cas-user@apereo.

[cas-user] Values are all ? for MFA-JDBC

2018-02-15 Thread Justin Andrews
Have configured MFA - works great with JSON storage file, but when configuring JDBC, the values are always question marks any ideas? Caused by: java.sql.SQLException: Cannot insert an explicit value into a timestamp column. Use INSERT with a column list to exclude the timestamp column, or i

[cas-user] MultiRowJdbcPersonAttributeDao

2018-02-15 Thread Jeffrey Ramsay
Does anyone know where I can the " MultiRowJdbcPersonAttributeDao" dot java file for CAS 5.1.8? If it no longer exists then where is the following code triggered? 2018-02-15 16:21:53,425 DEBUG [org.apereo.services.persondir.support.jdbc.MultiRowJdbcPersonAttributeDao] - 2018-02-15 16:21:53,427 D

Re: [cas-user] CAS google-authenticator removes tables???

2018-02-15 Thread Ray Bon
Tim, Check your database settings, something along the lines of 'ddlAuto'. It can be set to 'create-drop' which would result in the behaviour you are seeing. Search for JPA options to see what other settings are available. Ray On Thu, 2018-02-15 at 14:51 -0600, Tim Tyler wrote: CAS experts, We

[cas-user] CAS google-authenticator removes tables???

2018-02-15 Thread Tim Tyler
CAS experts, We are running CAS 5.2 on Redhat 7. We installed and configured Google Authenticator and got it sort of working with Mariadb. We see the tables and record entries get created and entered into the database when logging in. But when we cntrl-C to restart the CAS service, CAS remove

Re: [SOLVED] Re: [cas-user] CAS 5.2.x SAML IdP Issues

2018-02-15 Thread Misagh Moayyed
Nice. If and when you get to it, turn it into once of these: https://apereo.github.io/cas/development/integration/Configuring-SAML-SP-Integrations.html --Misagh > From: "vnick" > To: "CAS Community" > Cc: "Misagh Moayyed" > Sent: Thursday, February 15, 2018 11:46:57 AM > Subject: Re: [SOLV

Re: [cas-user] Cannot retrieve user attributes from PHP application behind mod_auth_cas

2018-02-15 Thread Mukunthini Jeyakumar
Thanks dhawes. I'm using the php code to print the values retuned in the header $value) { echo "$name: $value\n"; } ?> I've no issues if I use serviceValidate, but I'm only getting the username, I do not see the rest of the attributes released CASValidateURL https://:84

Re: [SOLVED] Re: [cas-user] CAS 5.2.x SAML IdP Issues

2018-02-15 Thread vnick
I'm writing a SAML authentication extension for the Guacamole Project (http://guacamole.apache.org). -Nick On Thursday, February 15, 2018 at 1:24:24 PM UTC-5, Misagh Moayyed wrote: > > Cool. Who exactly is the SP in this scenario? > > --Misagh > > -- > > *From: *"vni

[cas-user] Re: Overriding Problems with cas.properties

2018-02-15 Thread Kevin Liu
Yes, sorry I should have made it more clear. All the changes I'm making are to /etc/cas1/config. On Thursday, February 15, 2018 at 12:09:41 PM UTC-6, Oscar del Pozo wrote: > > Notice that the cas.properties used is the one that it's located at > /etc/cas/config (c:/etc/cas/config at windows envi

Re: [cas-user] Overriding Problems with cas.properties

2018-02-15 Thread Kevin Liu
Yes the config file is being written to /etc/cas1/config. What's interesting is that some of the other properties are being accepted and some are not. It looks like ones defined already in application.properties are not being overriden. On Thursday, February 15, 2018 at 11:21:43 AM UTC-6, rbon

Re: [cas-user] cas-management 5.x cas-management.log java.io.IOException: Permission denied

2018-02-15 Thread Janina Byky
Hi Jeremiah*,* I'm also struggling with this issue. Did you developed any working solution ? W dniu czwartek, 8 lutego 2018 18:08:42 UTC+1 użytkownik Jeremiah Schilens napisał: > > Hi Travis, > > > > Thank you for that information. I thought I was overriding the log4j.xml > files by puttin

[cas-user] Re: Delegated authentication issues moving from 5.2.0-RC2 to 5.2.0-RC3-SNAPSHOT

2018-02-15 Thread Luís Faria
Hello, I'm having the same problem, it seems that the HTTP-POST binding is not supported at all. This is because pac4j creates a redirect action

Re: [SOLVED] Re: [cas-user] CAS 5.2.x SAML IdP Issues

2018-02-15 Thread Misagh Moayyed
Cool. Who exactly is the SP in this scenario? --Misagh > From: "vnick" > To: "CAS Community" > Cc: "Misagh Moayyed" > Sent: Thursday, February 15, 2018 10:48:25 AM > Subject: [SOLVED] Re: [cas-user] CAS 5.2.x SAML IdP Issues > Well, this put me on the right path - turns out the number of se

[cas-user] Re: Overriding Problems with cas.properties

2018-02-15 Thread Oscar del Pozo
Notice that the cas.properties used is the one that it's located at /etc/cas/config (c:/etc/cas/config at windows environments). The script copies your project configuration to that folder before building the web app (target generation). El jueves, 15 de febrero de 2018, 16:05:28 (UTC+1), Kevin

Re: [cas-user] [CAS-5.2.2] Jaas LDAP Authentication Prinicipal Attribute Resolve Issue

2018-02-15 Thread Man H
What would your question be 2018-02-15 11:29 GMT-03:00 Soumya Tripathy : > Hi, > Recently we upgraded CAS from 5.1.0 to 5.2.2. > With CAS 5.1.0 when I was using JAAS with LDAP it was returning the > correct principal. > But when with CAS 5.2.0 now I'm getting the principal as > > Log In Successfu

[SOLVED] Re: [cas-user] CAS 5.2.x SAML IdP Issues

2018-02-15 Thread vnick
Well, this put me on the right path - turns out the number of services the log file told me was loading just happened to match what was in the services directory, but the CAS configuration was not pointing at anything but the default location, so it wasn't actually loading my services. Problem

Re: [cas-user] CAS 5.2.x SAML IdP Issues

2018-02-15 Thread vnick
There are other service definitions in the registry, yes, but none that should overlap with this definition. There are only two other service definitions - one is the OAuth Callback, which is automatically generated by CAS, and the other is one for the server on which CAS is running, which is

Re: [cas-user] CAS 5.2.x SAML IdP Issues

2018-02-15 Thread Misagh Moayyed
Do you have other JSON service definitions in the registry? Anything with a lower evaluation order or a more relaxed regex pattern? --Misagh > From: "vnick" > To: "CAS Community" > Sent: Thursday, February 15, 2018 10:15:40 AM > Subject: [cas-user] CAS 5.2.x SAML IdP Issues > Hey, everyone,

Re: [cas-user] Mod_Auth_Cas logout issue

2018-02-15 Thread Ray Bon
Ramakrishna, Your application is responsible for destroying its own session and cookies. CAS will send a logout request to each service configured to receive it (on by default). You will see this in the CAS logs when the CAS session is terminated: Thu Feb 15 09:25:10 PST 2018|CAS|TGT-***

Re: [cas-user] Overriding Problems with cas.properties

2018-02-15 Thread Ray Bon
Kevin, Is the config file being written to /etc/cas1/config? Do you still have the same problem when using /etc/cas/config? Ray On Thu, 2018-02-15 at 07:05 -0800, Kevin Liu wrote: Hello, It is my understanding that cas.properties should override whatever properties are in WEB-INF/classes appli

[cas-user] CAS 5.2.x SAML IdP Issues

2018-02-15 Thread vnick
Hey, everyone, I'm trying to get SAML2 authentication working against my CAS server. I've got CAS protocol authentications working just fine, but am struggling getting the SAML IdP configured correctly. I have the following items configured in my main CAS configuration: ## SAML Provider cas.a

[cas-user] Re: jsp views instead of thymeleaf

2018-02-15 Thread Andy Ng
Hi psv, I also used to have a bunch of jsp file inside my CAS and needs to update it to thymeleaf. Unfortunately, my final solution is to just go along with thymeleaf, since CAS 5 pretty much already switch over their own view file all from .jsp to .html (thymeleaf) Even if I manage to sneak i

[cas-user] Overriding Problems with cas.properties

2018-02-15 Thread Kevin Liu
Hello, It is my understanding that cas.properties should override whatever properties are in WEB-INF/classes application.properties. Is this correct? If so, I'm having trouble overriding "cas.authn.accept.users=casuser::Mellon". With a blank value in cas.properties and "cas.authn.accept.users=

[cas-user] [CAS-5.2.2] Jaas LDAP Authentication Prinicipal Attribute Resolve Issue

2018-02-15 Thread Soumya Tripathy
Hi, Recently we upgraded CAS from 5.1.0 to 5.2.2. With CAS 5.1.0 when I was using JAAS with LDAP it was returning the correct principal. But when with CAS 5.2.0 now I'm getting the principal as Log In Successful You, *CN=Soumya Ranjan Tripathy,OU=GEN,OU=Users,OU=XXX,OU=XXX,OU=XXX,DC=ad,DC=XXX,

[cas-user] Re: cas-management 5.x cas-management.log java.io.IOException: Permission denied

2018-02-15 Thread Janina Byky
Hi, I was facing the same problem, all write/execute/read rights and ownerships were correct and tomcat could access all mentioned directories but still there was an error on startup. Only one thing worked for me. In cas-management-overlay I've overridded log4j2.xml (src/main/resources/log4j2.

[cas-user] CAS 5.2.2 with MFA using Google Authenticator / GAuth

2018-02-15 Thread Janina Byky
Hello, I'm trying to setup CAS 5.2.2 with Google Authenticator as second auth factor for specified services. CAS is running over LDAP (AD) and GAuth based on mongo. So far everything was great, build succeed, GAuth qrcode appears, user registers and now it's time for TOKEN form. I'm typing all