Re: [cas-user] CAS 5.2 single sign out does not work for SAML 1.1 phpCAS clients

I have checked apache access.log on web server where client is placed and there is no POST requests on logout. 0 messages or requests completely. Thats while logging out with my cas 5.2.3 I have checked same log when i issue logout from cas 4.1.9 where SLO works on same client, and I can see POS

[cas-user] Re: "FileNotFoundException" while Verifying Ticket. I don't get it!

Hello, if i remember me correctly, this was an problem with mime type. you need to override CASFilter.getTicketValidator() and add following extended url connection factory // we need own connection factory enriching the connection by Accept: application/xml header HttpURLConnectionFactory ur

[cas-user] [SSO] Is it possible to make a service completely separated from other SSO services without require login every time (i.e. renew=true)

Hi all, So I have done some research on this group and still doesn't find other with my use case, so I am asking for your help. Assume we have services A, B, C and D: B, C, D are normal SSO services, each one of them authenticate success, all BCD will login success. As for A, I want that even

[cas-user] Re: CAS 5.2 single sign out does not work for SAML 1.1 phpCAS clients

Thanks everybody for replies. I have solved my problem. I looked into tcpdump on CAS server to see what happens when I issue a logout, and I've seen that it sends logout request to some strange ip address on 443 port, which was blocked on this address. Upon furter envestigation i figured out that

[cas-user] CAS5 - High thread counts

Hi, We noticed that our CAS5 installation is running out of memory because of a high number of threads that are running on our server, this results in it unable to process new request. Has anyone experienced this before? Here's our setup CAS5 - 5.1.6 Tomcat - 8.5.16 (We're currently trying 8.0

Re: [cas-user] [SSO] Is it possible to make a service completely separated from other SSO services without require login every time (i.e. renew=true)

Andy, Looks like you have already seen https://apereo.github.io/cas/5.2.x/installation/Configuring-SSO-Session-Cookie.html. There is also ssoEnabled, https://apereo.github.io/cas/5.2.x/installation/Configuring-Service-Access-Strategy.html.. Ray On Wed, 2018-04-25 at 02:20 -0700, Andy Ng wrote:

Re: [cas-user] CAS5 - High thread counts

Oscar, We had similar difficulties with EhCache. EhCache expiration is actually the frequency with which the cache is reviewed. The entire cache is processed (which can be large on a busy site). With a distributed cache, the one currently processing is sending updates to its peers. This gets co

Re: [cas-user] CAS5 - High thread counts

Hi Ray, Thank you for your suggestion. We disabled EhCache in the dev environment and saw no improvement. We did notice that a new thread is spawned every time a login session is generated and the number of sleeping threads increases. Next step, we're going to deploy default CAS and see if we

Re: [cas-user] CAS5 - High thread counts

see https://groups.google.com/a/apereo.org/d/msgid/cas-user/63fc6bc3-31f9-46a6-8d14-a8f14d3a329c%40apereo.org?utm_medium=email&utm_source=footer 2018-04-25 16:11 GMT-03:00 Oscar Ruiz : > Hi Ray, > > Thank you for your suggestion. We disabled EhCache in the dev environment > and saw no improvemen

Re: [cas-user] [SSO] Is it possible to make a service completely separated from other SSO services without require login every time (i.e. renew=true)

Hi Ray, Thank you for your response! In the document [ https://apereo.github.io/cas/5.2.x/installation/Configuring-Service-Access-Strategy.html

[cas-user] Cas Oauth client with mfa

It is possible to trigger mfa after auth as an oauth client? I have try to custom mfa trigger, but it not run after authentication by oauth client. Any one can help? -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw