Hi,
I'm testing CAS version 5.3.2 and found out that
the DefaultTicketRegistryCleaner is not deleting expired tickets when
running CAS with JPA.
My investigation after checking the code is the following:
1. DefaultTicketRegistryCleaner calls TicketRegistry.deleteTicket passing
the id of the t
Hi Ray,
Thank you for your patient reply.
I think I know why.
When App and CAS under the same proxy(same domain name), they have the same
TGT, and CAS can validate it.
But when use three nginxs, they are under different domain names.
So I think it's a cross domain sso.
As you said: http://proxy
I’m trying to set up CAS 5.3.2 so that it delegates authentication to Azure AD
via SAML2. I’ve seen documentation on how to delegate authentication to an
external SAML2 IdP, and I’ve read the tutorial
(https://apereo.github.io/2017/03/22/cas51-delauthn-tutorial/). The tutorial
showed how to s
James,
I meant that http://proxy_server/app was not registered as a service in CAS but
the tomcat server was, http://localhost:8080/app.
Your ports should not be exposed but hidden within nginx config.
Ray
On Thu, 2018-08-02 at 05:11 -0700, James Q wrote:
Ray,
I use one nginx to proxy app and
Neha,
By default CAS will send the logout to the URL that was used for login. If
Wordpress has a different URL, you can set that in the service definition,
https://apereo.github.io/cas/5.3.x/installation/Logout-Single-Signout.html#slo-requests
Ray
On Thu, 2018-08-02 at 02:52 -0700, Neha Gupta
Ray,
I use one nginx to proxy app and cas as you remind and it works.
But this expose ports of app and cas server.
Still don't know why 3 nginx not work out..
What do you mean proxy_server/app is not part of SSO?
Thanks.
James.
On Thursday, August 2, 2018 at 12:06:02 AM UTC+8, rbon wrote:
Hello Team,
I have multiple CAS client (mod_auth_cas) connected to a load balancer. My
problem is mod_auth_cas ask CASCOOKIEPATH to set to store the user
information locally.
I am planning to use NFS for the same but I feel there will be a delay in
reading/writing the cookie information and have
IMHO, Nebil has a fair point. The pac4j.saml[0].clientName property is in
the 5.2.x doc (line 27 of the SAML section under the Pac4j delegated authn
section) but not the 5.3.x. Being paranoid & cynical, I have to wonder, if
the documentation for 1 property has been removed, what are the odds it's
t
https://apereo.github.io/cas-management/5.3.x/installation/Configuration-Properties.html
https://apereo.github.io/cas/5.2.x/installation/Configuration-Properties.html#management-webapp
It seems that the prefix „cas“ has disappeared.
Von: cas-user@apereo.org [mailto:cas-user@apereo.org]
Hello Ray,
Issue is solved with the ASP application. Now when /cas/logout is called
from a new tab, ASP application is also getting logged out. The reason is
certificate as stated by you and some configuration in web.config of ASP
application. After activating debug traces for "org.apache.http"
Thank you Misagh, it works.
But this property does not exist in CAS documentation (
https://apereo.github.io/cas/5.3.x/installation/Configuration-Properties.html#saml2
).
Nebil
On Wed, Aug 1, 2018 at 10:22 PM, Misagh Moayyed wrote:
> cas.authn.pac4j.saml[0].clientName=SAML2Client
>
> --Misagh
11 matches
Mail list logo
