Hi,
Is there any update on this issue?
Thanks in advance.
On Tuesday, 4 September 2018 18:34:10 UTC+5:30, sarika deshmukh wrote:
>
> Hi Ganesh,
>
> Sorry for the late reply.
> I have checked logs as well, it seems like CAS is not connecting with OKTA
> at the time of logout.
>
> log details:
So, i'm trying to dig into this more.
I remember how this worked in 3.x. It was just a giant xml file describing
state to state transitions.
It appears that somehow I need to one of these:
1) get aup webflow to recognize x509's presence and inject itself there
2) get x509 webflow to recognize
I believe this is the detail that is missing. I was following
the
https://apereo.github.io/cas/5.3.x/installation/Configuration-Properties-Common.html#signing--encryption
documentation. Didn't see the line at webflow about "The encryption key
must be randomly-generated string of size f16.
After a little more research I found that the version of cas.css being used
by default is being provided by the cas-server-webapp-tomcat.war file from
the Maven repository. I don't really understand what code base this .war
file is generated from since the github repo doesn't have this cas.css
If you enable jwt in cas.properties by defining these two properties:
cas.authn.token.crypto.enabled=true
cas.authn.token.crypto.encryptionEnabled=true
But leave these commented out:
cas.authn.token.crypto.signing.key
cas.authn.token.crypto.encryption.key
Your catalina.out should log the
The encryption key for Spring Webflow (cas.webflow.crypto.encryption.key)
is not a JSON Web Key. It's a randomly-generated string of 16 octets,
Base64-encoded. You can generate it with OpenSSL:
openssl rand -base64 16 > webflow-enc.txt
Also, I believe you need a '-s' in front of the size
You might check out the server configuration section of the CAS deployment
guide that David Curry has put together
https://dacurry-tns.github.io/deploying-apereo-cas/building_server_configure-server-properties.html.
My guess is that there is a slight mistake in what you are currently doing
The problem is due to the chicken and egg issue. I need to prepopulate the
cas.properties, so the service can start up and work (without human
intervention). I'm trying my best to avoid having to start a service,
parse the logs, and modify config, then restart the service. The
documentation
A CAS Management 5.3.3-SNAPSHOT should be available soon in the snapshot
repo. Change your pom.xml/gradle.build to use this snapshot for CAS
Management and 5.3.3 for CAS server modules.
Will get a release out next week. With options to run on the same server in
the config.
On Thu, Sep 13, 2018
+1
I ended up grabbing values from the cas startup logs and setting in my
cas.properties. Seems to work.
On Wednesday, September 12, 2018 at 3:34:32 PM UTC-5, Curtis Ruck wrote:
>
> So i'm trying to automate the generation and persistence of the
> cas.tgc.crypto and cas.webflow.crypto
OK, good to know.
Is it possible to allow CAS and CAS management App deployed on the same
host, without the order of which one starts first? I can do that with
CAS4, that makes our deployment a lot simpler, without such dependencies.
Can we turn off discovery mode in CAS 5.3 management to
11 matches
Mail list logo