The CAS integration with ADFS is fine. Though "Perfectly" is perhaps too
strong a word :) But seriously, there is no basis to the rumor AFAIK.
You're probably thinking of the Azure MFA SDK, whose integration is one
that was removed from CAS about 8-9 months ago.
On Friday, September 7, 2018 at
Your analysis is correct. I believe more recent versions of 6 handle this
scenario.
On Thursday, September 13, 2018 at 12:41:08 PM UTC+4:30, Fabio Martelli
wrote:
>
> Il 12/09/2018 17:20, Fabio Martelli ha scritto:
>
> Hi All, I have some trouble with SAML2 SLO.
>
> It seems that my IdP CAS 5.2
Hi,
Was it a bug on your customization or something from the CAS server itself?
Thanks.
Best regards,
Jérôme
On Tue, Sep 25, 2018 at 4:37 AM Colin Wilkinson wrote:
> Hi,
>
> I have worked out what the issue was. It one of the scope session beans
> being loaded after the initial request that wa
Hi all, It is resolved.
casuser# mkdir /opt/tomcat/keystore
casuser# openssl pkcs12 -export -in
/etc/letsencrypt/live/cas.domain.com/fullchain.pem -inkey
/etc/letsencrypt/live/cas.domain.com/privkey.pem -out
/opt/tomcat/keystore/cas.domain.com.p12 -password pass:changeit
casuser# keytool -impor
Currently i am using apereo CAS 5.2.1 .
I am using redis as ticket repository .
SSO works fine if the server instance is not restarted .
Post restart even providing the same TGC value the server fails to perform
SSO and ask for credentials.
Redis conf :
cas.ticket.registry.redis.host=loc
You can check the contents of redis with the redis command line tool,
https://redis.io/documentation.
Do you have the signing and encryption keys for redis and the tickets in the
confing file? If not, they will be generated on each start.
Ray
On Tue, 2018-09-25 at 07:01 -0700, Casseora wrote:
C
Hi CAS Users,
We are using CAS 4.1.2 which is running on the cluster environment( One My
SQL DB-> connecting Two CAS tomcat application under 1 Application LB) and
we do not have any cache implemented.
intermittently when the user tries to login the user are redirected to
Login page itself. Be
Hello,
I need to extend my overlay of CAS 5.3.3, to support an additional endpoint.
MyController looks like this. User login to CAS already. I want to get the
authenticated user Id when user comes to this endpoint.
But, I am unable to get TGT below. What would be the right approach?
Thx!
Yan
If I start cas.war and wait for it to complete, then start
cas-management.war - then CAS Management app starts fine without the hang
up during Tomcat start.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
-
While that looks like it would address the issue, i believe I will wait as
my copy+paste'd solution works now. I really dislike the arbitrary nature
of CAS now, while the xml wasn't easy/fun, i definitely think we've gone
backwards now.
On Monday, September 24, 2018 at 11:51:48 PM UTC-4, Colin
Uvaraj,
See,
https://apereo.github.io/cas/4.1.x/installation/Configuring-Ticket-Expiration-Policy.html#service-ticket-policies
The time between ticket issue (16:06:58,320) and time of check on server 2
(16:07:12,665), more than 14 seconds, is an eternity in the digital realm.
Either there is a
Figured out, the cookie is secure, so it is only sent via TLS. I was
running CAS on Plain HTTP.
Yan
On Tuesday, September 25, 2018 at 2:54:17 PM UTC-4, Yan Zhou wrote:
>
> Hello,
>
> I need to extend my overlay of CAS 5.3.3, to support an additional
> endpoint.
>
> MyController looks like this
Hello, how to remove ports (to 443) while i use NGINX too. I want to like
*https://login.domain.com/*. Following cas configuration:
*etc/cas/config/cas.properties:*
cas.server.name: https://login.domain.com:8443
cas.server.prefix: ${cas.server.name}/cas
*nginx/sites-available/login.domain.com*
5.1.4:
covf...@maga.us
5.3.3-SNAPSHOT:
https://www.rarepepes.com";
SPNameQualifier="https://www.rarepepes.com"* >covf...@maga.us
Seeing an odd issue between CAS versions regarding SAML responses.
Specifically, I have found in 5.3.3 the NameID portion of the response
includes NameQualifier and
Hi Jérôme,
I am not 100% sure, if it maybe a edge bug with CAS server itself.
Basically its an issue when serialising the session, there is no problem
when executing code only when trying to serialise the session and that made
the problem hard to track. Basically I had two beans that were sessi
Hi,
I wondering if its possible to have multiple authentication handlers run
for the same credential type. Take "ClientCredential" for instance, I am
trying to have multiple authentication handlers run. I am trying to leave
your default ClientAuthenticationHandler as and have second Authenticat
Regarding Authentication I have ask a separate question to see if what I
want to do is possible.
On Wednesday, 26 September 2018 08:14:00 UTC+10, Colin Wilkinson wrote:
>
> Hi Jérôme,
>
> I am not 100% sure, if it maybe a edge bug with CAS server itself.
> Basically its an issue when serialising
Have you tried to disable it? There are a few options regarding NameIDs in the
service management app / service definition.
Von: cas-user@apereo.org [mailto:cas-user@apereo.org] Im Auftrag von
magicserverpixiedust
Gesendet: Dienstag, 25. September 2018 23:31
An: CAS Community
Betreff: [cas-us
Hi,
Authentication handlers are called depending on the passed credentials. For
a delegated authentication, a ClientCredentials is created which triggers
the ClientAuthenticationHandler.
Are you sure your new authentication handler supports ClientCredentials?
Thanks.
Best regards,
Jérôme
On We
19 matches
Mail list logo