Bobby,
Single logout is a messy business anytime. If you force users to be logged out
of their applications when the CAS session ends, you risk terminating a session
which an application considers valid (i.e. service has a longer session than
CAS).
If you have control over all services
*@*Misagh Moayyed
Thank you very much for your assistance. I was able to follow
QueryDatabaseAuthenticationHandler as a template,
extending AbstractJdbcUsernamePasswordAuthenticationHandler, and adding my
custom logic to it.
I do have a follow up question though that I haven't been able to
Hi,
We've been using CAS for over a year. We use the CAS REST API for creating
and validating service tickets.
We now need to use CAS to delegate authentication to an openID connect
provider. I have not been able to find any documentation around CAS
delegated authentication with the CAS REST
Hello.
No. I made an advance adding values like to the inmutableId in the 365
users but after that:
1) I can login to Cas but it doesn't login on the login.microsoftonline.com
2) I can login in login.microsoftonline.com but doesn't sso with my Cas.
It's just both systems are not connected
Neat tip for anyone using cas with Office 365. You can have Microsoft
automatically redirect to your cas login by using a link like the below:
https://login.microsoftonline.com/?whr=example.com
A few other options mentioned here:
Were you able to complete the o365 setup with cas?
On Wednesday, July 3, 2019 at 9:26:36 AM UTC-5, Robert Bond wrote:
>
> If you do not want to use Azure AD Connect you can create a process to
> sync via powershell. I have an example on my github:
> https://github.com/bondr007/office365UserSync
*here is my configuration:*
cas.authn.wsfedIdp.idp.realm=urn:org:apereo:cas:ws:idp:realm-CAS
cas.authn.wsfedIdp.idp.realmName=CAS
cas.authn.wsfedIdp.sts.subjectNameIdFormat=unspecified
cas.authn.wsfedIdp.sts.encryptTokens=false
Hi all,
I'm using Hazelcast for ticket registry and I noticed *Hazelcast* *consume
CPU much*, I need to know if anything is wrong in my configuration, please?
Here is my config:
cas.ticket.registry.hazelcast.cluster.members=172.xx.xx.x1,172.xx.xx.x2,172.xx.xx.x3,172.xx.xx.x4
Hi Lorenzo.
You need a header called X-Service with the value client_id, besides you
shoud not send client_secret.
If you send client_secret you are always validating the service definition
(client_id/client_secret) not validating user/password.
Example:
curl -X POST \