Re: [cas-user] Re: Ask for authenticating at every login

Ray, I try to use interrupts, with json configuration. Interrupt occurs, but at second login user must reenter credentials. I try to change some parameters in json, but not succesfully. And another problem in json configuration is that it configured for specific user only. It documented for te

[cas-user] cas with Office 365

hi everybody i have oracle access manager implemented with Azure office 365 . i need to implement azure office 365 with cas also i want to make it in backup plan if oracle access manager down i can use it so i need clear instructions how configure azure office 365 from portal to can able to con

Re: [cas-user] 6.2.x Gradle Compilation

Tom, I think if you are running the release candidates, check https://github.com/apereo/cas/blob/master/gradle.properties to see what master is set at. Try 6.2.0-SNAPSHOT Ray On Wed, 2020-01-29 at 13:35 -0800, Tom Healey wrote: Hi all, I am trying to modify the overlay from from the CAS overl

Re: [cas-user] How do I cut some of the information that is logged with SERVICE_ACCESS_ENFORCEMENT_TRIGGERED log entries to our cas_audit log to reduce log verbosity?

I here you on 'filters in appenders'. All of mine are commented out because they did not work. Ray On Wed, 2020-01-29 at 12:54 -0800, crdaudt wrote: Thanks Ray. The following log4j2.xml RegexFilter configuration worked for me to eliminated all log entries with the specified string: ---BEGIN---

Re: [cas-user] Externalizing custom messages

Dustin, Should your file be custom_messages.properties (note '_')? Then maybe cas.messageBundle.baseNames = file:/etc/cas/messages/custom_messages,classpath... You could also put your custom file in src/main/resources/ and it will end up in the classpath (would this negate setting cas.messageB

Re: [cas-user] Re: Trying to determine why CAS is returning an encoded attribute to SAML SP

Thanks, Misagh! Responses below: On Wed, Jan 29, 2020 at 2:23 AM Misagh Moayyed wrote: > >> None of this would be a big deal if we hadn't run into a bizarre problem >> that the encoded attribute being sent *CHANGED*. >> > > It would be helpful to describe the steps you took to create/duplicate >

Re: [cas-user] 6.2.x Gradle Compilation

Hi all, I am trying to modify the overlay from from the CAS overlay directory that i downloaded from gitbub. I have changed my gradle.properties to *cas.version=6.2.0-RC2* *(I copied it right from the posting. )* and I get: *Could not resolve org.apereo.cas:cas-server-core-api-configuratio

Re: [cas-user] How do I cut some of the information that is logged with SERVICE_ACCESS_ENFORCEMENT_TRIGGERED log entries to our cas_audit log to reduce log verbosity?

Thanks Ray. The following log4j2.xml RegexFilter configuration worked for me to eliminated all log entries with the specified string: ---BEGIN--- ... ... ---END--- Oddly enough, I could not get the same RegexFilter to work with my Appender (

[cas-user] Externalizing custom messages

I am trying to externalize as many of the customizations to CAS as possible. I have figured out how to do so for UI templates using the cas.view.templatePrefixes[0] property, but am having trouble figuring out a similar tec

Re: [cas-user] Re: Ask for authenticating at every login

Alex, There is this capability to manipulate the log in flow, https://apereo.github.io/cas/6.1.x/webflow/Webflow-Customization-Interrupt.html. You can also modify the web flow, https://apereo.github.io/cas/6.1.x/webflow/Webflow-Customization.html Ray On Wed, 2020-01-29 at 06:17 -0800, Alex T

Re: [cas-user] Re: CAS 6.1.3 SAML and JSON

Jeff, 'excludeDefaultAttributes' should be inside 'attributeReleasePolicy'. Where are you defining 'FirstName' and 'Surname'? If it is in the list of default attributes, then you want 'excludeDefaultAttributes=false'. Add this to log4j2.xml: Ray P.S. It would be easier to s

[cas-user] Re: Adding cas.properties file to source control

Thanks, Misagh. That's exactly what I was looking for. The thing that confused me at first was how to set the profile. I'll leave what I did here for others that may need to do the same. My environment uses Tomcat running as a service on a Windows server. In order to set the profile, I had to

[cas-user] Re: Ask for authenticating at every login

PS. If user already authenticated in CAS, I dont want to force reentering password. I want ask user does he want to log in in app. If yes, user redirected to app with token, then he became authenticated. On Wednesday, January 29, 2020 at 5:03:22 PM UTC+3, Alex T wrote: > > I create app, that use

[cas-user] Ask for authenticating at every login

I create app, that use Apereo CAS server. And it works :) But I want to do some changes. If I authenticated successfully in my app via CAS, than I log out in my app. Than I try to login via cas again, redirect occurs to cas, and redirect back with ticket, and seems that I loged in again without

Re: [cas-user] Re: CAS 6.1.3 SAML and JSON

Hi All, I am slowly getting there, although now I have hit another hurdle. I need eduPersonTargetedID, now I can get that by using { "@class" : "org.apereo.cas.support.saml.services.SamlRegisteredService", "serviceId" : "https://DOMAIN";, "name" : "Apache Secured By SAML", "id" : 10011, "des

[cas-user] Re: SAML Delegation in 6.2.0-RC2

> > I don't know what to look for. I know there's a tag on the > request standard for SAML, but the documentation is not clear about this > subject. > > Can you guys give me some advice or point me in the right direction? > There is no issuer tag in the saml2 response you get back from the ide

[cas-user] Re: Adding cas.properties file to source control

> > I would like to add my cas.properties file for a standalone deployment to > source control. I'd like to know if there is a way to put certain settings > that would necessarily be different between our dev & prod environments > someplace external to the main properties file so I don't need t

[cas-user] Re: How to unpack the cas war (5.3.x) with Jetty

> > > Does any one know how to make CAS unpack the war file to the temp > directory with embedded Jetty ? > That is not how "embedded" works. An "embedded" container is not a repackaged version of the server distribution stuffed into the CAS web application artifact. You won't find a "real j

[cas-user] Re: [CAS 6.1.3]: OAuth2 Implict Grant - Passed state isn't returned correctly

Just wanted to note the patch/fix is now merged. Thank you David! On Friday, January 24, 2020 at 1:06:47 PM UTC+4, David Albrecht wrote: > > Hi all, > > when using the implict grant and passing a state parameter which contains > special characters the state parameter in the returned redirect doe

[cas-user] Re: Trying to determine why CAS is returning an encoded attribute to SAML SP

> > > None of this would be a big deal if we hadn't run into a bizarre problem > that the encoded attribute being sent *CHANGED*. > It would be helpful to describe the steps you took to create/duplicate this scenario. > > So my two questions: > 1) Is there any chance that the google apps ke

[cas-user] Re: CAS 6.1.3 PM password reset link question.

> > Not sure the service needs to be on this link. As I understand it, the > transient service ticket is a one shot directed at the password reset > component, so I am uncertain why the service would be necessary as the link > also works with the ?service portion removed. > > Is this something

Re: [cas-user] Service Registry - Store in MySQL database

Something along the following lines should work: cas.serviceRegistry.initFromJson=true cas.serviceRegistry.json.location=file:/etc/cas/config/services - Then, make sure your JSON files are in the above noted directory. - Then, make sure your overlay contains a reference to the JPA service regis

[cas-user] Re: How to specify redirect_uri for CAS 6 Delegation to Azure AD OIDC

This seems to have been fixed in 6.2.0 RC2, I have not had the error at all on 6.2.0 RC2, I then spend a bit of time finding a reliable sequence of events that caused the error and found a way to reproduce consistently on 6.1.2 following a specific series of login/logout requests: In the same