hi collin,
thank you for responding to my message,
Regarding the configuration that you wrote above,
I have also changed the protocol to PAP. But it still didn't work.
Previously, I made sure that no errors occurred on my Freeradius server and
my CAS server.
Related to some of your suggestions
Hi all,
I'm thinking to store all employee's account in CAS. I have MySQL as my
database authentication currently. Is there any best practice to manage
user account in CAS? What I can think of now is dump sql file into my
user_info table. But this looks not scalable to add or delete user.
I al
Hi all.
We are currently using OpenLDAP for the user database (password, profile,
groups). It would be interesting though to enable CAS to authenticate
against a Wordpress user database and read also the Principles from that
database (and also Roles).
Has anyone tried it?
Thank you in advance
Hi Dave,
Do you have any hazelcast config with time out . This can also result with
tickets getting timed out .
On Wednesday, December 2, 2020 at 1:36:02 AM UTC+5:30 Dave Steiner wrote:
> We had started the upgrade a while back but then got distracted by other
> projects. So when we restart
As of my observation CAS doesn't fall back to 'in memory storage' if the
remote ticket store is unavailable.
Following are the exception logs i see from logs .
```
2020-12-02 10:25:17,597 ERROR
[org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] -
org.springframework.data.redis.Redi
On Tue, 1 Dec 2020 at 15:22, Bryan K. Walton wrote:
> Is it possible to use an If Statement like this to make CAS auth
> optional? If not, is there another way to bypass CAS auth if a
> certain cookie is already present in the user's browser?
A similar config works for me in both Directory and L
On Tue, Dec 1, 2020 at 4:06 PM Colin Ryan wrote:
> Folks,
>
> I'm running CAS 6.2.3.
>
> Authenticating to a CentOS 389 Directory LDAP Server. Authentication is
> all good. Finally even appeared to solve my ePerssonDirectory attribute
> extraction configuration issues. However I'm unable to get t
Folks,
I'm running CAS 6.2.3.
Authenticating to a CentOS 389 Directory LDAP Server. Authentication is
all good. Finally even appeared to solve my ePerssonDirectory attribute
extraction configuration issues. However I'm unable to get the DN of the
users LDAP entry to resolve.
389 Directory
Hi Everybody,
I'm trying to configure Apache so that if a user has a certain cookie,
for that domain, stored in their browser, then CAS authentication is
bypassed. I'm trying to do an Apache config with mod_auth_cas, that
uses an If statement and looks like this:
We had started the upgrade a while back but then got distracted by other
projects. So when we restarted we kept with the same version.
-ds
On Tuesday, December 1, 2020 at 1:28:56 PM UTC-5 dkopylenko wrote:
> Hi Dave.
>
> I was just wondering, is there any reason you’d not go to the latest CAS
Hi Dave.
I was just wondering, is there any reason you’d not go to the latest CAS v
6.x, as 5.x is EOL?
Best,
D.
On Dec 1, 2020 at 13:10:26, Dave Steiner wrote:
>
> We are upgrading to v5.3.5 and I was just testing the TGT timeout. I am
> using hazelcast and have the following settings:
>
>
We are upgrading to v5.3.5 and I was just testing the TGT timeout. I am
using hazelcast and have the following settings:
cas.ticket.tgt.maxTimeToLiveInSeconds=28800
cas.ticket.tgt.timeToKillInSeconds=28800
But I notice after an hour or so, that I have to re-authenticate. In the
logs, I'm see
Priyambada,
Any loss of the ticket storage system would result in an interruption in an SSO
session. This is not limited to redis.
#2 is more interesting.
Does cas fall back to 'in memory storage' if the remote ticket store is
unavailable?
Is there an error log written when the ticket store is u
Irvan,
All I have is the following:
cas.authn.radius.name=Radius
cas.authn.radius.server.protocol=PAP
cas.authn.radius.server.retries=1
cas.authn.radius.client.authenticationPort=1645
cas.authn.radius.client.sharedSecret=
cas.authn.radius.client.inetAddress=
cas.authn.radius.client.accounting
Recently during my research i came across the following code from apereo
redis ticket repository library .
https://github.com/apereo/cas/blob/master/support/cas-server-support-redis-ticket-registry/src/main/java/org/apereo/cas/ticket/registry/RedisTicketRegistry.java#L81
The implication of this
15 matches
Mail list logo