Re: [cas-user] CAS Spring Security SSO and "Skipping" The Entry Point

The login link is A/desktop which matches and the serviceProperties definition is A/desktop/auth On 12/18/20 4:27 PM, Ray Bon wrote: Colin, This looks to be an application config issue and not related to cas [server or client]. Is the "Login" link to A/desktop, or is it something else like

Re: [cas-user] CAS Spring Security SSO and "Skipping" The Entry Point

Colin, This looks to be an application config issue and not related to cas [server or client]. Is the "Login" link to A/desktop, or is it something else like domain/cas/login?service=A/desktop? Ray On Fri, 2020-12-18 at 16:03 -0500, Colin Ryan wrote: Notice: This message was sent from outside

Re: [cas-user] Re: CAS 6.3.0-RC3 issue with MFA selector menu

Paris, The service looks to be held on the server side. So not showing in the url is probably not an issue. In my test, I do get redirected to the service correctly and the service ticket is validated. I do get failed completion for what looks like a second check of the mfa process (that

[cas-user] CAS Spring Security SSO and "Skipping" The Entry Point

Folks, So in the initial iteration of my project I had my spring security application working as it should w.r.t. to the common design/functional patterns for Spring Security and CAS. Let's call this Application A) My http security definition was as follows.  http

Re: [cas-user] Re: CAS 6.3.0-RC3 issue with MFA selector menu

Looking at my debug logs and comparing the cases of the single MFA provider and of the MFA selection menu I found that the service information is lost after a successful password authentication. E.g. the POST command at the MFA token page only contains cas/login instead of

Re: [cas-user] About ticket caching and properties handing in CAS 6.2

Rakesh, 1. There are a number of options for caching, https://apereo.github.io/cas/6.2.x/ticketing/Configuring-Ticketing-Components.html. Your choice will depend on what you already have (software and human), and how you configure you cas cluster. I have worked with ehcache and hazelcast.

[cas-user] CAS 6.2.X audit log incorrectly logs one-time token value instead of username/userid in the WHO field when the supplied one-time token is incorrect

As the title says, the default audit log entry in CAS 6.2.X for submission of a one-time token by a user incorrectly logs the one-time token value under the "WHO :" field when the one-time token provided by the user is incorrect. Example log entry : Audit trail record BEGIN

[cas-user] Suppress refresh token for oauth2 client credentials grant

Hi all, according to https://tools.ietf.org/html/rfc6749#section-4.4.3 refresh tokens SHOULD NOT be issued for client credentials grant. With CAS we have oauth2 services which are registered for multiple grant types. In our case client credentials, refresh token and authorization code. But