Hi Baron,
As Pascal Rigaux wrote earlier today, if you want CAS to distinguish
shib-cas-authn plugin requests by entityId and match different entityIds
with different registered services, you'll want to set
"shibcas.entityIdLocation=embed" in shib-cas-authn, so that the *entire*
service value
Hi Pascal,
Shouldn't I be able to simulate this from CAS itself for testing purposes?
E.g. If I try the following as a test URL:
<
https://cas.example.edu/cas/login?renew=true=https%3A%2F%2Fexample%2Eedu%2Fidp%2FAuthn%2FExternal%3Fconversation%3De1s2=FooBar
>
It appears to generate a request to
Jérémie,
Here are some loggers for cas ldap:
Make sure you can authenticate / find the user from another application (I do
not know what tools are available for AD).
Check your AD logs to see what it thinks the problem is.
Ray
On Thu, 2023-06-15 at 05:19 -0700, Jérémie wrote:
Notice: This
Baron,
You could configure Shib to use SAML2 proxy with Cas as a SAML2 IdP.
With the Shib Cas plugin, you are authenticating for Shib as a service, rather
than the entity which is the destination (FooBar).
Ray
On Wed, 2023-06-14 at 09:44 -1000, Baron Fujimoto wrote:
Notice: This message was
I've setup a CAS 6.6.8 and an Active Directory on the same server for test
purpose.
I can't authenticate to my AD using an account. It seems that CAS cannot
find the user inside the AD.
Here my cas.properties file (AD section) :
```
# Active Directory
cas.authn.ldap[0].type=AD
Hi, I used your code in CAS 6.3 and I am able to authenticate the user for
the first time. If I open a private window and try to authenticate again, I
get an error . Have you encountered this error as
well?
Thanks
Dne pátek 25. června 2021 v 6:33:17 UTC+2 uživatel Andy Ng napsal:
> Hi all,
>
Dear Ray, Jerôme,
I have asked colleagues in other universities and they reproduce the same
problem. We are interested in collaborate and propose an improvement to the
web flow. I have checked the code and as I see it I will need to change a
few core classes. At a minimum, I think that the
Hi,
You need to use "shibcas.entityIdLocation=embed" in shib-cas-authn
You may also need "idp.session.enabled = false" (or my simple
alternative https://github.com/Unicon/shib-cas-authn/pull/8 which does
not break shib idp SLO)
cu
Baron Fujimoto a écrit :
We're using CAS 6.6 as an
Found the answer here:
<
https://apereo.github.io/cas/6.6.x/services/Service-Access-Strategy-URL.html
>
More specifically, by specifying the unauthorizedRedirectUrl in the
accessStrategy
On Fri, Apr 14, 2023 at 3:23 PM Baron Fujimoto wrote:
> When using service access strategies such as ABAC
We are currently using LDAP but also want to integrate with Azure AD.
I was looking at chaining these so that Azure AD is check first, then falls
back to LDAP if user not found in AD. I see these two properties for both
methods:
cas.authn.azure-active-directory.order=0
Hi Team,
Please find the corrections and findings.
org.apereo.cas.client
cas-client-support-springboot
4.0.2
If I remove spring-boot-starter-security from the pom.xml and also remove
@Configuration to configure authorized http requests, the filters are
picked up and is working fine.
Unfortunately the only services working are on CAS 5.3.16, which we're
trying to get away from.
All services for 7.0.0 are going to be new. I don't have CAS management
installed, but I'm working to try to get that up and running as well.
Is there any specific way to register a service other
We're using CAS 6.6 as an AuthN front end using Unicon's shib-casn-authn
(v4)[*] plugin for the Shibboleth IdP.
We have it working for the IdP generally, but now we'd like to apply more
specific actions based for certain entityIds.
For example, given an entityId="FooBar", this may appear in the
13 matches
Mail list logo