[cas-user] Re: CAS: 7.0 Office365 login with tenant common - broken

Problem is known: https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/issues/460/cant-parse-azure-oidc-metadata-unencoded piątek, 31 maja 2024 o 09:32:33 UTC+2 Łukasz Woźniak napisał(a): > Hi, > > We integrate with Office365 by OIDC. On version 6.5 it's

[cas-user] CAS: 7.0 Office365 login with tenant common - broken

Hi, We integrate with Office365 by OIDC. On version 6.5 it's work very good. After upgrade configuration with "azure.tenant=common" doesn't work. I found that library nimbussds:oauth2-oidc-sdk cannot handle issuer url from

Re: [cas-user] Re: CAS 7 master mfa-gauth issue commit 15580dc action="@{/login}"

We override view and Madej change from mfa-gauth to login. pon., 27 maj 2024, 11:47 użytkownik Frédéric Dussurget napisał: > Hi there, > just asking if somebody managed to resolve this pending issue ? > regards, > > Le mardi 16 avril 2024 à 18:03:32 UTC+2, Frédéric Dussurget a écrit : > >> Hi,

[cas-user] CAS 7.0.3 Office365 Integration and attributes problem

Hello, We actually migrating from CAS 6.5 to 7.0. We are integrated with Office365 but in version 7.0.3 is problem that We dont get family_name and given_name attributes. Our configuration in scope we have set: "openid profile email" Anyone have similar problem ? Thanks, Lukas -- - Website:

Re: [cas-user] CAS 7.0.3: missing LDAP principal attributes when using DUO MFA

Hi, We are using CAS in version 6.5 on production with protocols OAuth, SAML, OIDC. We use attributeRepository from LDAP because we need *memberOf *with recursive data. There are many memberOf so we need to filter it out. We use attributeReleasePolicy with

[cas-user] CAS 7.0.3: SAML problem with returning attribute

Hello, We upgrade CAS from version 6.5.9 to 7.0.3 and CAS in SAML stop returning *givenName *in attributes. Example configuration below. Any idea why is it stop working ? "attributeReleasePolicy": { "@class": "org.apereo.cas.services.ReturnMappedAttributeReleasePolicy",

Re: [cas-user] CAS v7.0.0 Performance issue.

you know any? > > On Tue, Feb 27, 2024, 9:10 PM Łukasz Woźniak > wrote: > >> What protocol do you use ? Do You use OAuth? In my situation, I found >> that on the OAuth there is a bug in 7.0.0. CAS filter out scopes not >> mentioned in properties for OIDC( it sho

Re: [cas-user] CAS v7.0.0 Performance issue.

What protocol do you use ? Do You use OAuth? In my situation, I found that on the OAuth there is a bug in 7.0.0. CAS filter out scopes not mentioned in properties for OIDC( it shouldn't be like that). So application connecting with OAuth was doing Ddos, because It get empty scopes. I know It is

Re: [cas-user] CAS v7.0.0 Performance issue.

Same happend to Us. We have CAS on AWS in kubernetes. We have git for services and redis for tickets and mfa. We have 2 pod running with Horizontal Pod Autoscaling enabled. Autoscale never grow higher than 3 pods. When we deploy CAS from version 6.5 to 7.0, CPU is always almost 100%. HPA scaled

Re: [cas-user] Re: CAS 5.3 OAuth2 Delegated Authentication error Client not found

Many years ago I have been using CAS with version 5.3, but there was many errors with delegated authentication. I suggest You to upgrade to version 6.6.x sob., 22 lip 2023 o 06:34 mohsen saeedi napisał(a): > Extra information is needed to answer this question? > > nobody is here to help me? > >

[cas-user] Delegated Authetication and session cookie

is session cookie? Łukasz Woźniak -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Comm

Re: [cas-user] locale parameters after upgrading from 6.1.7 to 6.5.7

Sorry i miss lead you. I have problem with locale on version 6.5.7 and CAS could not parse locale correctly with delegation authentication. czw., 27 paź 2022, 18:27 użytkownik Łukasz Woźniak napisał: > I've got the same problem upgrade to at least 6.5.8. > > śr., 26 paź 2022, 16:18 u

Re: [cas-user] locale parameters after upgrading from 6.1.7 to 6.5.7

I've got the same problem upgrade to at least 6.5.8. śr., 26 paź 2022, 16:18 użytkownik Andrea Colajacomo < andrea.colajac...@alecsandria.it> napisał: > Hello everyone, > we are testing an upgrade as indicated in subject and we have an issue > regarding locale recognition in cases where we use

Re: [cas-user] Help needed in upgrading CAS Server

I Was upgrading cas from same version to 6.5.x . It wasn't hard. It depends on module You are using. Upgrade to 6.5.8, in lower version of 6.5.x there is a bug with languages and delegation authentication. pon., 26 wrz 2022 o 17:23 Morning Star (vidivelli) napisał(a): > Hi all, > Thanks for

[cas-user] Re: v. 6.5.5 - problem with cookie Locale

If someone have similar problems bug was fixed in this commit https://github.com/apereo/cas/commit/c6006aa1d0a2d6e26cf315f79e7293464fd77527 środa, 8 czerwca 2022 o 10:33:07 UTC+2 Łukasz Woźniak napisał(a): > Hi, > > We are using verison 6.5.5 with Delegated Authentication

Re: [cas-user] Re: Logout Redirect Issue

Hello, We are using 6.3 version and we've got the same problem. We have configuration single delegate authentication with flag exclusive on true, and after go to *logout?service=https://* CAS didn't logout from Office365. And it redirect to the Office365 there is a session, so it's back to

[cas-user] v. 6.5.5 - problem with cookie Locale

Hi, We are using verison 6.5.5 with Delegated Authentication Discovery Selection . And I've got a problem, when user come back form Office365 on address /login?client_name=Office365 he get 2

[cas-user] OAuth 2.0 - client credentials - with clientID and ClientSecret as LDAP user

Hi, We use CAS in version 6.3. Is is possible to use OAuth 2.0 "client credentials" mode https://apereo.github.io/cas/6.3.x/installation/OAuth-OpenId-Authentication.html#client-credentials with authorization based on the ActiveDirectory or based on the configured authorization mechanizm in

Re: [cas-user] How to configure TST ticket used in reset password management workflow for high availability ?

We have CAS on 5 pods in K8s and We using Spring session in Redis. It work good. Lukas sob., 12 mar 2022 o 09:50 Jérôme Steve napisał(a): > Ray, > > Thank you for your reply. Unfortunately not. > Maybe I should have cached the webflow session ? But I'm not sure if this > ticket is stored

Re: [cas-user] Password does not match the password policy requirement.

You've upgrade or have new fresh version? I've got similar problem but I'm upgrading instance from 6.3.7. And there was change in the template and policyPattern was null, because it was changed to passwordPolicyPattern. Check the template if You override it. wt., 15 mar 2022 o 00:25 stonej

Re: [cas-user] Re: Google Auth Redis record format change...anyone know how to migrate?

Hi, I've got the same problem. I write new actuator endpoint and migrate the records.You need to resave them in new format (i put new machine name as username). pon., 12 lip 2021 o 03:16 He vincent napisał(a): > I got same issue with gauth + mongodDB. from cas5.3 to cas 6.4. > > > Stewart在

Re: [cas-user] CAS 6.3.x + Google Auth as 2FA

It should stay mfa-gauth. Sorry phone dictionary problem  wt., 13 kwi 2021, 16:30 użytkownik Łukasz Woźniak napisał: > Hi, I have czas 6.3.2 with Google mfa and it works. Dont change config > cas.authn.mfa.gauth.name it stole stary mfa-gauth > > wt., 13 kwi 2021, 16:04 użytko

Re: [cas-user] CAS 6.3.x + Google Auth as 2FA

Hi, I have czas 6.3.2 with Google mfa and it works. Dont change config cas.authn.mfa.gauth.name it stole stary mfa-gauth wt., 13 kwi 2021, 16:04 użytkownik Bartosz Nitkiewicz napisał: > I have cloned CAS sources and > copy >

Re: [cas-user] Cas can’t see exteralized customised views. Cas overlay ver 6.3.2.

I've got same problem with this. Problem is that You have to override main templates to able to use fragments. For example to in file layout.html. You have to override to use fragment from nextor Footer fragment will go here śr., 10 mar 2021 o 16:36 artur miś napisał(a): >

Re: [cas-user] Re: cas with o365

Hi, I was integrated with o365 but on OPENID on version 5.2.x but this version has poor support for integration with o365. Try too use version 5.3.x or if You can 6.0.x. In version 5.2.x is problem that O365 don't support redirect url with parameter, and CAS generate url with parameter version

Re: [cas-user] CAS 6.1.x Ldaps configuration problem

Hello, Help me too. Thanks! Regards, Łukasz W dniu sobota, 26 stycznia 2019 16:40:59 UTC+1 użytkownik David Gelhar napisał: > > Using Java8 probably isn't an option - CAS 6.x requires Java11 > > We have been able to work around the issue by using the UnboundID provider > as suggested, with

[cas-user] Re: cas5.3X Multiple system login

Gecko) Chrome/75.0.3770.80 Safari/537.36 FirePHP/4Chrome FirePHP/4Chrome W dniu środa, 12 czerwca 2019 23:53:48 UTC+2 użytkownik Łukasz Woźniak napisał: > > i got the same problem with version 5.3.10. But I saw that when i'm again > on login page. when i hit F5 it will log me in. &

[cas-user] Re: cas5.3X Multiple system login

i got the same problem with version 5.3.10. But I saw that when i'm again on login page. when i hit F5 it will log me in. W dniu wtorek, 23 kwietnia 2019 04:34:31 UTC+2 użytkownik 李雁敏 napisał: > > Yes, I got the tgc information when I entered the second application, but > I still need to log in

Re: [cas-user] Example config for authing against Azure / O365?

When user open CAS state parameter is set on the session, but when user comeback from Azure/OpenID state Parameter is exist on request but on the session is null. W dniu poniedziałek, 3 czerwca 2019 22:39:23 UTC+2 użytkownik Łukasz Woźniak napisał: > > Problem is on connection Cas &l

Re: [cas-user] Example config for authing against Azure / O365?

application is sending the user to CAS > with one URL in the service parameter and a different URL when validating > the service ticket. There should be log messages describing why the 'State > paramerter ...' is output. You may have to turn up the log level. Ray > On Mon, 2019-06-0

Re: [cas-user] Example config for authing against Azure / O365?

We use 5.2.9 version of CAS. And We have problem every day when user try to authenticate. They get "Unautorized access" and in log we get CSRF error: State parameter is different from the one sent in authentication request. Session expired or possible threat of cross-site request forgery

Re: [cas-user] CAS 5.2.6 + Delegated Authentication + Microsoft Azure AD + How to map attributes

Hi, I'm working on integration with Azure AD too. I was able to connect wia OpenID. To map attribute You need to define default attribute. Example below: cas.authn.attributeRepository.merger=REPLACE cas.authn.releaseProtocolAttributes=true

[cas-user] Re: cas 5.3 and office 365 sp

Antoine Gambino, Did you manage to configure integration with office365, as you described? Thanks, Lukas W dniu piątek, 13 lipca 2018 09:41:29 UTC+2 użytkownik Antoine Gambino napisał: > > > thank you for the answer > > if i understand. > > i need to dowload the lastest file of asure