I am using the hazelcast ticket registry for my distributed deployment and
it is working nice. However, I have different components in the application
which are also using hazelcast. I would like to create my own hazelcast
cluster and have the other apps to connect to it through the HZ client,
Hi Marc,
what Jitendral has written sounds correct to me, with one small change. In
my environment the SERVICE_URL is actually the UI-url not the Spring API.
The Spring API is then called with the Service-Ticket to log in and the
Spring API validates the ST against a CAS instance. If everything is
Hi Abylay,
I know this is a bit older thread. However, I have run into the same
problem. I was using CA 5.1.1 as maven overlay with some custom
implementation. Now I wanted to update to 5.3 (can't o higher, because need
to be on java 8). I am getting exactly the same exception:
Caused by:
Hi Jitendra,
yes it has worked for me. I have configured it exactly like described. My
application architecture is:
1.) Spring REST Api
2.) Angular JS frontend
3.) CAS Server
The configuration for CAS:
- I have not really made anything special here. Just configured the
service, which is
I am using CAS 5.1.1 which comes with pac4j 2.0.0
On Friday, December 20, 2019 at 8:34:55 AM UTC+1, leleuj wrote:
>
> Hi,
>
> Which version of CAS (and pac4j) do you use? Do you have one or more CAS
> servers?
> Thanks.
> Best regards,
> Jérôme
>
> Le jeu. 19 déc
Hi Sarika,
I am facing the same issue. The SAML logout request to Okta does not work.
After debugging I have found out that in pac4j's implementation in
SAML2LogoutRequestBuilder the UserProfile cannot be retrieved from the
context, hence no sessionIndex as nameId is added to the request. This
I know this is an older post, however, I am experiencing the same issue on
CAS 5.1.1. Indeed it seems to be connected to the EhCache ticket registry.
If we remove it and use the default in-memory we are not experiencing this
issue. Is there maybe any fix for this?
On Wednesday, March 22, 2017
Hello,
I am using the EhCacheTicketRegistry, within an instance of CAS 5.1.1. Our
performance tests of the application showed, that about a 50% of our log-in
request fail. The reason for that is that sometimes the service ticket is
not found in the ticket registry, although it has been
I have integrated an external SAML 2.0 Identity Provider into my CAS 5.1.0
Server. Everything works fine if the IdP supports HTTP-Redirect binding for
the SingleSignOnService. However, if the IdP supports only HTTP-Post
Binding, the configuration of the SAML2 Client will fail with the
I have a custom authentication handler, which checks the username/pass
against an elasticsearch datastore. Everything works fine, but if from some
reason the ES would be down I want to throw an exception saying that the
system is currently down. I've tried with any subclass of
cas.authn.ldap[0].name=
>
>
> About the ID and your other question, idk how to do it using traditional
> configuration. You can also opt for custom authentication handler like you
> said about, here some reading that might be useful (
> https://apereo.github.io/2017/02/02/cas51-au
If I use a delegated SAML2 authentication with
the cas-server-support-pac4j-webflow dependency I have the ability to use
the typed User ID which is a concatenation of the provider identifier and
the local user ID (i.e. FacebookProfile#1234). This is nice, however, It
takes the provider ID from
I am using CAS to authenticate users for a service, which contains user
profiles. I need to map this user profiles to the users, i.e. I need a
unique user identifier, which I get from the authentication. This is more
or less provided by the CAS, however I also need to store the information
Hi,
I am using a custom authentication handler which checks a user against a
one stored in elasticsearch. I have already created different
authentication handlers and they all worked. But when using this one I am
getting following exception:
2017-09-12 11:52:20,176 WARN
I have successfully implemented a connection to the delegated Saml2 IDP
based on this tutorial
(https://apereo.github.io/2017/03/22/cas51-delauthn-tutorial/). Now I need
to somehow provide a custom implementation upon receiving the SAML
assertion. My real-life IDP is requesting a service
> - use implicit flow to obtain CAS generated JWT
> > - send JWT to your API
> > - REST API checks JWT signature against jwks_uri
> >
> > Example : https://area51.univ-paris1.fr/prigaux/test-oidc.html (you
> > must logged on google first)
> >
> &
(major pb for us)
>
> French presentation on this: https://prigaux.frama.io/JwtProxyService/
>
> cu
>
>
> Filip Majernik <filip.m...@gmail.com > a écrit :
>
> > Hi Pascal,
> > the reason why I need this is, that the REST API calls can also be
> > pe
Hi Pascal,
the reason why I need this is, that the REST API calls can also be
performed only by an authorized user. This means that the AngularJS app
must send some token alongside with the request to my REST API and the REST
API must be able to validate that token.
So the main problem for me
I have a following architecture:
1.) CAS 5.1 authentication server
2.) Angular JS single page client which is accessing a REST API for the data
3.) Spring REST API
I need to secure the REST API calls from the angular JS client. I.e. only
authenticated users should be able to communicate with
I have a custom AuthenticationHandler because my users get authenticated
against a BPM engine. This is working fine. Now I also have to retrieve the
roles. I can do this also in the authentication handler. However, I don't
see the 'roles' attribute in the validation response. XML.Here is the
20 matches
Mail list logo
