>
> sob., 12 mar 2022 o 09:50 Jérôme Steve
> napisał(a):
>
>> Ray,
>>
>> Thank you for your reply. Unfortunately not.
>> Maybe I should have cached the webflow session ? But I'm not sure if this
>> ticket is stored inside it or not.
>>
Ray,
Thank you for your reply. Unfortunately not.
Maybe I should have cached the webflow session ? But I'm not sure if this
ticket is stored inside it or not.
Jérôme.
Le ven. 11 mars 2022 à 20:01, Ray Bon a écrit :
> Jérôme,
>
> Is it possible for you to set your load balancer to sticky sessio
Hi,
Try to use comma separator in
cas.ticket.registry.memcached.memcached.servers property.
Jérôme.
Le ven. 4 sept. 2020 à 14:24, Jeremiah Garmatter a
écrit :
> Hello,
>
> I have made it through the CAS installation, configuration and
> customization process for CAS 6.2. The final thing that I
name=givenName
> ```
> ## Outcome
>
> ```
> {
> "sub": "username",
> "service": "c44c3fc514202ac9a8cc5cf6437c1c21",
> "auth_time": 1598509383,
> "attributes": {
> "email": "a...@gmail.
nested in "attributes".
> Can you please share with me your configuration?
> Maybe i miss something.
>
> On Wed, Aug 26, 2020 at 10:39 AM Jérôme Steve
> wrote:
>
>> Hi Nikolas,
>>
>> I have no idea sorry. It works like excepted in 6.1.
>>
>> Jé
uot;email" ]],
>> "supportedResponseTypes":[ "java.util.HashSet", [
>> "code","token","id_token","id_token token","code token" ] ],
>> "theme": "apereo",
>> "description" : "This service defi
ile,email,address,phone,offline_access
>
> cas.authn.oidc.claims=mail,givenName,sub,name,preferred_username,family_name,given_name,middle_name,given_name,profile,picture,nickname,website,zoneinfo,locale,updated_at,birthdate,email,email_verified,phone_number,phone_number_verified
> cas.au
provide then the
>> attributes names must much the claim names. I do that also in my service
>> definition file.
>> Still no luck.
>>
>> All claims are included under the field "attributes"
>>
>> Which is not the response I expect.
>>
>
m",
> "profile": "test"
> },
> "id": "test",
> "client_id": "client_id"
> }
>
> by enabling:
>
> cas.authn.attribute-repository.ldap[0].attributes.cn=profile
> cas.authn.attribute-repository.ldap[
n 6.2.1?
> Maybe is a bug?
>
> Στις Σάβ, 22 Αυγ 2020, 12:49 ο χρήστης Jérôme Steve <
> jerome.st...@gmail.com> έγραψε:
>
>> First,I think you have to définie attributs.username correspondibg to
>> jour login :
>>
>>
>> https://apereo.
e": 1598017095,
>> "attributes": {
>> "email": "inf...@gmail.com",
>> "profile": "test"
>> },
>> "id": "test",
>> "client_id": "client_id"
>>
Hi,
In cas OIDC claims values come from attribute repositories.
So you have to define it to retrieved your attributes value.
And after you can map it to the OIDC claims.
Jérôme
Le ven. 21 août 2020 à 09:39, Nikolas Stylianides
a écrit :
> when i use the PASSWORD grant_type and then use the re
Hi Yan,
I think your need to add "logoutUrl" : "yyy" property in the
service.json
Jérôme.
Le mar. 28 juil. 2020 à 21:34, Yan Zhou a écrit :
>
> cas/logout does work, but it does not redirect back to the app URL, the
> OIDC standard uses this:
>
> /cas/logout?id_token_hint=xx&post_logou
Hi,
I think you have to map your custom user attributes from attribute
repository, to your claims/scope oidc :
https://apereo.github.io/cas/5.3.x/installation/Configuration-Properties.html#openid-connect
Jérôme.
Le lun. 20 juil. 2020 à 20:55, Yan Zhou a écrit :
> Hello,
>
> I have CAS5.3.x, a
Ok maybe you need it in response, but not when you request Authorization.
Le ven. 26 juin 2020 à 15:20, Jakub Fridrich <
jakub.fridr...@klikpojisteni.cz> a écrit :
> Yes, for userinfo endpoint I think */cas/oidc/profile*.
>
> For claims, I need this params, generated with XWiki. The above claim i
Ok all look good.
So what is that :
*&claims=*
*{"userinfo":{"sub":null,"iss":null,"openid":null,"profile":null,"name":null,"email":null,"first_name":null,"last_name":null}}*
you don't need it in /cas/oidc/authorize
And when you talk about "In *userinfo* endpoint I getting now" what is your
user i
Hi, You see it here : /cas/oidc/.well-known ?
Le ven. 26 juin 2020 à 09:07, Jakub Fridrich <
jakub.fridr...@klikpojisteni.cz> a écrit :
> Thanks, but attributes not showing still..
>
> My service now looks like:
> {
> "@class" : "org.apereo.cas.services.OidcRegisteredService",
> "clientId": "
Hi Paul,
I had the same probleme. What I notice :
If you coment or you remove property in app.properties, the corresponding
env var is used.
But if you have it in the app.properties, property will not be erasse by
env var.
But for me is same as other spring-boot app. Maybe what you are tallking
0 module too and I use and map
> these attributes with success... So I think it's ok with these attributes.
> It's only with OIDC services it doesn't work...
>
> Best regards.
>
> QLA.
> Le 08/06/2020 à 18:01, Jérôme Steve a écrit :
>
> Hi,
>
> You
Hi,
Your OIDC configuration look good.
You map your claims like this :
cas.authn.oidc.claimsMap.name=sn
cas.authn.oidc.claimsMap.email=mail
Maibe you don't have sn and email in your attribute repository ?
Le lun. 8 juin 2020 à 16:37, qla3fa a écrit :
> Hi,
>
> I try to configure OIDC with CA
Sorry in english,
You have to put it in the attributes repository from our db or your ldap
(or something else). After that you can get it in the jwt token.
Something like this :
https://apereo.github.io/2019/11/04/cas62x-oauth-jwt-access-token/
Jérôme.
Le jeu. 4 juin 2020 à 16:25, dg a écrit :
Hello DG,
You have to pût it un the attributsrRepository from jour db or ldap. After
you can get it, in ths jwt token.
Something l'île this :
https://apereo.github.io/2019/11/04/cas62x-oauth-jwt-access-token/
Jérôme.
Le jeu. 4 juin 2020 à 16:25, dg a écrit :
> hello, i am really stuck with i
Hi charl,
You try to add the scopes in your service configuration ? like this :
"scopes" : [ "java.util.HashSet", [ "openid"] ]
Le mer. 20 mai 2020 à 12:35, Charl Thiem a écrit :
> Hi there
>
> I tried that too with no luck. I think there is a bug in spring's pac4j or
> pac4j itself. I had s
Hello JC,
I think what you use, is not what you discribe.
cas.authn.attributeRepository.stub.attributes.udcid=UDC_IDENTIFIER
Enter code here...
This is for define a static attribute "udcid" with value "UDC_IDENTIFIER".
https://apereo.github.io/cas/6.1.x/configuration/Configuration-Properties.ht
sorry for my skim read :)
Le jeu. 27 févr. 2020 à 09:23, Napoleon Ponaparte
a écrit :
> No Mr Jérôme Steve,
> I deployed CAS behind HA Proxy. It's done.
> Now I want to register service CAS Managment Web App with proxy.
> Thanks
>
> On Thursday, February 27, 2020 at 3
Hi Jeremy,
This is a spring framework warning :
https://github.com/spring-projects/spring-framework/issues/20217
If you are using overlay add this dependency in your build.gradle file :
compile
"com.fasterxml.jackson.module:jackson-module-kotlin:${project.jacksonModuleKotlin}"
Jérôme.
Le jeu. 1
Hi Nathan,
With thymeleaf template you can get directly env var by using this :
${@environment.getProperty('cas.env.clusterNodeName')}
Jérôme.
Le ven. 7 févr. 2020 à 16:04, Nathan Lewan a écrit :
> hello!
>
> i've been trying to get environment variables to resolved when added to my
> custom_
id you find out what specifically CAS is storing in the http
>> session for OIDC that needs to be replicated? I think I have seen the same
>> issue in my deployment where OIDC wasn't working in an active/active CAS
>> cluster but I haven't had a chance to track down the
te?service=https://possum.com/fake&ticket=ST
>
> <https://cashost.com/cas/serviceValidate?service=https://possum.com/fake&ticket=ST>
> -...
>
> You will want to turn logging up (debug or trace) for CAS, and memcached.
> Also check access logs.
>
> Ray
>
&g
Hello Mohamed,
Look at this :
https://apereo.github.io/cas/6.1.x/installation/Configuring-Authentication-Throttling.html#throttling-authentication-attempts
Jérôme.
Le mar. 21 janv. 2020 à 18:05, mohamed gamal a
écrit :
> Hello everyone,
> I know this is a weird situation. But we have faced it
ogs you presented were from a single log in attempt.
> Is that the case? Or did you set up multiple nodes between the logs from
> node 1 and node 2?
>
> Ray
>
> On Tue, 2020-01-07 at 08:02 -0800, Jérôme Steve wrote:
>
> Hi ray,
>
> Thanks for your reply. so you think
Hi,
1. In my opinion don't use gradle run in production but launch your war
with java directly (Like in the dockerfile cas overlay).
2. response in 1. maybe solve this porblem ?
Jérôme.
Le jeudi 9 janvier 2020 16:12:21 UTC+1, crdaudt a écrit :
>
> I will restate my questions:
>
>1. What is
erents nodes/network so how the
> token created by on of theme will be see by the other with the same tiket
> registery ? Do you have a POC I can turn and deploy to thow tomcats
> servers?
>
> Thanks
>
>
>
> Le mardi 14 janvier 2020 12:08:53 UTC+1, Jérôme Steve a écrit :
Hi Icoundoul,
I think you have to used the same ticket registry for the two organisation.
You have lot of kind of ticket registry (
https://apereo.github.io/cas/6.1.x/configuration/Configuration-Properties.html#ticket-registry).
Of course the users need to have the same login in the two organizati
applications involved.
>
> Ray
>
>
> On Fri, 2020-01-03 at 02:37 -0800, Jérôme Steve wrote:
>
>
> Hello,
>
>
>
> Before all thanks for your works.
>
>
> We are using CAS overlay in Multi node architecture (Docker container) behind
> a load balancer a
Hello,
Before all thanks for your works.
We are using CAS overlay in Multi node architecture (Docker container) behind a
load balancer and a proxy with a memcahced service registery.
All work fine but when we used it like an OIDC provider, i'm getting a
Validation Ticket Failed after called
36 matches
Mail list logo