Has anyone enabled restrictions on Client IP by service?
I think I should be able to at the service level use requiredAttributes to
evaluate the Client IP is within a defined value, but I can’t find anything on
how to access Client IP as an attribute.
Any help?
Thanks.
Ted Fisher
Bowling
thought I saw a
discussion of doing just that, deleting the TGT after the ST is created. But,
I can’t find any reference to that now.
Is anyone familiar with this concept or know a way to make it happen?
Thanks.
Ted
From: cas-user@apereo.org <cas-user@apereo.org> On Behalf Of Ted Fishe
at a dead end.
Can anyone suggest what the problem might be or where I could look for how to
get it working?
Thanks.
Ted Fisher
From: cas-user@apereo.org <cas-user@apereo.org> On Behalf Of Ted Fisher
Sent: Tuesday, March 20, 2018 10:09 AM
To: cas-user@apereo.org
Subject: [cas-user] ssoE
is not allowed to use SSO.
Am I missing something? Can anyone suggest why it is not processing the
service parameters as it seems it should?
Thanks.
Ted Fisher
ITS, BGSU
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://go
amedPe
rsonImpl[name=tffishe,attributes={uid=[tffishe], email=[tffi...@bgsu.edu], affil
iation=[STFEMP, UGRSTU], FirstName=[Theodore], LastName=[Fisher], cn=[Theodore F
Fisher], EmplID=[XX]}]]' for query='{username=[tffishe]}'
Since it’s clearly in the attribute map and set for release I
that are there? And if so are there examples of what such a data
conector or attribute resolver should look like?
Thanks.
Ted Fisher
Bowling Green State University
--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS
Has anyone tried Duo with CAS using more than Duo API application?
We have been using the Unicon MFA add-on with CAS 4.1.5 for about a year. Now,
mgt. wants to have certain CAS services use Duo with a different API
application so it can have different settings for those at Duo. It looks a bit
can’t see why
it is doing this.
Ted F. Fisher
Information Technology Services
[Description: BGSU]
From: Ted Fisher
Sent: Friday, April 22, 2016 10:48 AM
To: 'cas-user@apereo.org' <cas-user@apereo.org>
Subject: more attributes returned than allowed
While we have all of our servic
>From CAS 4.1.4 we are using LdaptivePersonAttributeDao to get attributes.
>Because our LDAP (old) does not have groups tied to the user we have to query
>the groups separately after getting other user attribs. We query for the user
>as uniquemember and return cn for those that match, which
While we have all of our services set for ReturnAllowedAttributeReleasePolicy,
The CAS response received by the app includes all attributes that were resolved.
We logged this:
2016-04-22 10:31:10,065 DEBUG [http-bio-8080-exec-29] [org.jasig.cas.CentralAuth
enticationServiceImpl] - Attribute
versions in order to do
rolling upgrades, but what are the lilmitations there? Must be same major CAS
version?
Thanks.
From: Ted Fisher <tffi...@bgsu.edu><mailto:tffi...@bgsu.edu>
Reply: Ted Fisher <tffi...@bgsu.edu><mailto:tffi...@bgsu.edu>
Date: March 31, 2016 at
that there are only a few
there. I'd like to verify that they are making it there/.
Thanks.
Ted F. Fisher
Information Technology Services
[Description: BGSU]
From: Ted Fisher
Sent: Thursday, March 17, 2016 9:43 AM
To: 'cas-user@apereo.org' <cas-user@apereo.org>
Subject: cas-mfa with CAS 3.5.3
I h
We are facing an urgent push to get duo integrated with our CAS and I'd like to
get some feedback as to best approach, caveats, etc.
Environment:
CAS 3.5.0 on Tomcat 7, 2 RHEL 6 servers behind Cisco ACE load balancer
2 Shibboleth IDPs using CAS as auth handler.
Needs / concerns
13 matches
Mail list logo
