I use apache module mod_auth_openidc to my test. My apache conf is :
OIDCProviderMetadataURL
https://my-url.com/cas/oidc/.well-known/openid-configuration
OIDCClientID applicationQLA-testPHP
OIDCClientSecret x
#OIDCMetadataDir /var/cache/apache2/mod_auth_openidc/metadata
OIDCScope "openi
So, what is your client OIDC application configuration ? Have you
configured the scope ?
Le lun. 8 juin 2020 à 18:23, qla3fa a écrit :
> Thanks for your response.
>
> sn and mail are attributes I extract from my LDAP. I use it with CAS
> services and it works... I configured Oauth2.0 module too
Thanks for your response.
sn and mail are attributes I extract from my LDAP. I use it with CAS
services and it works... I configured Oauth2.0 module too and I use and
map these attributes with success... So I think it's ok with these
attributes. It's only with OIDC services it doesn't work...
Hi,
Your OIDC configuration look good.
You map your claims like this :
cas.authn.oidc.claimsMap.name=sn
cas.authn.oidc.claimsMap.email=mail
Maibe you don't have sn and email in your attribute repository ?
Le lun. 8 juin 2020 à 16:37, qla3fa a écrit :
> Hi,
>
> I try to configure OIDC with CA
Hi,
I try to configure OIDC with CAS 5.2. I added module
"cas-server-support-oidc" and the config with lines :
# Configuration OIDC
cas.authn.oidc.issuer=https://my-url.com/cas/oidc
cas.authn.oidc.skew=5
cas.authn.oidc.jwksFile=file:/etc/cas/keystore.jwks
cas.authn.oidc.jwksCacheInMinutes=60
c