Hi Frédéric,
Thanks for replying! I'm not in a position right now to try with the 7.0 RC.
I'm still getting the error on 6.6.x. I have the following set in my
cas.properties:
management.endpoint.webAuthnDevices.enabled=true
management.endpoints.web.exposure.include=*
management.endpoints.web.en
Hi Graham,
I gave it a try this morning (but on branch master 7.0.0-SNAPSHOT) and ...
it's eventually working great :) Thanks to Misagh and the dev team !
What I've done is removing every workaround we did on this topic : removed
config/WebAuthnConfiguration.java + webauthn/web/WebAuthnController
I forgot, here is what I have about endpoints spring security management in
cas.yml :
monitor:
> endpoints:
> endpoint:
> defaults:
> access: AUTHENTICATED
> health:
> access: IP_ADDRESS
> requiredIpAddresses: xx.yy.www.zz, aa.bb.cc.dd,etc.
Hi all,
I'm having a similar issue with webauthn device registration failing on CAS
6.6.x; the /cas/webauthn/register endpoint returns a 403 error, and the
server logs have an invalid CSRF token error:
web_1 | 2023-05-11 23:11:38,248 DEBUG
[org.springframework.security.web.access.channel.Chan
Hi,
I'm now able to register my webauthn device, to login, and trust my device.
What I noticed is that the allowed-origins (device registering) property
and application-id extension (connect) seem now mandatory to me, (though it
was not in 6.5.9).
Without those two settings, I'm stuck.
w
What does your cas.log state for error? Are you using a valid ssl
certificate, cas host name matches whats in config? Also, in 7.x/master you
have to edit this,
https://github.com/apereo/cas/blob/master/support/cas-server-support-webauthn/src/main/java/org/apereo/cas/config/WebAuthnConfiguration
Thank you, you saved me lots of time, actually I needed those two :
implementation "org.springframework.security:spring-security-config"
implementation "org.springframework.security:spring-security-web"
But I still have an js issue (JSON.Parse) when registering my device :
"Registration f
Spring security and probably one or 2 of the webauthn, I dont remeber at
the moment with looking at local commit history but here is all from gradle,
/** Core **/
implementation "org.apereo.cas:cas-server-core-api-configuration-model"
implementation "org.apereo.cas:cas-server-core-api-mf
Hi, I've got quite the same issue : it works perfectly with CAS 6.5.9 but
not on 6.6 nor on the master branch 7.x.
On 6.6, after basic auth, a popup asks for the Yubikey pin and then, when I
press the register button,the flow breaks at POST
https://xxx.xx/cas/webauthn/register/finish.
(FF
Circling back to this, it also fails on 7.x current and master. Same issue,
I believe I have found the source which is related to the csrf token. It
works by excluding the /register from csrf to the ignored endpoints on
https://github.com/apereo/cas/blob/master/support/cas-server-support-webaut
Since we don't use any of the actuators, all disabled except for whatever
cas sets as default, I am leaving my change by commenting out
@PreAuthorize("isAuthenticated()") in WebAuthnController.java. I'm just
going along finishing upgrade testing for us and will circle back to this
later before
I have nothing configured or defined for endpoints or actuators besides
what is default set by cas, we have never used those. I went back and
configured according to
management.endpoint.webAuthnDevices.enabled=true
management.endpoints.web.exposure.include=*
cas.monitor.endpoints.endpoint.webAu
Yes, I have the same registration issue.
I thought I have caused this error by meddling with the spring security
settings, but it looks like it is not the case.
However, after setting up spring security for the webAuthnDevices
actuator like this
spring.security.user.name=XXX
spring.securit
Hi,
have you, by any chance, configured spring security for the webauthn
endpoint?
Best regards,
Michal Vocu
On 1/26/23 19:03, John wrote:
When trying to register a new device, the POST request to
/webauthn/register is failing from spring security, access denied,
http 403.
Commenting ou
When trying to register a new device, the POST request to
/webauthn/register is failing from spring security, access denied, http 403.
Commenting out the below within
(support/cas-server-support-webauthn-core/src/main/java/org/apereo/cas/webauthn/web/WebAuthnController.java)
got it working aga
15 matches
Mail list logo
