Issue was resolved , mentioned settings are enough so that it will work
пятница, 7 июня 2019 г., 14:41:59 UTC+3 пользователь Andrey Seledkov
написал:
>
> It start to work, when I ran it without Docker, locally
>
> These attributes enough to retrieve data in SAMLReponse
>
> #cas.authn.attributeRe
It start to work, when I ran it without Docker, locally
These attributes enough to retrieve data in SAMLReponse
#cas.authn.attributeRepository.jdbc[0].singleRow=true
#cas.authn.attributeRepository.jdbc[0].requireAllAttributes=true
#
#cas.authn.attributeRepository.jdbc[0].sql=SELECT * FROM ml_emp
It start to work, when I ran it without Docker, locally
These attributes enough to retrieve data in SAMLReponse
#cas.authn.attributeRepository.jdbc[0].singleRow=true
#cas.authn.attributeRepository.jdbc[0].requireAllAttributes=true
#
#cas.authn.attributeRepository.jdbc[0].sql=SELECT * FROM ml_emp
Same as Andy, I have CAS 5 working as SAML IdP. But I assume there are
others here doing so with CAS 6. In any case, I noticed in your log that
your issuer is "localhost:8443/cas/idp". Do you have your cas.server.name
and related properties set? It looks like it's creating the SAML response,
bu
In docs
In order to allow CAS to support and respond to attribute queries, you need
to make sure the generated metadata has the AttributeAuthorityDescriptor
element
enabled
I noticed that when i put
cas.authn.samlIdp.attributeQueryProfileEnabled=true
in idp-metadata.xml tag AttributeAuthori
Hi Andrey,
I do know for a fact that my CAS 5.3.x is running with SAML as idp and
connecting to other SAML sp just fine (multiple SAML client, including
SimpleSAMLPHP), no need modify the generated idp-metadata.xmp for me.
So... Maybe if you still can't successfully connect to SAML, it could be
The same with https
среда, 5 июня 2019 г., 14:53:40 UTC+3 пользователь Andy Ng написал:
>
> From your log, seems like you are using http, is that true? If yes, try
> changing to https, CAS doesn't work well with http. -Andy
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://g
>From your log, seems like you are using http, is that true? If yes, try
>changing to https, CAS doesn't work well with http. -Andy
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/
It is my first,
Keycloak provide me
http://schemas.xmlsoap.org/ws/2003/07/secext";>
http://bla-bla/broker/saml/endpoint"/>
urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
http://bla-bla/broker/saml/endpoint";
index="1" isDefault="true" />
Do you have any other SPs working with this CAS instance, or is this your
first?
On Tuesday, June 4, 2019 at 3:33:55 AM UTC-6, Andrey Seledkov wrote:
>
> Nothing helps
>
> my property file has next properties
>
> cas.authn.samlIdp.entityId=${cas.server.prefix}/idp
> cas.authn.samlIdp.scope=${SER
Nothing helps
my property file has next properties
cas.authn.samlIdp.entityId=${cas.server.prefix}/idp
cas.authn.samlIdp.scope=${SERVER_NAME}
cas.authn.samlIdp.metadata.privateKeyAlgName=RSA
cas.authn.samlIdp.metadata.location=file:/etc/cas/saml
cas.authn.samlIdp.attributeQueryProfileEnabled=true
Hi Andrey,
Can you try ReturnAllAttributeReleasePolicy, see if is the policy that have
problem, or is the release of attribute not correct.
https://apereo.github.io/cas/6.0.x/integration/Attribute-Release-Policies.html#return-all
Cheers!
- Andy
--
- Website: https://apereo.github.io/cas
- Gi
I haven't tried CAS 6 yet, but according to the documentation, at least for
the attribute release, it's pretty much the same as the version I'm using.
Since you are using the "Return Allowed" policy, your json (attribute
portion) might need to look more like this:
"attributeReleasePolicy" : {
Cas version is 6
Nothing changed , i got SamlResponse without new attributes
Maybe i miss something
понедельник, 3 июня 2019 г., 18:39:20 UTC+3 пользователь Matthew Uribe
написал:
>
> Andrey,
>
> cn and mail are attributes from my LDAP that are being released to the SP.
> Based on the Intern
Andrey,
cn and mail are attributes from my LDAP that are being released to the SP.
Based on the Internet2 attribute release policy, firstName (givenName)
is urn:oid:2.5.4.42, while lastName (sn) is urn:oid:2.5.4.4
https://www.internet2.edu/help/attribute-release-policy/
If your SP is looking fo
I will try , but what is 'cn' and 'mail' here?
For my task I need to put in SamlResponse fisrtName and lastName which I
retrieved from database
понедельник, 3 июня 2019 г., 17:00:20 UTC+3 пользователь Matthew Uribe
написал:
>
> Andrey,
>
> I don't know what version of CAS you're on, but for m
Andrey,
I don't know what version of CAS you're on, but for me, on CAS 5.2.x, I
have the following json for one of our SPs:
{
"@class" : "org.apereo.cas.support.saml.services.SamlRegisteredService",
"serviceId" : "service-id-here",
"name" : "name-here",
"id" : 1001,
"metadataLocation"
17 matches
Mail list logo