> I spoke with my colleague, the author of the LDAP JAAS authentication
> handler, and he's not aware of any additional logging you can enable
> to look at the internals of JAAS authentication, e.g. what config it's
> using. A Google search was similarly devoid of suggestions. That
> said, I'm p
Scott --
Thanks, do have any refrences for doing this proxying stuff.
Thanks again
RR
scott_battaglia wrote:
>
> My guess you need to supply the applet with a proxy ticket so that it can
> authenticate the user. Your web application should obtain one and then
> pass
> it to the applet.
>
> Is it okay that I am using this filter:
> org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter
> ?
>
> Or should I be using the SAML one?
It's okay. The choice of ticket validation filter is independent of
the SingleSignOutFilter.
M
--
You are currently subscribed to ca
I do have the listener defined, forgot to mention it in the previous email.
Is it okay that I am using this filter:
org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter
?
Or should I be using the SAML one?
2009/5/5 Marvin Addison :
> I don't see the listener I mentioned.
I spoke with my colleague, the author of the LDAP JAAS authentication
handler, and he's not aware of any additional logging you can enable
to look at the internals of JAAS authentication, e.g. what config it's
using. A Google search was similarly devoid of suggestions. That
said, I'm pretty certa
I don't see the listener I mentioned. That's critically important.
Can you confirm that is defined? I don't see anything obviously wrong
with your filter config.
M
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or acces
> I need to get extra params from Authentication Handler which we are taking
> extra values against DB according to username/password. But the problem was
> authenticateUsernamePasswordInternal method is returning only true/false….
Authentication handlers are designed to be extended. If the buil
Hi,
I don't see anything in my application log, the only log entry I see
is in my access log. Seeing you mention SAML in your post, makes me
think that maybe I'm not using the correct filters.
This is my current filter setup in my client Java app:
CASSingleSignOutFilter
> STEP 2:
> User A: logins in and is redirected to
> CAS.http://example.service.com?ticket=newTicket1
> CAS set cookie
> STEP 3:
> User A throws ticket away. and returns to service, automated!
Just to clarify, you mean throws the service ticket away while
preserving the CASTGC cookie containing th
In addition to the filter configuration, you need the following in
your application web.xml:
org.jasig.cas.client.session.SingleSignOutHttpSessionListener
Much more valuable than the access log is your application log. The
org.jasig.cas category will emit a DEBUG message like the follo
This is the filter mapping I'm using:
CASSingleSignOutFilter
/*
it is set to catch everything.
2009/5/5 Andrew Feller :
> Check the URL pattern used for the SSOff filter. It really should be as
> broad as possible to ensure the LogoutRequest i
Check the URL pattern used for the SSOff filter. It really should be as
broad as possible to ensure the LogoutRequest is intercepted.
On 5/5/09 11:27 AM, "Venka Ashtakala" wrote:
> Hi again,
> I have a couple of questions on Single Sign Off:
>
> Here's my setup:
> I have my CAS 3.3.2 server r
I'm using the CAS 3.3.2 maven artifacts from
http://developer.ja-sig.org/maven2. When I start the CAS web app (all I
changed in my pom.xml was the version number to 3.3.2 from 3.3.1) I get
this stack trace in my logs:
SEVERE: SafeContextLoaderListener:
The Spring ContextLoaderListener we wrap thre
Hi again,
I have a couple of questions on Single Sign Off:
Here's my setup:
I have my CAS 3.3.2 server running on a Tomcat5.5 server, and it does
support SSL.
My Java app is running in JBoss and it has been CASiffied with
cas-client-core-3.1.5.
Here's my problem:
I try to login to my Java app and
Thanks for the responses... once I turned on SSL and started accessing
the CAS server via HTTPS the Single-SignOn started working.
2009/5/5 Bradley Booth :
> It is possible you are not using https. CAS will not allow SSO without using
> https.
>
> -Original Message-
> From: Venka Ashta
Hi,
I want to prevent the following situation.
Problem:
STEP 1
User A: logins in to service http://example.service.com
http://example.service.com redirects to cas.
STEP 2:
User A: logins in and is redirected to
CAS.http://example.service.com?ticket=newTicket1
CAS set cookie
STEP 3:
User A thro
Do you have any local modifications to login-webflow.xml or
cas-servlet.xml ? If you do, you'll need replicate the changes from
the versions in cas-server-support-ldap-pwd-expiration to your
versions.
When the server is deployed, you should see these messages:
2009-04-29 13:21:34,017 INFO
[org.j
Hope my wiki could help you:
http://www.ja-sig.org/wiki/display/CASC/CASifying+OpenCms
在 2009-05-05二的 08:53 -0500,Percival, Michael E写道:
>
> I inherited the setup of a CAS server. At the moment we know it is
> authenticating against Active Directory but the response isn’t
> returning some addi
Scott/CAS User,
I need to get extra params from Authentication Handler which we are taking
extra values against DB according to username/password. But the problem was
authenticateUsernamePasswordInternal method is returning only true/false..
And also I need to get those values in Ser
We'd like to integrate the checks on password and account expiration in our
CAS server.
This is probably what we need:
http://www.ja-sig.org/wiki/display/CASUM/LDAP+Password+Policy+Enforcement
We are trying to get these checks to work but our efforts are unsuccessful.
Probably we do something wr
I inherited the setup of a CAS server. At the moment we know it is
authenticating against Active Directory but the response isn't returning
some additional attributes. While looking around I found that I need to
modify the casServiceValidationSuccess.jsp file. As I'm looking at it,
I can see wha
Hi,
I am using CAS 3.1 to implement Single Sign On functionality. I have
modified CAS according to our requirements which include adding password
Reset functionality and password expiry mechanisms. All is working fine but
during testing I noticed that if you repeatedly try to login with wrong
cre
In a CAS-client, it is possible to add extra attributes by using the
attributeReposotory-bean, like this:
I am modifying the CAS-server jsp-pages (like casGenericSucces.jsp. We would
like to show the userid of the logged-on user in this page, but I can not find
how to include the username/userid. How can include this username (is it in the
session object, for example?) in the .jsp-pages on the CAS-s
24 matches
Mail list logo
