[cas-user] CAS implementation on IBM WebSphere Application Server

2010-02-10 Thread Davies
Hi, I will like to deploy CAS (server/client) on IBM WebSphere Application Server version 6.1 (network deployment version). Can someone point me to where I can get information on how to do this? Thanks for your assistance. -- You are currently subscribed to cas-user@lists.jasig.org as:

RE: [cas-user] org.jasig.cas.client.validation.TicketValidationException

2010-02-10 Thread Laura Negre
I have more information on my problem. In the file AbstractUrlBasedTicketValidator, the method retriveResponseFromServer return the following response : cas:serviceResponse xmlns:cas=’http://www.yale.edu/tp/cas’ cas:authenticationFailure code=’INVALID_TICKET’

Re: [cas-user] org.jasig.cas.client.validation.TicketValidationException

2010-02-10 Thread Scott Battaglia
That particular error generally means that either (a) the ticket expired or (b) you attended to validate it twice. Cheers, Scott On Wed, Feb 10, 2010 at 5:27 AM, Laura Negre laura.ne...@supelec.fr wrote: I have more information on my problem. In the file AbstractUrlBasedTicketValidator,

Re: [cas-user] CAS implementation on IBM WebSphere Application Server

2010-02-10 Thread Scott Battaglia
I don't know of any particular deployment issues with it. Have you had any problems deploying it? On Wed, Feb 10, 2010 at 4:22 AM, Davies ojeka...@yahoo.com wrote: Hi, I will like to deploy CAS (server/client) on IBM WebSphere Application Server version 6.1 (network deployment version).

Re: [cas-user] CAS ST validation after authentication

2010-02-10 Thread Marvin Addison
Well I was thinking more in terms of requesting a new service ticket from the CAS server and validating that rather than holding on to a long lived service ticket. This is exactly what useSession=false does. You would only have to reauthenticate to CAS on every request if the renew filter

Re: [cas-user] SAML Attribute Release in 3.3.5

2010-02-10 Thread David Hawes
On 2/9/10 6:10 PM, Vitty, Paul wrote: ... Secondly, has anyone been able to get SAML release and mod_auth_cas to work successfully, by that I mean .htaccess files with 'require group student' etc, where the group information is provided by SAML release to mod_auth_cas? Attached is a patch

Re: [cas-user] SAML Attribute Release in 3.3.5

2010-02-10 Thread Scott Battaglia
David, Is there a JIRA issue to get this patch into mod_auth_cas ? (if you want to contribute it?) Thanks Scott On Wed, Feb 10, 2010 at 11:21 AM, David Hawes dha...@vt.edu wrote: On 2/9/10 6:10 PM, Vitty, Paul wrote: ... Secondly, has anyone been able to get SAML release and mod_auth_cas

[cas-user] Enabling LDAP Password Policy Enforcement

2010-02-10 Thread Jeff Chapin
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello, I am using CAS 3.3.5, and I have tried to get LDAP password policy enforcement running, as per http://www.ja-sig.org/wiki/display/CASUM/LDAP+Password+Policy+Enforcement. I have cranked logging as follows:

Re: [cas-user] CAS ST validation after authentication

2010-02-10 Thread Adam Rybicki
By far the least chatty method of implementing this, meaning I want my app to terminate its session once the user logs out of CAS, is to implement CAS Single Sign-Out. CAS notifies all services that received a service ticket once the user has signed out

Re: [cas-user] CAS ST validation after authentication

2010-02-10 Thread Marvin Addison
By far the least chatty method of implementing this, meaning I want my app to terminate its session once the user logs out of CAS, is to implement CAS Single Sign-Out. Fully agree, but this is something different from what was being discussed as I understand it. There was interest in periodic

Re: [cas-user] org.jasig.cas.client.validation.TicketValidationException

2010-02-10 Thread Adam Rybicki
Scott, One more possible scenario in which this error will occur: 3) broken CAS cluster. However, I don't think that this is the issue discussed in this thread. I couldn't help noticing that the original error message said ticket 'ST-26-SN8bAqhHS1fHh0XCs9eX' does not match supplied service.

Re: [cas-user] ProxyTickets + Load Balancer Unable to validate credentials

2010-02-10 Thread Scott Battaglia
Your proxy callback is failing which is why you're not getting a PGT. You can see that by the fact that the AuthenticationHandler failed to authenticate the proxy callback url. My guess is it got a server 400 error. I'm not sure why you would be generating a server 400 error. Cheers, Scott

Re: [cas-user] CAS implementation on IBM WebSphere Application Server

2010-02-10 Thread Marvin Addison
There is no documentation on wiki on how to deploy/configure. Deployment of applications on particular application servers is pretty far out of scope for the CAS wiki. If you need specific areas of deployment guidance, we may be able to help you; otherwise a general WebSphere deployment guide

Re: [cas-user] Enabling LDAP Password Policy Enforcement

2010-02-10 Thread Scott Battaglia
I don't know much about it but there's no reason it shouldn't work. It doesn't look like there any instructions to tell you to add it to the web flow though. On Wed, Feb 10, 2010 at 12:03 PM, Jeff Chapin jeff.cha...@uni.edu wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello, I am

[cas-user] Login to google apps as a user

2010-02-10 Thread Ian Strait
Is there a way of using administrator credentials with cas to login to a users account? I have CAS running and authenticating against an active directory (thanks to users on this list) in a school, and would like to somehow be able to use my credentials to login to a student's account. Any

Re: [cas-user] SAML Attribute Release in 3.3.5

2010-02-10 Thread David Hawes
http://www.ja-sig.org/issues/browse/MAS-37 On 2/10/10 3:09 PM, Scott Battaglia wrote: I would encourage you to at least open a JIRA issue and attach the patch even if you could provide no other assistance. Thanks! Scott On Wed, Feb 10, 2010 at 12:09 PM, David Hawes dha...@vt.edu wrote:

Re: [cas-user] Login to google apps as a user

2010-02-10 Thread Scott Battaglia
You'd have to make modifications to CAS to support that. We don't support that out of the box. Cheers, Scott On Wed, Feb 10, 2010 at 4:04 PM, Ian Strait istr...@quinault.k12.wa.uswrote: Is there a way of using administrator credentials with cas to login to a users account? I have CAS