That Ant pattern does match - otherwise you'd get the This service is not
authorized to use CAS' error
The problem is that the ticket was issued for the url with the parameters
(
https://lib.pepperdine.edu/login?qurl=ezp.1aHR0cDovL3dlYi5sZXhpcy1uZXhpcy5jb20vdW5pdmVyc2U)
, but the request to
Yup, removing persistence.xml from the distribution's Cas-server-core-3.3.1.jar
did the trick.
I suspect that JEE5 detected and tried to load persistence.xml independently
from the app. I remember that is what drove me to use the Spring approach of
naming it myappPersistence.xml in my own
Thanks, Dean. Ok, so... looks like most of of our settings line up. I did
mean to mention this, though... when I said kinit, etc, were working from
the command line I might have been going off half-cocked. Doing:
klist -k
...shows my krb5.conf is getting picked up, it sees the keytab file I
Bill,
When you get this error: kinit(v5): Client not found in Kerberos database
while getting initial credentials. for your SPN, your KDC is trying to
tell you that it couldnt find your SPN in the Kerberos Database, in this
case AD. That tells me that there is something wrong with the AD
Dean,
No, not trying to do this across domains. Solaris does have a 'domainname'
command, however, which in this case returns empty -- maybe that's a
problem? Also, the 'hostname' command just returns an unqualified hostname
-- also maybe an issue? Still trying to wrap my head around how all
i think 2 factor authentication means, 2-way ssl, that is client certificate
verification and ssl.
That is mutual authentication, not 2-factor. 2-factor authentication
is a means by which a _user_ presents two credentials (e.g. hardware
security token and password) instead of just one
Hello,
iam using cas-server 3.3.5 and having problems with this handler.
My deployerConfigContext.xml looks like ...
[...]
bean
class=org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandlerproperty
name=sqlvalueSelect password from cas_usr_data where
id=?/value/property
property
We implement second-level CAS server which does similar but not
exactly 2 factor authentication.
http://www.ja-sig.org/wiki/display/CASUM/Second-Level+CAS+Server
On Fri, Apr 30, 2010 at 6:37 AM, Mike mike_r...@hotmail.com wrote:
Yes, this is the exact requirement for two factor authentication.