Re: [cas-user] Proxy Ticket - Destination URL

Do generate a PT, you need to request the AttributePrincipal object from the request (i.e. final AttributePrincipal p = (AttributePrincipal) request.getPrincipal()) and then call the p.getProxyTicketFor("service identifier") On Wed, Jun 1, 2011 at 6:48 PM, Fernando Correa wrote: > Anybody knows

Re: [cas-user] TGT Expiration

That bit of info is out of date. The code was moved to a filter. https://wiki.jasig.org/display/CASC/Configuring+the+JA-SIG+CAS+Client+for+Java+in+the+web.xml Take a look at the Cas20ProxyReceivingTicketValidationFilter specifically the proxyReceptorUrl and proxyCallbackUrl properties. I though

Re:[cas-user] Proxy Ticket - Destination URL

hi, Have you been able to figure out the PT generation for specific resources? If so, can you please share the information that helped you. Thanks Madhavi -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives

Re: [cas-user] TGT Expiration

Hi, On Jun 3, 2011, at 1:57 PM, Madhavi Polisetty wrote: > Hi Rhett, > > Thanks a lot again for your answer. I was thinking of similar implementation, > but I did not use PGTs at all. > > To be very honest, the concept of Proxy Granting Ticket is little hazy to me. > Here is how I have my pr

Re:[cas-user] TGT Expiration

Hi Rhett, Thanks a lot again for your answer. I was thinking of similar implementation, but I did not use PGTs at all. To be very honest, the concept of Proxy Granting Ticket is little hazy to me. Here is how I have my prototype configured and I plan on using the same in PROD. Please let me k

Re: [cas-user] TGT Expiration

Hi Madhavi, On Jun 2, 2011, at 7:14 PM, Madhavi Polisetty wrote: > I just want to make one more point here. The CAS setup we have will > authenticate the user who can access resources any of the 3 applications in > any order. > > In short, while the user is actively working on any one of the

Re: [cas-user] CAS Session timeout in web.xml

Hi Madhavi, On Jun 3, 2011, at 11:33 AM, Madhavi Polisetty wrote: > Hi Rhett, > Thank you for the response. > One last question. When you said the TGT is stored in a seperate cookie, what > does that mean? A cookie is a bit of data that's stored in the client's browser, scoped to a particular

Re: [cas-user] CAS Session timeout in web.xml

Hi Madhavi, On Jun 3, 2011, at 2:37 AM, Madhavi Polisetty wrote: > Hi, > > I am wondering what is the significance of the session timeout setting in CAS > web application. AFAIK, the session in the webapp is only used for the webflow state. Its use is an implementation detail, unrelated to th

RE: [cas-user] Casifying Microsoft Live@edu

Thank you Paul. We were able to get the sample code, documentation and SSO certificates from MS. Hopefully I can soon Casify Live@edu. Thanks, Malar -Original Message- From: Vitty, Paul [mailto:p.vi...@ulster.ac.uk] Sent: Thursday, June 02, 2011 3:54 PM To: cas-user@lists.jasig.org Subj

[cas-user] Hunting down SSL Ldap connections

Folks, Today I've played a little with jmeter (and iptables to count ldap ssl connections), and I wonder why the method setContextSource of AbstractLdapPersonDirectoryCredentialsToPrincipalResolver class require a LdapContextSource object instead of a simple ContextSource ? We're using X509

Re: [cas-user] Stress test CAS

Well, there's our setup : - Active Directory as LDAP provider (used over SSL), three logins are possible : - smartcard using UPN in X509 certificate, looked up in the directory - smartcard using CN in X509 certificate, also looked up in the directory - login/password (simple ldap bi

RE: [cas-user] Newbie question: CAS tickets are expireing immediately (LDAP/AD)

O.K., I tried to be faster in manually copying and pasting tickets ;-) 2011-06-03 14:07:01,457 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Added ticket [TGT-1-TV2yPJQfUBmP3PgceganTpcUHdSz3cd9sEKrei44nflqHRtbgE-cas] to registry. 2011-06-03 14:07:01,457 INFO [com.github.inspektr.au

Re: [cas-user] Newbie question: CAS tickets are expireing immediately (LDAP/AD)

Based on the following logs, it looks like the ticket in the registry is expired upon retrieval for validation: > 2011-06-03 13:31:32,027 DEBUG > [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - Attempting to > retrieve ticket [ST-1-FpWjOwNbOhHAJrDmc9xx-cas] > 2011-06-03 13:31:32,027 DEBUG

Re: [cas-user] Stress test CAS

We'd be interested to see what your results are and the spec of your environment. IIRC in our two node VM cluster we peak at about 3-4K full logins per minute. That is with a load balancer and MySQL DB for ticket storage getting in the way too, performance was quite a lot higher without them -

RE: [cas-user] Newbie question: CAS tickets are expireing immediately (LDAP/AD)

Hi Marvin et. al., >Configuration and logs look good upon first glance. Please turn >up >org.jasig.cas logger to DEBUG and post those logs. After adding I got this here: 2011-06-03 13:29:39,307 DEBUG [org.jasig.cas.services.DefaultServicesManagerImpl] - Adding registered ser

[cas-user] Newbie question: CAS tickets are expireing immediately (LDAP/AD)

Configuration and logs look good upon first glance.  Please turn up org.jasig.cas logger to DEBUG and post those logs. M -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/d

[cas-user] Newbie question: CAS tickets are expireing immediately (LDAP/AD)

Hi all, this is my first CAS setup (said this, you are prepared for the worst...) When I try a walk through manually, I see authentication is working and I receive a ticket, but that expires immediately. I cannot figure out, where the problem might be and am hoping for some useful hints and direc

Re: [cas-user] Stress test CAS

Thank you a lot, I'm stressing my pre-production environment by now, and getting interesting results :-) Rgds. Le 01/06/2011 20:31, Scott Battaglia a écrit : People typically use JMeter: https://wiki.jasig.org/display/CASUM/Apache+JMeter On Wed, Jun 1, 2011 at 12:10 PM, Shadow

Re: [cas-user] Bug with mod_auth_cas

Matt, thanks a lot for your help for a second time. These sess_ cookies come from PHP. Both PHP and mod_auth_cas have used the same directory for saving cookies. Now I have moved the CAS cookies to another directory and all errors are gone. Everything works perfectly. Probably it is helpful to ad

[cas-user] CAS Session timeout in web.xml

Hi, I am wondering what is the significance of the session timeout setting in CAS web application. I created CAS war file by making change to the web.xml to contain the following 2 I fired request to https://myhost/cas/login and printed the JS