Hi everyone,
I have a question regarding certificates and in particular what certificate
should be provided to a service provider. I admit that I know very little
about how certificates work, so please bear with me.
For my CAS instance, I've created my own Certificate Authority which I'm
using to
But you probably shouldn't configure the ST to be multiply validatable (as
opposed to just one-time-use).
CAS is an authentication broker, not a session manager.
So, your application (or the end user) can use an ST once to log in to an
application. Great. But then that application should establ
> Is there any way to config cas not to throw away ST. Instead make is valid
> for a period of time?
>
>
>
Yes, that is possible by configuring serviceTicketExpirationPolicy:
https://github.com/Jasig/cas/blob/master/cas-server-webapp/src/main/webapp/WEB-INF/spring-configuration/ticketExpir
Hi, Andrew:
Thanks for your quick response.
My problem right now is that I don't want to use cas as SSO. I use cas
just because the third party use cas to validate request from us to
them. We have our own login page.
That is why I use cas restful api to generate TGT and subsequently
genera
Richard,
By design, only CAS can set and read the CAS ticket granting cookie. This
is important to the security of using CAS, since if your CAS TGC was
readable more widely (by, say, your application on a different domain),
then applications able to read the cookie could read it and use it to cra
I am calling cas Restful API to generate a TGT. I would like to store this as
the valie in the CASTGC. But the domain of my application is different from
that of the cas server. So can I foul the cas server to make it think this is a
valid cookie?
Otherwise, I had to generate a ST for each ser
Thanks Pedro. This worked for me.
On 10/19/12 12:33 PM, "Pedro Costa" wrote:
>Hi Tim
>
>I have seen this one, the cglib-full jar was being included in
>the packaged war for some reason. you need to remove it.
>
>I used:
>
>
>
>
>org.jasig.cas
>
>
Why does it work then in the non-SAML set-up? Is there anything special I have
to configure for the service in the SAML set-up as compared to the non-SAML
set-up?
-Oorspronkelijk bericht-
Van: Marvin Addison [mailto:marvin.addi...@gmail.com]
Verzonden: vrijdag 19 oktober 2012 15:29
Aan:
> 19 okt 2012 14:52:23,475 DEBUG Saml11TicketValidator:206 - Retrieving
> response from server.
> 19 okt 2012 14:52:23,604 DEBUG Saml11TicketValidator:214 - Server response:
> xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/";> xmlns="urn:oasis:names:tc:SAML:1.0:protocol"
> xmlns:saml
Another question:
In the table rs_attributes and in the service manager I find the attributes
uid, eduPersonAffiliation and groupMembership.
Any idea what created these attributes?
Shouldn't they be replaced with the "roles" and "domain" attributes I added to
the SimplePrincipal?
--
You are c
This is the trace of an attempt to reach a service using SAML 1.1 with the
SAMLException at the end:
19 okt 2012 14:51:44,627 INFO Saml11TicketValidationFilter:71 - Property
[serverName] loaded from FilterConfig.getInitParameter with value
[https://inf069766.ad.vl-brabant.be:11043]
19 okt 2012
I'm trying to configure my CAS test setup (CAS Server and 2 services) for SAML
1.1.
I read what I could find about CAS&SAML configuration, but I'm still at a loss.
On the service (client) side I followed this doc:
https://wiki.jasig.org/display/CASC/Configuring+the+Jasig+CAS+Client+for+Java+in+t
12 matches
Mail list logo
