Hello all,
Just a follow up:
Searching through the sniffer's results I can even see app1 server
responding to CAS server after the logout POST request is received.
app1 server responds with a 302 code, redirecting to app1's URL.
Is this the expected behavior? Any ideas on why the server is
Hi
I have been trying to figure the issue with the client certs. and getting no
where. I have added a number of certs to the java cacerts and the truststore
we are using and for some reason can't seem to find out why I am not able to
see any log statements indicating I am getting into the
But please note solutions were already outlined:
https://issues.jasig.org/browse/CAS-742
That issue in no way addresses single sign-out matters when the client
is clustered/load balanced.
http://comments.gmane.org/gmane.comp.java.jasig.cas.devel/1495
That is a good reference. The patch I
Searching through the sniffer's results I can even see app1 server
responding to CAS server after the logout POST request is received.
app1 server responds with a 302 code, redirecting to app1's URL.
All this suggests the CAS server is behaving correctly and you've got
some kind of
If I understand correctly, I don’t supply the user-id/pw combination when using
fast-bind authentication, but I need to provide it to obtain LDAP attributes,
thus two different ContextSource’s: one with a userid/pw combination and one
without.
-John
From: Modi Tamam
For anyone going this route - be aware that the desktop version of Lync doesn't
work with the ECP extension to Shibboleth. If you are planning on using Lync,
you must use ADFS.
We're piloting an O365 deployment and wanted to have the Lync client working
but also wanted CAS to be single
Good morning, John,
If your LDAP server is set up to allow anonymous searches, then the
contextSource used for attribute lookup does not need the userDn and
password properties to be set. You can then use the same contextSource for
fast-bind authentication. We use this setup exclusively;
Thanks Eric, This is really helpful. I'll pass along your notes to our Shib
and MS administrators.
Much Appreciated,
Laura
On Dec 10, 2012, at 8:53 AM, Pierce, Eric wrote:
For anyone going this route - be aware that the desktop version of Lync
doesn't work with the ECP extension to
It seems like the answer to your Single Sign Out issue in a load balanced
environment is fairly simple. Use a shared session mechanism instead of using
sticky sessions for your load balanced servers.
This is incorrect. Since the request is sourced differently from the
CAS server, it
Hi,
Thanks - unfortunately my management forbids shared state for now, but it will
be re-considered in a few months when our architecture matures.
But a million thanks for your willingness to dig up share this code, it's
deeply appreciated.
As per your remark - please note
Thanks very much.
My management forbade shared state for now, but might reconsider it in the
future.
But thanks a lot for the input links, it's important to know, and it will be
a very important point to consider when we reconsider our design.
Thanks again :)
- Original Message -
Both Early Bird Registration savings and Conference Hotel rates expire this
week, so it's time to sign up for the 2013 Jasig/Sakai Unconference.
Ground transportation information has been added to the Registration Site
http://jasig-sakai-unconf.eventbrite.com/ and to the Wiki
As per your remark - please note https://issues.jasig.org/browse/CAS-742
*could*help with sign out behind a load-balancer, provided CAS can access
internal node addresses (not through the load-balancer).
Apologies, I didn't read carefully.
It boils down to allowing business applications
I have set up SSL debug. I see a few things but it appears that everything is
working fine. There are some items like:
*** ClientHello, TLSv1
RandomCookie: GMT: 1338302492 bytes = { 172, 91, 240, 114, 109, 251, 133,
7, 153, 136, 56, 60, 156, 220, 128, 192, 18, 208, 79, 88, 183, 228, 113, 51,
I'm in the process of diagnosing a potential issue with a third-party
application and it would help me tremendously, if I could turn on logging for
the XML response referenced below, specifically the username that gets returned
to the third-party application:
[From
On Mon, 10 Dec 2012, Tobias Quosigk wrote:
I'm in the process of diagnosing a potential issue with a third-party
application and it would help me tremendously, if I could turn on
logging for the XML response referenced below, specifically the username
that gets returned to the third-party
Hi,
I have been struggling for last one week trying to integrate .net app
running on IIS 6.0 with CAS authentication. I have followed the
instructions mentioned on official client release page. I have carefully
appended the code to my web.config file and imported the CAS module.
When I access
17 matches
Mail list logo