Hi,
I agree there is a problem with the OAuth confirmation screen. Please open
a JIRA for this issue.
Though, the OAuth server support is not built like the SAML or OpenID
support : it's not embedded into the webflow, there is no dedicated
extractor, service... It's just a controller with
After digging around, I think I figured this out. I have to add a
crlDistributionPoints section to my openSSL configuration file and regenerate
my CA that I am using. Does that sound correct? Can anyone share any steps or
tutorials on how to do this -- other than the OpenSSL documentation
We're integrating Google Apps with our CAS SSO, and we're also using
uPortal. I'm trying to arrive at the right combination of availability and
security, and would appreciate any thoughts.
Currently, a user logged in to our portal can browse to mail.google.com and
be authenticated with their
I assume from other messages I've seen in this user group that Google Apps
integration does work. Has anyone else run into this? Has anyone tried this
on CAS 3.5.1?
I have not, nor am I aware of confirmation from anyone else. It's
concerning because we have upgraded to OpenSAML 2.x as of the
We're running 3.5.1 with Google Apps integration in production. Setting it
up was no different than with the old version that we were running prior
to the upgrade (3.4.3.1). The only attribute that we're releasing to
Google is 'uid', which contains the username.
If the signature validation fails
After digging around, I think I figured this out. I have to add a
crlDistributionPoints section to my openSSL configuration file and
regenerate my CA that I am using. Does that sound correct?
You would need to do that if you are not presently issuing certs with
the crlDistributionPoints
I can't see how it could be a mismatched certificate problem. I've
independently tested the SAML produced by cas with xmlsec1 using the
certificate I uploaded to Google. Xmlsec1 reports the signature is invalid. If
I sign the same XML with xmlsec1 using the same private key I configured in
I can't see how it could be a mismatched certificate problem. I've
independently tested the SAML produced by cas with xmlsec1 using the
certificate I uploaded to Google.
Would it be possible to share a test SAML payload and your cert? While
it may be a little uncomfortable to share these,
Hello everyone,
I am new to CAS, and now used CAS for my first project.
What I want to do is have a website and a external java program access a cas
protected webservice by authenticating with CAS.
The website is already authenticating to CAS by using the login form without
problems, and
All,
We have an enterprise reporting tool we have operating behind CAS.
This service has URLs that have 'special' characters in it --
ampersands, slashes, question marks, spaces, etc. This service handles
some URL encoding just fine -- it does not mind replacing ' ' with
%20, for instance.
When
Ed,
You seem to be thinking about the CAS server customization such that SSO
sessions are initiated only when logging in to the portal. Otherwise,
applications can use CAS for login, but doing so doesn't create SSO
sessions.
This can be a nice approach in that it helps users to understand,
11 matches
Mail list logo