I think you are referring to a single user login !you can record the login
user's sessionid then the user login at other place upate the recorded
sessionid.the first login checked sessionid is not equal to himself's show some
message and redrict to login page.
e
2013-07-26
kofyfant
发件人:
in login-webflow.xml, I tried adding this:
...
...
...
No change. Is that what you meant? I also tried value='${flowExecutionUrl}' and
got an error.
Thanks,
Eric
-Original Message-
From: shmol...@gmail.com [mailto:shmol...@gmail.com]
On Thu, 25 Jul 2013, Trenton D. Adams wrote:
Hmm, it doesn't seem reasonable for an authentication system to not be
throttled. Any ideas on why it's not on by default? I know it was for CAS
2.
Can we get it enabled by default going forward?
Our CAS system uses our LDAP service to handle a
Hmm, it doesn't seem reasonable for an authentication system to not be
throttled. Any ideas on why it's not on by default? I know it was for
CAS 2.
Can we get it enabled by default going forward?
Thanks.
On 13-07-25 12:38 PM, Jérôme LELEU wrote:
Hi,
I think you're right even if I'm not su
Not sure what's going on, but it appears that flowExecutionUrl is
holding an array or list of Strings. Are you sure that
flowExecutionUrl works as you expect in a JSP? I'm thinking maybe it
only works in a web flow definition?
Try setting it in the view context before invoking the JSP:
Hi,
We found it seems to be a problem between ticket file lock , ext4 and
apache-mpm-worker. We change to mpm-prefork and we havn't any problem.
Thank you for your hint.
-Message d'origine-
De : Matt Smith
À : "cas-user@lists.jasig.org"
Envoyé : jeudi 25 juil. 2013 16:48:45 UTC+00:0
Hi,
I'm always worried when new built applications require the users'
passwords. It should be your *ultimate last option*. Do you really need
that ?
In that case, there is a mechanism in CAS to retrieve passwords, it's
ClearPass : https://wiki.jasig.org/display/CASUM/ClearPass.
Best regards,
Jérôm
Hi,
I think you're right even if I'm not sure for version 3.x with x < 3.
The documentation :
https://wiki.jasig.org/display/CASUM/Throttling+Login+Attempts.
Best regards,
Jérôme
2013/7/25 Trenton D. Adams
> Am I correct in understanding that throttling is not enabled by default in
> CAS 3?
Sorry to bump this, but my boss is getting cranky at me. :-(
Does anyone have any idea as to what I might try? Or where else I might ask?
Eric
-Original Message-
From: Stein, Eric
Sent: Wednesday, July 24, 2013 3:10 PM
To: cas-user@lists.jasig.org
Subject: URLs to enter the login webflow
Hi Team,
I have successfully integrated CAS 3.5.2 with my spring base web application.
now I want user password after authentication in my spring application, I know
it's not good/right way to get/pass password from CAS server to client
application.
I tried using below way but not succeed.
I
There have been several fixes committed to the master branch since 1.0.9.1,
though we have not yet cut 1.0.10. Please try master and see if that
resolves your issue.
Also - if the first URL you visit is deeper in your site than subsequent
visits, your CAS cookie's PATH may be scoped to narrowly.
Am I correct in understanding that throttling is not enabled by default
in CAS 3? I know it was in CAS2.
Thanks.
--
Trenton D. Adams
Senior Systems Analyst/Web Software Developer
Navy Penguins at your service!
Athabasca University
(780) 675-6195
:wq!
--
This communication is intended for th
javassist, cglib and Hibernate could be such a candidates.
It does not help to have it in WEB-INF/lib.
See
http://my.opera.com/karmazilla/blog/2007/03/15/permgen-strikes-back
http://stackoverflow.com/questions/2051734/why-is-permgen-space-growing
http://stackoverflow.com/questions/1124131/what
Yeah, more specifically, something must be using a static somewhere. I
know that commons logging does this, for example. But, according to
them, it's not actually their problem, because people shouldn't be
installing common libraries in tomcat's folders, they should be in
WEB-INF/lib.
http:/
Hi David
I have finished the implementation now according to
https://wiki.jasig.org/display/CAS/Proxy+CAS+Walkthrough
and it works all fine now, but I noticed that also proxy tickets can be
used by 'proxyValidate' only once,
whereas IIUC a proxy ticket is just another service ticket, e.g.
"ST
It means dedicating a Tomcat and JVM instance to only run CAS, as opposed to
running multiple webapps in a single container instance.
Best regards,
--
Carlos M. Fernández
Sr. Enterprise Systems Admin
Saint Joseph's University
W: 610-660-1501
M: 215-316-1193
E: cfern...@sju.edu
On Jul 25, 2013, a
Thanks for the info.
I'm unclear about one item, however. You said
It's easier to simply deploy CAS in a Tomcat instance by
itself and restart the container as part of redeployment.
What do you mean by "deploy CAS in a Tomcat instance by itself"? What
does "by itself" mean?
--
Jonatha
In my experience, the main culprit is the god awful Oracle JDBC driver. I can
re-deploy a project all day long without issue. But as soon as I add in the
Oracle JDBC driver… *BAM* PermGen space problems. Even forcefully unloading the
driver on application shutdown doesn't help.
~ James
On Jul
> It's easier to simply deploy CAS in a Tomcat instance by itself and restart
> the container as part of redeployment. I believe most CAS deployers do this;
> we certainly do.
+1 same here.
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscr
Has anyone else seen such behavior?
See it all the time. The root cause is dangling object references that
pin the parent class loader and all the classes it loaded on startup.
For non-trivial apps that is typically a lot of data. Since class
definitions are placed in the PermGen slot of the
Am 25.07.13 10:22, schrieb Michael Wechner:
Am 05.07.13 16:26, schrieb Marvin S. Addison:
Can you give an example of what you mean with "various policies"?
The CAS service manager ships with the ability to explicitly deny
proxy capability to registered services. We make healthy use of this
fea
Am 05.07.13 16:26, schrieb Marvin S. Addison:
Can you give an example of what you mean with "various policies"?
The CAS service manager ships with the ability to explicitly deny
proxy capability to registered services. We make healthy use of this
feature at Virginia Tech. I'm sure I could inven
22 matches
Mail list logo