[cas-user] MFA & Duo support for 4.x

I’m trying to get a feel of where the CAS community is headed with support for MFA / Duo Security. Our institution is currently reviewing options for migrating from CAS 3x to 4x. Alongside this, we’re also going to be implementing MFA via Duo. I currently see a number of MFA/Duo projects (not o

RE: [cas-user] LPPE and multiple Domains

Cool, I got it to connect to the global catalog port and I can authenticate against the parent and the child domain. However, when I add back in the I get the error message SEVERE: Servlet.service() for servlet [cas] in context with path [/cas] threw exception [Request processing failed; neste

Re: [cas-user] Services Management Database Sync

I'll add that you should read this issue: https://github.com/Jasig/cas/issues/476 While your services database is down, authentication will fail. Andy On Wed, 8 Oct 2014, Jérôme LELEU wrote: > Hi, > > Services are saved or restored directly to the DB, so when it's down, the > Servic

RE: [cas-user] allowedAttributes ldap CAS 4

Ok. So I’d follow what John suggested. Up the log levels and see what they tell you. From: daniel.char...@unice.fr [mailto:daniel.char...@unice.fr] Sent: Wednesday, October 8, 2014 7:19 AM To: cas-user@lists.jasig.org Subject: Re: [cas-user] allowedAttributes ldap CAS 4 A simple page of php c

RE: [cas-user] Preferred HA clustering support

We have done more than several deployments of it, yes. I don’t know if it’s “fully” vetted (as that may depend on what plan to accomplish with your deployment) but it’s been very smooth so far. Given what you have described so far, I think it will suite your needs just fine. Regardless of the

Re: [cas-user] allowedAttributes ldap CAS 4

A simple page of php cas 1.3.3 with the function phpCAS::getAttributes() - Daniel CHARLOT D.S.I. Université de Nice Sophia-Antipolis Administrateur Systèmes et Réseaux 28, avenue de Valrose - BP 2135 - 06103 NICE Tél : 04-92-07-67-07

RE: [cas-user] allowedAttributes ldap CAS 4

And what sort of CAS client are you using to get these attributes? From: daniel.char...@unice.fr [mailto:daniel.char...@unice.fr] Sent: Wednesday, October 8, 2014 5:07 AM To: cas-user@lists.jasig.org Subject: Re: [cas-user] allowedAttributes ldap CAS 4 Hi john, I use SAML 1.1. ---

Re: [cas-user] allowedAttributes ldap CAS 4

Hmm, that was the last of the low hanging fruit. Sometimes people are still using CAS1 or CAS2 which doesn't work, but SAML should fine. I'd set the log4j.xml to debug for org.jasig.persondir and see what gets dumped. On Oct 8, 2014 5:07 AM, daniel.char...@unice.fr wrote:Hi john,I use SAML 1.1. ---

Re: [cas-user] Services Management Database Sync

Hi, Services are saved or restored directly to the DB, so when it's down, the Services Management webapp cannot update/add/delete services anymore. There is no specific process to work offline. Best regards, Jérôme LELEU Founder of CAS in the cloud: www.casinthecloud.com | Twitter: @leleuj Chair

[cas-user] Services Management Database Sync

For CAS 3.5.2 - If the backing database for the Services Management​ is unavailable (due to failure, updates, etc.), will any changes be made through the management interface be synced back to the database once it becomes available? Does anyone have experience with this? The documentation makes i

Re: [cas-user] Preferred HA clustering support

Hi Misagh, Have you run the HazelcastTicketRegistry in a production environment? It looks promising, but I want to make sure it's been fully vetted. On Tue, Oct 7, 2014 at 3:40 PM, Misagh Moayyed wrote: > Right, that’s not going to do you any good because ultimately, the > validation of that s

[cas-user] CAS 4 - How to set granted authorities after successful login ? ... 'coz needed for authorisation on services

Hi All I am able to authenticate successfully on CAS4 / Active Directory setup. And I am able to retrieve the memberOf attribute from LDAP which has all the roles as below. But not able to populate these roles again back to the spring security context. I need this in other services (web apps)

Re: [cas-user] allowedAttributes ldap CAS 4

Hi john, I use SAML 1.1. - Daniel CHARLOT D.S.I. Université de Nice Sophia-Antipolis Administrateur Systèmes et Réseaux 28, avenue de Valrose - BP 2135 - 06103 NICE Tél : 04-92-07-67-07 Le 7 oct. 2014 à 17:18, John Gasper

RE: [cas-user] Does CAS 4 generate cookies ? I can't find any ?

Hi Jay! Yes, it does. After logon, I can see these 2 cookies issued by CAS: CASTGC, JSESSIONID. I use Firefox + Firebug to inspect cookies and I never experienced any problems seeing them. Best Regards, Jarda From: Jayakumar Jayaraman [mailto:india@gmail.com] Sent: 8. October 2014 11:29

[cas-user] Does CAS 4 generate cookies ? I can't find any ?

Hi Guys Does CAS 4 generate cookies ? I can't find any ? I have setup CAS 4 and able to successfully authenticate against LDAP. After successfully login I tried to see if there are any cookies generated by CAS in the chrome browser. But I could only see one cookie JSESSIONID and nothing more fo

[cas-user] JCIFSConfig and multiple realms

Hi, I'm trying making SSO with two realms AD with spnego. How doing that with JCIFSSpnegoAuthenticationHandler ? File deployerConfigContext.xml seems support only one bean jcifsConfig. Here my deployerConfigContext.xml : EmailAddres