Re: [cas-user] JSON Service Management

I'd used the version 4.0.3 and everything goes fine where I'd integrated the OTP factor in my implementation by using the class `TOTP.java` from the `cas-addons project` in a custom package of mine. My problem comes when I tried to use the cas-addons project it self by adding it as a dependency in

Re: [cas-user] JSON Service Management

FWIW - cas-addons project is not officially supported on CAS 4.x series as noted here: https://github.com/Unicon/cas-addons#notice Best, D. > On Aug 5, 2015, at 7:11 AM, Nouman Fallouh wrote: > > I'd used the version 4.0.3 and everything goes fine

Re: [cas-user] JSON Service Management

So your best bet for CAS 4.0.x is to use TOTP class in your own package (there is no need to maintain it in a separate wrapper open source library) in conjunction with YAML service registry: https://github.com/unicon-cas-addons/cas-addon-yaml-services-registry

Re: [cas-user] JSON Service Management

Thanks, my mistake I should've notice it, To me the TOTP thing as is solved by using the class as one of my custom classes. But what about using the JSON service registry? what's the best way to do this? it's not supported in CAS 4.0.3 yet?!! Best, On Wed, Aug 5, 2015 at 4:03 PM, Dmitriy Kopylen

Re: [cas-user] JSON Service Management

Sorry, i sent my reply before reading your second answer, will try the YAML thing and confirm Thanks alot On Wed, Aug 5, 2015 at 4:15 PM, Nouman Fallouh wrote: > Thanks, my mistake I should've notice it, > > To me the TOTP thing as is solved by using the class as one of my custom > classes. >

[cas-user] Java CAS client and Trust Store

Is there some way to tell the Java CAS client what trust store it should be using? I may be using the incorrect terminology, so put another way: Is there a way to tell the Java CAS client that I want it to trust the CA certificates in a particular keystore file (.jks file) rather than the glob

RE: [cas-user] Java CAS client and Trust Store

Yes. Look for "sslConfigFile" here in the project's README/docs: https://github.com/Jasig/java-cas-client I don't know if that will stop the client from looking into the Java keystore though. Probably not. > -Original Message- > From: Waldbieser, Carl [mailto:waldb...@lafayette.edu] > S

Re: [cas-user] Java CAS client and Trust Store

Hi, You need to use the sslConfigFile option: https://github.com/Jasig/java-cas-client/blob/master/cas-client-core/src/main/java/org/jasig/cas/client/validation/AbstractTicketValidationFilter.java#L93 Thanks. Best regards, Jérôme 2015-08-05 15:42 GMT+02:00 Waldbieser, Carl : > > Is there some

Re: [cas-user] Java CAS client and Trust Store

Thanks. So would something like this be a vlid properties file? #properties=SSL #keyStoreType keystorePath=/etc/shib-cas/truststore.jks keyStorePass=SecretDontTell #keyManagerType=SunX509 #certificatePassword I.e. the '#' lines are ignored, the 'keyStorePath' is just the path to a Ja

RE: [cas-user] Java CAS client and Trust Store

Yes, that should do it. > -Original Message- > From: Waldbieser, Carl [mailto:waldb...@lafayette.edu] > Sent: Wednesday, August 5, 2015 8:37 AM > To: cas-user@lists.jasig.org > Subject: Re: [cas-user] Java CAS client and Trust Store > > Thanks. > > So would something like this be a vlid

Re: [cas-user] Java CAS client and Trust Store

Is there some way to tell if the client is actually using the trust store I specify? My filter is set up like: CAS Validation Filter org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter casServerUrlPrefix https://cas.dev

RE: [cas-user] Java CAS client and Trust Store

What client version are you using? > -Original Message- > From: Waldbieser, Carl [mailto:waldb...@lafayette.edu] > Sent: Wednesday, August 5, 2015 10:50 AM > To: cas-user@lists.jasig.org > Subject: Re: [cas-user] Java CAS client and Trust Store > > > Is there some way to tell if the cli

Re: [cas-user] Java CAS client and Trust Store

cas-client-core-3.1.12.jar Thanks, Carl - Original Message - From: "Misagh Moayyed" To: cas-user@lists.jasig.org Sent: Wednesday, August 5, 2015 1:53:55 PM Subject: RE: [cas-user] Java CAS client and Trust Store What client version are you using? > -Original Message- > From:

RE: [cas-user] Java CAS client and Trust Store

Ok. Based on the docs you want to start with a minimum of 3.3.x. That should support that option. There should also be logs that tell you the keystore was loaded successfully and used. You only see those when an outbound https connection is made; not on Tomcat startup. > -Original Message---

Re: [cas-user] Exposing principal id in LPPE

In our case, the login id is also the principal. Specifically, how would ‘userid’ be accessed in in LPPE? -- Raymond Walker Software Systems Engineer StSp. ITS Northern Arizona University From: Misagh Moayyed Reply-To: "cas-user@lists.jasig.org" Date: Monday, Aug

RE: [cas-user] Exposing principal id in LPPE

They are not available yet; I was just speculating over options that we could make this work for all LPPE views. I don’t know how yet, but one possibility is that once they are accessible, you’d get a ${userid} or some such in the JSP that you can work with. (Similar to how you have now access

[cas-user] CAS4 LdapPersonAttributeDao accessibility via SWF

I am wanting to extend the CAS web flow via : http://jasig.github.io/cas/4.0.x/installation/Webflow-Customization.html …to perform a decision on web flow based on LDAP attributes gathered via org.jasig.cas.persondir.LdapPersonAttributeDao: http://jasig.github.io/cas/4.0.x/integration/Attribute-Re

Re: [cas-user] [cas-announce] CAS v.4.0.3 is released

Here's the stack trace The Spring ContextLoaderListener we wrap threw on contextInitialized. But for our having caught this error, the web application context would not have initialized. org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'characterEncodingFil

[cas-user] Apps running amok with service ticket & validation requests

We've discovered unusual occurances where certain apps occasionally generate a large number of CAS service ticket requests and validations within a short window of time. We have seen these on the order of ~1500/minute for anywhere from a few minutes to a few hours in duration. When this occurs, it'