this, because it would seem that if
we had multiple services with different protocols going to the same end point,
that could lead to some potential issues with how to handle the incoming user.
Any suggestions or comments are greatly appreciated.
Ben Branch
UNIX/Linux Administrator
University
it that CAS setup as an
OAuth provider allows it to directly use the OAuth authentication handler
whereas the OAuth Proxy basically delegates OAuth authentication to the CAS,
similarly to what the CAS-Shib plugin does?
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL
to be used for custom MFA support like Google Authenticator.
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+, RHCE
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M: 405.550.6804 | bbranch@uco.mailto:bbranch@uco.edu
helpful.
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+, RHCE
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M: 405.550.6804 | bbranch@uco.mailto:bbranch@uco.edu |
www.uco.eduhttp://www.uco.edu/
I am wiser than this man, for neither
and it ended up that I had created a local hosts entry on
my desktop machine that was redirecting me to the wrong server. Also, I'm sure
you've done this, after you make the changes make sure that you restart Tomcat
so that it can load the new configuration changes.
Ben Branch
UNIX/Linux
(please scrubb any sensitive from the file before posting).
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+, RHCSA
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M: 405.550.6804 | bbra...@uco.edu | www.uco.edu
I am wiser than
in a
clustered environment).
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+, RHCSA
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M: 405.550.6804 | bbra...@uco.edu | www.uco.edu
I am wiser than this man, for neither of us appears
to authenticate. Since
I'm already doing attribute releasing in CAS, would that be enough to suffice
the attribute releasing requirements for Salesforce or will I need to actually
have Shibboleth pull the attributes and present them rather than CAS?
Ben Branch
UNIX/Linux Administrator
University of Central
message.
Any help on this would be greatly appreciated.
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+, RHCSA
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M: 405.550.6804 | bbranch@uco.mailto:bbranch@uco.edu |
www.uco.eduhttp
on every request.
--
ph:LoginHandler xsi:type=ph:PreviousSession
ph:AuthenticationMethodurn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession/ph:AuthenticationMethod
/ph:LoginHandler
/ph:ProfileHandlerGroup
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
'.
---
I haven't made any other changes to the handler.xml outside of the ones
recommended by Unicon in the CAS-Shib integration guide.
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+, RHCSA
100 N. University Drive, Box
: urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp
configured_communication_profile:
urn:mace:shibboleth:2.0:profiles:saml1:query:artifact
configured_communication_profile:
urn:mace:shibboleth:2.0:profiles:saml2:query:artifact
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3
apologies if some of these sound like simple questions, I have never setup a
Tomcat cluster before and I want to make sure that I understand all of the
moving parts before I get any deeper in this. As always, your help is greatly
appreciated.
Ben Branch
UNIX/Linux Administrator
University
of you who have
implemented these services with some form of CAS+Shibboleth integration, which
method did you use?
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+, RHCSA
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M
of CAS? We are
currently on 3.4.10 and I'm looking at moving to 3.5.2.
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+, RHCSA
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M: 405.550.6804 | bbranch@uco.mailto:bbranch@uco.edu
Kevin,
From your latest post sounds like you already have CAS in place for other
apps so you'll probably not want to reverse engineer things :-)
Yeah, I definitely don't feel like doing that! Thank you for the clarification
on how the 2 integration solutions differ.
Ben Branch
UNIX/Linux
.
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+, RHCSA
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M: 405.550.6804 | bbranch@uco.mailto:bbranch@uco.edu |
www.uco.eduhttp://www.uco.edu/
I am wiser than this man, for neither
Kevin,
Are you saying that you used the Unicon Shib-CAS integration for your set?
Just want to make sure I understand you correctly.
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+, RHCSA
100 N. University Drive, Box 122
Edmond, OK 73034
D
param-valueX-Forwarded-For/param-value
/init-param
/filter
Is there anything else I need to do? Or should I contact my network guys and
begin troubleshooting at the load balancer?
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
Audit: Unknown. Is
this because at this point in the validation process, the user ID is no longer
being passed to the CAS, or is there something I have configured wrong on my
side?
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+, RHCSA
100 N
-validate against the CAS because
the ant matching is saying validate anything past this point?
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+, RHCSA
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M: 405.550.6804 | bbranch
Steve,
We made direct modifications to the
$CAS_APP/WEB-INF/view/jsp/default/ui/casLoginView.jsp file to display messages
on the login screen. Maybe not ideal, but it did work for what we needed. I
hope this helps.
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL
can answer for you.
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+, RHCSA
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M: 405.550.6804 | bbra...@uco.edu | www.uco.edu
“I am wiser than this man, for neither of us appears
that I can review to see how to setup
AuthenticationProviderKey properly? Any help on this would be greatly
appreciated.
Many thanks in advance,
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+, RHCSA
100 N. University Drive, Box 122
Edmond, OK
latency in the service
validation which is causing the service tickets to time out before they are
validated. I hope this helps and good luck.
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+, RHCSA
100 N. University Drive, Box 122
Edmond, OK 73034
D
==
Install 3 Package(s)
Total download size: 14 M
Installed size: 50 M
I hope this helps.
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3
ant-junit.x86_64 : Optional junit tasks for ant
ant-nodeps.x86_64 : Optional tasks for ant
ant-swing.x86_64 : Optional swing tasks for ant
ant-trax.x86_64 : Optional trax tasks for ant
To install this, you just need to do a yum install ant.x86_64 and you should
be ready to go.
Ben Branch
UNIX
Eddu,
Google has documentation on their website that shows you exactly how to do
this. Here is basically the same thing on the JASIG wiki:
https://wiki.jasig.org/pages/viewpage.action?pageId=6063484
Hope this helps.
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL
. Of course, as with anything, your
mileage may vary.
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+, RHCSA
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M: 405.550.6804 | bbranch@uco.mailto:bbranch@uco.edu |
www.uco.eduhttp
disabling it, otherwise if you start making changes
to your network scripts, the network manager will try to start using them
instantly. This can cause you some issues if you aren't ready for your changes
to go into effect.
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL
...good luck!
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+, RHCSA
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M: 405.550.6804 | bbranch@uco.mailto:bbranch@uco.edu |
www.uco.eduhttp://www.uco.edu/
I am wiser than this man
://learn.school.edu/d2l/orgtools/CAS/Default.aspx.
I hope this helps.
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+, RHCSA
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M: 405.550.6804 | bbranch@uco.mailto:bbranch@uco.edu
All,
Found the issue. I did not have the
org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver
bean defined in my deployerConfigContext.xml. After adding this and
restarting my cas services, I was then able to see my attributes in the xml
response.
Ben Branch
the value that I
put in the casServiceValidationSuccess.jsp in my XML response then. Is there
something that I'm missing here?
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+, RHCSA
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649
. Any
help on this would be greatly appreciated.
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+, RHCSA
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M: 405.550.6804 | bbranch@uco.mailto:bbranch@uco.edu |
www.uco.eduhttp
with the proper information. Many thanks for your help.
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+, RHCSA
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M: 405.550.6804 | bbranch@uco.mailto:bbranch@uco.edu |
www.uco.eduhttp
requests on
this.
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+, RHCSA
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M: 405.550.6804 | bbranch@uco.mailto:bbranch@uco.edu |
www.uco.eduhttp://www.uco.edu/
I am wiser than this man
Pastebin link: http://pastebin.com/tr2hTNfi
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+, RHCSA
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M: 405.550.6804 | bbranch@uco.mailto:bbranch@uco.edu |
www.uco.eduhttp
deployerConfigContext.xml:
http://pastebin.com/V14RkD6e
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+, RHCSA
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M: 405.550.6804 | bbranch@uco.mailto:bbranch@uco.edu
Eric,
This is excellent news to hear. Now I have a second question.
Are you using Banner with DegreeWorks?
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+, RHCSA
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M: 405.550.6804
Hello all,
Just curious if anyone has any experiencing in configuring CAS 3.4.10 with
DegreeWorks 4.1.0 or 4.1.1? I'm reviewing some of their CAS configurations and
they seem to be referencing configuration settings that pre-date 3.4.10. Any
help on this would be greatly appreciated.
Ben
and identify if this is causing your issue.
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+, RHCSA
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M: 405.550.6804 | bbra...@uco.edu | www.uco.edu
If you wish to know your past, look at your
One small follow-up to this...
With 3.5.X, do we still need a separate DB instance in order for us to use the
web-based Service Manager or does EhCache take over this role as well?
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+, RHCSA
100 N
changes to the
deployerConfigContext.xml with regards to how AD authentication is handeled?
Many thanks for your help on this matter.
Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+, RHCSA
100 N. University Drive, Box 122
Edmond, OK 73034
D
web.xml,
is this speaking of the CAS web.xml or the Shibboleth IDP web.xml?
Ben Branch
Sun Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M: 405.550.6804 | bbra...@uco.edu | www.uco.edu
If you wish
CAS SSO and allow the Shib-IDP to proceed
with allow the user to login. Am I understanding this correctly?
Many thanks for your help,
Ben Branch
Sun Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M
this issue, so I'm looking into
anything that can integrate Shibboleth into CAS with the least amount of
trouble. Again, many thanks for your reply.
Ben Branch
Sun Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+
100 N. University Drive, Box 122
Edmond, OK 73034
D
Pavlos,
Most of the ClassNotFound exceptions are thrown when a library is missing, if
I'm not mistaken. Could you do us a favor and post your pom.xml?
Ben Branch
Sun Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+
100 N. University Drive, Box 122
Edmond, OK 73034
D
.
Ben Branch
Sun Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M: 405.550.6804 | bbranch@uco.mailto:bbranch@uco.edu |
www.uco.eduhttp://www.uco.edu/
If you wish to know your past, look at your present
we want the
application admin to control the access to these services? Or is there another
way to do this that allows us to exert greater control over who uses the
applications?
Again, everyone's help on here is greatly appreciated.
Many thanks in advance,
Ben Branch
Sun Administrator
Robert,
When you go to the www.jasig.org/cas/ page, you will see a link on the left
that says Community. When you click on this, it will then show you a page
that has a link to the wiki on it. I hope this helps.
Ben Branch
Sun Administrator
University of Central Oklahoma
ITIL Foundation v3
Marvin,
Many thanks for your analysis of the Stack Trace. When viewing the logs, we
see successful authentication just as you indicated. I will continue working
with the vendor on Monday. Again, many thanks for your help.
Ben
From: Marvin Addison
how to even begin getting them this information as I am
very, very new to CAS and this is our first implementation of this product. I
have 2 other hosted applications running through CAS without any issues. Any
help on this would be greatly appreciated.
Ben Branch
Sun Administrator
University
=java.naming.security.authentication value=simple /
/map
/property
/bean
I hope this helps.
Ben Branch
Sun Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M: 405.550.6804 | bbra...@uco.edu | www.uco.edu
help is greatly appreciated.
Ben Branch
Sun Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M: 405.550.6804 | bbra...@uco.edu | www.uco.edu
If you wish to know your past, look at your present
, without professional services,
given the documentation that shows it clearly can.
Many thanks for your help in this matter,
Ben Branch
Sun Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M
...@gmail.com]
Sent: Wednesday, January 18, 2012 1:54 PM
To: cas-user@lists.jasig.org
Cc: Matt Smith
Subject: Re: [cas-user] Configuring CAS to trust/replace Luminis CAS.
On Wed, Jan 18, 2012 at 2:44 PM, Ben Branch
bbra...@uco.edumailto:bbra...@uco.edu wrote:
Phil,
I tried to use the github like that you
(Thread.java:662)
I'm very uncertain where to go from here with this. The only way I was able to
get my CAS back in working order was to revert all of my changes that I had
made. Any help in this matter would be greatly appreciated.
Ben Branch
Sun Administrator
University of Central Oklahoma
ITIL
Phil,
I tried to use the github like that you sent and I am receiving a 404 error.
Are you certain this is the right link?
Ben Branch
Sun Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M
Phil,
Never mind about the git path. Must be been a small network hiccup on my end.
It downloaded fine.
Ben Branch
Sun Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M: 405.550.6804 | bbranch
the Google
end, but with that said, I didn't configure the Google side of our Google Apps
test instance, I helped one of our other Admins who is managing that portion of
the project.
Ben Branch
Sun Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+
100 N. University Drive, Box
that the password
doesn't matter leads me to believe that this should be setup with the
SimpleTestUsernamePasswordAuthenticationHandler class, which appears to present
a very large security concern. Please correct me if I am misunderstanding this.
Ben Branch
Sun Administrator
University
provided cannot be determined to be authentic.
Ben Branch
Sun Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M: 405.550.6804 | bbranch@uco.mailto:bbranch@uco.edu |
www.uco.eduhttp://www.uco.edu/
If you
.
Ben Branch
Sun Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M: 405.550.6804 | bbra...@uco.edu | www.uco.edu
If you wish to know your past, look at your present conditions. If you wish
to know your
there any major differences
between the guide and what actually needed to be done in order to make it work?
Many thanks in advance,
Ben Branch
Sun Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M
://pastebin.com/1WtuBNzA
Ben Branch
Sun Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M: 405.550.6804 | bbra...@uco.edu | www.uco.edu
If you wish to know your past, look at your present conditions. If you
cas.properties: http://pastebin.com/uTtrx90i
error messages: http://pastebin.com/4km2K83w
Ben Branch
Sun Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+
100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M: 405.550.6804 | bbra...@uco.edu | www.uco.edu
If you
67 matches
Mail list logo