Re: [cas-user] View Statistics Page Gone in v4?

Yes, it is. https://github.com/Jasig/cas/blob/v4.0.1/cas-server-webapp/src/main/webapp/WEB-INF/spring-configuration/securityContext.xml#L39 Cheers, D. > On Apr 13,

Re: [cas-user] CAS 4.0.1 Restful Implementation not working

I just want to also add awareness - if anyone is stuck on CAS 3.5.x and use REST API with the same security filter which brakes the Restlet implementation, there is an addon module that you could swap in place of Restlet and enjoy the same, modern REST impl. that users of CAS 4.1 will enjoy (when C

Re: [cas-user] CAS 4.0.1 Restful Implementation not working

n, I get an > 302 redirect to the standard login page. Any ideas as to how to resolve it? > > Thanks, > Paul > > On Wed, Apr 22, 2015 at 5:25 PM, Dmitriy Kopylenko > mailto:dmitriy.kopyle...@gmail.com>> wrote: > I just want to also add awareness - if anyone is stuc

Re: [cas-user] Service Registry JSON to Excel

This, perhaps -> http://www.convertcsv.com/json-to-csv.htm D. > On Apr 28, 2015, at 2:09 PM, Bryan Wooten wrote: > > So I have been tasked with creating an inventory of all our CAS applications. > > I could just turn in the servicesRegistry.conf JS

Re: [cas-user] Adding additional login field

What version of CAS and which authentication handler do you use? Dmitriy. > On May 27, 2015, at 8:59 AM, Jonathan Bell wrote: > > I am trying to add a third login field. I am getting a message at login > "Credentials you provided are not supported by cas" Something obviously I am > missing

Re: [cas-user] Adding additional login field

ul log instrumentation in authentication manager impl., etc. D. > On May 27, 2015, at 9:16 AM, Jonathan Bell wrote: > > too quick on the enter. > org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler > > On 2015-05-27 6:11 AM, Dmitriy Kopylenko wrote: >> What version o

Re: [cas-user] Where is persistence.xml in 4.0.x (JPA Ticket Registry)

Hibernate 4.3 is the first version to implement the JPA 2.1 spec. And it's thus expecting the JPA 2.1 API jar on the classpath, not the JPA 2.0 API jar. Some “dependencies dance” might be required here (Maven excludes, etc.) Cheers, D. > On May 27, 2015, at 10:02 AM, Christian Brunotte wrote:

Re: [cas-user] command-line phpCAS client

Would you please provide an example of how you try to “open” /v1/tickets resource? Best, Dmitriy. > On Jun 4, 2015, at 1:22 PM, Romov, Phil wrote: > > So I’ve followed http://jasig.github.io/cas/4.0.x/protocol/REST-Protocol.html > and edited pom.xml and web.xml (the latter one in tomcat/webap

Re: [cas-user] command-line phpCAS client

v1/tickets request > > I suppose I could try sending POST to /cas/login directly, but I¹m not > even sure if that is supported > > Any guidance is welcome > > Thanks > Phil > > On 6/4/15, 1:33 PM, "Dmitriy Kopylenko" <mailto:dkopyle...@unicon.net>>

Re: [cas-user] command-line phpCAS client

m linking a screenshot of what I’m looking at. (I suppose if I attach > images to the user group it will not work?) > http://i.imgur.com/hsAX3vl.png > > Please advise > > Thanks > Phil > > > > From: Dmitriy Kopylenko mailto:dkopyle...@unicon.net>> >

Re: [cas-user] Embedding username info in Service ticket

I second what Andy says, and just want to add that service ticket validation is the necessary step in a secure CAS protocol, and the simple answer is - “no, you cannot skip the ST validation step”. Best, Dmitriy. > On Jun 29, 2015, at 3:55 PM, Andrew Morgan wrote: > > On Mon, 29 Jun 2015, Aja

Re: [cas-user] CAS and MemchachedTicketRegistry

I could be biased here, but I find the Hazelcast ticket registry is the simplest one (no external server processes required, etc.) and it just works. Best, Dmitriy. > On Jun 30, 2015, at 9:50 AM, Michael O Holstein > wrote: > > I am using (or rather attempting to use) MemcachedTicketRegistry

Re: [cas-user] Embedding username info in Service ticket

anks, >>>> Carl Waldbieser >>>> ITS Systems Programmer >>>> Lafayette College >>>> >>>> - Original Message - >>>> From: "Ajay Madhavan" >>>> To: cas-user@lists.jasig.org >>>> Sent: Mo

Re: [cas-user] Redirection is not working after successfull authentication

What does your client app’s web.xml look like? What does your CAS’ deployerConfigContext.xml look like? Alternatively, if you are building Java web apps with Spring Boot (highly recommended these days), you could easily CAS-protect it with the available auto config CAS client library, specifica

Re: [cas-user] Querying CAS audit data with Splunk

FWIW, the underlying Inspektr's component that CAS uses for its slf4j audit events destination is extensible, and one could always plugin their own output formatting implementation to suit their needs: https://github.com/Jasig/inspektr/blob/master/inspektr-audit/src/main/java/org/jasig/inspektr

Re: [cas-user] Querying CAS audit data with Splunk

> > Sure, and we have extended it locally for our deployment. I think it's fair > to consider, however, whether the defaults are convenient for common query > cases. For anyone ingesting logs into Splunk, the layout is indeed quite > inconvenient. > I cannot argue with that! ;-) Time to re-

Re: [cas-user] mfa + any distributed cache = fail

OK, Michael, I’ve chased it down. It is indeed a bug in cas-mfa code. I’m planning a fix on Monday and then we could cut another quick RC release with 1.0 GA to follow shortly. Misagh, what do you say? Cheers, D. > On Jul 17, 2015, at 12:34 PM, Misagh Moayyed wrote: > > Michael, > > You may

Re: [cas-user] shib idp 3 CAS support

Just want to conclude this thread with a pretty good read about Hazelcast. Arguably, by now Hazelcast software (at v3.5) is a pretty robust, well-implement and mature distributed grid/cache. http://www.brickendon.com/articles/achieving-low-latency-using-distributed-cache/

Re: [cas-user] shib idp 3 CAS support

ul 17, 2015 at 03:25:35PM -0400, Dmitriy Kopylenko wrote: >> Just want to conclude this thread with a pretty good read about Hazelcast > > So... Any chance you guys at Unicon have any interest in putting together a > Hazelcast based clustering backend for idp 3 :)? > > >

Re: [cas-user] Drop the management webapp

And I just want to also clarify one bit - the proposal is not to entirely “abandon” the management UI, but to move it out of the CAS core repository into its own project, with its own release cycle. > On Jul 27, 2015, at 10:30 AM, Jérôme LELEU wrote: > > Hi, > > The proposed alternative with

Re: [cas-user] Backporting of the cas-server-support-rest project for CAS 4.0.x (current stable version)

FWIW, there is an existing addon for CAS 3.5 (which works with the older Spring versions that CAS depends on): https://github.com/unicon-cas-addons/cas35-addon-rest May be you could take the inspiration form it, or even fork it and make th

Re: [cas-user] Attribute repository with multiple different sources

FWIW, the Spring Modules projects is defunct: https://springmodules.dev.java.net/ It’s kind of sad that actively used projects depend on other dead projects. Cheers, D. > On Jul 30, 2015, at 8:25 AM, Whittaker, Geoffrey > wrote: > > Thanks, > > I don't

Re: [cas-user] Leading White space in username/netid

https://groups.google.com/forum/m/#!topic/jasig-cas-user/pz-NZH9H7yI Sent from my iPhone > On Aug 4, 2015, at 18:54, Bryan Wooten wrote: > > Hi all, > > Here is the scenario: > > Login into our CASified Peoplesoft with a leading whitespace on the user name. > CAS authenticates against OpenDJ

Re: [cas-user] JSON Service Management

FWIW - cas-addons project is not officially supported on CAS 4.x series as noted here: https://github.com/Unicon/cas-addons#notice Best, D. > On Aug 5, 2015, at 7:11 AM, Nouman Fallouh wrote: > > I'd used the version 4.0.3 and everything goes fine

Re: [cas-user] JSON Service Management

cas-addons/cas-addon-yaml-services-registry> Or just wait until CAS 4.1 gets released (don’t know when this would happen) and start using a CAS’ native JSON service registry. Cheers, D. > On Aug 5, 2015, at 9:03 AM, Dmitriy Kopylenko wrote: > > FWIW - cas-addons project is not offic

Re: [cas-user] CAS protocol flow sequence: AuthN then check service registry?

Yep, that’s old. That was the behavior which was changed to check service authorization before the author transaction start in 3.5.1+ (I don’t remember the exact 3.5.x version where it went in). Cheers, Dmitriy. > On Aug 14, 2015, at 1:59 PM, Baron Fujimoto wrote: > > Sorry, I should have inc

Re: [cas-user] problem with POST requests

What CAS really needs is the true, stateless JWT implementation - that would solve the problem of authentication for RESTful resources once and for all, but that's a discussion for another day :-) Cheers, D. Sent from my iPhone > On Aug 21, 2015, at 18:42, Carl Waldbieser wrote: > > In tha

Re: [cas-user] CAS allowing incorrect passwords to Authenticate

Check if you are using SimpleTestUsernamePasswordAuthenticationHandler in your deployerConfigContext.xml by any chance. D. Sent from my iPhone > On Aug 24, 2015, at 17:17, Martel, Michael H wrote: > > Greetings! > > Our IDM Expert is leaving on Friday for greener pastures, and today our ID

Re: [cas-user] Unable to configure ticketing via MySQL

For the HA set up, there are more attractive and easier to maintain options in CAS to consider other than RDBMS like Hazelcast Ticket Registry for example which is part of CAS core now: http://jasig.github.io/cas/development/installation/Hazelcast-Ticket-Registry.html Best, Dmitriy. Sent fr

Re: [cas-user] substitute attribute for user

This could be accomplished by setting the ‘usernameAttribute’ property in the RegisteredService instance in question: http://jasig.github.io/cas/4.0.x/installation/Service-Management.html In CAS 4.1 this is even easier to d

Re: [cas-user] Remote Address Authentication - Configuration Error on Documentation

That's a documentation typo. That should have been: Cheers, Dmitriy. > On Oct 7, 2015, at 09:04, Song, Doe-Hyun wrote: > > Hello All, > > From the following document, > http://jasig.github.io/cas/4.1.x/installation/Remote-Address-Authentication.html > > action tag seems not correct. > >

Re: [cas-user] Remote Address Authentication - Configuration Error on Documentation

mentation > > Dmitriy, > > Thanks for your reply. I think action element itself does not work. Are you > meaning to use evaluate element? > > From: Dmitriy Kopylenko [mailto:dkopyle...@unicon.net > <mailto:dkopyle...@unicon.net>] > Sent: Wednesday, October

Re: [cas-user] several very basic cas install questions

Check this branch out: https://github.com/UniconLabs/simple-cas4-overlay-template/tree/cas41-with-HZ-and-LDAP It uses the 4.1.0 and is pre-configured with Hazelcast ticket registry. You could just clone it

Re: [cas-user] several very basic cas install questions

You don’t need to include any files. Just use the overlay as is. When you `mvn clean package` it will pull the appropriate dependencies (already pre-declared in the pom.xml) and will assemble the final cas.war archive ready for deployment. As for LDAP, you just get rid of that dependency in the

Re: [cas-user] several very basic cas install questions

No. That documentation link is for the “development” version which is not currently released (4.2.0). That bean “alias" is a new feature and will be available in 4.2.0. This is the correct link for the current GA version -> http://jasig.github.io/cas/4.1.x/installation/Hazelcast-Ticket-Registry

Re: [cas-user] several very basic cas install questions

That’d be git stuff i.e. `git clone g...@github.com:UniconLabs/simple-cas4-overlay-template.git` followed by `git checkout cas41-with-HZ-and-LDAP` But for the better results, I’d highly recommend you start here: http://jasig.github.io/cas/4.1.x/installation/Maven-Overlay-Installation.html

Re: [cas-user] several very basic cas install questions

It won’t deploy, as it will require you to have an LDAP directory available. You could simply delete it altogether and this will allow Maven to pull in the default one from CAS’ published war artifact, which is this -> https://github.com/Jasig/cas/blob/v4.1.0/cas-server-webapp/src/main/webapp/WE

Re: [cas-user] several very basic cas install questions

Create directory `/etc/cas` or `c:\etc\cas` if on windows and copy cas.properties and log4j2.xml there. But in general, you will need to look at your Servlet container’s logs to see what is going on when you deploy cas.war and for any indications of errors, etc. D. > On Oct 15, 2015, at 2:27 P

Re: [cas-user] several very basic cas install questions

In this particular overlay, those files are externalized to this particular location: `/etc/cas`. Have you gone through the doc: http://jasig.github.io/cas/4.1.x/installation/Maven-Overlay-Installation.html ? All of

Re: [cas-user] CAS behind proxy - Log client IP recorded at proxy

Carl, configure the CAS’ Inspektr client info filter as such (in CAS’ web.xml): CAS Client Info Logging Filter com.github.inspektr.common.web.ClientInfoThreadLocalFilter alternativeIpAddressHeader X-Forwarded-For Best, D. > On Oct 16, 2015, at 9:43 AM, Waldbieser, Carl

Re: [cas-user] utterly lost on cas 4.1.0 Saw '301 Moved Permanently' error

By merely including the Hazelcast ticket registry module dependency, it should override the default ticket registry config which is read from HZ module jar. The default CAS' web.xml has that config bit turned on. I'd suggest you start from a fresh overlay project and follow the 4.1 documentati

Re: [cas-user] utterly lost on cas 4.1.0 Saw '301 Moved Permanently' error

://github.com/Unicon/cas-addons/wiki/Configuring-HazelcastTicketRegistry > > Except that throws errors. > > So...do I need to do filtering or whatever or what? Because that hz ticket > registry is not being written in there... > > >> On Tue, Oct 20, 2015 at 5:28 PM,

Re: [cas-user] hazelcast tickets not replicating

And just to add to Paul's notes - since version 4.1 the Hazelcast Ticket registry is natively a part of CAS core: http://jasig.github.io/cas/4.1.x/installation/Hazelcast-Ticket-Registry.html So to repeat (many times previously said): DO NOT use cas-addons (which are implemented and supported fo

Re: [cas-user] hazelcast tickets not replicating

So what's not working? As you noted you have evidence in the CAS server logs that Hazelcast nodes are able to chat and share state among each other. If that is the case, then HZ ticket registry is working as expected. How did you come to conclusion that "tickets are not replicating"? Best, D.

<    1   2   3