Hi Carlos,
The properties set in the cas.properties file become part of the Spring
context, and it manages the property namespace for you.
You can use your new property in the Spring/ config files to wire
up parameters/arguments in bean constructors and parameters, by
specifying it like {$mynew.p
To add onto Idan's response,
Or, if you want to exclude "ou=Users3,dc=example,dc=org", you'll need to
duplicate your authHandlers, etc with different search paths of
ou=Users1 and ou=Users2, respectively.
--
*John Gasper*
IAM Consultant
Unicon, Inc.
On 4/9/14, 5:17 AM
to cas-user@lists.jasig.org as:
> jgas...@unicon.net
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
--
*John Gasper*
IAM Consultant
Unicon, Inc.
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail
> classpath:WEB-INF/cas.properties
>
>
>
>
>
>
>
>
>
> Where am I going wrong here? It should be telling CAS to look for
> WEB-INF/cas.properties, and then
.11 to 3.5.2 ?
>
>
>
> Thanks,
>
> Alex
>
> --
> You are currently subscribed to cas-user@lists.jasig.org as:
> jgas...@unicon.net
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
--
*John Gasper*
I
bottom of
>
> https://github.com/dfwarden/Roundcube-CAS-Authn
>
> I would be curious how others have solved this issue and what kind of
> shared storage is being used, etc.?
>
> Thanks
>
> Michael
>
--
*John Gasper*
IAM Consultant
Unicon, Inc.
--
You are currently s
Amin,
That really depends upon your application. If it uses standard
frameworks, ASP.NET Authentication Handlers, Java Spring Security, Java
getRemoteUser, etc., then it is just a matter of configuration and you
will likely not need to make any code changes.
If the authentication code is tightly
Hi Prasad,
CAS Server's source code can be found at https://github.com/Jasig/cas
On 7/10/14, 8:43 AM, Durga Prasad wrote:
> Hi Mr Michael,
>
> Hope u r doing well.
> Since I got another development, I had to keep aside of SSO.
> Now I need again to focus on this.
> Since I want to make use of on
> > To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
> >
> --
> You are currently subscribed to cas-user@lists.jasig.org as:
> jgas...@unicon.net
> To unsubscribe, change settings or access archives, see
> http:/
or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
--
*John Gasper*
IAM Consultant
Unicon, Inc.
PGP/GPG Key: 0xbafee3ef
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
;
> *Voice: 920.924.3517*
>
> *Mobil: 920.273.9728 *
>
> *Fax: 920-907-6997*
>
> *blew...@morainepark.edu <mailto:blew...@morainepark.edu> *
>
> *brian.le...@ellucian.com
> *
>
> *www.ellucian.com
>
> *
>
>
>
>
y which is registered in England under No. 2881024
> and whose Registered Office is at Lumen House, Library Avenue,
> Harwell Oxford, Didcot, Oxfordshire. OX11 0SG. VAT No. 614944238
>
> --
> You are currently subscribed to cas-user@lists.jasig.org
> <mailto:cas-user@lists.ja
This reply should have been direct to Patrick and not Brian... Sorry.
On 7/15/14, 1:25 PM, John Gasper wrote:
> Hi Brian,
>
> It looks like you might have an extra slash in the server.name. Try
> removing the trailing slash from ":7002*/*". Wha
This reply should have been direct to Patrick and not Brian... Sorry.
On 7/15/14, 1:25 PM, John Gasper wrote:
> Hi Brian,
>
> It looks like you might have an extra slash in the server.name. Try
> removing the trailing slash from ":7002*/*". Wha
per
> Denison University
> 740-587-6360
> herri...@denison.edu <mailto:herri...@denison.edu>
> --
> You are currently subscribed to cas-user@lists.jasig.org as:
> jgas...@unicon.net
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
--
*John Gasper*
IAM Consultant
Unicon, Inc.
PGP/GPG Key: 0xbafee3ef
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
Hi Michael,
I don't know. The integration was done for a client.
John
On 7/18/14, 10:54 AM, Michael Herring wrote:
> John,
>
> One more quick question...are you using the HR Toolkit to prepopulate
> accounts for Virtual EMS?
>
> -Michael
>
>
> On Fri, Jul 1
ingle Sign On WILL NOT WORK..
>
> any tips pointers appreciated..
>
> thanks
> Dan
>
--
*John Gasper*
IAM Consultant
Unicon, Inc.
PGP/GPG Key: 0xbafee3ef
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
ea what the problem might be or where to look - any
> pointers - or if anyone has had this issue and was able to resolve it
> - would be appreciated!
>
>
> Thanks
>
>
>
> --
> You are currently subscribed to cas-user@lists.jasig.org as:
> jgas...@unicon.net
>
er gives a TGC to user web explorer and
> finish the login . How can I do that? thanks!
>
>
> --
> You are currently subscribed to cas-user@lists.jasig.org as:
> jgas...@unicon.net
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/disp
Hi Neil,
Why are you trying to use the 4.0.0 version of ClearPass with CAS Server
3.5.2? Does ClearPass 3.5.2 not have some needed functionality?
John
On 7/31/14, 5:52 AM, Neil Alertsen wrote:
> I am attempting to add ClearPass 4.0.0 to CAS 3.5.2.
>
> I can compile the CAS installation perfect
at
>> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:529)
>> at
>> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.jav
>
> switchType="System.Diagnostics.SourceSwitch">
>
>
>
>
>
>
>
>
>
>
>
> switchType="System.Diagnostics.SourceSwitch">
>
>
>
>
>
>
>
>
>
>
>
> switchType="System.Diagnostics.SourceSwitch">
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> --
> You are currently subscribed to cas-user@lists.jasig.org as:
> nklh...@mail.ubc.ca
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
> --
> You are currently subscribed to cas-user@lists.jasig.org as:
> nklh...@mail.ubc.ca
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
> --
> You are currently subscribed to cas-user@lists.jasig.org as:
> jgas...@unicon.net
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
--
*John Gasper*
IAM Consultant
Unicon, Inc.
PGP/GPG Key: 0xbafee3ef
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
> * *
>
>
>
> My apologies if this is a newbie question - I'm not familiar with IIS
> - I am an enterprise java developer.
>
>
> Thanks
>
>
> *From:* John Gasper [jgas...@unicon.net]
> *Sent:*
users
> exist in both ldap servers... I would like it to fall through to the second
> if the wrong password is entered.
>
> Thank you in advance
> --
> You are currently subscribed to cas-user@lists.jasig.org as:
> mmoay...@unicon.net To unsubscribe, change settings or
ng
>
> gzip,deflate,sdch
>
> Accept-Language
>
> en-US,en;q=0.8
>
> Cookie
>
> CAS=8D59393D82EA4F4933FD12E20D588D64D8E78B192ED2B5C41A55DE6F87F5013CA3EFE06405CD7DE3C856DDC36EBCD25CB8DE015EC0411C31AE0D1A4BD0C8F58DD714A230E86D00394F8E4B9A155437C99C58842DC6BE43CACA8A81D896D15B9C25D290F9FF4531C130615626B7D964F272CBCF4586287D163803A5CCF6F3668421B73D751D87763A0B010ED4F39FCC93299F1D4DAACDEF34CBB593F59A39D82E3B7BEA59D200253692D8231E53
niversity
>
> 2035 East Paul Dirac Drive
>
> Sliger, Suite 113
>
> Tallahassee, FL 32310
>
> jli...@fsu.edu
>
> Voice: (850) 270-7368
>
>
>
> --
> You are currently subscribed to cas-user@lists.jasig.org as:
> jgas...@unicon.net
> To unsubscrib
Hi Jeff,
I've not had any issues with any Tomcat 6 or Tomcat 7 versions that I've
used. I have not tried Tomcat 8 yet.
John
--
*John Gasper*
IAM Consultant
Unicon, Inc.
PGP/GPG Key: 0xbafee3ef
On 8/18/14 7:06 AM, Jeff Chapin wrote:
> The version of java used by Tomcat is the s
f it (but only currently with static config
> options for salt and
> iterations):
> https://github.com/Unicon/cas-addons/wiki/Configuring%20ShiroHashServicePasswordEncoder
>
>
>
> The idea would be to come up with an abstraction API, let’s say
> DigestConfigurationSource and i
gt;
>
>
> phpCAS client
>
>
> Successfull Authentication!
>
> the user's login is ?>.
> phpCAS version is ?>.
> href="https://192.168.0.136:8443/cas/logout";&g
en
>
>
>
> University of Utah
>
> UIT-Common Infrastructure Systems
>
> Work: 801.585.9323
>
> --
> You are currently subscribed to cas-user@lists.jasig.org as:
> jgas...@unicon.net
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.
t/about/blog/moodles-race-with-cas-server.
--
*John Gasper*
IAM Consultant
Unicon, Inc.
PGP/GPG Key: 0xbafee3ef
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
Hi Michael,
What version of CAS Server are you trying to deploy?
John
--
*John Gasper*
IAM Consultant
Unicon, Inc.
PGP/GPG Key: 0xbafee3ef
On 9/4/14 8:11 AM, Michael O Holstein wrote:
>
> Hello list,
>
>
> I am trying to configure CAS to act as a WS-Federation proxy per the
eeding if it's known to work better in
> one of them.
>
> Thanks,
>
> ~Mike.
> ----
> *From:* John Gasper
> *Sent:* Thursday, September 04, 2014 11:33 AM
> *To:* cas-user@lists.jasig.org
> *Subjec
tion.authentication.principal.WsFederationCredentialsToPrincipalResolver#1bd7643a'
> defined in ServletContext resource
> [/WEB-INF/deployerConfigContext.xml]; nested exception is
> java.lang.ClassNotFoundException:
> org.jasig.cas.support.wsfederation.authentication.principal.WsFederationCredentialsToPrincipa
e a baseline to
> backtrack my other mistakes.
>
> Thanks,
>
> ~Mike.
> --
> You are currently subscribed to cas-user@lists.jasig.org as:
> jgas...@unicon.net
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
--
*
hat we ran into, so we
switched to the first link's method in one apps case).
As for COBOL, what App Server is it running under? If it is also IIS,
the pipeline method might work.
Good luck.
--
*John Gasper*
IAM Consultant
Unicon, Inc.
PGP/GPG Key: 0xbafee3ef
On 9/5/14 2:41 AM, O
at and the app would grab credentials/permissions from either the cookie or
> ticket created. or, (2)Re-create the login and authentication process by
> somehow integrating CAS directly into the M.Access app.
>
> What would be the most efficient way to do this? And how would we go about
&g
The TGT is stored in the value of the cookie: CASTGC.
---
*John Gasper*
IAM Consultant
Unicon, Inc.
PGP/GPG Key: 0xbafee3ef
On 9/5/14 9:02 AM, Stew wrote:
> Thank you for the quick response.
>
> Your first solution sounds really good; I'll have to check to see if we have
> th
of that value in the
registered service. You can also use regex patterns or wildcards in the url.
Good luck
John
---
*John Gasper*
IAM Consultant
Unicon, Inc.
PGP/GPG Key: 0xbafee3ef
On 9/10/14 5:38 AM, Dheeraj Dubey wrote:
>
> Hi All,
>
> I have configure CAS 4.0 in tomcat 7 with J
t CAS
Server to redirect the browser back to. Based on the age of the filter I
wouldn't be surprised that it doesn't dynamically generate the service url.
Just my completely uniformed thoughts.
-J-
---
*John Gasper*
IAM Consultant
Unicon, Inc.
PGP/GPG Key: 0xbafee3ef
On 9/9/14 7:25 PM,
Hi Michelle,
When I get these kind of errors with IIS, the first thing I check is
that the web.config file is valid xml. I usually rename the file to end
in .xml and open it in IE to make sure it parses correctly. If that
checks out make sure the new elements were added to the appropriate
areas. I
iredPasswordLength="6"
> minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10"
> applicationName="/"/>
>
>
>
>
>
> type="System.Web.Profile.SqlProfileProvider"
> connectionStringName="ApplicationServices&quo
..what
> might be the problem?
>
>
> Michelle
>
> On Fri, Sep 12, 2014 at 12:17 PM, John Gasper <mailto:jgas...@unicon.net>> wrote:
>
> Hi Michelle,
>
> Nice sleuthing! So when I go to http://test-spots.fandm.edu/ I get
> sent to you test CAS Server
...I thought it
> should be something like
> http://test-spots.fandm.edu?ticket=...but I do not see it.
>
> On Fri, Sep 12, 2014 at 1:21 PM, John Gasper <mailto:jgas...@unicon.net>> wrote:
>
> I'm not sure I follow. Are you authenticated to your app when yo
admin you'd like to authorize.
John
---
*John Gasper*
IAM Consultant
Unicon, Inc.
PGP/GPG Key: 0xbafee3ef
On 9/15/14 5:19 AM, TOURNAT Guillaume wrote:
>
> Hello,
>
>
>
> I am setting up a CAS server to authenticate against an OpenLDAP, and
> to store data (services,
||timeout||=||"30"|
| ||defaultUrl||=||"~/Default.aspx"|
| ||cookieless||=||"UseCookies"|
| ||slidingExpiration||=||"true"|
| ||path||=||"/ApplicationName/"| |/>|
| |||
John
---
*John Gasper*
IAM Consultant
Unicon, Inc.
PGP/GPG Key:
Hi Oswald,
You can configure CAS to authenticate against multiple domains, but if
the domains are all under a single forest, then you might try
configuring the ldap queries to go against the Global Catalog
(http://technet.microsoft.com/en-us/library/cc728188%28v=ws.10%29.aspx).
Then the authentica
Hello,
Have you looked at https://wiki.jasig.org/display/CASUM/LDAP? That's
should get you started.
John
On 9/16/14 2:06 AM, Patrick Pat wrote:
> Hi,
> I would like to connect CAS Server 3.5.2 with LDAP Server
> but i don't have a good procedure.
> Please help me.
>
> --
> You are currently sub
> timeout="30"
> defaultUrl="~/Default.aspx"
> cookieless="UseCookies"
> slidingExpiration="true"
> path="/" />
>
>
>
>
>
&g
Hi Jay,
What is the url of the application that you are trying to hit?
John
---
*John Gasper*
IAM Consultant
Unicon, Inc.
PGP/GPG Key: 0xbafee3ef
On 9/23/14 4:10 AM, Jayakumar Jayaraman wrote:
> Hello
>
> I am new to CAS.
>
> I have done the CAS 4.0 setup and I am able to
Thanks. I think your regex is off. Checkout
http://regex101.com/r/xF5yT0/1. Your pattern doesn't match the whole
url, only the beginning. Change the trailing "*" to ".*" (see
http://regex101.com/r/xF5yT0/1) and the whole string gets matched.
---
*John Gasper*
IAM Consul
Looks like a lot of people weighed in with the same solution. That must
be the problem...
BTW, my second url should have been http://regex101.com/r/xF5yT0/3.
Updated below
On 9/23/14 8:22 AM, John Gasper wrote:
> Thanks. I think your regex is off. Checkout
> http://regex101.com/r/xF5yT0/1
Looks like a lot of people weighed in with the same solution. The regex
string must be the problem... :D
BTW, my second url should have been http://regex101.com/r/xF5yT0/3.
Updated below
On 9/23/14 8:22 AM, John Gasper wrote:
> Thanks. I think your regex is off. Checkout
> http://regex101
That's interesting. I don't remember having to include that in any
3.5.2.1 builds. What do the dependencies in your pom.xml look like?
On 9/23/14 9:22 AM, TOURNAT Guillaume wrote:
>
> I finally found. After disabling
> « spring-configuration/auditTrailContext.xml », a new error appears in
> « cata
LDAP error code 49 is usually an bind authentication issue. 52e, I
believe is bad username/password. I'm not sure why this error would be
displayed when validating a ticket, but I'm still learning CAS 4's new
authN infrastructure.
My only thought is, Is your lookup attribute repository account
con
> --
> Guillaume Tournat
> Consultant Tibco Services
>
> Le 23 sept. 2014 à 19:57, "John Gasper" <mailto:jgas...@unicon.net>> a écrit :
>
>> That's interesting. I don't remember having to include that in any
>> 3.5.2.1 builds. What do t
Hi Stephen,
First question is what is shown in the cas.log file? There will probably
be a few clearPass errors.
Usually, 403s with ClearPass mean that the url isn't authorized on the
ClearPass Proxy url list.
Check out the value in the allowedProxyChains bean and see that it
matches the proxy ca
Sure thing.
For what it is worth, I think the .NET CAS Client dynamically generates
the callback url based on the initial CAS request that comes in (from
the app pool's start-up/recycle), so it is possible that both could be
acceptable at different times. (One would have to go through the apps
cod
Out of the box, CAS only focuses on authentication. It's up to the
applications to handle authorization. Unicon has a cas-addons module
that provides some basic authZ functionality. You can use group
membership to limit what applications users can authenticate to.
You can find out more information
config or something else?
On 10/2/14 8:58 AM, Patrick Pat wrote:
>
> Thank you Mr John Gasper,
> I see
> https://github.com/Unicon/cas-addons/wiki/Role-Based-Services-Authorization
> but i don't now where is the file|servicesRegistry.conf in my CAS
> Server 3.5.2
> |
> |a
like www.name_of_my_web_application.org
> <http://www.name_of_my_web_application.org>)
> at every user by Role Based Services Authorization with LDAP
>
> 2014-10-02 19:18 GMT+02:00 John Gasper <mailto:jgas...@unicon.net>>:
>
> This solution uses the JSON Services
Connection refused usually means that there is a config/firewall issue
at hand. Check out
http://javarevisited.blogspot.com/2013/02/java-net-ConnectException-Connection-refused.html
for some ideas on resolving it.
If it's a configuration issue look in the cas.properties and make sure
the following
You might try changing your bean def to use:
mail
On 10/6/14 3:41 AM, daniel.char...@unice.fr wrote:
> Hi guys,
>
> Last work for my cas 4.
>
> I would like to give attributes di
I'll response to your question in a different angle than Misagh did...
assuming you meant multiple AD domains, like student and staff being in
different domains, but still an AD ldap.
There are issues with using LPPE against multiple AD domains (if the
domains are in the same forest then the globa
al domain.
>
>
>
> The two domains are in the same AD forest and the password policy will
> be the same for both. I will try to use a global catalog server to
> process the users for both domains. I am not really sure how to
> proceed on this. Perhaps I will go back int
OT
> D.S.I. Université de Nice Sophia-Antipolis
> Administrateur Systèmes et Réseaux
> 28, avenue de Valrose - BP 2135 - 06103 NICE
> Tél : 04-92-07-67-07
>
>
>
>
>
>
>
>
>
>
>
> Le 6 oct. 2014 à 17:24, John
e SAML 1.1.
-Daniel CHARLOTD.S.I. Université de Nice Sophia-AntipolisAdministrateur Systèmes et Réseaux28, avenue de Valrose - BP 2135 - 06103 NICE Tél : 04-92-07-67-07
Le 7 oct. 2014 Ã 17:18, John Gasper <jgas...@unicon.
allowed attributes for service
[HTTP and IMAP]
I don't know if the logging indicates the attribute (or its value) as it
is put into the SAML response or not.
My next step would be to bump the logging up on the phpCAS client and I
think you should be able to see the SAML response there.
---
*John G
> Is there a list of attributes that LPPE is looking for that I may need
> to add to the global catalog index? Or is there one of the password
> policy checks that I can just ignore?
>
>
>
> Thanks again for all the help
>
>
>
>
>
> *From:*John Gasper [mai
aml works too much because it drop all attritubes of my user.
> but not only the mail (value=mail) which is in the allowedattribute
> properties
>
>
> Le 9 octobre 2014 17:35:04 CEST, John Gasper a
> écrit :
>
> As far as I can tell from the log the user attributes are be
Hi Carlos,
This is similar to Daniel's issue. Are you setting the ignoreAttributes
to true or false in the registry entry?
---
*John Gasper*
IAM Consultant
Unicon, Inc.
PGP/GPG Key: 0xbafee3ef
On 10/9/14 12:31 PM, Carlos Olivera wrote:
> Hi everyone, I'm currently working with C
he root cert in
to Java's cacerts file. There's lots of resources available via Google
to help you with that.
---
*John Gasper*
IAM Consultant
Unicon, Inc.
PGP/GPG Key: 0xbafee3ef
On 10/13/14 4:13 AM, shyam soundar wrote:
>
> Hi,
>
> I am playing with cas-password-manager
Here's a sample:
3.5.2.1
4.10
UTF-8
UTF-8
It's a child of the node, like or The
latter two help with build warnings.
---
*John Gasper*
IAM Consultant
Unicon, Inc.
PGP/GPG Key: 0xbafee3ef
On 10/13/14 10:55 AM, Roger wrote:
> Hello,
>
&g
dap.NoPermissionException: [LDAP: error code 50 -
> 0005: SecErr: DSID-031A1169, problem 4003 (INSUFF_ACCESS_RIGHTS),
> data 0
> ^@]; nested exception is javax.naming.NoPermissionException: [LDAP:
> error code 50 - 0005: SecErr: DSID-031A1169, problem 4003
> (INSUFF_ACCESS_RIGHTS), da
Hi Aaron,
What's your use case that LPPE doesn't provide support for? In my
extremely humble opinion :D, I'd say LPPE does a good job mapping ldap
error codes to various messages.
John
On 10/14/14 6:30 AM, Aaron Grant wrote:
> I was wondering if someone had an example of where they caught a
> ce
Adam,
Are you sending the calling application's originally requested service
ticket or are you sending a newly acquired proxy ticket to clearPass?
John
---
*John Gasper*
IAM Consultant
Unicon, Inc.
PGP/GPG Key: 0xbafee3ef
On 10/21/14 8:53 AM, Adam Causey wrote:
> I'm still havin
>
> https://dev.vcu.edu/cas-test/proxyCallback
>
>
>
> Thanks!
>
> Adam
>
>
>
> On Tue, Oct 21, 2014 at 12:54 PM, John Gasper <mailto:jgas...@unicon.net>> wrote:
>
> Adam,
>
>
Hi Jule,
Are you sure it isn't the CAS 2.0 protocol running on the CAS Server
version 3.0? I can't imagine that the SaaS provider has exclusively
adopted the CAS 3.0 protocol, although there is a mod to the CAS 2.0
protocol code [1] that makes it like CAS 3.0.
I'd check out https://github.com/Uni
Hi Adam,
The last few versions of the JSON services registry support writing back
to the JSON file. You'll use:
to invoke it.
See
https://github.com/Unicon/cas-addons/wiki/Configuring-JSON-Service-Registry#readwritejsonserviceregistrydao
for details.
---
*John Gasper*
IAM Consultant
U
n-state or "generateServiceTicket" action-state. You'll want to
mimic the submit code found in the casLoginMessageView view to continue
the webflow properly.
---
*John Gasper*
IAM Consultant
Unicon, Inc.
PGP/GPG Key: 0xbafee3ef
On 10/25/14 1:43 PM, Carlos Olivera wrote:
> I
,
and also an a new binding in the viewLoginForm view-state binder
section. You might need to extended the credential as well, or at least
play with getting the value stored in the flow so you can use it later.
Good luck.
---
*John Gasper*
IAM Consultant
Unicon, Inc.
PGP/GPG Key: 0xbafee3ef
On 10/
On 11/3/14 7:43 AM, Rex Roof wrote:
> What is this the timeout currently set to? can I change it?
I believe the LT is correlated to the Java Web Session. That timeout is
5 minutes by default.
---
*John Gasper*
IAM Consultant
Unicon, Inc.
PGP/GPG Key: 0xbafee3ef
--
You are currently subscri
Hi Ajay,
I'd say the fast/easiest way to delete a service ticket (which expire
after a single use in the default case), is simply to validate it...
/cas/validate or /cas/serviceValidate. The querystring is
?ticket=&service=
On 11/5/14 11:29 PM, Ajay Madhavan wrote:
> Is manual deletion of service
er of usages of the service ticket to more than
> 1. I need a sure way to delete the service ticket.
>
> Regards
> Ajay
>
> On Thu, Nov 6, 2014 at 8:42 AM, John Gasper <mailto:jgas...@unicon.net>> wrote:
>
> Hi Ajay,
>
> I'd say the fast/easiest way to
Hi Andrew,
What's the service= querystring parameter look like when you are sitting
at the CAS login page after your client redirected you to CAS Server?
---
*John Gasper*
IAM Consultant
Unicon, Inc.
PGP/GPG Key: 0xbafee3ef
On 11/10/14 7:58 AM, Pitonyak, Andrew D wrote:
>
>
>
&
OK, you are using the SAML 1.1 protocol support. Did you wire in the
saml11 support in the spring-configuration/
argumentExtractorsConfiguration.xml? See,
http://jasig.github.io/cas/4.0.0/protocol/SAML-Protocol.html, SAML
Argument Extractor.
---
*John Gasper*
IAM Consultant
Unicon, Inc.
PGP/GPG
Sandeep,
Are you able to see the network call stack (via the browser's Dev tools)
and see the urls that are being directed to and from CAS Server when
this happens?
John
---
*John Gasper*
IAM Consultant
Unicon, Inc.
PGP/GPG Key: 0xbafee3ef
On 11/11/14 8:04 AM, Sandeep Nagapuri wrote:
upport-saml.
>
>
>
> Now I redirect back to my client application. Most of the error logs
> were in a log file I was not inspecting.
>
>
>
>
>
> *From:*John Gasper [mailto:jgas...@unicon.net]
> *Sent:* Monday, November 10, 2014 12:01 PM
> *To:* cas-
o the cas.properties file
that override defaults set in the
spring-configuration/ticketExpirationPolicies.xml. (If you are using the
maven overlay method, you can find the baseline file in subdirectories
of target/war.
---
*John Gasper*
IAM Consultant
Unicon, Inc.
PGP/GPG Key: 0xbafee3ef
On 11/11/14 9:
Hi Zach,
Go ahead and share your files with us. That should help.
On 11/25/14 6:28 AM, Zachary Maxell wrote:
> Hi there,
>
> I'm running CAS 3.5.2.1 on Ubuntu 14.04.1 and using Active Directory as the
> source. I have a mysql db for persistence for tickets and Managed Services.
>
> My deployerCo
d expect that to
get converted to something else. Somewhere, I'm guessing, the code
should look like ${requestScope.response.url...}
---
*John Gasper*
IAM Consultant
Unicon, Inc.
PGP/GPG Key: 0xbafee3ef
On 11/25/14 4:21 AM, j shaik wrote:
> Hi,
>
> I have jenkins configured with
I'd check the WEB-INF/lib directory in your expanded war and see if
you've got conflicting versions of dependencies.
---
*John Gasper*
IAM Consultant
Unicon, Inc.
PGP/GPG Key: 0xbafee3ef
On 11/21/14 9:08 AM, Chris Adams wrote:
>
> No, still gives a 404. The cas.log has t
Try changing this line:
to:
I hope that helps.
---
*John Gasper*
IAM Consultant
Unicon, Inc.
PGP/GPG Key: 0xbafee3ef
On 11/25/14 8:27 AM, Zachary Maxell wrote:
> Hi John,
>
> Here are the files. I really appreciate your help!
>
> -
ly, really appreciate it!
>
> --
> Zach Maxell
> ERP Systems Administrator
> Emerson College
>
>
>
> From: John Gasper
> Sent: Tuesday, November 25, 2014 11:32 AM
> To: cas-user@lists.jasig.org
> Subject: Re: [cas-user] Pulling
Again, I haven't looked into openID with CAS, but based on this
document: https://wiki.jasig.org/display/CASUM/OpenID
It looks like CAS Server is expecting the client to provide the mode to
it... And I'm guessing that CAS should return it to the client.
---
*John Gasper*
IAM Consult
Linda,
I believe that CAS 4.1 will have a native JSON implementation of the
service registry. It isn't the same as Unicon's. If you need some of the
flexibility that Unicon's JSON Service Registry added (if it isn't in
the native implementation) then you'll want to look into the YAML add-on
that D
Thanks for sharing your correction. I'm sure someone will find it useful
in the future.
On 12/10/14 8:10 AM, j shaik wrote:
>
> This was resolved.
>
> As it turns out the there was no URL formed to extract the parameters,
> as the spring configuration in the applicationContext.xml for
> opEnpointU
I have seen on rare ocassion when Google put itself into a loop. It was
while trying to access the admin dashboard. I kept getting redirected to
their auth page. If CAS would have been infront, I'm sure I'd have seen
a similar looping. In my case, I couldn't anything to resolve. Checking
the system
Aaron,
I think you'll have to do it: https://www.apereo.org/cas/mailing-lists
John
---
*John Gasper*
IAM Consultant
Unicon, Inc.
PGP/GPG Key: 0xbafee3ef
On 12/15/14 9:12 AM, Owens, Patricia wrote:
> Same here unsubscribe me from this list
>
Chris,
It looks like you are trying to build CAS Server from source, and not
building a deployment using the Maven WAR Overlay method. If so, unless
you have a specific reason, I'd look into using the overlay method.
As for the specific error, that's common when mixing incompatible
library versio
1 - 100 of 135 matches
Mail list logo
