Note the branch name: 4.0.x.
From: Zac Harvey [mailto:zhar...@commercehub.com]
Sent: Monday, February 2, 2015 1:18 PM
To: cas-user@lists.jasig.org
Subject: [cas-user] TGT expiration policy override not working
On CAS 4 here; I am trying to extend the TGT expiration policy from 2 hours
(default
On CAS 4 here; I am trying to extend the TGT expiration policy from 2 hours
(default) to 9 hours, and so I started with the file located at
https://github.com/Jasig/cas/blob/master/cas-server-webapp/src/main/webapp/WEB-INF/spring-configuration/ticketExpirationPolicies.xml
and then just changed:
By definition SSO (single sign on) is about authentication (identity
management); that is, is this person who they say they are. This requires a
principal (username/email/whatever) and a credential (password/token/cert) to
prove the subject's identity.
As to what the user should actually be
I'm reading https://wiki.jasig.org/display/casum/ticket+expiration+policy which
explains expiration policy as:
TGT expiration policy governs the time span during which an authenticated user
may grant STs with a valid (non-expired) TGT without having to reauthenticate.
An attempt to grant a ST
My CAS SSO project uses 4.0.0, and I see that the latest (master) version is
4.1.0.
If I clone the master branch from GitHub, and then run mvn source:jar, I get
source JARs built for the current 4.1.0 version. But I want to build source
JARs for the version my SSO project uses (4.0.0).
I
I'm aware that the norm is to use the Maven overlay plugin with CAS, and
simply define files/settings that we want to override.
But what if I want to tweak CAS code (add logging, metrics, etc.) and run it
locally? I checked out the project from GitHub and ran mvn package. This
created JARs
out the v4.0.0 tag:
https://github.com/Jasig/cas/tree/v4.0.0
Cheers,
D.
On Jan 14, 2015, at 4:06 PM, Zac Harvey
zhar...@commercehub.commailto:zhar...@commercehub.com wrote:
My CAS SSO project uses 4.0.0, and I see that the latest (master) version is
4.1.0.
If I clone the master branch from
://github.com/Jasig/cas/tree/v4.0.0
Cheers,
D.
On Jan 14, 2015, at 4:06 PM, Zac Harvey
zhar...@commercehub.commailto:zhar...@commercehub.com wrote:
My CAS SSO project uses 4.0.0, and I see that the latest (master) version is
4.1.0.
If I clone the master branch from GitHub, and then run mvn source:jar, I
This is still an issue for us, any ideas?
From: Zac Harvey
Sent: Thursday, January 8, 2015 1:48 PM
To: cas-user@lists.jasig.org
Subject: LockTimeoutException: Unable to acquire conversation lock after 30
seconds
We have had our live CAS servers running for 2
We have had our live CAS servers running for 2 months since the last (tiny)
config change. Now all of the sudden, about every 15 minutes, users are unable
to login, and I have to restart the service to fix things. When I tail the
logs while this is happening, and attempt to login, I see:
We've been using 2 load balanced 4.0.0 nodes (LDAP auth handler) for almost 3
months now and never needed a restart. That tells me this is either specific
to your configuration or custom code (3rd party of inhouse) you've added on top
of what CAS provides. Either way it doesn't seem to be a
Any takers? This is a live production issue for us and I'm completely
blindsided by this...
From: Zac Harvey
Sent: Friday, July 25, 2014 4:19 PM
To: cas-user@lists.jasig.org
Subject: CAS 4.0: HTTP 401 Authentication Failed: No principal was found in the
response from the CAS server
We have
We have some clients that use the Shiro-CAS client for communicating with CAS,
and just launched a new app that uses SpringSec-CAS. The Shiro-CAS integration
has been running flawlessly for quite some time. SpringSec-CAS users, however,
get a HTTP 401 error *after* they try logging in from
?
From: Zac Harvey
Sent: Friday, June 27, 2014 2:29 PM
To: cas-user@lists.jasig.org
Subject: RE: [cas-user] CAS: Broken webflow on failed authentication on 4.0.0?
Thanks again Dmitriy, and yes of course I have reproduced locally :-)
The HTTP 302 is certainly
. Someone can correct me if
I'm wrong, but I believe classpath: generally refers to WEB-INF/classes.
The original value is /WEB-INF/cas.properties.
John
On 6/26/14, 5:59 AM, Zac Harvey wrote:
When I deploy my CAS WAR to Tomcat, I get exceptions stating that it can't
resolve a Spring variable
Correction: it seems to be more reproducible in non-Chrome browsers (IE, FF,
Safari, etc.)
From: Zac Harvey
Sent: Friday, June 27, 2014 1:23 PM
To: 'cas-user@lists.jasig.org'
Subject: CAS: Broken webflow on failed authentication on 4.0.0?
I am on CAS 4.0.0 and am experiencing what I *believe
Expires:Thu, 01 Jan 1970 00:00:00 GMT
Location:http://mycas.commercehub.cloudbees.net/loginhttp://mycas.commercehub.cloudbees.net/login
Pragma:no-cache
Server:nginx/1.4.2
Browser culprit? Nginx webserver culprit? No culprit?
Cheers,
Dmitriy.
On Jun 27, 2014, at 1:22 PM, Zac Harvey
zhar
it in the locally deployed let's say standalone
Tomcat instance?
D.
On Jun 27, 2014, at 2:23 PM, Zac Harvey
zhar...@commercehub.commailto:zhar...@commercehub.com wrote:
Thanks Dmitriy, however:
Browser culprit?
I can reproduce this in *any* browser, although it seems more difficult to
reproduce
When I deploy my CAS WAR to Tomcat, I get exceptions stating that it can't
resolve a Spring variable ${host.name}. I assume this is because CAS isn't
finding my cas.properties file. Here's my CAS directory structure under
WEB-INF/:
WEB-INF/
cas.properties
spring-configuration/
] CAS: Example of LDAP authentication for CAS 4.0?
On Tue, Jun 17, 2014 at 4:41 PM, Zac Harvey zhar...@commercehub.com wrote:
bean id=sslConfig
class=org.ldaptive.ssl.SslConfig
property name=credentialConfig
p:trustStore=/etc/cas/cas.jks /
/property
/bean
Any ideas? Thanks again!
-Original Message-
From: Zac Harvey
Sent: Wednesday, June 18, 2014 2:42 AM
To: cas-user@lists.jasig.org
Subject: RE: [cas-user] CAS: Example of LDAP authentication for CAS
,
Stephan
On 06/17/14 11:07 PM, Zac Harvey
zhar...@commercehub.commailto:zhar...@commercehub.com wrote:
I'm reading the 4.0 HA guide
(http://jasig.github.io/cas/4.0.0/planning/High-Availability-Guide.html) and
have 1 quick question:
If I want Active/Passive mode, can I just stick
I have the following pom.xml file:
?xml version=1.0 encoding=UTF-8?
project xmlns=http://maven.apache.org/POM/4.0.0;
xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance;
xsi:schemaLocation=http://maven.apache.org/POM/4.0.0
:
remote = 'html
headtitle301' - RETRYING
What does the redirect say?
On Tue, Jun 17, 2014 at 1:31 PM, Zac Harvey
zhar...@commercehub.commailto:zhar...@commercehub.com wrote:
I have the following pom.xml file:
?xml version=1.0 encoding=UTF-8?
project xmlns=http://maven.apache.org/POM/4.0.0
I think this is related to my question, titled “CAS: Are the repos for 4.0
broken?”
From: William Schwiemann [mailto:wc...@case.edu]
Sent: Tuesday, June 17, 2014 1:39 PM
To: cas-user@lists.jasig.org
Subject: [cas-user] Repository Issue?
Hello,
I'm attempting to build CAS 3.5.2 from the best
:
http://jasig.github.io/cas/4.0.0/installation/LDAP-Authentication.html
On Fri, Jun 13, 2014 at 2:03 PM, Zac Harvey
zhar...@commercehub.commailto:zhar...@commercehub.com wrote:
I have a CAS server on 3.5.2.1 and am upgrading it to 4.0. In my
deployerConfigContext.xml I have the following beans
Using CAS 4.0 and authenticating against ActiveDirectory.
In my spring-configuration/deployerConfigContext.xml, I have the following bean:
bean id=sslConfig class=org.ldaptive.ssl.SslConfig
property name=credentialConfig
bean class=org.ldaptive.ssl.X509CredentialConfig
In spring-configuration/propertyFileConfigurer.xml I am telling CAS to look for
a properties file at WEB-INF/cas.properties.
In this cas.properties I only have 1 property defined: log4j.config.location.
When I deploy CAS, I get an error stating it can't find a value for a property
called
I'm seeing some behavior that *appears* to be default CAS behavior, but it's
just not working like I expected and it has me stumped.
If I create a brand new project directory, and only stick a pom.xml in it
(hence using 100% CAS defaults, no overrides or customizations whatsoever) and
run mvn
[mailto:scott.battag...@gmail.com]
Sent: Friday, June 13, 2014 8:02 AM
To: cas-user@lists.jasig.org
Subject: Re: [cas-user] CAS: Please confirm cas.properties behavior
https://github.com/Jasig/cas/blob/master/cas-server-webapp/src/main/webapp/WEB-INF/cas.properties
On Fri, Jun 13, 2014 at 7:15 AM, Zac Harvey
zhar
/propertyFileConfigurer.xml
by creating your own.
So I don't understand why you think it would still apply those properties if
that bean definition no longer exists.
On Fri, Jun 13, 2014 at 9:07 AM, Zac Harvey
zhar...@commercehub.commailto:zhar...@commercehub.com wrote:
Thanks Scott,
So can you (or anyone
Any thoughts here? If CAS 4.0 docs are currently missing the minimally-viable
cas.properties that CAS required, I would be happy to contribute to the
documentation and add an article in explaining how properties work... but I
need to understand them first!
From: Zac Harvey
Sent: Friday, June
I have a CAS server on 3.5.2.1 and am upgrading it to 4.0. In my
deployerConfigContext.xml I have the following beans defined:
!-- This ldapAuthHandler bean used to be of type
org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler prior to trying to
upgrade... --
My WEB-INF/spring-configuration/propertyFileConfigurer.xml defines a location
for cas.properties as:
bean id=propertyPlaceholderConfigurer
class=org.springframework.beans.factory.config.PropertyPlaceholderConfigurer
property
almost like CAS's default
cas.properties isn't defining a cas.securityContext.status.allowedSubnet
property. Very bizarre...
From: Zac Harvey
Sent: Thursday, June 12, 2014 3:37 PM
To: 'cas-user@lists.jasig.org'
Subject: CAS securityContext exception
My WEB-INF/spring-configuration
that CAS would be able to define by default.
From: Zac Harvey
Sent: Thursday, June 12, 2014 3:56 PM
To: 'cas-user@lists.jasig.org'
Subject: RE: CAS securityContext exception
Update:
In propertyFileConfigurer.xml I removed this property:
property name
I just read the 4.0 doc on Single Log Out (SLO) and see that a
TicketRegistryCleaner needs to be turned on:
http://jasig.github.io/cas/4.0.0/installation/Logout-Single-Signout.html#ticket-registry-cleaner-behavior
But I'm not understanding how to actually turn it on or enable it. Do I just
I noticed that our cas.log was growing quite large and took a look at it.
Every few seconds I see log messages that look like:
2014-06-08 18:52:06,506 DEBUG [org.jasig.cas.web.support.CasArgumentExtractor]
- Extractor did not generate service.
2014-06-08 18:52:06,507 DEBUG
From the verbiage on this page
(https://wiki.jasig.org/display/casum/restful+api) I can't tell if the REST
API is currently available in 4.0.0 or if it's simply a work-in-progress, and
just a design spec.
If the API isn't operational yet in 4.0.0, is there any other way to
programmatically
don't know if its a pulse/heartbeat off the top of my head (you could
probably use your own access logs to confirm), but if this is your production
server, you may want to set logging to INFO level or above.
On Mon, Jun 9, 2014 at 7:01 AM, Zac Harvey
zhar...@commercehub.commailto:zhar
used to allow you to transition from /login (GET) to
/login (POST) and ensure that credentials are not being RE-POSTED. They are
lightweight and nothing to worry about.
On Mon, Jun 9, 2014 at 7:19 AM, Zac Harvey
zhar...@commercehub.commailto:zhar...@commercehub.com wrote:
Thanks Scott
I want a custom org.my.FizzBuzz Java class that I need to configure in CAS'
applicationContext.xml and would like to have access to it in the
casLogoutView.jsp page. So in the app context, the wiring might look something
like:
bean id=fizzBuzz class=org.me.FizzBuzz
property
On 4.0.0 here. I'm reading the tutorial on
https://wiki.jasig.org/display/CASUM/Services+Management and can't figure out
how to build/deploy the services management webapp. Do I add a dependency to
my CAS project's pom.xml? If so, what do I add? If not, how to I use Maven2
to checkout the
(which will most likely be more accurate than any
information I would give you)
On Mon, Jun 9, 2014 at 8:55 AM, Zac Harvey
zhar...@commercehub.commailto:zhar...@commercehub.com wrote:
I want a custom org.my.FizzBuzz Java class that I need to configure in CAS’
applicationContext.xml and would like
/blob/master/cas-server-webapp/src/main/webapp/WEB-INF/spring-configuration/README.txt
On Mon, Jun 9, 2014 at 4:05 PM, Zac Harvey
zhar...@commercehub.commailto:zhar...@commercehub.com wrote:
Thanks Scott, I guess I asked the wrong questions here :-)
To create my CAS project, I created
[mailto:tfpo...@ucdavis.edu]
Sent: Thursday, June 05, 2014 10:21 AM
To: cas-user@lists.jasig.org
Subject: Re: [cas-user] Need to clear browser cookies in order to login
On 06/04/2014 10:24 AM, Zac Harvey wrote:
Thanks Tom, no this is just IE (I'm using IE 11). Thoughts?
Suggests to me the problem may
Looking at the docs:
https://wiki.jasig.org/display/CASUM/Best+Practice+-+Setting+Up+CAS+Locally+using+the+Maven+WAR+Overlay+Method
The description for cas-servlet.xml is empty (at the bottom). The only other
reference to it in that file states:
You can add additional messages by either
Our CAS server has 4 environments: dev, test, demo and live. I need to be able
to specify slightly different settings/configs for CAS depending on what
environment its running in.
The two files where this type of environment var injection is needed are:
src/main/resources/log4j.xml
On 3.5.2.1 here. I've beefed up my servlet session timeout to 7200 (that's
7200 minutes, or 5 full days). What would possible cause the users to delete
all browser cookies and/or restart their browser in order to login. This isn't
necessary *all* the time, but every once in a while, a user
I just re-read my last question and realized there were some typos that made
some critical sentences not make sense. Here's the correct version:
I'm on 3.5.2.1 here. I've beefed up my servlet session timeout to 7200 (that's
7200 minutes, or 5 full days). What could possibly require the users
I'm trying to find where in the code CAS (using 3.5.2.1) creates the JSESSIONID
cookie. I grepped the entire source code (looking in XML and Java sources) and
couldn't find any match to JSESSIONID...anybody know where I should be
looking? Thanks in advance!
--
You are currently subscribed
Marvin,
Thanks for responding here. I now understand that 5 days is extreme and will
strongly consider toning it down to a few hours. However, before I tuned it to
5 days, I had it set to 2 hours and these same problems were still occurring!
I really think there's something to these cookie
in apps through request.session.idhttp://request.session.id property
El 04/06/2014 16:10, Zac Harvey
zhar...@commercehub.commailto:zhar...@commercehub.com escribió:
I’m trying to find where in the code CAS (using 3.5.2.1) creates the JSESSIONID
cookie. I grepped the entire source code (looking
Thanks again Marvin. This is starting to make sense. I tuned session-timeout
back to 5 minutes and redployed the server. However the problem is still
happening, and as you said, I am beginning to suspect something wrong with the
servlet container.
So in IE, I went to the login page, deleted
If I login to my CAS server and get redirected back into my app, I see that I'm
authenticated and am able to navigate around the app. I then delete all the
cookies in my browser and hit F5 (refresh). I'm still logged in instead of
being redirected back to the CAS login page, and the
:45 AM, Zac Harvey zhar...@commercehub.com wrote:
So in IE, I went to the login page, deleted all the cookies, logged in and
checked my JSESSIONID. It was a long string starting 2C42BD...
Does a different browser elicit the same behavior?
Tom.
--
You are currently subscribed to cas-user
Just got reports that our CAS server was down. The JVM PID is still alive, the
CPU utilization is throttling around 4% and the server is at 50% memory
capacity. Looking at the logs just before the first report came in:
2014-06-04 13:08:37,194 INFO
When someone logs into CAS (from the casLoginView.jsp page), what controller
actually handles the HTTP POST? I see an
org.jasig.cas.web.ServiceValidateController, but believe this is for the
subsequent /validateService call. I'm looking for what controller actually
handles the initial POST
,
Dmitriy.
On Jun 3, 2014, at 9:06 AM, Zac Harvey
zhar...@commercehub.commailto:zhar...@commercehub.com wrote:
When someone logs into CAS (from the casLoginView.jsp page), what controller
actually handles the HTTP POST? I see an
org.jasig.cas.web.ServiceValidateController, but believe
/SendTicketGrantingTicketAction.java
Cheers,
D.
On Jun 3, 2014, at 9:57 AM, Zac Harvey
zhar...@commercehub.commailto:zhar...@commercehub.com wrote:
Thanks Dmitriy,
I assume that AuthenticationViaFormAction somehow invokes the
CookieRetrievingCookieGenerator to produce the CASTGC cookie and hand it back
What is TLTUID and what is it used for? I only see it in after IE logins.
Thanks in advance!
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
Do CAS servers have a single ticket registry that lives for the entire duration
of the running app, or can multiple ticket registries exist at the same time?
For instance, I see an org.jasig.cas.ticket.registry.DefaultTicketRegistry:
will my CAS server have 1 of these, or many? Thanks in
...@orst.edu]
Sent: Tuesday, June 03, 2014 1:57 PM
To: cas-user@lists.jasig.org
Subject: Re: [cas-user] How many ticket registries per CAS instance?
On Tue, 3 Jun 2014, Zac Harvey wrote:
Do CAS servers have a single ticket registry that lives for the entire
duration of the running app, or can multiple
I'm on 3.5.2.1, and have a situation where
org.jasig.cas.web.support.WebUtils.getTicketGrantingTicketId() is returning
NULL:
public static String getTicketGrantingTicketId(final
RequestContext context) {
final String tgtFromRequest =
Thank you!
-Original Message-
From: Andrew Morgan [mailto:mor...@orst.edu]
Sent: Tuesday, June 03, 2014 3:19 PM
To: cas-user@lists.jasig.org
Subject: RE: [cas-user] How many ticket registries per CAS instance?
On Tue, 3 Jun 2014, Zac Harvey wrote:
Thanks Andrew - that helps a lot
I need to add some log statements to CAS and build it locally to try and debug
something. I tried looking for a CAS developer guide and only found this:
https://wiki.jasig.org/display/CASUM/Development
I was hoping to get info on how to build the CAS JARs (all of the core ones)
via Maven but
Jérôme LELEU
lel...@gmail.commailto:lel...@gmail.com:
Hi,
The new guide is definitely here: http://jasig.github.io/cas/4.0.0/index.html.
Best regards,
2014-06-02 15:10 GMT+02:00 Zac Harvey
zhar...@commercehub.commailto:zhar...@commercehub.com:
I need to add some log statements to CAS and build
To fix some Spring Webflow issues we were seeing, I recently beefed up a bunch
of timeouts. I set the web.xml session-timeout to -1 (infinite) and changed
the ticketExpirationPolicy to 120hrs. I did this last Friday (5/30).
This morning our CAS instance was down due to an OutOfMemoryException
Makes sense - thanks M
-Original Message-
From: Marvin Addison [mailto:marvin.addi...@gmail.com]
Sent: Monday, June 02, 2014 10:10 AM
To: cas-user@lists.jasig.org
Subject: Re: [cas-user] OutOfMemoryException with long timeouts?
I set the web.xml session-timeout to -1 (infinite)...
I recently customized our CAS login page, and noticed that, in all the main
browsers except IE (Chrome, FF Safari), the login page was rendering
beautifully. The jsfiddle for it is actually at: http://jsfiddle.net/3pMeK/
However, in IE (11), it displays horribly. Upon closer inspection, I
Every once in a while, without any type of reproducible pattern, I see the
following in my cas.log:
2014-05-30 11:46:00,104 INFO
[com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail
record BEGIN
=
WHO:
I looked in my ticketExpirationPolicies.xml:
beans xmlns=http://www.springframework.org/schema/beans;
xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance;
xmlns:p=http://www.springframework.org/schema/p;
xmlns:c=http://www.springframework.org/schema/c;
For single sign out, what's the relationship between the SingleSignOutFilter
documented here:
https://wiki.jasig.org/display/CASC/Configuring+Single+Sign+Out
And the casLogOutView.jsp page served up by the /logout URL on my CAS instance?
--
You are currently subscribed to
I'm receiving reports from IE users that sometimes they experience the same
login form reset issue as explained here:
http://jasig.github.io/cas/4.0.0/installation/Troubleshooting-Guide.html#login-form-clearing-credentials-on-submission
I was able to confirm this when running CAS (3.5.2.1)
It looks like (maybe) the CookieRetrievingCookieGenerator is responsible for
creating the CASTGC?
https://github.com/Jasig/cas/blob/master/cas-server-webapp-support/src/main/java/org/jasig/cas/web/support/CookieRetrievingCookieGenerator.java
I am running into instances where CASTGC is not being
[mailto:mor...@orst.edu]
Sent: Friday, May 30, 2014 5:26 PM
To: cas-user@lists.jasig.org
Subject: Re: [cas-user] How/where is CASTGC generated?
On Fri, 30 May 2014, Zac Harvey wrote:
It looks like (maybe) the CookieRetrievingCookieGenerator is
responsible for creating the CASTGC?
https://github.com
usernames from
BindLdapAuthenticationHandler/AD?
What type of application do you have?
From: Zac Harvey [mailto:zhar...@commercehub.com]
Sent: Thursday, May 29, 2014 6:55 AM
To: cas-user@lists.jasig.orgmailto:cas-user@lists.jasig.org
Subject: [cas-user] Pulling back usernames from
: Zac Harvey [mailto:zhar...@commercehub.com]
Sent: Thursday, May 29, 2014 7:13 AM
To: cas-user@lists.jasig.orgmailto:cas-user@lists.jasig.org
Subject: RE: [cas-user] Pulling back usernames from
BindLdapAuthenticationHandler/AD?
It's a Grails app (so Groovy webapp). Using the
Shiro-CAShttp
into
your principal.
From: Zac Harvey [mailto:zhar...@commercehub.com]
Sent: Thursday, May 29, 2014 10:51 AM
To: cas-user@lists.jasig.orgmailto:cas-user@lists.jasig.org
Subject: RE: [cas-user] Pulling back usernames from
BindLdapAuthenticationHandler/AD?
Thanks Misagh - and what if I wanted
I see the views/jsp/.../casLogOutView.jsp file, but was wondering how I could
configure CAS to redirect the user to, say, http://google.com after they go to
the logout link (https://my-cas-server:5443/logout). Is this possible? If so,
how?
--
You are currently subscribed to
I have 4 Grails apps using the Shiro-CAS plugin for CAS/SSO:
http://grails.org/plugin/shiro-cas
When I log in to one of these apps, and then navigate to all the others, I see
individual JSESSIONID cookies for each app. I also see both a CASTGC cookie
and a JSESSIONID cookie for my CAS server
-Guide.html#login-form-clearing-credentials-on-submission
From: Zac Harvey [mailto:zhar...@commercehub.com]
Sent: Thursday, May 22, 2014 12:57 PM
To: cas-user@lists.jasig.orgmailto:cas-user@lists.jasig.org
Subject: [cas-user] Login page refuses to authenticate if JSESSIONID has been
removed
Last week I
I was wondering if anyone could explain the difference to me between these
three constructs: the CASTGC cookie, the JSESSIONID session var, and the
web.xml session-timeout/ element.
What does CAS use each of these for? Which of these controls whether the user
is logged in or not? Which of
sign session is separate and stored outside of the web.xml session.
On Fri, May 23, 2014 at 9:03 AM, Zac Harvey
zhar...@commercehub.commailto:zhar...@commercehub.com wrote:
Thanks again Scott Misagh! Just curious – how does this server-side session
timeout correlate with client-side logins
And, as a 2nd question there, how can I test to make sure that setting
session-timeout to a larger value is in fact fixing my login issues?
From: Zac Harvey
Sent: Friday, May 23, 2014 9:58 AM
To: 'cas-user@lists.jasig.org'
Subject: RE: [cas-user] Login page refuses to authenticate if JSESSIONID
a GET /login and
then hangs around for hours and expects POST /login to work, then you'll need a
larger time :-)
On Fri, May 23, 2014 at 9:59 AM, Zac Harvey
zhar...@commercehub.commailto:zhar...@commercehub.com wrote:
And, as a 2nd question there, how can I test to make sure that setting
How often do service tickets get cleaned out of the default Ticket Registry?
By default, I mean the one that CAS uses if no other is specified/injected
via Spring.
Zac Harvey
Senior Technical Lead - Internal Engineering
CommerceHub
255 Fuller Road Suite 327
Albany, NY 12203
518.810.0700 Ext
, or by some weird expiry or other voo doo
magic), it's quite apparent to me: if the JSESSIONID doesn't exist when the
user attempts to login, then the form won't submit and the user won't be
authenticated. So what's the solution here?
Thanks!
Zac Harvey
Senior Technical Lead - Internal Engineering
Thanks Carlos Marvin,
That makes more sense. But I'm still not fully understanding the flow:
1. User goes to CAS login page.
2. User logs in.
3. CAS authenticates user and generates a CASTGC cookie and hands it back to
browser.
4. Browser does a check to see if it has a CASTGC cookie, and
,
--
Carlos.
-Original Message-
From: Zac Harvey [mailto:zhar...@commercehub.com]
Sent: Monday, 19 May, 2014 15:41
To: cas-user@lists.jasig.org
Subject: RE: [cas-user] CASTGC Cookie?
Thanks Carlos Marvin,
That makes more sense. But I'm still not fully understanding the flow:
1. User goes to CAS
as you're seeing.
Best regards,
--
Carlos.
-Original Message-
From: Zac Harvey [mailto:zhar...@commercehub.com]
Sent: Thursday, 15 May, 2014 10:12
To: cas-user@lists.jasig.org
Subject: RE: [cas-user] Minimal code for custom casLoginView.jsp form?
The value of the response's Location header
in the
Location response header? So something like:
server.name= https://my-cas-server.ourcompany.org:5443
server.prefix=${server.name}/
-Original Message-
From: Zac Harvey
Sent: Friday, May 16, 2014 7:31 AM
To: 'cas-user@lists.jasig.org'
Subject: RE: [cas-user] Minimal code for custom
.
-Original Message-
From: Zac Harvey [mailto:zhar...@commercehub.com]
Sent: Friday, 16 May, 2014 07:34
To: cas-user@lists.jasig.org
Subject: RE: [cas-user] Minimal code for custom casLoginView.jsp form?
Sorry, my profuse apologies here. I sent that last email out too fast. I do
in fact have
?
-Original Message-
From: Zac Harvey
Sent: Friday, May 16, 2014 2:43 PM
To: cas-user@lists.jasig.org
Subject: RE: [cas-user] Minimal code for custom casLoginView.jsp form?
After pulling my hair out for a few days, I realized that everything runs
perfectly fine in Chrome and IE - it's Firefox
] Minimal code for custom casLoginView.jsp form?
What URL did the 302 Found response contain in the Location header? Any
Set-Cookie headers with CASTGC and/or CASPRIVACY?
Best regards,
--
Carlos.
-Original Message-
From: Zac Harvey [mailto:zhar...@commercehub.com]
Sent: Thursday, 15 May
95 matches
Mail list logo