Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Apr 12 09:24

    mmoayyed on heroku-mgmtwebapp

    upgrade to 6.3 (compare)

  • Apr 12 09:20

    mmoayyed on heroku-mgmtwebapp

    upgrade to 6.3 (compare)

  • Apr 12 06:54
    Interessierter commented #5116
  • Apr 10 07:09

    mmoayyed on 6.3.x

    handle relay-state for saml2 lo… (compare)

  • Apr 10 07:05

    apereocas-bot on gh-pages

    Published docs to [gh-pages] fr… (compare)

  • Apr 10 06:40

    mmoayyed on master

    Oauth not using service matchin… (compare)

  • Apr 10 06:40
    mmoayyed closed #5123
  • Apr 10 03:40
    hdeadman commented #5116
  • Apr 09 18:40
    codecov[bot] commented #5123
  • Apr 09 18:39
    codecov[bot] commented #5123
  • Apr 09 18:38
    codecov[bot] commented #5123
  • Apr 09 18:37
    codecov[bot] commented #5123
  • Apr 09 18:36
    codecov[bot] commented #5123
  • Apr 09 18:35
    codecov[bot] commented #5123
  • Apr 09 18:34
    codecov[bot] commented #5123
  • Apr 09 18:32
    codecov[bot] commented #5123
  • Apr 09 18:30
    codecov[bot] commented #5123
  • Apr 09 18:28
    codecov[bot] commented #5123
  • Apr 09 18:27
    codecov[bot] commented #5123
  • Apr 09 18:26
    codecov[bot] commented #5123
王 秀田
@wangxiutian_gitlab
CAS6.3.X custom exception report error
re to do so pu
2021-03-08 10:20:43,879 DEBUG [org.apereo.cas.tomcat.CasTomcatServletWebServerFactory] - <Code archive: D:\cas-overlay-template\cas-overlay-template-6.3\build\libs\cas.war>
Martin Carrillo
@marvicgit
hello cas and a spring boot service comes out
redirected too many times, which may be due
王 秀田
@wangxiutian_gitlab
image.png
image.png
image.png
image.png
image.png
image.png
How to solve the CAS cross-domain problem?
Łukasz
@lgwozniak
Any one got a problem with Redis Session Storage ?
I Have Ticket in redis and mfa in redis

and I want to use Redis as a session-storage but got error

'Parameter 1 of method sessionRepositoryFilterRegistration in org.springframework.boot.autoconfigure.session.SessionRepositoryFilterConfiguration required a single bean, but 2 were found:

- redisGoogleAuthenticatorConnectionFactory: defined by method 'redisGoogleAuthenticatorConnectionFactory' in class path resource [org/apereo/cas/config/GoogleAuthenticatorRedisConfiguration.class]
- redisTicketConnectionFactory: defined in BeanDefinition defined in class path resource [org/apereo/cas/config/RedisTicketRegistryConfiguration.class]'
Mostafa Saeed
@ms3eed
Hello,
I have 2 questions related to the CAS authentication using OIDC
  • Do I need to have the cas ticketing to get the OIDC working on multiple instances deployment?
  • If I am accessing the cas server directly, not from a client (no redirection url but a default-redirect-url is used which is secured by oidc), what happens is I need to login again after the first time. Any reason or way to handle this case?
robdec
@robdec
Hi, I have a cas-managment v6.3.0 server setup on a windows sever running tomcat, I wanted to know how I configure an alternative location for the management.properties file.
Thanks in advance, Robert
yuntaoguo
@yuntaoguo
Hello, anybody know is there a sample that setup Google MFA in CAS?
ChinnuJose
@ChinnuJose

Hello, I have installed CAS & CAS managment 6.3 in Linux. I am able to login to the application through LDAP authentication. I have added application URL in service registery which throws error : "Application Not Authorized to Use CAS
The application you attempted to authenticate to is not authorized to use CAS. This usually indicates that the application is not registered with CAS, or its authorization policy defined in its registration record prevents it from leveraging CAS functionality, or it's malformed and unrecognized by CAS. Contact your CAS administrator to learn how you might register and integrate your application with CAS" . I have set up virtual host in my local windows system and add that url in service registery and able to access it without any issue. But with the application URL i am facing issue. I am giving the pattern as below :

^(http|https)://CNNAME/*. can you please point out what i am doing wrong

2 replies
ChinnuJose
@ChinnuJose
Hello , I have cas 6.3 setup in my Dev server. Can someone tell me how can i externalize the config, so that i could use the same build for all environment. Also the current run is using ./gradlew run, when i close the session it will get closed. How can i permanently run this, do i hav eto use docker ?
王 秀田
@wangxiutian_gitlab
cas.authn.errors.exceptions custom exceptions do not seem to take effect
Joshua Campbell
@jobjj
I am attempting to setup AD authentication, but running into issues. I need to know how to view debug logs. I have applied the settings below to the pom.xml config file, but I see no changes in logging. I am not seeing any errors regarding ldap either. please help
<Logger name="org.ldaptive" level="debug" additivity="false">
<AppenderRef ref="console"/>
<AppenderRef ref="file"/>
</Logger>
nicolopez77
@nicolopez77
Hi, we have a CAS 6.3 setup being used to authenticate Canvas LMS. We are experiencing an issue that apparently occurs only with Chromre: right after you login, instead of redirecting you to the application, it reloads the CAS login page. If you hit F5 the redirect happens. We read many old and new posts reporting this issue but never saw the solution...so I'm not sure if there is one. I can confirm it happens even with the newest versions of Chrome. Thanks!!!
Amin El Hossieni
@collysamin:matrix.org
[m]
Hi
i'need same help please
i need to configure my cas.properties
to connect my cas 6.32 with AD with port 636
nicolopez77
@nicolopez77

Hi, we have a CAS 6.3 setup being used to authenticate Canvas LMS. We are experiencing an issue that apparently occurs only with Chromre: right after you login, instead of redirecting you to the application, it reloads the CAS login page. If you hit F5 the redirect happens. We read many old and new posts reporting this issue but never saw the solution...so I'm not sure if there is one. I can confirm it happens even with the newest versions of Chrome. Thanks!!!

Additional information: it does not happen to every user, but to many of them. We could not find a reason, it even happens with the latest version of Chrome (v89).

ghyster
@ghyster
Hello, on 6.3.2 I have an exception when trying to fetch attributes from microsoft graph : java.lang.NoClassDefFoundError: okhttp3/logging/HttpLoggingInterceptor at org.apereo.services.persondir.support.MicrosoftGraphPersonAttributeDao.getPerson(MicrosoftGraphPersonAttributeDao.java:174)
is this a known issue ?
ghyster
@ghyster
solved by forcing update of person-directory-impl to 2.0.7
Joshua Campbell
@jobjj
Can anyone provide a sample log event of a known good ldap setup?
6.4
vonfoovonbar
@vonfoovonbar

cas.authn.attributeRepository.ldap[1].ldapUrl=ldaps:/xxx

cas.authn.attributeRepository.ldap[1].connectionStrategy=

cas.authn.attributeRepository.ldap[1].order=0

cas.authn.attributeRepository.ldap[1].useSsl=true

cas.authn.attributeRepository.ldap[1].useStartTls=false

cas.authn.attributeRepository.ldap[1].connectTimeout=10000
cas.authn.attributeRepository.ldap[1].baseDn=......
cas.authn.attributeRepository.ldap[1].userFilter=uid={user}
cas.authn.attributeRepository.ldap[1].subtreeSearch=true
cas.authn.attributeRepository.ldap[1].bindDn=uid=yyy
cas.authn.attributeRepository.ldap[1].bindCredential=zzz
cas.authn.attributeRepository.ldap[1].minPoolSize=3
cas.authn.attributeRepository.ldap[1].maxPoolSize=10
cas.authn.attributeRepository.ldap[1].validateOnCheckout=true
cas.authn.attributeRepository.ldap[1].validatePeriodically=true
cas.authn.attributeRepository.ldap[1].validatePeriod=600
cas.authn.attributeRepository.ldap[1].validateTimeout=5000
cas.authn.attributeRepository.ldap[1].failFast=true
cas.authn.attributeRepository.ldap[1].idleTime=500
cas.authn.attributeRepository.ldap[1].prunePeriod=600
cas.authn.attributeRepository.ldap[1].blockWaitTime=5000

1 reply
Łukasz
@lgwozniak
Hello anyone using Fido2 WebAuthN ? and it work ?
Łukasz
@lgwozniak
When i register a device with WebAuthN i got java.lang.IllegalArgumentException: Failed to derive trust for attestation key."
Alexey Anufriev
@alexey-anufriev

Hello,

I have a problem with SPRING_SESSION table. It is not being created and afterwards the job that cleans it up complains about this fact.

Still, in the config I have:

spring:
  session:
    store-type: jdbc
    jdbc:
      initialize-schema: always

The problem looks like this one https://stackoverflow.com/questions/62280248/apereo-cas-6-x-embeded-hsqldb-not-initialized (but I have a different DB)

And I also tried properties suggested in the answer, but with no luck.

kikecortes6
@kikecortes6
hello someone has used cas-server-support-azuread-authentication dependency successful?
Wilber Saca
@wsaca
imagen.png
Hi, do you know why OIDC is displaying twice the button "Deny" when I have configured the AccessStrategy with unauthorizedRedirectUrl? Should the openid scope be consent?
Wilber Saca
@wsaca
Is the error response implemented? https://tools.ietf.org/html/rfc6749#section-4.1.2.1
"If a user rejects consent to the application, they will be redirected to the redirect_uri with an access_denied error"
程泽群
@chengzequn
hello someone has used cas-server-support-theme-collections dependency successful?
EL HAJJIOUI Nabil
@nabilm2i
Hello everyone
hope you are all fine,
i want to customize email html templates for my email using a external template file, and i don't know how i can do that ! any help woul be appreciated .. thanks in advance !
ghyster
@ghyster

Hello everyone,

I'm trying to use mongodb to store mfa tokens and for ticket registry. cas won't boot and throw the following error :

Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'gridFsTemplate' defined in class path resource [org/springframework/boot/autoconfigure/data/mongo/MongoDatabaseFactoryDependentConfiguration.class]: Unsatisfied dependency expressed through method 'gridFsTemplate' parameter 1; nested exception is org.springframework.beans.factory.NoUniqueBeanDefinitionException: No qualifying bean of type 'org.springframework.data.mongodb.core.MongoTemplate' available: expected single matching bean but found 2: mongoDbGoogleAuthenticatorTemplate,mongoDbTicketRegistryTemplate

is this a known issue ?

ghyster
@ghyster

found a solution, added following property :

spring.autoconfigure.exclude= \
org.springframework.boot.autoconfigure.mongo.MongoAutoConfiguration,\
org.springframework.boot.autoconfigure.data.mongo.MongoDataAutoConfiguration

Wilber Saca
@wsaca
@mmoayyed I would like your help to understand if the next behavior is intentional or not:
I have a service registered with scopes "A" and "B", when I request an access token using the Authorization Code flow or Client credentials grant with the scopes "A" and "C" CAS is creating an access token with scopes "A" and "C" but the scope "C" is not registered in my service.
For me this is a bug, but I want to be sure because I found more things that could be fixed, for example:
  • "org.apereo.cas.services.RegisteredService" in the access token header.
  • "grant_type", "client_id", "oauthClientId" in the access token.
  • "client_id" in the ID token.
  • "state" in the access token an ID token, this value should be returned as a query parameter if the request included it in the URI.
  • "nonce" in the access token, but it should be added only in the ID token.
  • "nonce" in the ID token with an empty value, it should be added only if the request included it.
offramp78
@offramp78:matrix.org
[m]

We're trying to get the Syslog Appender working in version 4.0.1 of CAS - It's a long, boring story why we're still on this version.

I found this info in the Manual for ver 4.2.x:
https://apereo.github.io/cas/4.2.x/installation/Monitoring-Statistics.html#routing-logs-to-syslog

But we're using 4.0.1 of CAS - attempting to apply this directive as is results in numerous errors.

log4j:WARN Element type "Appenders" must be declared.
log4j:WARN Continuable parsing error 27 and column 41
log4j:WARN Element type "Syslog" must be declared.
log4j:WARN Continuable parsing error 173 and column 23
log4j:WARN The content of element type "log4j:configuration" must match "(renderer,throwableRenderer?,appender,plugin,(category|logger),root?,(categoryFactory|loggerFactory)?)".
log4j:WARN Unrecognized element Appenders
log4j:ERROR No appender named [SYSLOG] could be found.

If I change "Appenders" to "appender" as declared in other sections of the config I get a stack trace and various problems when starting this in the tomcat container. Any advice would be appreciated.