Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • 10:02
    unfurl-links[bot] commented #4548
  • 10:02
    apereocas-bot closed #4548
  • 10:02
    apereocas-bot commented #4548
  • 10:02
    apereocas-bot labeled #4548
  • 10:02
    apereocas-bot labeled #4548
  • 10:02
    leleuj opened #4548
  • 08:57
    unfurl-links[bot] commented #4512
  • 08:57
    leleuj commented #4512
  • Dec 15 21:11
    stale[bot] labeled #4513
  • Dec 15 21:11
    stale[bot] commented #4513
  • Dec 15 14:19

    mmoayyed on master

    fix issue with log dependencies… additional cleanup on config me… additional cleanup on config me… (compare)

  • Dec 15 13:35

    mmoayyed on master

    fix issue with log dependencies… (compare)

  • Dec 15 12:45
    stale[bot] labeled #4410
  • Dec 15 12:45
    stale[bot] commented #4410
  • Dec 15 11:45
    stale[bot] closed #4465
  • Dec 15 11:45
    stale[bot] commented #4465
  • Dec 15 10:54

    mmoayyed on gh-pages

    Published docs from master to [… (compare)

  • Dec 15 08:58

    mmoayyed on master

    minor adjustments to cosmosdb c… fix spotbugs Merge branch 'master' of github… and 3 more (compare)

  • Dec 15 08:25

    mmoayyed on net.bytebuddy-byte-buddy-1.x

    (compare)

  • Dec 15 08:25

    mmoayyed on master

    renovatebot(deps): update depen… (compare)

Pavlos Drandakis
@pdrados
I see now that in the logs there is the following line:WARN [org.springframework.http.converter.json.Jackson2ObjectMapperBuilder] - <For Jackson Kotlin classes support please add "com.fasterxml.jackso n.module:jackson-module-kotlin" to the classpath>
infinity202
@infinity202
ah, that looks to me as if you need to find the corresponding jackson JAR and put it in the Tomcat lib directory
Pavlos Drandakis
@pdrados
Yes, that's what I thought also. Could you please confirm, that you have this jar in your classpath?
infinity202
@infinity202
I am starting the CAS server still just from running ./gradlew run and i am using the undertow engine.
i didn't alter any pom or other file. So it should be working out of the box
i guess....

`
/opt/cas-overlay-template/build/overlays/bootWar/cas/WEB-INF/lib/jackson-annotations-2.10.1.jar
/opt/cas-overlay-template/build/overlays/bootWar/cas/WEB-INF/lib/jackson-core-2.10.1.jar
/opt/cas-overlay-template/build/overlays/bootWar/cas/WEB-INF/lib/jackson-databind-2.10.1.jar
/opt/cas-overlay-template/build/overlays/bootWar/cas/WEB-INF/lib/jackson-dataformat-xml-2.10.1.jar
/opt/cas-overlay-template/build/overlays/bootWar/cas/WEB-INF/lib/jackson-dataformat-yaml-2.10.1.jar
/opt/cas-overlay-template/build/overlays/bootWar/cas/WEB-INF/lib/jackson-datatype-guava-2.10.1.jar
/opt/cas-overlay-template/build/overlays/bootWar/cas/WEB-INF/lib/jackson-datatype-jdk8-2.10.0.jar
/opt/cas-overlay-template/build/overlays/bootWar/cas/WEB-INF/lib/jackson-datatype-jsr310-2.10.1.jar
/opt/cas-overlay-template/build/overlays/bootWar/cas/WEB-INF/lib/jackson-jaxrs-base-2.10.1.jar
/opt/cas-overlay-template/build/overlays/bootWar/cas/WEB-INF/lib/jackson-jaxrs-json-provider-2.10.1.jar
/opt/cas-overlay-template/build/overlays/bootWar/cas/WEB-INF/lib/jackson-module-jaxb-annotations-2.10.1.jar
/opt/cas-overlay-template/build/overlays/bootWar/cas/WEB-INF/lib/jackson-module-parameter-names-2.10.0.jar

`

find ./ -name '*.jar' | grep json
./build/overlays/bootWar/cas/WEB-INF/lib/groovy-json-3.0.0-rc-1.jar
./build/overlays/bootWar/cas/WEB-INF/lib/hjson-3.0.0.jar
./build/overlays/bootWar/cas/WEB-INF/lib/jackson-jaxrs-json-provider-2.10.1.jar
./build/overlays/bootWar/cas/WEB-INF/lib/json-20160810.jar
./build/overlays/bootWar/cas/WEB-INF/lib/json-smart-2.3.jar
./build/overlays/bootWar/cas/WEB-INF/lib/spring-boot-starter-json-2.2.1.RELEASE.jar
Pavlos Drandakis
@pdrados
I have the same jackson jars (and some more)
infinity202
@infinity202
are they the same version ?
i have experienced that mixing up different versions can lead to errors
Pavlos Drandakis
@pdrados
./jackson-dataformat-smile-2.9.9.jar
./jackson-datatype-jsr310-2.10.1.jar
./jackson-annotations-2.10.1.jar
./jackson-jaxrs-json-provider-2.10.1.jar
./jackson-core-2.10.1.jar
./jackson-module-parameter-names-2.10.0.jar
./jackson-databind-2.10.1.jar
./jackson-module-jaxb-annotations-2.10.1.jar
./jackson-dataformat-cbor-2.6.7.jar
./jackson-jaxrs-base-2.10.1.jar
./jackson-datatype-jdk8-2.10.0.jar
./jackson-datatype-guava-2.10.1.jar
./jackson-dataformat-xml-2.10.1.jar
./jackson-dataformat-yaml-2.10.1.jar
./javax.json-api-1.0.jar
./groovy-json-3.0.0-rc-1.jar
./hjson-3.0.0.jar
./jackson-jaxrs-json-provider-2.10.1.jar
./spring-boot-starter-json-2.2.1.RELEASE.jar
./json-20160810.jar
./json-smart-2.3.jar
./cxf-rt-rs-json-basic-3.3.4.jar
./javax.json-1.0.4.jar
infinity202
@infinity202
But i'm into the woods where to find the corresponding JAR file. I always do try and error
Pavlos Drandakis
@pdrados
Ok, thanks! I will investigate it some more...
I really appreciate your help
Thank you
infinity202
@infinity202
I wish i had the knowledge to really help.
I woudl suggest you to remove the last jar file https://mvnrepository.com/artifact/org.glassfish/javax.json/1.0.4 seems to be an outdated version from 2013.
and it isn't on my system
I had something too when i used a couple of outdated jars in combination with the new spring jars. I resulted in strange errors when i tried HTTP GET and POST functions
Pavlos Drandakis
@pdrados
I just did it but I still get the same error
I will remove every jar that it's not on your list
and see what happens ...
that's the full list of the jars inside my apereo installment.
hope it helps. Don't forget to reboot the webserver after you remove a jar
Pavlos Drandakis
@pdrados
Yes, yes I do reboot :-)
Thank you very much, again!
Enerccio
@Enerccio
I configured cas for mysql and it says ready in the log but I still get 404 on /cas in tomcat
Enerccio
@Enerccio
ok nvm I was accessing wrong tomcat
is there a way to configure service to work for multiple element paths?
right now I get
WHAT: [result=Service Access Granted,service=http://localhost:8082/obsb-ui,principal=SimplePrincipal(id=LegitUser, attributes={role=[uzivatel]}),requiredAttributes={}]
Enerccio
@Enerccio
is there a way to create ticket for http://localhost:8082/obsb-ui/j_spring_cas_security_check but be valid for http://localhost:8082/obsb-ui/ ?
Mikel
@mikelasla

@mmoayyed , have you got any news about PM feature? Is there any 6.x version with this functionallity resolved? thanks in advance

After this commit: apereo/cas@58345b0 password management is not working, any method annotated with @Async and calling to "ClientInfoHolder.getClientInfo()" throws NPE because ClientInfoHolder use ThreadLocal.

@mmoayyed Please check this commit, there are problems with PM and Audit.

Daniel Hong
@doodleincode
I'm trying to get CAS 6.1.2 working with external IdP (Azure AD) via SAML. I have a client app that uses CAS. The client is setup to use CAS as a JWT client. On authn, user is simply redirected to CAS login page. From the CAS login, they have the option to log in using a Microsoft account. When the user first logs in, the RelayState given to Microsoft in the authn flow is the ACS url. When CAS gets the SAML response back, it fails because it is redirect to the ACS url which then presents a "app not authorized" error. However, on every subsequent logins, the authn flow works correctly. When it works the RelayState contains a TST token instead of the ACS url. I'm not sure why this behavior is happening. I posted a more detailed explanation here: https://groups.google.com/a/apereo.org/d/msg/cas-user/BNSXLQEyHT4/lFku9tc_AQAJ
mwolfley
@mwolfley
@doodleincode Your CAS server is an IdP to the App and an SP to a delegated IdP, do you have a service file created for the App?
Daniel Hong
@doodleincode
@mwolfley The app service file contains:
{
  "@class": "org.apereo.cas.services.RegexRegisteredService",
  "serviceId": "https://example.com:8081/app\\?client_name=CasClient",
  "name": "My App",
  "id": 8081,
  "attributeReleasePolicy": {
    "@class": "org.apereo.cas.services.ReturnAllAttributeReleasePolicy"
  },
  "accessStrategy": {
    "@class": "org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy",
    "enabled": true,
    "ssoEnabled": false,
    "delegatedAuthenticationPolicy" : {
      "@class" : "org.apereo.cas.services.DefaultRegisteredServiceDelegatedAuthenticationPolicy",
      "allowedProviders" : [ "java.util.ArrayList", [ "Microsoft Account" ] ]
    }
  }
}
mwolfley
@mwolfley
Sorry, should have looked at your post before responding - I see that now loaded in the logs
mwolfley
@mwolfley
I remember seeing this in CAS 5.2.x, when the response from the delegated IdP returned it was almost as if CAS was attempting to begin a different session from the one initially requested and would have malformed (for service authorization) urls. Your behavior seems correct as far as what the relayState shows at different attempts without trying a new browser session. My solution was goint to CAS 5.3.8 - so not a very good one.
@doodleincode Do you have logging for pac4j
Sorry, enter key got in the way lol, do you have logging for pac4j from the very beginning including the initial request from your app (that wont be pac4j since it's CAS protocol but would be good) all the way to failure?
Daniel Hong
@doodleincode
@mwolfley No worries! I'll post a more thorough log dump from the beginning of the app request which includes pac4j logs
Daniel Hong
@doodleincode
@mwolfley Sorry for the late response on posting the logs. Some of the things have been sanitized, but this is the full log from initial request from the app. From the beginning of the log to about line 328 is where the redirection fails. From about line 329 and onwards is the retry and successful redirection and ultimately authn to the app.
Misagh Moayyed
@mmoayyed
@mikelasla Sorry, don't know without additional research. Switch to a newer version and see what happens.
Cemal
@cmlonder
Hi all, should I register CAS itself as a service to successfully use REST Protocol? I use different context path than "cas" which makes my audience -> localhost:8080/someContext instead of localhost:8080/cas. Anyway If I don't register a regex service in json that matches with my /someContext and than I request http://localhost:8080/someContext/v1/tickets?....service=http://anyMatchingService I got exception Unauthorized Service Access. Service http://localhost:8080/someContex is not found in service registry. . Here is the CAS code that follows my exception -> (payload.getRegisteredService returns null, code tries to get registeredService for /someContext which not exist)val registeredService = payload.getRegisteredService() == null ? locateRegisteredService(serviceAudience) : payload.getRegisteredService(); RegisteredServiceAccessStrategyUtils.ensureServiceAccessIsAllowed(registeredService);
Mikel
@mikelasla
Thanks @mmoayyed, I'll do that and tell you