Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • 01:53
    apereocas-bot synchronize #4357
  • 00:23
    apereocas-bot synchronize #4357
  • Oct 16 22:53
    apereocas-bot synchronize #4357
  • Oct 16 20:22
    CLAassistant commented #4357
  • Oct 16 20:21
    apereocas-bot labeled #4357
  • Oct 16 20:21
    apereocas-bot milestoned #4357
  • Oct 16 20:21
    CLAassistant commented #4357
  • Oct 16 20:21
    astohn opened #4357
  • Oct 16 18:03
    apereocas-bot labeled #4356
  • Oct 16 18:03
    apereocas-bot labeled #4356
  • Oct 16 18:03
    apereocas-bot milestoned #4356
  • Oct 16 18:02

    mmoayyed on com.github.ben-manes-gradle-versions-plugin-0.x

    renovatebot(deps): update depen… (compare)

  • Oct 16 18:02
    mmoayyed labeled #4356
  • Oct 16 18:02
    mmoayyed opened #4356
  • Oct 16 14:50
    codecov[bot] commented #4354
  • Oct 16 14:50

    mmoayyed on master

    renovatebot(deps): update depen… (compare)

  • Oct 16 14:50

    mmoayyed on spring-kafka

    (compare)

  • Oct 16 14:50
    mmoayyed closed #4354
  • Oct 16 14:50
    mmoayyed synchronize #4354
  • Oct 16 14:50

    mmoayyed on spring-kafka

    renovatebot(deps): update depen… renovatebot(deps): update depen… renovatebot(deps): update depen… and 1 more (compare)

Pol Dellaiera
@drupol
At small as it can be :-)
*as
ssoguroo
@ssoguroo
Anyone aware of CAS client for WebLogic server .. WebLogic security has got a realm ..etc
Can CAS Java Client be installed on WebLogic ?
or even tomcat application would be great..
thx
Kevin Imbrechts
@kevinimbrechts
hi there !
I'm encountering a problem, I think it's a misconfiguration, but I really don't know where is it...
I've created this topic https://groups.google.com/a/apereo.org/forum/#!topic/cas-user/k2461la2g0A
I want to use spnego when it's possible, and use the login form as a fallback
spnego works great, but login page doesn't. in debug logs, I have these errors :
2019-10-11 14:09:54,839 ERROR [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <Authentication has failed. Credentials may be incorrect or CAS cannot find authentication handler that supports [UsernamePasswordCredential(username=kevinimbrechts)] of type [UsernamePasswordCredential]. Examine the configuration to ensure a method of authentication is defined and analyze CAS logs at DEBUG level to trace the authentication event.>
2019-10-11 14:09:54,840 DEBUG [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <[JaasAuthenticationHandler] exception details: [No LoginModules configured for CAS].>
in cas.properties I have these lines :
# JAAS Config
cas.authn.jaas[0].realm=MY.DOMAIN
cas.authn.jaas[0].kerberosKdcSystemProperty=ad.MY.DOMAIN
cas.authn.jaas[0].kerberosRealmSystemProperty=MY.DOMAIN
cas.authn.jaas[0].loginConfigurationFile=/etc/cas/config/login.conf
Kevin Imbrechts
@kevinimbrechts
my /etc/cas/config/jaas.config looks like this :
CAS {
  com.sun.security.auth.module.Krb5LoginModule sufficient
    refreshKrb5Config=true
    useTicketCache=true
    renewTGT=true
    useKeyTab=true
    doNotPrompt=false
    keyTab=/etc/cas/config/cas.HTTP.keytab
    storeKey=false
    principal="sAMAccountName"
    debug=true;
};
and I have a run-cas.sh script with this command :
exec java -Djava.security.auth.login.config=/etc/cas/config/jaas.config -jar /cas-overlay/target/cas.war
can you help me, please ?
Fabrice Bacchella
@fbacchella
The authn to use is spnego
https://pastebin.com/njWU5V71
my login.conf:
https://pastebin.com/v5UPsgyA
isInitiator=false is important
Kevin Imbrechts
@kevinimbrechts
thanks, I try this now
Kevin Imbrechts
@kevinimbrechts
@fbacchella what's your value for the key cas.authn.jaas[0].realm ?
Fabrice Bacchella
@fbacchella
I don't have any jaas authn
it's all done in spnego
the realm is coming from my krb5.conf
Kevin Imbrechts
@kevinimbrechts
ok, and you can connect with the login form ?
Fabrice Bacchella
@fbacchella
yes, I have an ldap setup for that
Kevin Imbrechts
@kevinimbrechts
ok, I had tried ldap auth too but it didn't work either
with
https://apereo.github.io/cas/5.3.x/installation/LDAP-Authentication.html#ldap-authentication
https://apereo.github.io/cas/5.3.x/installation/Configuration-Properties.html#ldap-authentication-1
Fabrice Bacchella
@fbacchella
https://pastebin.com/CAudHBRm
Kevin Imbrechts
@kevinimbrechts
thanks I will try
what is your CAS version ?
Kevin Imbrechts
@kevinimbrechts
mine is 5.3
Kevin Imbrechts
@kevinimbrechts
mmmh I have "invalid credentials" error
Fabrice Bacchella
@fbacchella
5.3.12.1
Kevin Imbrechts
@kevinimbrechts
thank you @fbacchella it remains for me to find why I have a 52e error :)
Cemal
@cmlonder
what is the difference between server.port and cas.server.tomcat.http.port ? I couldn't understand this sentence in the doc "Enable HTTP connections for the embedded Tomcat container, in addition to the configuration linked to the server.port setting". Do they overwrite each other, should I keep them same?
Aarash Yaadegarnia
@arash-acceptto

Hey guys, cross posting from the users list: https://groups.google.com/a/apereo.org/d/msg/cas-user/Cj-5eeFrdXo/tcyI0__0DgAJ

Upgrading to RC5 (same with the RC6) causes the JWT signature verification to fail with Acceptto MFA plugin. I tried digging deeper to find out what was going on with little success. This is what I'm getting with RC5:

cas                  | 2019-10-07 17:50:44,554 TRACE [org.apereo.cas.mfa.accepto.AccepttoApiUtils] - <Validating response signature for [REDACTED] using [Sun RSA public key, 2048 bits
cas                  |   params: null
cas                  |   modulus: REDACTED
cas                  |   public exponent: REDACTED]>
cas                  | 2019-10-07 17:50:44,561 ERROR [org.apereo.cas.mfa.accepto.AccepttoApiUtils] - <The given key (algorithm=RSA) is not valid for SHA256withRSA>
cas                  | org.jose4j.lang.InvalidKeyException: The given key (algorithm=RSA) is not valid for SHA256withRSA
cas                  |     at org.jose4j.jws.BaseSignatureAlgorithm.initForVerify(BaseSignatureAlgorithm.java:115) ~[jose4j-0.6.5.jar!/:?]
cas                  |     at org.jose4j.jws.BaseSignatureAlgorithm.verifySignature(BaseSignatureAlgorithm.java:56) ~[jose4j-0.6.5.jar!/:?]
cas                  |     at org.jose4j.jws.JsonWebSignature.verifySignature(JsonWebSignature.java:192) ~[jose4j-0.6.5.jar!/:?]
cas                  |     at org.apereo.cas.util.EncodingUtils.verifyJwsSignature(EncodingUtils.java:280) ~[cas-server-core-util-api-6.1.0-RC5-SNAPSHOT.jar!/:6.1.0-RC5-SNAPSHOT]
cas                  |     at org.apereo.cas.mfa.accepto.AccepttoApiUtils.authenticate(AccepttoApiUtils.java:184) ~[cas-server-support-acceptto-mfa-6.1.0-RC5-SNAPSHOT.jar!/:6.1.0-RC5-SNAPSHOT]
cas                  |     at org.apereo.cas.mfa.accepto.web.flow.AccepttoMultifactorDetermineUserAccountStatusAction.doExecute(AccepttoMultifactorDetermineUserAccountStatusAction.java:45) ~[cas-server-support-acceptto-mfa-6.1.0-RC5-SNAPSHOT

Could you please help me figure out what is going on here? same exact setup works perfectly fine with RC4.

Thanks,

Cemal
@cmlonder
Is there a cas-jwt client support? There is spring-security-cas client but how can I enable it to recognize that I'm using jwt-enabled cas protocol?
clearasday0
@clearasday0
I'm looking to prove out that our SaaS offering can connect to a CAS server with SAML auth. Is there any chance there is a public demo server I can use to test this? Or are there good instructions to accomplish this? I've tried a couple basic cas server setup guides but I end up with cert store issues in each of them.
mohamed ahmed
@habi3000
Hello, everyone, we are having a different problem with RC6
it keeps printing this error
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------2019-10-15 23:22:14,051 ERROR [org.apache.coyote.http11.Http11NioProtocol] - <Error reading request, ignored>
java.lang.NullPointerException: null
at org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper.getSslSupport(NioEndpoint.java:1392) ~[tomcat-coyote-9.0.24.jar!/:9.0.24]
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:853) ~[tomcat-coyote-9.0.24.jar!/:9.0.24]
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1593) ~[tomcat-coyote-9.0.24.jar!/:9.0.24]
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) ~[tomcat-coyote-9.0.24.jar!/:9.0.24]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) ~[?:?]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) ~[?:?]
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) ~[tomcat-embed-core-9.0.24.jar!/:9.0.24]
at java.lang.Thread.run(Thread.java:834) [?:?]

2019-10-15 23:22:14,054 ERROR [org.apache.tomcat.util.net.NioEndpoint] - <Error running socket processor>

we tried to search it but kept trying with no hope could someone direct us on this?

CAS Version: 6.1.0-RC6
CAS Branch: master
CAS Commit Id: 427add1267d98bd3741a7befe9f801e2404d4a0c
CAS Build Date/Time: 2019-10-06T03:36:46Z
Spring Boot Version: 2.2.0.RC1
Spring Version: 5.2.0.RELEASE
Java Home: /usr/share/java/jdk-11.0.2
Java Vendor: Oracle Corporation
Java Version: 11.0.2
JVM Free Memory: 19 GB
JVM Maximum Memory: 25 GB
JVM Total Memory: 20 GB
JCE Installed: Yes
OS Architecture: amd64
OS Name: Linux
OS Version: 3.10.0-957.27.2.el7.x86_64
OS Date/Time: 2019-10-15T23:21:47.421732

OS Temp Directory: /tmp

Apache Tomcat Version: Apache Tomcat/9.0.24

mohamed ahmed
@habi3000
The snapshot version is giving another weird error
ERROR [org.apache.velocity] - <ResourceManager : unable to find resource '/templates/saml2-post-binding.vm' in any resource loader.> ┤
│2019-10-16 10:00:48,186 ERROR [org.opensaml.saml.saml2.binding.encoding.impl.HTTPPostEncoder] - <Error invoking Velocity template> ┤
│org.apache.velocity.exception.ResourceNotFoundException: Unable to find resource '/templates/saml2-post-binding.vm'
I exploded the war and file is already in the correct path
rkrishna-gembrill
@rkrishna-gembrill
Unable to deploy cas overlay in wildlfy 14

ERROR [org.springframework.boot.SpringApplication] (ServerService Thread Pool -- 157) Application run failed: java.lang.IllegalArgumentException: java.lang.ClassCastException@4568c3f5
at jdk.internal.reflect.GeneratedMethodAccessor19.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at deployment.cas.war//org.springframework.core.io.VfsUtils.invokeVfsMethod(VfsUtils.java:101)
at deployment.cas.war//org.springframework.core.io.VfsUtils.getFile(VfsUtils.java:173)
at deployment.cas.war//org.springframework.core.io.VfsResource.getFile(VfsResource.java:95)
at deployment.cas.war//org.apereo.cas.util.CasVersion.getDateTime(CasVersion.java:69)
at deployment.cas.war//org.apereo.cas.util.SystemUtils.getSystemInfo(SystemUtils.java:48)
at deployment.cas.war//org.apereo.cas.util.spring.boot.AbstractCasBanner.collectEnvironmentInfo(AbstractCasBanner.java:61)
at deployment.cas.war//org.apereo.cas.util.spring.boot.AbstractCasBanner.printBanner(AbstractCasBanner.java:35)
at deployment.cas.war//org.springframework.boot.SpringApplicationBannerPrinter.print(SpringApplicationBannerPrinter.java:71)

The issues is seems to be there for long time...

spring-projects/spring-framework#22095

Pol Dellaiera
@drupol
Is there a already made docker image that would allow me to have a local cas server for testing?
What do you use if you're not using docker?