Good morning to everyone.
I am currently trying to run a build in the master branch and I am receiving the following error:
Could not determine the dependencies of task ':support:cas-server-support-simple-mfa-core:compileTestJava'.
Could not resolve all dependencies for configuration ':support:cas-server-support-simple-mfa-core:testAnnotationProcessor'.
Failed to calculate the value of task ':support:cas-server-support-simple-mfa-core:compileJava' property 'javaCompiler'.
Unable to configure Java installation, probing failed with the following message: A problem occurred starting process 'command '/usr/lib/jvm/openjdk-11/bin/java''
My $JAVA_HOME does not point to this path and I cannot find why the build process searches for java in that particular path.
I face the current problem only when cloning the master branch and trying to run a build.
If I switch to 6.2 branch, the build is successful.
Has anyone else tried to clone and build the master branch and received a similar error?
Hello all,
We have observed a behavior (regression?) change between 6.2.2 and 6.2.3/6.2.4, regarding forced renew.
(I have not been able to bisect further and propose a fix: I still have not found the exact command line to build and deploy to my maven local from sources. But this this another topic. Help wanted.).
In 6.2.2:
Go http://cas/login?renew=true&TARGET=http://testapp/ (note: our testapp does not validate the service ticket – but this may be irrelevant)
Login
Go http://cas/login?renew=true&TARGET=http://testapp/
Result (as expected): the UI shows ‘welcome back ‘user’, …’
In 6.2.3/6.2.4:
Same steps
Result: the UI does not show ‘welcome back ‘user’, …’
(e.g. existingSingleSignOnSessionAvailable seems to be false in context of loginform.html)
mijutu
Hello. Is there an easy way to add mapping of usernames per service? For example user logs in to cas with her username and password. When she goes to serviceA, the serviceA gets the username usual. But when she goes to serviceB, cas would look up an alternative username and return that to serviceB.
2020-11-03 02:15:45,970 DEBUG [org.apereo.cas.web.DelegatedClientWebflowManager] - <Client identifier could not found as part of the request parameters. Looking at relay-state for the SAML2 client>
2020-11-03 02:15:45,970 DEBUG [org.apereo.cas.web.DelegatedClientWebflowManager] - <Located delegated client identifier for this request as [Optional.empty]>
2020-11-03 02:15:45,970 DEBUG [org.apereo.cas.AbstractCentralAuthenticationService] - <Ticket [] by type [TransientSessionTicket] cannot be found in the ticket registry.>
2020-11-03 02:15:45,970 ERROR [org.apereo.cas.web.DelegatedClientWebflowManager] - <Delegated client identifier cannot be located in the authentication request [https://mycasserver/cas/login?service=https%3A%2F%2Flocalhost%2Fsignin-cas%3Fstate%3DCfDJ8HgM412oj95DqYeKeBq8zOQjNWyHmcLcpasqvwAY0UFS0VoWduTQNZWIp2-8dN1kmseWmoFHt7qg32885lXa4aXQKScs5Rqr4MkSBQNgBfJToNa5O7fPN_PbAB0UNxMdK9P2ENAi1D7rUoqhZQA-MigfWyzCG5lNd0ACZl2L4XrARmOA8Ial7GQ79KRtGvXUYnXyJ5G4AsfiOnSiQWcIn4S-eHxh_xtR7MBHWka2j-YonCYC4ER2MVgaLhfWIUF8RHXQi_75YsU830QslcsK_LOyP0kb0qZlDGHPXEr46hRf1Y3qtCh2j1Qv3sufP5y2mHHGZsz4PGOo8m2ReEQKLt4&client_name=login]>
2020-11-03 02:15:45,970 ERROR [org.apereo.cas.web.flow.DelegatedClientAuthenticationAction] - <>
Can someone please help me. Trying to fix this from so many days.
mijutu
What is the default mfa-opt-in parameter name? Or if there is none, how do I configure it? https://apereo.github.io/cas/6.2.x/mfa/Configuring-Multifactor-Authentication-Triggers.html#opt-in-request-parameterheader
mijutu
I was thinking that I let users to opt in with url parameter and force mfa on for those who have opted in at some point.
mijutu
Have I missed something? Is there an easier way to do it?
mijutu
I've been trying to set up trusted-mfa, but I don't understand why nothing seems to happen. After typing a totp, I just get redirected to the service and get no question whether to trust this device or not. Does that need to be configured separately? I already have cas.authn.mfa.trusted.device-fingerprint. and cas.authn.mfa.trusted.jpa. configs. And cas is creating table to the database. And cas.authn.mfa.trusted.device-registration-enabled=true