tsschmidt on req-definition
Fix tests (compare)
mmoayyed on heroku-casinit
remove tmate (compare)
mmoayyed on heroku-casinit
enable debug to check cas mgmt (compare)
mmoayyed on heroku-casinit
updat jib (compare)
Good morning to everyone.
I am currently trying to run a build in the master branch and I am receiving the following error:
Could not determine the dependencies of task ':support:cas-server-support-simple-mfa-core:compileTestJava'.
Could not resolve all dependencies for configuration ':support:cas-server-support-simple-mfa-core:testAnnotationProcessor'.
Failed to calculate the value of task ':support:cas-server-support-simple-mfa-core:compileJava' property 'javaCompiler'.
Unable to configure Java installation, probing failed with the following message: A problem occurred starting process 'command '/usr/lib/jvm/openjdk-11/bin/java''
My $JAVA_HOME does not point to this path and I cannot find why the build process searches for java in that particular path.
I face the current problem only when cloning the master branch and trying to run a build.
If I switch to 6.2 branch, the build is successful.
Has anyone else tried to clone and build the master branch and received a similar error?
We have observed a behavior (regression?) change between 6.2.2 and 6.2.3/6.2.4, regarding forced renew.
(I have not been able to bisect further and propose a fix: I still have not found the exact command line to build and deploy to my maven local from sources. But this this another topic. Help wanted.).
Go http://cas/login?renew=true&TARGET=http://testapp/ (note: our testapp does not validate the service ticket – but this may be irrelevant)
Result (as expected): the UI shows ‘welcome back ‘user’, …’
Result: the UI does not show ‘welcome back ‘user’, …’
(e.g. existingSingleSignOnSessionAvailable seems to be false in context of loginform.html)
mijutuHello. Is there an easy way to add mapping of usernames per service? For example user logs in to cas with her username and password. When she goes to serviceA, the serviceA gets the username usual. But when she goes to serviceB, cas would look up an alternative username and return that to serviceB.
2020-11-03 02:15:45,970 DEBUG [org.apereo.cas.web.DelegatedClientWebflowManager] - <Client identifier could not found as part of the request parameters. Looking at relay-state for the SAML2 client> 2020-11-03 02:15:45,970 DEBUG [org.apereo.cas.web.DelegatedClientWebflowManager] - <Located delegated client identifier for this request as [Optional.empty]> 2020-11-03 02:15:45,970 DEBUG [org.apereo.cas.AbstractCentralAuthenticationService] - <Ticket  by type [TransientSessionTicket] cannot be found in the ticket registry.> 2020-11-03 02:15:45,970 ERROR [org.apereo.cas.web.DelegatedClientWebflowManager] - <Delegated client identifier cannot be located in the authentication request [https://mycasserver/cas/login?service=https%3A%2F%2Flocalhost%2Fsignin-cas%3Fstate%3DCfDJ8HgM412oj95DqYeKeBq8zOQjNWyHmcLcpasqvwAY0UFS0VoWduTQNZWIp2-8dN1kmseWmoFHt7qg32885lXa4aXQKScs5Rqr4MkSBQNgBfJToNa5O7fPN_PbAB0UNxMdK9P2ENAi1D7rUoqhZQA-MigfWyzCG5lNd0ACZl2L4XrARmOA8Ial7GQ79KRtGvXUYnXyJ5G4AsfiOnSiQWcIn4S-eHxh_xtR7MBHWka2j-YonCYC4ER2MVgaLhfWIUF8RHXQi_75YsU830QslcsK_LOyP0kb0qZlDGHPXEr46hRf1Y3qtCh2j1Qv3sufP5y2mHHGZsz4PGOo8m2ReEQKLt4&client_name=login]> 2020-11-03 02:15:45,970 ERROR [org.apereo.cas.web.flow.DelegatedClientAuthenticationAction] - <>Can someone please help me. Trying to fix this from so many days.
mijutuWhat is the default mfa-opt-in parameter name? Or if there is none, how do I configure it? https://apereo.github.io/cas/6.2.x/mfa/Configuring-Multifactor-Authentication-Triggers.html#opt-in-request-parameterheader
mijutuI was thinking that I let users to opt in with url parameter and force mfa on for those who have opted in at some point.
mijutuHave I missed something? Is there an easier way to do it?
mijutuI've been trying to set up trusted-mfa, but I don't understand why nothing seems to happen. After typing a totp, I just get redirected to the service and get no question whether to trust this device or not. Does that need to be configured separately? I already have cas.authn.mfa.trusted.device-fingerprint. and cas.authn.mfa.trusted.jpa. configs. And cas is creating table to the database. And cas.authn.mfa.trusted.device-registration-enabled=true
yarra-srinivas Sep 28 18:41
Hi All, I have an issue with delegate authenticate to open id provider as keycloak; I stuck at login-flow.xml misconfiguration i believe;17:26:41,107|DEBUG|https-jsse-nio-0.0.0.0-8443-exec-2|org.springframework.webflow.engine.impl.FlowExecutionImpl|Attempting to handle [org.springframework.webflow.engine.NoMatchingTransitionException: No transition was matched on the event(s) signaled by the  action(s) that executed in this action state 'ticketGrantingTicketCheck' of flow 'login'; transitions must be defined to handle action result outcomes -- possible flow configuration error? Note: the eventIds signaled were: 'array<String>['success']', while the supported set of transitional criteria for this action state is 'array<TransitionCriteria>[notExists, invalid, valid]']
2020-09-28 17:26:41,107|DEBUG|https-jsse-nio-0.0.0.0-8443-exec-2|org.springframework.webflow.engine.impl.FlowExecutionImpl|Rethrowing unhandled flow execution exception
2020-09-28 17:26:41,107|DEBUG|https-jsse-nio-0.0.0.0-8443-exec-2|org.jasig.cas.web.FlowExecutionExceptionResolver|Ignoring the received exception due to a type mismatch
org.springframework.webflow.engine.NoMatchingTransitionException: No transition was matched on the event(s) signaled by the  action(s) that executed in this action state 'ticketGrantingTicketCheck' of flow 'login'; transitions must be defined to handle action result outcomes -- possible flow configuration error? Note: the eventIds signaled were: 'array<String>['success']', while the supported set of transitional criteria for this action state is 'array<TransitionCriteria>[notExists, invalid, valid]'
Khalidaba Sep 30 17:16
Hi, new in this dev world,
i saw there is a .NET CAS client, but i started a project in Blazor server side( last .NET Framwork),
is it possible to make it work with cas client, or its not compatible ?
Thanks for the help.
Philipp Berger Oct 02 15:51
I wanted to update some spring versions to get rid of the latest vulnerabilities in 5.3.x.
I created a pull-request #4950 but this has been closed immediately.
EOL of 5.3.x is end of October.
How can I contribute security-patches to 5.3.x?
Thanks for your help.
ArtiWavale Oct 03 14:41
I have successfully completed password management tasks for LDAP, MySql and Active directory databases but When I am trying to integrate these three tasks at a cas.properties file in CAS server then reset password management working for only one database(LDAP or MySql or Active directory), Not working for three databases.
Do you have any solution on it?
how can we integrate password management for ldap, MySql and active directory at cas.properties file in CAS server and it will work with these three databases. I am really thankful for quick response.
Thanks and Regards
XpLoDWilD Oct 05 20:32
Hi, I'm trying to customize CAS view and stumbled upon "build.sh getview" references. However, it looks like this build.sh thing has disappered since, what's its new equivalent?
Terry Appleby Oct 06 06:05
If I wanted to add some new endpoints to a CAS instance (custom user confirmation + password reset flows) does it make sense to use a similar approach as the OAuth modules (custom ModeAndView's + using CasProtocolViewFa