Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • 16:59
    pspaude commented #5009
  • 16:58

    apereocas-bot on gh-pages

    Published docs to [gh-pages] fr… (compare)

  • 16:43

    mmoayyed on master

    Clean up manual object-mapper r… Clean up manual object-mapper r… fix tests and 4 more (compare)

  • 16:26
    unfurl-links[bot] commented #5009
  • 16:26
    mmoayyed commented #5009
  • 16:25
    mmoayyed commented #5009
  • 16:22
    pspaude commented #5009
  • 13:57

    mmoayyed on gh-pages

    documentation update (compare)

  • 10:46
    mmoayyed commented #4971
  • 10:32
    mmoayyed commented #4971
  • 10:01
    CLAassistant commented #4026
  • 09:49
    CLAassistant commented #4257
  • 09:03

    apereocas-bot on gh-pages

    Published docs to [gh-pages] fr… (compare)

  • 08:48

    mmoayyed on gh-pages

    clean up props Merge branch 'gh-pages' of gith… (compare)

  • 08:44

    mmoayyed on master

    clean up props (compare)

  • 07:45

    apereocas-bot on gh-pages

    Published docs to [gh-pages] fr… (compare)

  • 07:26

    mmoayyed on master

    clean up props (compare)

  • 06:45

    mmoayyed on master

    documentation update clean up props (compare)

  • 06:43

    mmoayyed on master

    avoid logging null messages if … (compare)

  • 06:43

    mmoayyed on loggingutils

    (compare)

singhmanmohan432
@singhmanmohan432
Caused by: java.lang.NoSuchMethodException: org.apereo.cas.ticket.registry.DefaultTicketRegistrySupportEnhancerBySpringCGLIBEnhancerBySpringCGLIB51689c97.<init>()"}}
08:27:53,767 INFO [org.jboss.as.server] (DeploymentScanner-threads - 2) WFLYSRV0010: Deployed "cas-server-webapp-6.2.4-SNAPSHOT.war" (runtime-name : "cas-server-webapp-6.2.4-SNAPSHOT.war")
08:27:53,768 INFO [org.jboss.as.controller] (DeploymentScanner-threads - 2) WFLYCTL0183: Service status report
WFLYCTL0186: Services which failed to start: service jboss.deployment.unit."cas-server-webapp-6.2.4-SNAPSHOT.war".undertow-deployment: java.lang.RuntimeException: org.springframework.context.ApplicationContextException: Unable to start web server; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'threadContextMDCServletFilter' defined in class path resource [org/apereo/cas/logging/config/CasLoggingConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.boot.web.servlet.FilterRegistrationBean]: Factory method 'threadContextMDCServletFilter' threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'defaultTicketRegistrySupport' defined in class path resource [org/apereo/cas/config/CasCoreTicketsConfiguration.class]: Initialization of bean failed; nested exception is org.springframework.aop.framework.AopConfigException: Unexpected AOP exception; nested exception is org.springframework.aop.framework.AopConfigException: Unable to instantiate proxy using Objenesis, and regular proxy instantiation via default constructor fails as well; nested exception is java.lang.NoSuchMethodException: org.apereo.cas.ticket.registry.DefaultTicketRegistrySupport$$E
Cas version .2
2.5.6
singhmanmohan432
@singhmanmohan432

Getting Exception on Cas-overlay 6.2.5 deployment on WILDFLY 16 server

org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'threadContextMDCServletFilter' defined in class path resource [org/apereo/cas/logging/config/CasLoggingConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.boot.web.servlet.FilterRegistrationBean]: Factory method 'threadContextMDCServletFilter' threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'defaultTicketRegistrySupport' defined in class path resource [org/apereo/cas/config/CasCoreTicketsConfiguration.class]: Initialization of bean failed; nested exception is org.springframework.aop.framework.AopConfigException: Unexpected AOP exception; nested exception is org.springframework.aop.framework.AopConfigException: Unable to instantiate proxy using Objenesis, and regular proxy instantiation via default constructor fails as well; nested exception is java.lang.NoSuchMethodException: org.apereo.cas.ticket.registry.DefaultTicketRegistrySupportEnhancerBySpringCGLIBEnhancerBySpringCGLIB7af39688.<init>()
at org.wildfly.extension.undertow@16.0.0.Final//org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:81)
at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
at org.jboss.threads@2.3.3.Final//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
at org.jboss.threads@2.3.3.Final//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982)
at org.jboss.threads@2.3.3.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
at org.jboss.threads@2.3.3.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377)
at java.base/java.lang.Thread.run(Thread.java:834)
at org.jboss.threads@2.3.3.Final//org.jboss.threads.JBossThread.run(JBossThread.java:485)
Caused by: java.lang.RuntimeException: org.springframework.context.ApplicationContextException: Unable to start web server; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'threadContextMDCServletFilter' defined in class path resource [org/apereo/cas/logging/config/CasLoggingConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.boot.web.servlet.FilterRegistrationBean]: Factory method 'threadContextMDCServletFilter' threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'defaultTicketRegistrySupport' defined in class path resource [org/apereo/cas/config/CasCoreTicketsConfiguration.class]: Initialization of bean failed; nested exception is org.springframework.aop.framework.AopConfigException: Unexpected AOP exception; nested exception is org.springframework.aop.framework.AopConfigException: Unable to instantiate proxy using Objenesis, and regular proxy instantiation via default constructor fails as well; nested exception is java.lang.NoSuchMethodException: org.apereo.cas.ticket.registry.DefaultTicketRegistrySupportEnhancerBySpringCGLIBEnhancerBySpringCGLIB7af39688.<init>()
at io.undertow.servlet@2.0.19.Final//io.undertow.servlet.core.DeploymentMa

Pierre Yager
@zedalaye_gitlab
Hello. I'm new to Apereo CAS. I want to start an instance with docker. It looks like I'm missing lots of configuration. Is there a starting point out there to have Apereo CAS running ?
Is there something like a tutorial somewhere that shows how to run Apereo CAS and connect an application ?
matrixbot
@matrixbot

mijutu Start with https://apereo.github.io/cas/6.2.x/

Clone https://github.com/apereo/cas-overlay-template

Checkout the 6.2 branch and then create a new branch from it for your own changes. Later you need to add more implementation-lines to build.gradle depending on your needs. Run ./gradlew build to get a war package.

You need to add configuration to /etc/cas/config/cas.properties to let CAS know from where it should verify passwords.

You need to write at least one /etc/cas/services/foo-1.json to tell CAS which service-parameters are allowed.

CAS documentation is actually quite good, but at first it might seem confusing. Note how all the configuration properties are listed in one huge webpage that you should not try to read all at once. Instead each topic has links to the correct places on the properties page.

I suggest you first build a war package and get it running. After that, decide how cas should validate user's passwords and add configuration for it.

Pierre Yager
@zedalaye_gitlab
I managed to use the cas-overlay-template to run ApereoCAS locally. Now I'm a bit blocked. Is there some documentation about service Json files ?
matrixbot
@matrixbot
mijutu And the json service registry is only one option. (The "you need to" I wrote was actually wrong). Service definitions can be set up in many other ways: https://apereo.github.io/cas/6.2.x/services/Service-Management.html#storage
Pierre Yager
@zedalaye_gitlab
It works. I can now "authenticate" as casuser/Mellon
The next step is to "add users" ?
matrixbot
@matrixbot
mijutu Yes, add and configure some backend to check the passwords. I have used ldap so far, but there are many other ways.
mohsensaeedi
@mohsensaeedi
We are using some tags on ldap attributes. for example if we want to store user's cn in different language we can use cn and cn;lang-en-US and cn;lang-fr and ... or maybe when we want to store student number for BSC and MSC, we can use tags (called ldap attribute option too) for it. for example edu-bsc and edu-msc.
but the question is: How we can read and release this type of attributes with Apereo CAS. For example i defined studentNumber attribute on properties file, but it just return studentNumber without any tags! if we store attribute with tags, cas doesn't return that. anyone has a solution for this?
xgdz
@xgdz
Hello everyone, the cas5.x server connects to ldap and returns multiple attribute values, but the client cannot get the value. The configuration is as follows
image.png
image.png

=============================================================
WHO: P0888888
WHAT: [result=Service Access Granted,service=http://localhost:8088/index.jsp,principal=SimplePrincipal(id=P0888888, attributes={mail=[sstest3@pacteraedge.com], employeeNumber=[P0888888]}),requiredAttributes={}]
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
APPLICATION: CAS
WHEN: Tue Nov 24 16:09:51 CST 2020
CLIENT IP ADDRESS: 127.0.0.1

SERVER IP ADDRESS: 127.0.0.1

>

2020-11-24 16:09:51,669 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN

WHO: P0888888
WHAT: TGT-1-**-JXR63rzNhsBAC1500995-PC
ACTION: TICKET_GRANTING_TICKET_CREATED
APPLICATION: CAS
WHEN: Tue Nov 24 16:09:51 CST 2020
CLIENT IP ADDRESS: 127.0.0.1

SERVER IP ADDRESS: 127.0.0.1

>

2020-11-24 16:09:51,685 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN

WHO: P0888888
WHAT: [result=Service Access Granted,service=http://localhost:8088/index.jsp,requiredAttributes={}]
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
APPLICATION: CAS
WHEN: Tue Nov 24 16:09:51 CST 2020
CLIENT IP ADDRESS: 127.0.0.1

SERVER IP ADDRESS: 127.0.0.1

>
2020-11-24 16:09:51,702 INFO [org.apereo.cas.DefaultCentralAuthenticationService] - <Granted ticket [ST-1-xxYlJ4yG8XdlqLrnb1qx9AAdGdYBAC1500995-PC] for service [http://localhost:8088/index.jsp] and principal [P0888888]>

2020-11-24 16:09:51,706 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN

WHO: P0888888
WHAT: ST-1-xxYlJ4yG8XdlqLrnb1qx9AAdGdYBAC1500995-PC for http://localhost:8088/index.jsp
ACTION: SERVICE_TICKET_CREATED
APPLICATION: CAS
WHEN: Tue Nov 24 16:09:51 CST 2020
CLIENT IP ADDRESS: 127.0.0.1

SERVER IP ADDRESS: 127.0.0.1

>

2020-11-24 16:09:51,811 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN

WHO: audit:unknown
WHAT: [result=Service Access Granted,service=http://localhost:8088/index.jsp,principal=SimplePrincipal(id=P0888888, attributes={}),requiredAttributes={}]
ACTION: SERVICE_ACCESS_ENFORCEMENT_TRIGGERED
APPLICATION: CAS
WHEN: Tue Nov 24 16:09:51 CST 2020
CLIENT IP ADDRESS: 127.0.0.1

SERVER IP ADDRESS: 127.0.0.1

Łukasz
@lgwozniak
Try with cas.authn.attributeRepository.defaultAttributesToRelease, i have to add this with cas.authn.attributeRepository.merger policy
matrixbot
@matrixbot
mijutu I got it to work recently (with 6.2.5) by setting cas.authn.mfa.global-principal-attribute-name-triggers=foo and cas.authn.mfa.global-principal-attribute-value-regex=bar. Where foo is pricipal attribute name (not ldap attribute name) from cas.authn.ldap[0].principalAttributeList
Pierre Yager
@zedalaye_gitlab
Is there a way to allow redirect to "http" services (not https) during development ?
mohsensaeedi
@mohsensaeedi

We are using some tags on ldap attributes. for example if we want to store user's cn in different language we can use cn and cn;lang-en-US and cn;lang-fr and ... or maybe when we want to store student number for BSC and MSC, we can use tags (called ldap attribute option too) for it. for example edu-bsc and edu-msc.
but the question is: How we can read and release this type of attributes with Apereo CAS. For example i defined studentNumber attribute on properties file, but it just return studentNumber without any tags! if we store attribute with tags, cas doesn't return that. anyone has a solution for this?

who can help me about this matter?

Pierre Yager
@zedalaye_gitlab
@mohsensaeedi sorry I don't know anything about LDAP :)
Is it possible to overwrite variables defined in the configuration file /etc/cas/config/cas.properties using environment variables ?
mohsensaeedi
@mohsensaeedi
I have a deep knowledge about LDAP. but Apereo CAS does not return attribute with tags. I think a expert guy can help me. I think he is @mmoayyed :)
Cade Rea
@cade-rea
Hello. I am running the CAS overlay server (5.1.9) locally for development. It is not loading my JSON services config. I'm including cas-server-support-json-service-registry as a dependency in my pom. The app is allowing logins from any HTTPS service id, instead of the app listed in my JSON file (/etc/cas/services/casSecuredApp-8900.json). Any ideas about why my config is not being used?
Cade Rea
@cade-rea
I've been trying at this a few hours, and of course I figure it out once I post a question. I did not have cas.serviceRegistry.config.location defined correctly. Setting cas.serviceRegistry.config.location:file:/etc/cas/services fixed it.
Pierre Yager
@zedalaye_gitlab
Hello, I try to use the cas-management webui but it crashes at runtime and I just don't what to do :
cas-management_1 | 2020-11-26 14:58:24,452 WARN [org.apereo.cas.support.saml.SamlUtils] - <Resource [class path resource [incommon.pem]] cannot be located>
cas-management_1 | 2020-11-26 14:58:24,456 WARN [org.apereo.cas.mgmt.web.CasManagementWebApplicationContext] - <Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'samlController' defined in class path resource [org/apereo/cas/mgmt/config/CasManagementSamlConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.apereo.cas.mgmt.SamlController]: Factory method 'samlController' threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'metadataAggregateResolver' defined in class path resource [org/apereo/cas/mgmt/config/CasManagementSamlConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.apereo.cas.mgmt.MetadataAggregateResolver]: Factory method 'metadataAggregateResolver' threw exception; nested exception is java.lang.NullPointerException>
cas-management_1 | 2020-11-26 14:58:24,489 ERROR [org.springframework.boot.SpringApplication] - <Application run failed>
cas-management_1 | org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'samlController' defined in class path resource [org/apereo/cas/mgmt/config/CasManagementSamlConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.apereo.cas.mgmt.SamlController]: Factory method 'samlController' threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'metadataAggregateResolver' defined in class path resource [org/apereo/cas/mgmt/config/CasManagementSamlConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.apereo.cas.mgmt.MetadataAggregateResolver]: Factory method 'metadataAggregateResolver' threw exception; nested exception is java.lang.NullPointerException
Pierre Yager
@zedalaye_gitlab
Hello, still trying to have an ApereoCAS instance up and running :) I set up JsonServiceRegistry and RestAuthentication. my test application successfully redirect to CAS Login page, but when I enter user credentials, the CAS cannot validate the SSL peer :
cas_1 | 2020-11-27 13:47:21,351 ERROR [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <Authentication has failed. Credentials may be incorrect or CAS cannot find authentication handler that supports [UsernamePasswordCredential(username=toto, source=null, customFields={})] of type [UsernamePasswordCredential]. Examine the configuration to ensure a method of authentication is defined and analyze CAS logs at DEBUG level to trace the authentication event.>
cas_1 | 2020-11-27 13:47:21,352 ERROR [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <[app_users]: [I/O error on POST request for "https://users.docker:3443/cas/authenticate": PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; nested exception is javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target / PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]>
The fact is that I can navigate to https://users.docker:3443 from my local browser. Do you have any tip on how to make this work ?
matrixbot
@matrixbot
mijutu I guess you need to get java to trust the certificate of users.docker. I don't remember how to do that (I use letsencrypt), but those instructions should be easy to find. You need to add the ca cert that signed users.docker's certificate.
milu-milu
@milu-milu
Hi All
I'm dealing with CAS 5.3 using LDAP as backend...
I can authenticate....
but I want to retrieve the groups the user belongs to
I know both queries and it works as expected but...
I only able to provide the last group...
I use the cas.authn.attributeRepository.ldap[0]....
I also set the cas.authn.attributeRepository.ldap[0].allowMultipleDns=true
cas.authn.attributeRepository.ldap[0].allowMultipleEntries=true
Any Idea how to set a multi value?
i query all the groups with ldap://ldap_host '(&(objectClass=posixGroup)(memberUid={user}))'
and I know some user belongs to several groups but it only reports the last one
milu-milu
@milu-milu
@cade-rea can you see a line like 'cas.service-registry.json.location=file:/etc/cas/services"in you cas.properties'?
小虫哥
@imbugge
hello
hjthjw
@hjthjw
anyone here ?
milu-milu
@milu-milu
Yes, someone
Amir Hosseinbor
@Sprew
Hello, I have set up CAS with WSFED and the default configuration given by the documentation (https://apereo.github.io/cas/6.2.x/configuration/Configuration-Properties.html#ws-fed-delegated-authentication) but when I head over to the log-in page it says "Authorization Denied" and i get redirected to "/cas/wsfedredirect?wsfedclientid=77f30f54-6150-46a7-a75d-7518af062c55". So... I know something is working atleast. I suspect that I need more than "org.apereo.cas:cas-server-support-wsfederation-webflow:${project.'cas.version'}" as dependency to make this work. Any guidance?
heyiwu
@whuhyw
what files should i modify for slo?
Łukasz
@lgwozniak
Hi i have a question about Google Authenticator is there any possibility to show again QR Code after registration ?
anosingh1
@anosingh1
Hi, I have a CAS setup for 2-factor authentication and it works fine with Chrome browser but with I.E the 2FA window doesn't show up. This appears to be the problem with URL length limit in I.E https://support.microsoft.com/en-us/help/208427/maximum-url-length-is-2-083-characters-in-internet-explorer
Any suggestions on the above query is highly appreciated