Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • 05:52
    codecov[bot] commented #5346
  • 05:51
    codecov[bot] commented #5346
  • 05:50
    codecov[bot] commented #5346
  • 05:49
    codecov[bot] commented #5346
  • 05:48
    codecov[bot] commented #5346
  • 05:47
    codecov[bot] commented #5346
  • 05:46
    codecov[bot] commented #5346
  • 05:45
    codecov[bot] commented #5346
  • 05:44
    codecov[bot] commented #5346
  • 05:43
    codecov[bot] commented #5346
  • 05:42
    codecov[bot] commented #5346
  • 05:41
    codecov[bot] commented #5346
  • 05:40
    codecov[bot] commented #5346
  • 05:39
    codecov[bot] commented #5346
  • 05:38
    codecov[bot] commented #5346
  • 05:37
    codecov[bot] commented #5346
  • 05:36
    codecov[bot] commented #5346
  • 05:35
    codecov[bot] commented #5346
  • 05:34
    codecov[bot] commented #5346
  • 05:33
    codecov[bot] commented #5346
lexoio
@lexoio
ERROR [org.springframework.boot.web.servlet.support.ErrorPageFilter] - <Forwarding to error page from request [/login] due to exception [Exception thrown executing org.apereo.cas.pm.web.flow.actions.SendPasswordResetInstructionsAction@2adfdb23 in state 'sendPasswordResetInstructions' of flow 'login' -- action execution attributes were 'map[[empty]]']>
i face this error and only this error no other warn
i use ldaps
what makes this error??
Michry-BBN
@BbnMichry_twitter
Hi i try to build cas.war with gradle but i always have error failed

i have add these lines
dependencies {
// Add modules in format compatible with overlay casModules property
if (project.hasProperty("casModules")) {
def dependencies = project.getProperty("casModules").split(",")
dependencies.each {
def projectsToAdd = rootProject.subprojects.findAll {project ->
project.name == "cas-server-core-${it}" || project.name == "cas-server-support-${it}"
}
projectsToAdd.each {implementation it}
}
}
// CAS dependencies/modules may be listed here statically...

implementation "org.apereo.cas:cas-server-webapp-init:${casServerVersion}"
implementation "org.apereo.cas:cas-server-support-ldap:${project.'cas.version'}"
implementation "org.apereo.cas:cas-server-support-json-service-registry:${casServerVersion}"

}
they dont know casServerVersion only ${project.'casversion'} works

Michry-BBN
@BbnMichry_twitter
image.png
Hi How to fix this problem????
Łukasz
@lgwozniak

image.png

You must register service to be able to autorize with CAS

Question. Can I override RegexRegisteredService with my own implementation as a template ?
Michry-BBN
@BbnMichry_twitter
@lgwozniak yes but how to do it?
habib-halaoui
@habib-halaoui

Hello,

I have a web application which uses for the react js front part and the symfony backend and a cas sso authentication server.
I have configured react to authenticate with case and the backend part also configured with case. The user is authenticated on both applications. But the problem that I can not use the api rest of the backend because it is not recognized that it is connected to because via axios http requests.
I saw that it was necessary to set up a proxy case.
Do you have any information on this use case and how to do it?
Does your example take into account the proxy case?
This link details the API call in case.
https://apereo.github.io/cas/5.0.x/installation/Configuring-Proxy-Authentication.html
Regards

Ripplet
@ripplet:matrix.org
[m]
Hello everyone, I'm trying to implement SSO in a java application. I've tried getting the service ticket expiration date in the xml response to serviceValidate, but with no success. And I've seen that the "validUntilDate" in the assertion always gets set to null in the costructur. Why is it there then? Thank you for the help
Rich Renomeron
@rrenomeron
Is anyone working on updating cas-management to work with 6.4? Or have an idea about how much work it would be to undertake?
springnirps
@springnirps

Has anyone gotten junit to work with CAS 6.3.7 or newer? If so, how were you able to enable this? I always get a : UnknownClass.JUnit Jupiter > UnknownClass.initializationError FAILED
org.junit.platform.commons.JUnitException at EngineExecutionOrchestrator.java:114
Caused by: java.lang.NoClassDefFoundError at OpenTest4JAndJUnit4AwareThrowableCollector.java:58
Caused by: java.lang.ClassNotFoundException at BuiltinClassLoader.java:583

UnknownClass.JUnit Jupiter FAILED

thomas-bee
@thomas-bee
in 6.4.2, curl <server>/cas/oidc/oidcAuthorize without or with proper parameters throws a internal server error 500, while it worked fine in 6.4 RC4. Any pointers?
juanmariareina
@juanmariareina
Hello everybody!
I'm struggling with configuring database auth. I see the following message:
ERROR [org.apereo.cas.web.flow.executor.EncryptedTranscoder] - <DecryptionException>
CAS 6.5, BTW
Łukasz
@lgwozniak
Hello is there possibility to redirect someone from login page to Office365 automaticly ?
mijutu
@mijutu:ellipsis.fi
[m]
If ?service= parameter points to a service that only has the Office365 login allowed, then I'd think that cas would redirect there automatically. Try adding to service registry json: "accessStrategy" : { delegatedAuthenticationPolicy" : { "allowedProviders" : [ "java.util.ArrayList", [ "client-name-from-cas-properties"
Lars Grefer
@larsgrefer

Hi everyone,

while working on #5305 I noticed something strange:

cas-server-support-bom:6.4.0 contains dependency management for jarkarta.mail:1.6.5 but the cas-server-webapp-tomcat:6.4.0 war file ships with jarkarta.mail:1.6.7

where does this discrepancy come from?

choidkdk
@choidkdk
Hello everybody!
Can I use old version CAS Client with lastest CAS Server? Like phpCAS v1.3.8 with CAS v6.5?
Łukasz
@lgwozniak
@mijutu:ellipsis.fi but someone need to klik on button "Login as Office365" I want to have that option in login flow. with some parameter in request
Łukasz
@lgwozniak
Any one was logging with OAuth 2.0 to CAS with Office365 ?
‍‍‍‍‍‍‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ z
@VrowardKid_twitter
why am i here?
i clicked my school website and took me to this
Łukasz
@lgwozniak
@mmoayyed I've got problem with logging with O365 with OAuth2 on CAS v.3.7.1. I go to redirect callbackAuthorize, when i change to authorize everything is good.
Łukasz
@lgwozniak
I thinking if this is solution for my problems apereo/cas#5321
marqc
@marqc

Hi. I have problem with my cas configuration. I have 2 authentication sources named DOMAIN and EXTERNAL. I Also have service definition that require user to be logged in through DOMAIN authn

{
  "@class" : "org.apereo.cas.services.OidcRegisteredService",
  "clientId": "myclientid",
  "clientSecret": "myclientsecret",
  "serviceId" : "https?://(localhost|[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+).*",
  "name": "oidc",
  "id": 17,
  "supportedGrantTypes" : ["java.util.HashSet", ["authorization_code", "refresh_token"]],
  "encryptIdToken" : true,
  "bypassApprovalPrompt" : true,
  "accessStrategy" : {
    "@class" : "org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy",
    "enabled" : true,
    "ssoEnabled" : true
  },
  "authenticationPolicy" : {
    "@class" : "org.apereo.cas.services.DefaultRegisteredServiceAuthenticationPolicy",  
    "requiredAuthenticationHandlers" : ["java.util.TreeSet", [ "DOMAIN" ]],
    "excludedAuthenticationHandlers" : ["java.util.TreeSet", [ "EXTERNAL" ]],
    "criteria": {
      "@class" : "org.apereo.cas.services.AnyAuthenticationHandlerRegisteredServiceAuthenticationPolicyCriteria"
    }
  }
}

If I attempt to sign in directly to this service providing DOMAIN credentials, then everything works fine.
But if I start by signing in with EXTERNAL credentials and already have cas session, and then I try to sign in to this service i keep getting loginForm. Even thought I provide correct credentials for DOMAIN it still returns UNSATISFIED_AUTHN_POLICY message. In CAS logs I can see that AuthenticationPolicy passes with "Authentication policy is satisfied having found at least one authentication transactions" message. I don't really know what is blocking the flow later.
I need to logout from cas and retry login to make it work again but I don't want to give up sso functionality.
I'm using CAS version 6.4.3.
I'll be thankful for any hints.

lshc
@lshc666
How to fix the rce vulnerability of log4j2?
@mmoayyed there is requirement to upgrade log4j2 to 2.15.0
1 reply
lshc
@lshc666
Or where to configure log4j2.formatmsgnolookups = true.
My current version is 6.2.6, Docker mode deployment.
2 replies
Manuel Cones
@manuelcones_gitlab
Hello Everyone.
can we add log4j2.formatMsgNoLookups=true to the cas properties file to mitigate the log4j vulnerability?
magenta-pixel
@magenta-pixel
Is CAS actually impacted by the log4j vulnerability? I don't believe so. CAS uses slf4j and pipes to log4j. There is alot of noise ATM -- wanting to make sure it's much ado over something or we end up unnecessary work due to the noise.
lshc
@lshc666
I started using it, how to customize the JVM startup parameter -Dlog4j2.formatmsgnolookups = true? Docker Run - Name Cas_Service Apereo / CAS: V6.2.6 / bin / sh /cas-overlay/bin/run-cas.sh
lshc
@lshc666
@lgwozniak
https://logging.apache.org/log4j/2.x/security.html create PR
@mmoayyed there is requirement to upgrade log4j2 to 2.15.0
1 reply
choidkdk
@choidkdk

Hi guys, I got this error while try to build cas overlay template. 😰

release version 11 not supported

My Gradle info

------------------------------------------------------------
Gradle 7.3.1
------------------------------------------------------------

Build time:   2021-12-01 15:42:20 UTC
Revision:     2c62cec93e0b15a7d2cd68746f3348796d6d42bd

Kotlin:       1.5.31
Groovy:       3.0.9
Ant:          Apache Ant(TM) version 1.10.11 compiled on July 10 2021
JVM:          11.0.12 (Red Hat, Inc. 11.0.12+7-LTS)
OS:           Linux 4.14.256-197.484.amzn2.x86_64 amd64
5 replies
Yasin Dahi
@ymdahi

can we add log4j2.formatMsgNoLookups=true to the cas properties file to mitigate the log4j vulnerability?

This is what the official patching guide seems to infer (https://apereo.github.io/2021/12/11/log4j-vuln/#patching)
As someone new to CAS, my question is: how do I know that the patch (java -Dlog4j2.formatMsgNoLookups=true -jar cas.war) was applied successfully?

2 replies
Wendel Schultz
@wendelicious
I'm running a fairly old CAS version (5.2.1), which I know is not supported. Seems that I'm seeing some very odd OpenJDK exceptions thrown: at com.codahale.metrics.jvm.FileDescriptorRatioGauge.invoke(FileDescriptorRatioGauge.java:48)
1 reply
I've seen that updating to Spring Boot 2.0 is one way to fix this. My question is: can Cas 5.2.x run on Spring Boot 2.0 ?
Currently configured with Spring Boot 1.5.8.RELEASE
java.lang.reflect.InaccessibleObjectException: Unable to make public long com.sun.management.internal.OperatingSystemImpl.getOpenFileDescriptorCount() accessible: module jdk.management does not "opens com.sun.management.internal" to unnamed module
Wendel Schultz
@wendelicious
Alternatively, upgrading the io.dropwizard.metrics libraries to 4.0.x can also address this. Is this an option running on Spring Boot 1.5.8 ?
Wendel Schultz
@wendelicious