Hi all, After installing and configuring CAS to work with our DegreeWorks install, I'm seeing that the application is unable to login with CAS despite having a service registry. Is there some formatting issues with our registry entry?
For reference, we're running tomcat 10, cas 7.0.0, jdk17. here is my cas.properties: cas.server.name=http://{casserver}.edu cas.server.prefix=${cas.server.name}/cas logging.config=file:/etc/cas/config/log4j2.xml #server.port=8080 server.ssl.enabled=false #LDAP Configuration cas.authn.ldap[0].type=AUTHENTICATED cas.authn.ldap[0].ldap-url=ldap://ldapserver:389 cas.authn.ldap[0].base-dn=OU=Accounts,DC=school,DC=edu cas.authn.ldap[0].search-filter=(sAMAccountName={user}) cas.authn.ldap[0].bind-dn=CN=ldap_user,OU=Accounts,DC=school,DC=edu cas.authn.ldap[0].bind-credential=password cas.authn.ldap[0].subtree-search=true #cas.authn.ldap[0].principal-attribute-list=samAccountName:UDC_IDENTIFIER #cas.authn.ldap[0].principal-attribute-password= cas.authn.ldap[0].principal-attribute-id=UDC_IDENTIFIER #DUO MFA cas.authn.mfa.duo[0].duo-api-host={apihostlink} #cas.authn.mfa.duo[0].duo-application-key={key} cas.authn.mfa.duo[0].duo-integration-key={integration_key} cas.authn.mfa.duo[0].duo-secret-key={secret-key} #JSON Registry cas.service-registry.core.init-from-json=false cas.service-registry.json.location=file:/etc/cas/services here is the service registry for DegreeWorks: /etc/cas/services/dashboard-849100.json { /*Dashboard TEST service registry*/ "@class":"org.apereo.cas.services.CasRegisteredService", "serviceId":"^(https:)\/\/degreeworks.school.edu:8491\/dashboard\/", "name":"Degreeworks Dashboard TEST (degreeworks-test)", "id":"849100", "evaluationOrder":1, "proxyPolicy":{ "@class":"org.apereo.cas.services.RegexMatchingRegisteredServiceProxyPolicy", "pattern":"^ (https:)\/\/degreeworks.school.edu:8491\/dashboard\/", //, } logoutType: BACK_CHANNEL attributeReleasePolicy: { "@class" : "org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy", "allowedAttributes" : [ "java.util.ArrayList", [ "UDC_IDENTIFIER" ] ] authorizedToReleaseCredentialPassword: false authorizedToReleaseProxyGrantingTicket: true excludeDefaultAttributes: false authorizedToReleaseAuthenticationAttributes: true } multifactorPolicy: { "@class":"org.apereo.cas.services.DefaultRegisteredServiceMultifactorPolicy" "multifactorAuthenticationProviders" : [ "java.util.LinkedHashSet", [ "mfa-duo" ] ] /*failureMode: NOT_SET * bypassEnabled: false*/ } accessStrategy: { @class: org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy order: 0 enabled: true ssoEnabled: true requireAllAttributes: false caseInsensitive: true } } -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/b303803d-f57d-4e40-aff3-ea937f866102n%40apereo.org.
