You have two different problems.
Your CAS IdP needs to have its keys properly configured. There should be
something more in that warning to indicate which key is 256 bit instead
of the 512 bit. Follow documentation once you find that to update the
key or specify the length as 256. This is breaking SSO probably?
The second problem is your CAS client isn't configured correctly. Once
you authenticate through the first time, it is up to the application to
maintain session state. The fact that you get an error when clicking on
a different link in the app means that the app doesn't have you logged
in, and is depending on continually using SSO logins, which breaks some
HTTP methods.
On 5/30/25 09:44, Phil Hale wrote:
I have an older CAS client that is using SAML 1.1 protocol. I'm able
to get a successful login to the client application initially, but
when navigating to a sub-menu of the app I get a "Couldn't access
remote service" error on the app and in the logs I see the following
log error:
WARN [org.apereo.cas.util.function.FunctionUtils] - <Invalid key for
dir with A256CBC-HS512, expected a 512 bit key but a 256 bit key was
provided.
I've done some google searches and not found an answer to this issue.
Anyone have an idea what's causing this and what we might do to
resolve it?
Thanks,
Phil
--
- Website: https://apereo.github.io/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google
Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to cas-user+unsubscr...@apereo.org.
To view this discussion visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/0a464edd-9d87-47b8-aad3-859151f937a2n%40apereo.org
<https://groups.google.com/a/apereo.org/d/msgid/cas-user/0a464edd-9d87-47b8-aad3-859151f937a2n%40apereo.org?utm_medium=email&utm_source=footer>.
--
- Website: https://apereo.github.io/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/dc5a9641-5ec6-4586-9275-2776c2863a3d%40ndsu.edu.
