I have installed CAS6.4 and CAS Management .
I am able to access https://CNNAME/cas/login & it successfully login .
I could also Login to https://hostanme/cas-management/ and it redirect back to cas management.
I have added service URL in cas management as below :
^(http|https)://CNNAME*/**
http*://hostname2/*
But when i access these URL, i get error as
Application Not Authorized to Use CAS
The application you attempted to authenticate to is not authorized to use CAS. This usually indicates that the application is not registered with CAS, or its authorization policy defined in its registration record prevents it from leveraging CAS functionality, or it's malformed and unrecognized by CAS. Contact your CAS administrator to learn how you might register and integrate your application with CAS.
In the logs i get error as :
2021-03-01 07:15:39,111 WARN [org.apereo.cas.services.RegisteredServiceAccessStrategyUtils] - <Unauthorized Service Access. Service [https://hostanme/callback] is not found in service registry.>
I have been struggling to get this solved for for days, could someone please help me with this.
Related
I am trying to integrate apereo CAS management with CAS server and the only tutorial that I found is this for a passwordless authentication(More precisely QR code authentication) and I am finding difficulties in the final step cas server works perfectly but cas management is display
Application Not Authorized to Use CAS
The application you attempted to authenticate to is not authorized to use CAS.
I tried to add casManagement as a service into cas server(both overlay versions)
I tried running them on different machines and that could not help
I tried building from code base but it didn't work
Using CAS 4.0.1 and successfully build with maven cas webapp and cas management app.
Accessing the cas-management app shows the services gui with the following error:
"The CAS management webapp is Unavailable
There was an error trying to complete your request. Please notify your support desk or try again."
I am able to solve my problem and I hope it might help you as well.
The reason behind this error is the security certificate was not in the VM parameter for my CAS server, namely
-Djavax.net.ssl.trustStore=truststore -Djavax.net.ssl.trustStorePassword=trustword"
If the CAS server has both cas and cas-management, then it requires the client certificate of this server to be part of the VM param.
The link http://docs.oracle.com/javase/7/docs/technotes/guides/security/jsse/JSSERefGuide.html#CreateKeystore shows how to create server and client certificates.
Im trying to make my Bonita account authentication openID- enable login through a google account.
Here http://documentation.bonitasoft.com/single-sign-cas they provide the way of doing it("Configure Bonita client for CAS"). My question is: how should I get the following parameters specified in the link: ip_address:port from google(gmail)?
as probably noticed, im newly to be in this section. Any help will be deeply appreciated.
Bonita BPM will not interact with OpenID protocol out of the box.
However it supports the CAS protocol in the subscription editions.
What you probably need to do is to configure your CAS server to act as an authentication proxy.
Here is how it could work in theory (not sure it is feasible):
Bonita BPM relays user authentication to your CAS server using the CAS protocol.
Your CAS server delegates the user authentication to an OpenID provider such as google. Here is how you could activate OpenID support on the CAS server:
http://jasig.github.io/cas/4.0.x/protocol/OpenID-Protocol.html
An alternative solution could also be to implement a specific Bonita authentication service for OpenID (this requires Java development). In that case you would no longer need CAS. I know for a fact that this is possible.
Be aware that both solutions are technically not trivial to put in place.
Cheers,
You can integrate the BonitaBPM Subscription Edition with a Jasig CAS server:
http://documentation.bonitasoft.com/single-sign-cas-0
The CAS server can be configured to get it's authentication from OpenID as can be found here:
http://jasig.github.io/cas/4.0.x/protocol/OpenID-Protocol.html
I could integrate Bonita Community 7.7.4 with Apereo CAS. Details are here: https://github.com/sparse91/bonita-community-cas.
I have setup CAS server in Java and using RubyCas-client for my application. Now my application runs on sub-domain so my concern is once I am authenticated by CAS server for some particular sub-domain, I am able to access others sub-domain also.
Here is brief example:-
My CAS server URL is https://localhost:8443/cas/login
I have given credentials for sub-domain1.mydomain.com and got authenticated for same but when I am trying to access sub-domain2.mydomain.com, getting authenticated for sub-domain2 and sub-domain3 and so on also.
What I want to do that for each sub-domain it will ask me for credentials. Is this possible.
Thanks in advance!
I have developed an Windows Store App consumes WCF service deployed in another server(not mine) everything works fine until i have disabled the Anonymous Authentication to off getting an error message
"The HTTP request is unauthorized with client authentication scheme 'Anonymous'.
The authentication header received from the server was 'NTLM,Negotiate'."
I have googled and found some of the solutions applied but none of the solutions worked for me.The same WCF service accessing in another project it works fine no complains but when i'm using with windows 8 store apps i'm getting the above error.
Any Solution or Explanation is much appreciated.
[Hi Dinesh Haraveer,
Please try using Enterprise authentication.
Windows domain credentials enable a user to log into remote resources using their credentials, and act as if a user provided their user name and password. The enterprise Authentication capability is typically used in line-of-business apps that connect to servers within an enterprise.
You don't need this capability for generic communication across the internet.
Please try looking into http://msdn.microsoft.com/en-us/library/windows/apps/hh464936.aspx