CAS users,
Ok, I am on CAS 5.2 on Redhat 7.
I have created a number of services stored in json files in /etc/cas/services. But I don’t think any of them are getting read by CAS. The CAS-Management creates them and puts them there. But I am not sure CAS is reading them there. My goal was to create a service for one of our Moodle development servers where only staff could access it, not students. I simply added an ldap attribute which contains the value of Staff. CAS-Management seems to create it properly. But CAS ignores it.
Instead I get the following results from the CAS Dashboard from the “Attribute Release” interface (see picture below): The result is https|imap which I never created a service for. I had to hunt for where this was coming from and found it in /usr/local/cas/target/cas/WEB-INF/classes/services/HTTPSandIMAPS-10000001.json
I tried removing it but it restored itself when I restarted the server. I don’t understand what is going on here. I have the following setting in cas:
cas.serviceRegistry.config.location: file:/etc/cas/services
So why is CAS finding json services from /usr/local/cas/target/cas/WEB-INF/classes/services instead of /etc/cas/services {or at least the dashboard anyways}? Shouldn’t the “cas.serviceRegistry.config.location: entry be pointing in to /etc/cas/services”??? I think I got this from the documentation.
In case this helps, this is in the DevMoodle service registration json file:
@class: org.apereo.cas.services.RegexRegisteredService
serviceId: https://devmoodle.beloit.edu.*
name: Dev Moodle
id: 1519398393836
…..and much more
Tim Tyler
Network Engineer
Beloit College
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/03d58f91ff6f2a6b1fc06d57f6946e3b%40mail.gmail.com.
Travis,
Thanks! I think that worked. That is what I get for reading older documentation. I really wish bad lines would not be ignored. Makes me wonder what else I have entered might not be doing anything.
Tim
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAC_RtEbB3-52_Q1uxZWZto5YYw6fj4PcvocW0DXh7nfdU2-1bQ%40mail.gmail.com.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/c83880ddc64fe203e3f5aa644392a06e%40mail.gmail.com.
I was going to ask about this: Apereo/Unicon, do you have a policy on what/when “breaking” changes are allowed between different versions?
E.g. https://semver.org/
In addition to the registry location property change, I think we were also bit by a change from JSON to HJSON somewhere back there in a point release.
Thanks!
Tom.
From: <cas-...@apereo.org> on behalf of Travis Schmidt <travis....@gmail.com>
Reply-To: "cas-...@apereo.org" <cas-...@apereo.org>
Date: Friday, February 23, 2018 at 8:11 AM
To: "cas-...@apereo.org" <cas-...@apereo.org>
Subject: Re: [cas-user] Access Strategy not working???
On Fri, Feb 23, 2018 at 7:35 AM Tim Tyler <ty...@beloit.edu> wrote:
CAS users,
Ok, I am on CAS 5.2 on Redhat 7.
I have created a number of services stored in json files in /etc/cas/services. But I don’t think any of them are getting read by CAS. The CAS-Management creates them and puts them there. But I am not sure CAS is reading them there. My goal was to create a service for one of our Moodle development servers where only staff could access it, not students. I simply added an ldap attribute which contains the value of Staff. CAS-Management seems to create it properly. But CAS ignores it.
Instead I get the following results from the CAS Dashboard from the “Attribute Release” interface (see picture below): The result is https|imap which I never created a service for. I had to hunt for where this was coming from and found it in /usr/local/cas/target/cas/WEB-INF/classes/services/HTTPSandIMAPS-10000001.json
I tried removing it but it restored itself when I restarted the server. I don’t understand what is going on here. I have the following setting in cas:
cas.serviceRegistry.config.location: file:/etc/cas/services
So why is CAS finding json services from /usr/local/cas/target/cas/WEB-INF/classes/services instead of /etc/cas/services {or at least the dashboard anyways}? Shouldn’t the “cas.serviceRegistry.config.location: entry be pointing in to /etc/cas/services”??? I think I got this from the documentation.
In case this helps, this is in the DevMoodle service registration json file:
@class: org.apereo.cas.services.RegexRegisteredService
serviceId: https://devmoodle.beloit.edu.*
name: Dev Moodle
id: 1519398393836
…..and much more
Tim Tyler
Network Engineer
Beloit College
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/03d58f91ff6f2a6b1fc06d57f6946e3b%40mail.gmail.com.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
cas-user+u...@apereo.org
.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAC_RtEbB3-52_Q1uxZWZto5YYw6fj4PcvocW0DXh7nfdU2-1bQ%40mail.gmail.com.