7.0.8 vs 7.1.0 pac4j saml delegatedClient

[Michael Gettes]

Hello cas-user,

I have a single saml pac4j delegated client configured with only 1 IdP under 7.0.8 which works just fine and on startup I see:
[org.apereo.cas.config.DelegatedAuthenticationEventExecutionPlanConfiguration] - <Registering delegated authentication clients…>

On 7.1.0 I do not see the above message on startup and I see the following error when viewing the login page:
WARN [org.apereo.cas.web.flow.DefaultDelegatedClientIdentityProviderConfigurationProducer] - <No delegated authentication providers could be determined based on the provided configuration. Either no identity providers are configured, or the current access strategy rules prohibit CAS from using authentication providers>

Any ideas on what’s wrong? I also tried 7.2.0-SNAPSHOT - same result as 7.1.0

Thank you!

/mrg

[Jonathon Taylor]

Also, I know some of the properties got changed, so I updated the following when coming from 6.6.  I'm not sure if they changed in 7 or 7.1...

old:

cas.authn.pac4j.saml[0].identity-provider-metadata-path

cas.authn.pac4j.saml[0].principal-attribute-id
cas.authn.pac4j.saml[0].service-provider-metadata-path

new:

cas.authn.pac4j.saml[0].metadata.identity-provider-metadata-path
cas.authn.pac4j.saml[0].principal-id-attribute

cas.authn.pac4j.saml[0].metadata.service-provider.file-system.location

On Mon, Sep 23, 2024 at 1:15 PM Jonathon Taylor <jona...@berkeley.edu> wrote:

Hi Michael,

With 7.1 the SAML delegation components all got moved under org.apereo.cas:cas-server-support-pac4j-saml.  Hopefully it's as simple as adding that to your build.

--
- Website: https://apereo.github.io/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1AB16886-8517-47B7-BD59-A71FAA4F0E96%40gmail.com.

--

Jonathon Taylor (he/him)

Information Security Office

jona...@berkeley.edu

--

Jonathon Taylor (he/him)

Information Security Office

jona...@berkeley.edu

[Jonathon Taylor]

Hi Michael,

With 7.1 the SAML delegation components all got moved under org.apereo.cas:cas-server-support-pac4j-saml.  Hopefully it's as simple as adding that to your build.

On Mon, Sep 23, 2024 at 6:52 AM Michael Gettes <get...@gmail.com> wrote:

--
- Website: https://apereo.github.io/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1AB16886-8517-47B7-BD59-A71FAA4F0E96%40gmail.com.

[Michael Gettes]

I had the properties already configured properly … my build in 7.0.8 only had org.apereo.cas:cas-server-support-pac4j-webflow and I replaced it with org.apereo.cas:cas-server-support-pac4j-saml per your suggestion and that did the trick.

THANK YOU SO MUCH!

/mrg

To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CABzqDo9hHRR%3DjNZjfzYK3CqOHV78VYsgA6nsAnfoWOZbEXyOrA%40mail.gmail.com.