Hello,
It works well with CAS 5.2.x, but when I upgraded to CAS 5.3..2, I have the following errors:
==> In the browser I see:
Application Not Authorized to Use CAS
The application you attempted to authenticate to is not authorized to use CAS. This usually indicates that the application is not registered with CAS, or its authorization policy defined in its registration record prevents it from leveraging CAS functionality, or it's malformed and unrecognized by CAS. Contact your CAS administrator to learn how you might register and integrate your application with CAS.
==> in the logs:
ERROR [org.apereo.cas.web.flow.DelegatedClientAuthenticationAction] - <No client found for name: SAML2Client>
org.pac4j.core.exception.TechnicalException: No client found for name: SAML2Client
at org.pac4j.core.client.Clients.findClient(Clients.java:128) ~[pac4j-core-3.0.1.jar!/:?]
I added the following dependency in build.gradle
compile "org.apereo.cas:cas-server-support-pac4j-webflow:${project.'cas.version'}"
Here are the properties I use:
cas.authn.pac4j.saml[0].keystorePassword=zzz
cas.authn.pac4j.saml[0].privateKeyPassword=zzz
cas.authn.pac4j.saml[0].serviceProviderEntityId=urn:mace:saml:pac4j.org
cas.authn.pac4j.saml[0].serviceProviderMetadataPath=<absolute-path>/sp-metadata.xml
cas.authn.pac4j.saml[0].keystorePath=<absolute-path>/keystore
cas.authn.pac4j.saml[0].identityProviderMetadataPath=https://xxxxx.oktapreview.com/app/xxxxxx/sso/saml/metadata
I also added the following service declaration
{
"@class" : "org.apereo.cas.services.RegexRegisteredService",
"serviceId" : "^https://localhost:8446/iam-client-2(\\z|/.*)",
"name" : "CAS Client 2",
"id" : 3,
"description" : "CAS java webapp client",
"attributeReleasePolicy" : {
"@class" : "org.apereo.cas.services.ReturnMappedAttributeReleasePolicy",
"allowedAttributes" : {
"@class" : "java.util.TreeMap",
"Group" : "role",
"FirstName" : "FirstName",
"LastName" : "LastName",
"Email" : "Email"
}
}
}
Have I missed something? please help