CAS 6.X jwt issue with base64 encoded

44 views
Skip to first unread message

Raheem Shaik

unread,
Jan 30, 2020, 7:39:50 AM1/30/20
to CAS Community
Hi,

I am trying to upgrading from 5.2.x t0 6.x version for my testing but getting but getting issue with  base64 encode which is not working properly, When i try to decode the jwt token it is not able to get the payload data. But in earlier version 5.2.x i did not have any issues 

can somebody help me on this.

build.gardle dependencies

 compile "org.apereo.cas:cas-server-webapp${project.appServer}:${casServerVersion}"
 compile "org.apereo.cas:cas-server-support-rest:${project.'cas.version'}"
 compile "org.apereo.cas:cas-server-support-rest-tokens:${project.'cas.version'}"
 compile "org.apereo.cas:cas-server-support-json-service-registry:${project.'cas.version'}"
 compile "org.apereo.cas:cas-server-support-token-tickets:${project.'cas.version'}"
 compile "org.apereo.cas:cas-server-support-rest-authentication:${project.'cas.version'}"

cas.authn.token.crypto.enabled=false
cas.authn.token.crypto.encryptionEnabled=false
cas.authn.token.crypto.signing.key=xxxxxxxx
cas.authn.token.crypto.signing.keySize=512
cas.authn.token.crypto.encryption.key=xxxxxxxx
cas.authn.token.crypto.encryption.keySize=256

and 

{
  "@class" : "org.apereo.cas.services.RegexRegisteredService",
  "serviceId" : https://.*.example.com",
  "name" : "myApplication",
  "id" : 10000001,
  "description" : "This service definition authorized all application urls that support HTTPS protocol.",
  "evaluationOrder": 2
  "proxyPolicy" : {
    "@class" : "org.apereo.cas.services.RefuseRegisteredServiceProxyPolicy"
  },
  "usernameAttributeProvider" : {
    "@class" : "org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider"
  },

  "attributeReleasePolicy" : {
    "@class" : "org.apereo.cas.services.ReturnAllAttributeReleasePolicy",
      "principalAttributesRepository" : {
      "@class" : "org.apereo.cas.authentication.principal.DefaultPrincipalAttributesRepository"
    },
        "authorizedToReleaseCredentialPassword" : false,
        "authorizedToReleaseProxyGrantingTicket" : false
    },
    "logoutType" : "BACK_CHANNEL",
    "accessStrategy" : {
    "@class" : "org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy",
    "enabled" : true,
    "ssoEnabled" : true
    },  
  "properties" : {
    "@class" : "java.util.HashMap",
    "jwtSigningSecret" : {
      "@class" : "org.apereo.cas.services.DefaultRegisteredServiceProperty",
      "values" : [ "java.util.HashSet", [ "9qz--------DlSwNx" ] ]
    },
    "jwtAsResponse" : {
      "@class" : "org.apereo.cas.services.DefaultRegisteredServiceProperty",
      "values" : [ "java.util.HashSet", [ "true" ] ]
    }
}

Regards,
Raheem 

Raheem Shaik

unread,
Feb 4, 2020, 1:32:35 AM2/4/20
to CAS Community
Any help would be greatly appreciated

Raheem Shaik

unread,
Feb 5, 2020, 4:39:50 AM2/5/20
to CAS Community
I found it is related to encryption.key, when i removed the key it is working fine 
Seems some where it is broken with encryption.
Can someone point me in which 6.x version it has been fixed  

cas.authn.token.crypto.enabled=true
cas.authn.token.crypto.encryptionEnabled=false
cas.authn.token.crypto.signing.key=xxxxxxxx
cas.authn.token.crypto.signing.keySize=512
cas.authn.token.crypto.encryption.key=
cas.authn.token.crypto.encryption.keySize=256

Napoleon Ponaparte

unread,
Feb 12, 2020, 10:36:53 PM2/12/20
to CAS Community
Hi Raheem, How to get this value?
cas.authn.token.crypto.signing.key=xxxxxxxx
cas.authn.token.crypto.encryption.key=xxxxxxxx
THanks

Mathieu HETRU

unread,
Feb 13, 2020, 2:00:00 AM2/13/20
to cas-...@apereo.org
You can get theses values at the launch of cas server in the logs.

Le 13 févr. 2020 à 04:36, Napoleon Ponaparte <naphalu...@gmail.com> a écrit :


--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/feff506b-e209-4550-95d4-9e0831f07225%40apereo.org.

Nguyen Tran Thanh Lam

unread,
Feb 13, 2020, 2:04:16 AM2/13/20
to cas-...@apereo.org
Yeah, I found this. Thanks

Vào Th 5, 13 thg 2, 2020 vào lúc 14:00 Mathieu HETRU <ipsy...@gmail.com> đã viết:
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/63B44D43-DD53-40B0-A097-4A5CF1E2C908%40gmail.com.

Nguyen Tran Thanh Lam

unread,
Feb 13, 2020, 8:32:36 AM2/13/20
to cas-...@apereo.org
Sorry, Mr Mathieu HETRU,
Have you success in CAS version 6.0?
If you success, could you show me how to config this?



Vào Th 5, 13 thg 2, 2020 vào lúc 14:03 Nguyen Tran Thanh Lam <naphalu...@gmail.com> đã viết:
Reply all
Reply to author
Forward
0 new messages