How to Add OAuth Clients to CAS Server?

[Alvaro S.]

Hi, I'm trying to add som clients to my config, the documentation states this:

Every OAuth client must be defined as a CAS service (notice the new clientId and clientSecret properties, specific to OAuth)

And shows this json

{
  "@class" : "org.apereo.cas.support.oauth.services.OAuthRegisteredService",
  "clientId": "clientid",
  "clientSecret": "clientSecret",
  "bypassApprovalPrompt": false,
  "serviceId" : "^(https|imaps)://hello.*",
  "name" : "HTTPS and IMAPS",
  "id" : 10000001 

}

But where I have to put this??

I'm using a maven overlay 

[mrcasa bengaluru]

Add the json to /etc/cas/config

Each OAuth service must have a json of its own. Update the json with service specific details

--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/c8ec3266-1f7a-4782-878b-c133569898a9%40apereo.org.

[Alvaro]

Thanks. That must be on the documentation because right now is missing

The name does not matter right?

Thanks again.

On Thu, Feb 9, 2017 at 1:01 PM, mrcasa bengaluru <mrca...@gmail.com> wrote:

Add the json to /etc/cas/config

Each OAuth service must have a json of its own. Update the json with service specific details

On Thu, Feb 9, 2017 at 4:02 PM, Alvaro S. <dragon...@gmail.com> wrote:

Hi, I'm trying to add som clients to my config, the documentation states this:

Every OAuth client must be defined as a CAS service (notice the new clientId and clientSecret properties, specific to OAuth)

And shows this json

{
  "@class" : "org.apereo.cas.support.oauth.services.OAuthRegisteredService",
  "clientId": "clientid",
  "clientSecret": "clientSecret",
  "bypassApprovalPrompt": false,
  "serviceId" : "^(https|imaps)://hello.*",
  "name" : "HTTPS and IMAPS",
  "id" : 10000001 

}

But where I have to put this??

I'm using a maven overlay 

--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.

To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.

To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/c8ec3266-1f7a-4782-878b-c133569898a9%40apereo.org.

--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---

You received this message because you are subscribed to a topic in the Google Groups "CAS Community" group.
To unsubscribe from this topic, visit https://groups.google.com/a/apereo.org/d/topic/cas-user/0Eg2rvGOEOU/unsubscribe.
To unsubscribe from this group and all its topics, send an email to cas-user+unsubscribe@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CALpZ%2BOQTbzMv7aBn1Ou7mY6dFA31tRsG1OfO27HRk1NyFs5TcQ%40mail.gmail.com.

[mrcasa bengaluru]

You can control the location of service registry json files by using this propery in cas.properties

cas.serviceRegistry.config.location=file:/etc/cas/config

Here is the naming recommendation deom the docs -

The naming convention for new JSON files is recommended to be the following:

JSON fileName = serviceName + "-" + serviceNumericId + ".json"

To unsubscribe from this group and all its topics, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CALpZ%2BOQTbzMv7aBn1Ou7mY6dFA31tRsG1OfO27HRk1NyFs5TcQ%40mail.gmail.com.

--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.

To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAA%2Bkr1Y%3DqS73TVyP8krdPRtS0F8-ZsWpwO43Fas1Ci8aZhQHdg%40mail.gmail.com.

[Alvaro]

Where can I find more information about services and his fields?  Because in some examples puts:

"serviceId" : "^(https|imaps)://hello.*",

But I don't know if that is a regex, or a bad example I don't understand it well.

The problem that I'm facing is that I'm getting this error:

Unauthorized Service Access. Service [http://localhost:9999/client/login] is not found in service registry.

This is my json

{

  "@class" : "org.apereo.cas.support.oauth.services.OAuthRegisteredService",

  "clientId": "acme",

  "clientSecret": "acmesecret",

  "bypassApprovalPrompt": false,

  "serviceId" : "http://localhost:9999/client/login",

  "name" : "HTTPS and IMAPS",

  "id" : 1

}

Thanks

To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAA%2Bkr1Y%3DqS73TVyP8krdPRtS0F8-ZsWpwO43Fas1Ci8aZhQHdg%40mail.gmail.com.

--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to a topic in the Google Groups "CAS Community" group.
To unsubscribe from this topic, visit https://groups.google.com/a/apereo.org/d/topic/cas-user/0Eg2rvGOEOU/unsubscribe.

To unsubscribe from this group and all its topics, send an email to cas-user+unsubscribe@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CALpZ%2BOQFH8K2t9mQ_nrOgnktuubA_0G%2Br9Qniwp8y6n0AykPJw%40mail.gmail.com.

[mrcasa bengaluru]

Try this:

"serviceId" : "^(https?|http?)://.*",

To unsubscribe from this group and all its topics, send an email to cas-user+u...@apereo.org.

To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CALpZ%2BOQFH8K2t9mQ_nrOgnktuubA_0G%2Br9Qniwp8y6n0AykPJw%40mail.gmail.com.

--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.

To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAA%2Bkr1bB%2BHNac-Hjv%3Dpr9qvPTtN8LqRkVZLHS7cgP3kn%2BmfCZw%40mail.gmail.com.

[Ray Bon]

Alvaro,

It is regex and a good example.
In your json example, the serviceId is specific and must match exactly. If your service has parameters, http://localhost:9999/client/login?blah=, or it is followed by a trailing slash, http://localhost:9999/client/login/, it will not match.
You can make your service id more generic
"serviceId" : "http://localhost:9999/client/login.*"

Ray

-- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAA%2Bkr1bB%2BHNac-Hjv%3Dpr9qvPTtN8LqRkVZLHS7cgP3kn%2BmfCZw%40mail.gmail.com.

-- 
Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE C023 | rb...@uvic.ca

[Alvaro]

Hi, I've tried with some regex but no one worked.

I see that ^(https|imaps)://.* doesn't will work well because you need to escape the doble slash //, but even with the regex 

^(https|imaps):.* doesn't work either

When the server boots, the console shows this messages:

<Loading services from JsonServiceRegistryDao>

<Adding registered service https://localhost:8443/cas/oauth2.0/callbackAuthorize.*>

<Adding registered service ^(https|imaps)://.*>

<Adding registered service ^https://www.apereo.org>

<Loaded 3 services from JsonServiceRegistryDao.>

But when I tried to log in through my application, I'm getting this error:

The callback URI is this:

https://localhost:8443/cas/oauth2.0/callbackAuthorize?client_name=CasOAuthClient&client_id=acme&redirect_uri=http://localhost:9999/client/login&ticket=ST-1-nIwbwuy5efa1W6Teqyfj-ev007

My Service.json

{

  "@class" : "org.apereo.cas.support.oauth.services.OAuthRegisteredService",

  "clientId": "acme",

  "clientSecret": "acmesecret",

  "bypassApprovalPrompt": false,

  "serviceId" : "^(https?|http?):.*",

  "name" : "HTTPS and IMAPS",

  "id" : 1

}

And the error

2017-02-13 11:31:40,699 DEBUG [org.apereo.cas.web.FlowExecutionExceptionResolver] - <Ignoring the received exception due to a type mismatch>

org.pac4j.core.exception.TechnicalException: cannot validate CAS ticket: ST-1-nIwbwuy5efa1W6Teqyfj-ev007

at org.pac4j.cas.credentials.authenticator.CasAuthenticator.validate(CasAuthenticator.java:76) ~[pac4j-cas-1.9.4.jar!/:?]

at org.pac4j.cas.credentials.authenticator.CasAuthenticator.validate(CasAuthenticator.java:26) ~[pac4j-cas-1.9.4.jar!/:?]

at org.pac4j.core.client.IndirectClientV2.retrieveCredentials(IndirectClientV2.java:49) ~[pac4j-core-1.9.4.jar!/:?]

at org.pac4j.core.client.IndirectClient.getCredentials(IndirectClient.java:105) ~[pac4j-core-1.9.4.jar!/:?]

at org.pac4j.core.engine.DefaultCallbackLogic.perform(DefaultCallbackLogic.java:77) ~[pac4j-core-1.9.4.jar!/:?]

at org.pac4j.springframework.web.CallbackController.callback(CallbackController.java:53) ~[spring-webmvc-pac4j-1.1.4.jar!/:?]

at org.apereo.cas.support.oauth.web.OAuth20CallbackAuthorizeController.handleRequestInternal(OAuth20CallbackAuthorizeController.java:45) ~[cas-server-support-oauth-5.0.3-SNAPSHOT.jar!/:5.0.3-SNAPSHOT]

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_45]

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_45]

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_45]

at java.lang.reflect.Method.invoke(Method.java:497) ~[?:1.8.0_45]

at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:220) ~[spring-web-4.3.4.RELEASE.jar!/:4.3.4.RELEASE]

at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:134) ~[spring-web-4.3.4.RELEASE.jar!/:4.3.4.RELEASE]

at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:116) ~[spring-webmvc-4.3.4.RELEASE.jar!/:4.3.4.RELEASE]

at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:827) ~[spring-webmvc-4.3.4.RELEASE.jar!/:4.3.4.RELEASE]

at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:738) ~[spring-webmvc-4.3.4.RELEASE.jar!/:4.3.4.RELEASE]

at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85) ~[spring-webmvc-4.3.4.RELEASE.jar!/:4.3.4.RELEASE]

at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:963) ~[spring-webmvc-4.3.4.RELEASE.jar!/:4.3.4.RELEASE]

at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:897) ~[spring-webmvc-4.3.4.RELEASE.jar!/:4.3.4.RELEASE]

at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970) ~[spring-webmvc-4.3.4.RELEASE.jar!/:4.3.4.RELEASE]

at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:861) ~[spring-webmvc-4.3.4.RELEASE.jar!/:4.3.4.RELEASE]

at javax.servlet.http.HttpServlet.service(HttpServlet.java:622) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846) ~[spring-webmvc-4.3.4.RELEASE.jar!/:4.3.4.RELEASE]

at javax.servlet.http.HttpServlet.service(HttpServlet.java:729) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:230) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) ~[tomcat-embed-websocket-8.5.9.jar!/:8.5.9]

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.springframework.boot.web.filter.ApplicationContextHeaderFilter.doFilterInternal(ApplicationContextHeaderFilter.java:55) ~[spring-boot-1.4.2.RELEASE.jar!/:1.4.2.RELEASE]

at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.4.RELEASE.jar!/:4.3.4.RELEASE]

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:64) ~[inspektr-common-1.7.GA.jar!/:1.7.GA]

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apereo.cas.web.support.CurrentCredentialsAndAuthenticationClearingFilter.doFilter(CurrentCredentialsAndAuthenticationClearingFilter.java:28) ~[cas-server-core-web-5.0.3-SNAPSHOT.jar!/:5.0.3-SNAPSHOT]

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apereo.cas.security.RequestParameterPolicyEnforcementFilter.doFilter(RequestParameterPolicyEnforcementFilter.java:261) ~[cas-server-security-filter-2.0.6.jar!/:2.0.6]

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apereo.cas.security.ResponseHeadersEnforcementFilter.doFilter(ResponseHeadersEnforcementFilter.java:238) ~[cas-server-security-filter-2.0.6.jar!/:2.0.6]

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.springframework.boot.actuate.trace.WebRequestTraceFilter.doFilterInternal(WebRequestTraceFilter.java:105) ~[spring-boot-actuator-1.4.2.RELEASE.jar!/:1.4.2.RELEASE]

at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.4.RELEASE.jar!/:4.3.4.RELEASE]

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apereo.cas.logging.web.ThreadContextMDCServletFilter.doFilter(ThreadContextMDCServletFilter.java:90) ~[cas-server-core-logging-5.0.3-SNAPSHOT.jar!/:5.0.3-SNAPSHOT]

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99) ~[spring-web-4.3.4.RELEASE.jar!/:4.3.4.RELEASE]

at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.4.RELEASE.jar!/:4.3.4.RELEASE]

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:89) ~[spring-web-4.3.4.RELEASE.jar!/:4.3.4.RELEASE]

at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.4.RELEASE.jar!/:4.3.4.RELEASE]

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:77) ~[spring-web-4.3.4.RELEASE.jar!/:4.3.4.RELEASE]

at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.4.RELEASE.jar!/:4.3.4.RELEASE]

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.springframework.boot.actuate.autoconfigure.MetricsFilter.doFilterInternal(MetricsFilter.java:107) ~[spring-boot-actuator-1.4.2.RELEASE.jar!/:1.4.2.RELEASE]

at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.4.RELEASE.jar!/:4.3.4.RELEASE]

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197) ~[spring-web-4.3.4.RELEASE.jar!/:4.3.4.RELEASE]

at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.4.RELEASE.jar!/:4.3.4.RELEASE]

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:474) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:624) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:677) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:349) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:783) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:789) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1437) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [?:1.8.0_45]

at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [?:1.8.0_45]

at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) ~[tomcat-embed-core-8.5.9.jar!/:8.5.9]

at java.lang.Thread.run(Thread.java:745) [?:1.8.0_45]

Caused by: org.jasig.cas.client.validation.TicketValidationException: UNAUTHORIZED_SERVICE

at org.jasig.cas.client.validation.Cas20ServiceTicketValidator.parseResponseFromServer(Cas20ServiceTicketValidator.java:84) ~[cas-client-core-3.4.1.jar!/:3.4.1]

at org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:201) ~[cas-client-core-3.4.1.jar!/:3.4.1]

at org.pac4j.cas.credentials.authenticator.CasAuthenticator.validate(CasAuthenticator.java:60) ~[pac4j-cas-1.9.4.jar!/:?]

... 89 more

-- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to a topic in the Google Groups "CAS Community" group. To unsubscribe from this topic, visit https://groups.google.com/a/apereo.org/d/topic/cas-user/0Eg2rvGOEOU/unsubscribe. To unsubscribe from this group and all its topics, send an email to cas-user+u...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CALpZ%2BOQFH8K2t9mQ_nrOgnktuubA_0G%2Br9Qniwp8y6n0AykPJw%40mail.gmail.com.

-- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAA%2Bkr1bB%2BHNac-Hjv%3Dpr9qvPTtN8LqRkVZLHS7cgP3kn%2BmfCZw%40mail.gmail.com.

-- 
Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE C023 | rb...@uvic.ca

--

- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to a topic in the Google Groups "CAS Community" group.
To unsubscribe from this topic, visit https://groups.google.com/a/apereo.org/d/topic/cas-user/0Eg2rvGOEOU/unsubscribe.
To unsubscribe from this group and all its topics, send an email to cas-user+unsubscribe@apereo.org.

To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/e935a739-5436-1cd3-8be6-1fea11b988c3%40uvic.ca.

[Alvaro]

Also, I'm seeing this, perhaps is important?

cannot validate CAS ticket: ST-1-R1WRR46mWUEhpTVEDElk-ev007

where ev007 is my machine name. Is that normal? I can't pass through this error.

More interesting traces:

hrown exception [org.apereo.cas.services.UnauthorizedServiceException: Unauthorized Service Access. Service [http://localhost:9999/client/login] is not found in service registry.]>

...

org.apereo.cas.authentication.principal.WebApplicationServiceFactory] - <No service is specified in the request. Skipping service creation>

<Loading services from JsonServiceRegistryDao>

<Adding registered service ^(https|imaps):.*>

<Adding registered service ^https://www.apereo.org>

<Adding registered service https://localhost:8443/cas/oauth2.0/callbackAuthorize.*>

-- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAA%2Bkr1bB%2BHNac-Hjv%3Dpr9qvPTtN8LqRkVZLHS7cgP3kn%2BmfCZw%40mail.gmail.com.

-- 
Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE C023 | rb...@uvic.ca

--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to a topic in the Google Groups "CAS Community" group.
To unsubscribe from this topic, visit https://groups.google.com/a/apereo.org/d/topic/cas-user/0Eg2rvGOEOU/unsubscribe.

To unsubscribe from this group and all its topics, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/e935a739-5436-1cd3-8be6-1fea11b988c3%40uvic.ca.

[Ray Bon]

Alvaro,

Your registered service list has
^(https|imaps):.*
but your service is
http://localhost:9999/client/login
try changing you service registry entry to
^(https?|imaps?):.*


Ray

-- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAA%2Bkr1YT_R5z4x0QTFMASMz%3DEcHESvdnQedhaNuYb9qfhdYdeA%40mail.gmail.com.

[Leo Pintos]

Hi Guys!
I have a very similar problem with CAS and Oauth.
I'm trying to configure oauth2 but I have some problems with the "redirect uri" after the success login
I put the below configuration in my json registered service:
{
"@class" : "org.apereo.cas.support.oauth.services.OAuthRegisteredService",
"clientId": "app_prueba",
"clientSecret": "clientSecret",
"bypassApprovalPrompt": true,
"generateRefreshToken": false,
"serviceId" : "^https://localhost:8443/clienteoauth/recepcionCode",
"name" : "MyOAuthservice",
"id" : 10000002,
}

and I call the service with:
https://localhost:8443/cas/oauth2.0/authorize?response_type=code&client_id=app_prueba&redirect_uri=https://localhost:8443/clienteoauth/recepcionCode

After the success login the app redirect to the server page(wildfly page) and not to the "redirect_uri"

Any help?
Thanks in advance.
Leo.