SAML2 protocol in CAS6.4.6.6

172 views
Skip to first unread message

Xavier Rodríguez

unread,
Mar 22, 2024, 9:09:28 AM3/22/24
to CAS Community
Hello,

I'm not familiar with SAML 2.0 and I need to set up our CAS 6.4.6.6 with SAML2 protocol. Our CAS uses Oauth2 + CAS protocol. Now, we need to add this protocol.

Folowing the documentation:


I've added in gradle:

implementation "org.apereo.cas:cas-server-support-saml-idp:${project.'cas.version'}"

And in my cas.properties:

   cas.authn.saml-idp.core.entity-id: https://mycas.cat/idp
   cas.authn.saml-idp.metadata.file-system.location: file:/etc/cas/saml

I've ever had the same error:

Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'scopedTarget.samlProfileSamlAttributeStatementBuilder' defined in class path resource [org/apereo/cas/config/SamlIdPConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.apereo.cas.support.saml.web.idp.profile.builders.SamlProfileObjectBuilder]: Factory method 'samlProfileSamlAttributeStatementBuilder' threw exception; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No qualifying bean of type 'org.apereo.cas.authentication.attribute.AttributeDefinitionStore' available: expected at least 1 bean which qualifies as autowire candidate. Dependency annotations: {@org.springframework.beans.factory.annotation.Autowired(required=true), @org.springframework.beans.factory.annotation.Qualifier("attributeDefinitionStore")}

What am I need to define in my Cas-Server?

I try with several configurations and I've get the same result.

Anyone can help me?

Thanks!!!

Mohamed Amdouni

unread,
Mar 22, 2024, 11:03:39 AM3/22/24
to cas-...@apereo.org
Hello,

I have a working instance with : 

In addition, 
cas.server.prefix
cas.server.scope

And 

implementation "org.apereo.cas:cas-server-support-saml:${project.'cas.version'}"

But I think it s not required because it s for saml1


--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/bd4ac22e-bf9e-4fa7-8210-c8a8168f927cn%40apereo.org.

Mohamed Amdouni

unread,
Mar 22, 2024, 11:03:39 AM3/22/24
to cas-...@apereo.org
And you should also add the attribute definitions :

cas.authn.attribute-repository.*

These attaributes mapping will be added in the saml2 response claims 

Ray Bon

unread,
Mar 22, 2024, 11:03:39 AM3/22/24
to cas-...@apereo.org
Xavier,

The property names may have changed (your version is old).
Maybe search this blog, https://fawnoos.com/blog/

Ray

On Fri, 2024-03-22 at 06:02 -0700, Xavier Rodríguez wrote:
Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information.

Xavier Rodríguez

unread,
Apr 3, 2024, 9:17:28 AM4/3/24
to CAS Community, Ray Bon
Hi,

Thanks for your responses!

After analize the CAS-6.4.6.6 code I have found that the bean that causes my problem is created in org.apereo.cas.config.CasPersonDirectoryConfiguration.

Then, when I add in my build.gradle:

implementation "org.apereo.cas:cas-server-support-person-directory:${project.version}"

CAS is started without problems (doesn't appear -No qualifying bean of type 'org.apereo.cas.authentication.attribute.AttributeDefinitionStore- )

But I have my doubts if this is a good solution, because in:


This library is used in:

testImplementation group: 'org.apereo.cas', name: 'cas-server-support-person-directory', version: 'X.X.X'

¿Any idea about this? ¿Is a good solution?

Thanks,

- Xavier -

El dia divendres, 22 de març del 2024 a les 16:03:39 UTC+1, Ray Bon va escriure:

Ray Bon

unread,
Apr 3, 2024, 9:17:28 AM4/3/24
to amg...@gmail.com, cas-...@apereo.org
Xavier,

The form of testImplementation is just a different way to write the same thing as you have for implementation.
It may be that some SAML config needs the person directory. It is ok to include it.

Ray

On Wed, 2024-04-03 at 05:49 -0700, Xavier Rodríguez wrote:
Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information.

Reply all
Reply to author
Forward
0 new messages