Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information.
--
// Azure support
implementation "org.apereo.cas:cas-server-support-pac4j-webflow:${project.'cas.version'}"
cas.authn.pac4j.oidc[0].azure.display-name= cas
cas.authn.pac4j.oidc[0].azure.auto-redirect-type= SERVER
cas.authn.pac4j.oidc[0].azure.client-name= cas
cas.authn.pac4j.oidc[0].azure.enabled= true
cas.authn.pac4j.oidc[0].azure.id= [client ap id of cas app]
cas.authn.pac4j.oidc[0].azure.response-mode= form_post
cas.authn.pac4j.oidc[0].azure.response-type= id_token
cas.authn.pac4j.oidc[0].azure.scope= openid
cas.authn.pac4j.oidc[0].azure.secret= [cas client app secret]
cas.authn.pac4j.oidc[0].azure.tenant= [tenant id]
cas.authn.pac4j.oidc[0].azure.use-nonce= true
cas.authn.pac4j.oidc[0].azure.discovery-uri= https://login.microsoftonline.com/[tenant id]/oauth2/v2.0/cas.authn.pac4j.oidc[0].azure.logout-url= https://login.microsoftonline.com/common/oauth2/logout
On Azure, I enabled id_token and set the redirect url to:
https://cas.dev.schoolname.ca/cas/login?client_name=cas
service fiile for CasTest-1.json
{
"@class" : "org.apereo.cas.services.CasRegisteredService",
"serviceId" : "http://cas-test.dev.ecuad.ca/wp-login.php*",
"name" : "CasTest"
"id" : 1,
"evaluationOrder" : 1,
}
Catalina.out when I go to the Cas Test page (word press site):
2023-05-25 15:25:02,294 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHO: audit:unknown
WHAT: {result=Client Access Granted, service=http://cas-test.dev.schoolname.ca/wp-login.php, client=cas, registeredService=CasTest:http://cas-test.dev.ecuad.ca/wp-login.php*}
ACTION: DELEGATED_CLIENT_SUCCESS
APPLICATION: CAS
WHEN: Thu May 25 15:25:02 PDT 2023
CLIENT IP ADDRESS: xxxxxxxxxxx
SERVER IP ADDRESS: unknown
=============================================================
The problem I'm having is the web page will go to:
https://cas.dev.schoolname.ca/cas/login?client_name=cas
and time out. I'm not sure what I need to set so CAS (or Azure) will redirect to the WordPress site.
Any help is appreciated.
Thank you,
Rod