Home > Net >  Ticket validated but no PGT in the ticket validation response (CAS 6.5.9)
Ticket validated but no PGT in the ticket validation response (CAS 6.5.9)

Time:11-01

I have successfully configured CAS 6.5.9 with Proxy Authentication. As mentioned in the documentation, my use case does not support the invoking of a callback url so I have requested that the PGT be returned in the validation response.

Everything works as intended, until I actually attempt to validate the ST using the /p3/serviceValidate endpoint. The ST ticket validates fine but the PGT or pgtId is NOT returned in the response as expected. I created the public/private key pair as documented and provided to CAS via the service definition, along with all the other configuration required. And nothing - no PGT in the validation response. Has anyone else had this issue or have any suggestions?

CodePudding user response:

Eureka! I found the answer to this issue - thanks to this article.

I inadvertently (and probably correctly) had the following configuration property set in my /etc/cas.properties file:

cas.authn.authenticationAttributeRelease.enabled=false

This setting essentially overrides and blocks the ability to include any authentication attributes - including the PGT - from the validation response! In order to enable it, this setting must be set to true and then limited by the corresponding entry removing any additional attributes you don't wish to be included!

cas.authn.authenticationAttributeRelease.neverRelease=credentialType,authenticationDate,...

Thought I would share and save someone hours of pulling your hair out on this one.

Page link:https//www.codepudding.com/net/594522.html

Prev:I am trying to run npm run dev while installing auth ui in laravel
Next:MAUI AAD Authentication ClaimsPrincipal with IsAuthenticated always false
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding