|
UAA api /introspect does not seem to be workign as expected
#uaa
Jeremy, Thanks for your help ! I found what the problem was. I ran a local copy of the UAA on my laptop, pointing to the cloud database and ran your testcases; it all worked as expected ! I was able t
Jeremy, Thanks for your help ! I found what the problem was. I ran a local copy of the UAA on my laptop, pointing to the cloud database and ran your testcases; it all worked as expected ! I was able t
|
By
Shetty, Viraj S [CTR]
· #9173
·
|
|
UAA api /introspect does not seem to be workign as expected
#uaa
Hi Jeremy, Thanks for that testcase. I followed your testcase on our UAA Server except with one change; since we are setup with MFA, I used the uaac token sso to get Marissas token. The UAA app versio
Hi Jeremy, Thanks for that testcase. I followed your testcase on our UAA Server except with one change; since we are setup with MFA, I used the uaac token sso to get Marissas token. The UAA app versio
|
By
Shetty, Viraj S [CTR]
· #9169
·
Edited
|
|
UAA api /introspect does not seem to be workign as expected
#uaa
Jeremy, I upgraded to the latest UAA version 74.24.0 and I still see the same issue. Is there something I can provide from logs that might help ? Thanks, Viraj
Jeremy, I upgraded to the latest UAA version 74.24.0 and I still see the same issue. Is there something I can provide from logs that might help ? Thanks, Viraj
|
By
Shetty, Viraj S [CTR]
· #9156
·
|
|
UAA api /introspect does not seem to be workign as expected
#uaa
Hi Jeremy, Thanks for taklng the time to respond. Really appreciate it. I have double checked this many times. From Postman, I saw the request that is being sent and checked the bearer token to see th
Hi Jeremy, Thanks for taklng the time to respond. Really appreciate it. I have double checked this many times. From Postman, I saw the request that is being sent and checked the bearer token to see th
|
By
Shetty, Viraj S [CTR]
· #9155
·
|
|
UAA api /introspect does not seem to be workign as expected
#uaa
I increased the logging for the UAA and found this exception. The error message is "User is not anonymous". Any idea what this could mean? 09-10T17:34:55.74-0400 [APP/PROC/WEB/0] OUT [2020-09-10 21:34
I increased the logging for the UAA and found this exception. The error message is "User is not anonymous". Any idea what this could mean? 09-10T17:34:55.74-0400 [APP/PROC/WEB/0] OUT [2020-09-10 21:34
|
By
Shetty, Viraj S [CTR]
· #9153
·
Edited
|
|
UAA api /introspect does not seem to be workign as expected
#uaa
Hi All, We are using UAA version 74.14.0 We have a UAA installation for our internal applications in cloudfoundry environment. We have been having a problem in verifying the oauth token (JWT token) us
Hi All, We are using UAA version 74.14.0 We have a UAA installation for our internal applications in cloudfoundry environment. We have been having a problem in verifying the oauth token (JWT token) us
|
By
Shetty, Viraj S [CTR]
· #9152
·
|
|
Client secret rotation in UAA
#uaa
#cf
What I have found is that when I set the secret, add a secret or delete the secret later for a UAA client- the lastmodified field of the client does not get updated. Ideally, there should be a timesta
What I have found is that when I set the secret, add a secret or delete the secret later for a UAA client- the lastmodified field of the client does not get updated. Ideally, there should be a timesta
|
By
Shetty, Viraj S [CTR]
· #9133
·
|
|
Client secret rotation in UAA
#uaa
#cf
Hi All, I am trying to create an automation script which will rotate the client secret every 30 days. I am trying to see if there is an API in UAA which will give me the timestamp of when the last tim
Hi All, I am trying to create an automation script which will rotate the client secret every 30 days. I am trying to see if there is an API in UAA which will give me the timestamp of when the last tim
|
By
Shetty, Viraj S [CTR]
· #9132
·
|
|
Deploying UAA for external users
#uaa
#cf
Thanks Jonathan. I will take a look at that.
Thanks Jonathan. I will take a look at that.
|
By
Shetty, Viraj S [CTR]
· #9116
·
|
|
Deploying UAA for external users
#uaa
#cf
Thanks Enrique. We are deploying UAA in cloud.gov for our agency and it will be used by applications deployed in cloud.gov for our agency. I can add a nginx proxy in front but I think I should be able
Thanks Enrique. We are deploying UAA in cloud.gov for our agency and it will be used by applications deployed in cloud.gov for our agency. I can add a nginx proxy in front but I think I should be able
|
By
Shetty, Viraj S [CTR]
· #9113
·
|
|
Deploying UAA for external users
#uaa
#cf
We want to deploy UAA for external users of the organization. This UAA deployment would only be used by external users and so some of the URLs would have to be exposed to the internet. But I want a la
We want to deploy UAA for external users of the organization. This UAA deployment would only be used by external users and so some of the URLs would have to be exposed to the internet. But I want a la
|
By
Shetty, Viraj S [CTR]
· #9111
·
|
|
How do we get the user attributes from AD into the ID Token ?
Hi Martijn – Thank you for the response an pointers. I missed the fact that the attribute in the uaa.yml should be of the format user.attribute.<attr_name> Everything is working now. Thanks, Viraj
Hi Martijn – Thank you for the response an pointers. I missed the fact that the attribute in the uaa.yml should be of the format user.attribute.<attr_name> Everything is working now. Thanks, Viraj
|
By
Shetty, Viraj S [CTR]
· #9024
·
|
|
#uaa
#uaa
We have our own UAA server running in a cloud.gov environment which we use for all applications that are deployed in cloud.gov. These applications use OAuth 2 to integrate with the UAA server and the
We have our own UAA server running in a cloud.gov environment which we use for all applications that are deployed in cloud.gov. These applications use OAuth 2 to integrate with the UAA server and the
|
By
Shetty, Viraj S [CTR]
· #9022
·
|
|
[EXTERNAL MESSAGE] Re: [cf-dev] Using SAML 2 Bearer token with our own UAA Server
#uaa
Thanks. The SAML assertion generated by ADFS contains "https://<HIDDEN>/saml/SSO/alias/cloudfoundry-saml-login-dev" while the bearer assertion in the metadata file is https://<HIDDEN>/oauth/token/alia
Thanks. The SAML assertion generated by ADFS contains "https://<HIDDEN>/saml/SSO/alias/cloudfoundry-saml-login-dev" while the bearer assertion in the metadata file is https://<HIDDEN>/oauth/token/alia
|
By
Shetty, Viraj S [CTR]
· #8809
·
|
|
[EXTERNAL MESSAGE] Re: [cf-dev] Using SAML 2 Bearer token with our own UAA Server
#uaa
Thanks. I digged into this a little deeper. During the SAML verification, confirmed is never TRUE and that’s why it gives the following error 2019-12-10T16:45:24.58-0500 [APP/PROC/WEB/1] OUT Caused by
Thanks. I digged into this a little deeper. During the SAML verification, confirmed is never TRUE and that’s why it gives the following error 2019-12-10T16:45:24.58-0500 [APP/PROC/WEB/1] OUT Caused by
|
By
Shetty, Viraj S [CTR]
· #8806
·
Edited
|
|
Using SAML 2 Bearer token with our own UAA Server
#uaa
Still having issues. I tried several things and they all seem to fail. 1. Per the documenatation, the URL should go to http://vyscu3.localhost:8080/uaa/oauth/token/alias/vyscu3.cloudfoundry-saml-login
Still having issues. I tried several things and they all seem to fail. 1. Per the documenatation, the URL should go to http://vyscu3.localhost:8080/uaa/oauth/token/alias/vyscu3.cloudfoundry-saml-login
|
By
Shetty, Viraj S [CTR]
· #8804
·
|
|
Using SAML 2 Bearer token with our own UAA Server
#uaa
Thanks Filip. You are correct and thanks for pointing it out. I will pass Assertion and see what happens. As a side question - I am assuming that the Assertion would have to be unencrypted. right ? Do
Thanks Filip. You are correct and thanks for pointing it out. I will pass Assertion and see what happens. As a side question - I am assuming that the Assertion would have to be unencrypted. right ? Do
|
By
Shetty, Viraj S [CTR]
· #8802
·
|
|
Using SAML 2 Bearer token with our own UAA Server
#uaa
I am trying to prototype a situation where a user is already authenticated to an On-prem application using ADFS using SAML. Now, this application needs to call a web service deployed on cloud.gov (Clo
I am trying to prototype a situation where a user is already authenticated to an On-prem application using ADFS using SAML. Now, this application needs to call a web service deployed on cloud.gov (Clo
|
By
Shetty, Viraj S [CTR]
· #8799
·
|
|
Using a TLS connection to the MySQL database
#uaa
Thanks Filip. That was very helpful. I updated the uaa.yml with useSSL = true. I had to set trustServerCertificate to true as well otherwise it gives a handshake error. If i want to validate the MySQL
Thanks Filip. That was very helpful. I updated the uaa.yml with useSSL = true. I had to set trustServerCertificate to true as well otherwise it gives a handshake error. If i want to validate the MySQL
|
By
Shetty, Viraj S [CTR]
· #8703
·
|
|
Using a TLS connection to the MySQL database
#uaa
We have a separate instance of UAA server interacting with the MySQL database running on cloud.gov. Recently, we have been advised to use a TLS connection to connect to the database. After doing some
We have a separate instance of UAA server interacting with the MySQL database running on cloud.gov. Recently, we have been advised to use a TLS connection to connect to the database. After doing some
|
By
Shetty, Viraj S [CTR]
· #8701
·
|