Pac4j is an open source security framework for java applications handling authentication and authorisation created and maintained by CAS in the cloud.
Questions tagged [pac4j]
77 questions
0
votes
1 answer
OIDC for JEE with pac4j
I tried a lot of things for pac4j but I'm feeling a bit lost.
I just want to use a definition of an code authorisation flow for OIDC and then use the fetched and validated access token and id token for other requests started from my webapp.
But in…
0
votes
1 answer
Pac4J with SAML and Content-Security-Policy
I'am currently using Pac4J in combination with SAML2 and that works fine unless 'Content-Security-Policy' are being applied.
When the Content-Security-Policy are being applied and i access a secure URL within the browser an empty page is shown. The…

R.Groote
- 88
- 7
0
votes
1 answer
OIDC callback "Bad authentication response, error=access_denied"
We have a spring-boot with pac4j application that integrates with Orcid using CAS credentials.
We have multi profile configuration with two OidcClients - CAS and a basic OidcClient for ORCID.
Issue:
Is there a way to configure Oidc callback…
0
votes
1 answer
PAC4J JwtAuthenticator logging behavior when JWT is expired
I am currently using PAC4j v5.4.3 for my Java application, and I am using the default JwtAuthenticator with DirectBasicAuthClient for authenticating API requests. The JWT is set to be expired after 30 mins. When the JWT is expired, we observed quite…

Anthony Lee
- 3
- 2
0
votes
1 answer
How to get request body from custom authorizer in pac4j in play framework
I am trying to implement a custom authorizer in my web application using play framework with pac4j. My custom authorizer is getting called but I am not able to access request payload as string using WebContext's getRequestContent() method. It is…

Bill Goldberg
- 1,699
- 5
- 26
- 50
0
votes
1 answer
OIDC Callback URL 404 - pac4j
I am using https://github.com/pac4j/spring-webflux-pac4j-boot-demo to do an OIDC authentication with spring boot and webflux using pac4j. I am setting a OIDC client with a custom callback url.
When you visit /authenticate, you are taken to the IDP…

dCoder
- 509
- 3
- 16
0
votes
2 answers
How to use HTTP Proxy with Pac4j-oauth?
Recently I'm using pac4j project for Oauth Twitter.Running on the local, everything works fine.But when I'm running on the remote server, unfortunately, the service doesn't work properly because there is no direct access to the external network.
For…

Cubeatz
- 1
0
votes
1 answer
How to set maximumAuthenticationLifetime in SAML SSO config
I am using pac4j with apache shiro for my application .
I want to know what is the maximumAuthenticationLifetime value which we needs to set?
If I set it to more time like "31536000" seconds(365 days) then will it open potential security issues. If…

moh
- 1,426
- 2
- 16
- 43
0
votes
0 answers
org.pac4j:5.3.1 compatibility with spring-security-pac4j version
I was earlier using pac4j version 2.3.1 with spring-security-pac4j 3.0.0 and it was working fine.
Now I am upgraded to pac4j version 5.3.1 and its not working properly with spring-security-pac4j 6.1.0 version,…

Jayashree Madanala
- 359
- 4
- 16
0
votes
1 answer
How to upgrade from version 2.31 to version 5.3.1 of pac4j-http and fix the arguments to org.pac4j.core.credentials.authenticator.Authenticator?
I am trying to upgrade pac4j-http:2.31 to 5.3.1 and need help dealing with a breaking change in the argument list of the validate() function in the Authenticator interface.
Earlier I was using…

Jayashree Madanala
- 359
- 4
- 16
0
votes
0 answers
Apache Knox 1.3.0 + pac4j-4.0.3 + openid throwing com.nimbusds.oauth2.sdk.pkce.CodeVerifier cannot be cast to java.io.Serializable
Trying to deploy Apache Knox as service via Cloudera CDP 7 with openid. Followed documentation and set up all params as needed (ref. knox-openid) but getting pkce error on web page.
Things that I have tried:
CDP7 + Knox1.3.0 has pac4j-4.0.3*.jars…

StrangerThinks
- 246
- 4
- 14
0
votes
1 answer
Pac4j Scala - Multiple SAML2 clients in secure action
I have a pac4j Config with two SAML2Client:
val clients = new Clients(baseUrl + "/domain/callback", samlClient1, samlClient2)
val config = new Config(clients)
My question:
How do I specify the client I want to use in a secure action if both clients…

epinal
- 1,415
- 1
- 13
- 27
0
votes
1 answer
Pac4j indirect client selection
I would like to give users choice between a few (indirect) authentication options, similar to what stackoverflow and many other website offer. There would be a form login as well as OIDC options. I can do this by setting different endpoints…

scharette
- 605
- 1
- 9
- 25
0
votes
1 answer
SAML2.0 request attribute name format
Is it part of the SAML2.0 specification to request which attribute name format you want for the SAML response?
So back from Office365 SAML2.0 I get
…

flexxxit
- 2,440
- 5
- 42
- 69
0
votes
0 answers
Linkedin oauth2 api returns http status 451 and serviceErrorCode 65900
I use linkedin as a way to log in, in short, "Login to MyAPP with Linkedin account"
But recently we found that the login is not working properly, code error when using oauth2 to login.
{"serviceErrorCode":65900,"message":"Restricted…

axiangcoding
- 11
- 2