[Archivesspace_Users_Group] AS 3.4.0 CAS configuration Issues
Ludwig Possie
ludwigpossie at weber.edu
Thu Aug 10 11:45:30 EDT 2023
I apologize, I didn't want to have any issues with our security team so I
substituted our domain name for 'someuniversity'. I've checked with them
and they are fine if I post the following. We do have ArchivesSpace
running behind Traefik proxy. This is what part of configuration currently
looks like:
# proxy config (release testing only)
AppConfig[:frontend_proxy_url] = "https://asstage.weber.edu/staff"
AppConfig[:public_proxy_url] = "https://asstage.weber.edu/"
AppConfig[:plugins] = ['batch_update_lang_and_script',
'batch_update_langmaterials', 'aspace-oauth']
AppConfig[:authentication_sources] = [{
model: 'ASOauth',
provider: 'cas',
label: 'CAS Sign In',
slo_link: true,
config: {
url: 'https://cas.weber.edu
',
host: 'cas.weber.edu',
ssl: true,
login_url: '/login',
logout_url: '/logout',
service_validate_url:
'/serviceValidate',
callback_url:
'auth/cas/callback',
uid_key: 'user',
email_key: 'email'
# more cas keys and options
at: https://github.com/dlindahl/omniauth-cas
#
# if your server does not
return an email address, you can add one
# here using the
fetch_raw_info option.
#fetch_raw_info: ->(s, o,
t, user_info) { { email: "#{user_info['user']}@ivory-tower.edu" } }
}
}]
When I click on the 'CAS Sign In' button this is what I'm getting back on
the logs:
************************************************************
│ Welcome to ArchivesSpace!
│ You can now point your browser to http://localhost:8080
│ ************************************************************
│ F, [2023-08-10T15:28:36.687087 #65] FATAL -- :
│ F, [2023-08-10T15:28:36.689853 #65] FATAL -- :
ActionController::RoutingError (No route matches [GET] "/staff/auth/cas"):
│ F, [2023-08-10T15:28:36.690437 #65] FATAL -- :
│ F, [2023-08-10T15:28:36.690757 #65] FATAL -- : actionpack (5.2.8.1)
lib/action_dispatch/middleware/debug_exceptions.rb:65:in `call'
│ actionpack (5.2.8.1)
lib/action_dispatch/middleware/show_exceptions.rb:33:in `call'
│ railties (5.2.8.1) lib/rails/rack/logger.rb:38:in `call_app'
│ railties (5.2.8.1) lib/rails/rack/logger.rb:26:in `block in call'
│ activesupport (5.2.8.1) lib/active_support/tagged_logging.rb:71:in
`block in tagged'
│ activesupport (5.2.8.1) lib/active_support/tagged_logging.rb:28:in
`tagged'
│ activesupport (5.2.8.1) lib/active_support/tagged_logging.rb:71:in
`tagged'
│ railties (5.2.8.1) lib/rails/rack/logger.rb:26:in `call'
│ actionpack (5.2.8.1) lib/action_dispatch/middleware/remote_ip.rb:81:in
`call'
│ actionpack (5.2.8.1) lib/action_dispatch/middleware/request_id.rb:27:in
`call'
│ rack (2.2.6.2) lib/rack/method_override.rb:24:in `call'
│ rack (2.2.6.2) lib/rack/runtime.rb:22:in `call'
│ activesupport (5.2.8.1)
lib/active_support/cache/strategy/local_cache_middleware.rb:29:in `call'
│ actionpack (5.2.8.1) lib/action_dispatch/middleware/executor.rb:14:in
`call'
│ actionpack (5.2.8.1) lib/action_dispatch/middleware/static.rb:127:in
`call'
│ rack (2.2.6.2) lib/rack/sendfile.rb:110:in `call'
│ railties (5.2.8.1) lib/rails/engine.rb:524:in `call'
On Thu, Aug 10, 2023 at 8:21 AM Joshua D. Shaw <Joshua.D.Shaw at dartmouth.edu>
wrote:
> Hi Ludwig
>
> Assuming you haven't removed your specific domain what you posted, I think
> you'll want to change all of the urls, the host, and the email domain to
> your specific urls/domain. You may need to contact your IT department to
> get specifics.
>
> You only need the proxy url entries if you are running AS under a proxy.
>
> Best,
> Joshua
>
> ------------------------------
> *From:* archivesspace_users_group-bounces at lyralists.lyrasis.org <
> archivesspace_users_group-bounces at lyralists.lyrasis.org> on behalf of
> Ludwig Possie <ludwigpossie at weber.edu>
> *Sent:* Wednesday, August 9, 2023 8:36 PM
> *To:* Archivesspace Users Group <
> archivesspace_users_group at lyralists.lyrasis.org>
> *Subject:* [Archivesspace_Users_Group] AS 3.4.0 CAS configuration Issues
>
> I'm trying to get CAS authentication setup on our AS 3.4.0 using the
> lyrasis/aspace-oauth plugin. I've tried to follow the example outlined on
> the plugin. I'm able to get as far as to the staff login page and I can
> see a "CAS sign In" button on the top right, but when I press it I get the
> following message, "The page you were looking for doesn't exist." The
> button links me to https://as.someuniversity.edu/staff/auth/cas
>
> My config.rb contains the following parameters is there something that I
> need to add or change?:
>
> AppConfig[:frontend_proxy_url] = "https://as.someuniversity.edu/staff"
> AppConfig[:public_proxy_url] = "https://as.someuniversity.edu/"
>
> AppConfig[:authentication_sources] = [{
>
> model: 'ASOauth',
>
> provider: 'cas',
> label: 'CAS Sign In',
> slo_link: true,
> config: {
> url: '
> https://cas.someuniversity.edu',
> host: '
> cas.someuniversity.edu',
> ssl: true,
> login_url: '/login',
> logout_url: '/logout',
> service_validate_url:
> '/cas/serviceValidate',
>
> callback_url: 'auth/cas/callback',
>
> uid_key: 'user',
> email_key: 'email'
> # more cas keys and
> options at: https://github.com/dlindahl/omniauth-cas
> #
> # if your server does not
> return an email address, you can add one
> # here using the
> fetch_raw_info option.
> #fetch_raw_info: ->(s, o,
> t, user_info) { { email: "#{user_info['user']}@ivory-tower.edu" } }
> }
> }]
>
> --
> Ludwig Possié
> Systems Admin
> Stewart Library
> Weber State University
> 801-626-8093
> _______________________________________________
> Archivesspace_Users_Group mailing list
> Archivesspace_Users_Group at lyralists.lyrasis.org
> http://lyralists.lyrasis.org/mailman/listinfo/archivesspace_users_group
>
--
Ludwig Possié
Systems Admin
Stewart Library
Weber State University
801-626-8093
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lyralists.lyrasis.org/pipermail/archivesspace_users_group/attachments/20230810/a8408162/attachment.html>
More information about the Archivesspace_Users_Group
mailing list