668 lines
45 KiB
Properties
668 lines
45 KiB
Properties
screen.welcome.security=For security reasons, please <a href="logout">log out</a> and exit your web browser when you are done accessing \
|
|
services that require authentication!
|
|
screen.welcome.instructions=Enter Username & Password
|
|
screen.welcome.forcedsso=Welcome back, <code><strong>{0}</strong></code>. We have detected an existing single sign-on session for you. However, \
|
|
you are being asked to re-authenticate again as CAS cannot successfully accept your previous single sign-on participation status which may be \
|
|
related to the policy assigned to <code><strong>{1}</strong></code>. Please enter your Username and Password and proceed.
|
|
screen.welcome.label.source=Source:
|
|
screen.welcome.label.token=Token:
|
|
screen.welcome.label.netid=<span class="accesskey">U</span>sername:
|
|
screen.welcome.label.netid.accesskey=u
|
|
screen.welcome.label.password=<span class="accesskey">P</span>assword:
|
|
screen.welcome.label.password.accesskey=p
|
|
screen.welcome.label.publicstation=I am at a public workstation.
|
|
screen.welcome.label.warn=<span class="accesskey">W</span>arn me!
|
|
screen.welcome.label.warn.accesskey=w
|
|
screen.welcome.label.warnremove=Do not warn me again
|
|
screen.welcome.button.login=Login
|
|
screen.welcome.button.logout=Logout
|
|
screen.welcome.button.loginwip=One moment please...
|
|
screen.welcome.button.register=Register
|
|
screen.welcome.button.deregister=Deregister
|
|
screen.welcome.button.print=Print
|
|
screen.welcome.button.clear=Clear
|
|
screen.welcome.button.confirm=Confirm
|
|
|
|
screen.welcome.label.loginwith=External Identity Providers
|
|
screen.welcome.label.navto=Navigating to external identity provider <strong>{0}</strong>. Please wait...
|
|
screen.welcome.button.loginx509=Login w/ Certificate
|
|
|
|
screen.cookies.disabled.title=Cookies Disabled
|
|
screen.cookies.disabled.message=Your browser does not support cookies. The browser's ability to store or read cookies \
|
|
is essential for single sign-on to work. Please consult your browser settings and ensure cookie support is turned on.
|
|
|
|
screen.acct.button.signUp=Sign Up
|
|
|
|
screen.pm.button.submit=Submit
|
|
screen.pm.button.cancel=Cancel
|
|
screen.pm.button.forgotpwd=<a href="{0}">Forgot your password? </a>
|
|
screen.pm.button.resetPassword=Reset your password
|
|
screen.pm.button.forgotUsername=Forgot your username?
|
|
screen.pm.reset.username=Username:
|
|
screen.pm.reset.email=Email:
|
|
screen.pm.reset.heading=Password Reset Failed
|
|
screen.pm.reset.message=We were unable to process your password reset request at this time.
|
|
screen.pm.reset.qstitle=Answer Security Questions
|
|
screen.pm.reset.qsmsg=Welcome <strong>{0}</strong>. Before you can reset your password, you must answer the following security questions.
|
|
screen.pm.reset.sentInstructions=You should shortly receive a message with follow-instructions to reset your password. Please do not take \
|
|
long as the password reset instructions may expire.
|
|
screen.pm.reset.sent=Password Reset Instructions Sent Successfully.
|
|
screen.pm.reset.title=Reset your password
|
|
screen.pm.reset.instructions=Please provide your username. You will receive a notification with follow-up instructions on how to reset your password.
|
|
screen.pm.reset.answer=Answer {0}
|
|
screen.pm.reset.question=Question {0}
|
|
screen.pm.password.policyViolation=Password does not match the password policy requirement.
|
|
screen.pm.password.confirmMismatch=Passwords do not match.
|
|
screen.pm.password.strength=Strength:
|
|
screen.pm.password.strength.0=Worst
|
|
screen.pm.password.strength.1=Bad
|
|
screen.pm.password.strength.2=Weak
|
|
screen.pm.password.strength.3=Good
|
|
screen.pm.password.strength.4=Strong
|
|
|
|
screen.pm.reset.contact.failed=Unable to send email/SMS as no email/SMS server is defined in the CAS configuration.
|
|
screen.pm.reset.username.required=No email is provided.
|
|
screen.pm.reset.contact.invalid=Provided contact information is missing or invalid.
|
|
screen.pm.reset.email.invalid=Provided email address is invalid.
|
|
screen.pm.reset.username.failed=Failed to send the username to the given email address.
|
|
|
|
screen.pm.forgotusername.title=Forgot your username?
|
|
screen.pm.forgotusername.instructions=Please provide your email address. You will receive an email with your username.
|
|
screen.pm.forgotusername.email.failed=Unable to send email as no email server is defined in the CAS configuration.
|
|
screen.pm.forgotusername.email.invalid=No email is provided, or the given address is invalid.
|
|
screen.pm.forgotusername.contact.invalid=Provided email address or phone number is invalid.
|
|
screen.pm.forgotusername.username.missing=No username could be located for the given email address.
|
|
screen.pm.forgotusername.username.failed=Failed to send the username to the given email address.
|
|
screen.pm.forgotusername.sent=Instructions Sent Successfully.
|
|
screen.pm.forgotusername.sentInstructions=You should shortly receive a message with follow-instructions to how to retrieve your username.
|
|
|
|
screen.aup.heading=Acceptable Usage Policy
|
|
screen.aup.policyterms=<p>The purpose of this policy is to establish acceptable and unacceptable use of electronic devices \
|
|
and network resources in conjunction with the established culture of ethical and lawful behavior, openness, trust, and integrity.</p> \
|
|
<p>By using these resources, you agree to abide by the Acceptable Usage Policy.</p>
|
|
|
|
screen.aup.button.accept=ACCEPT
|
|
screen.aup.button.cancel=CANCEL
|
|
|
|
screen.saml.idp.discovery=SAML2 Identity Provider Discovery
|
|
|
|
screen.consent.confirm=Confirm
|
|
screen.consent.cancel=Cancel
|
|
screen.consent.title=Attribute Consent
|
|
screen.consent.attributes=Attributes
|
|
screen.consent.options=Options
|
|
screen.consent.attributes.header=The following attributes will be released to <strong>[{0}]</strong>:
|
|
screen.consent.attributes.attribute=Attribute
|
|
screen.consent.attributes.values=Value(s)
|
|
|
|
screen.consent.options.header=How should I be prompted for consent again?
|
|
screen.consent.options.always=<strong>Every Time</strong>
|
|
screen.consent.options.desc.always=Show the consent screen every time I attempt to log into {0}.
|
|
screen.consent.options.attributename=<strong>Attribute Name</strong>
|
|
screen.consent.options.desc.attributename=Show the consent screen, if an attribute is added or removed from the collection of attributes released to {0}.
|
|
screen.consent.options.attributevalue=<strong>Attribute Value</strong>
|
|
screen.consent.options.desc.attributevalue.intro=Show the consent screen, if:
|
|
screen.consent.options.desc.attributevalue.first=A new attribute is authorized for release to {0}.
|
|
screen.consent.options.desc.attributevalue.second=An attribute is removed from the attribute bundle previously released to {0}.
|
|
screen.consent.options.desc.attributevalue.third=The value of an attribute authorized for release to {0} has changed.
|
|
screen.consent.options.reminder.header=How often should I be reminded to consent again?
|
|
screen.consent.options.reminder.expl=Show the consent screen, as a reminder, in the event that there is no change to the collection of attributes released to {0}.
|
|
screen.consent.options.timeunit.seconds=Seconds
|
|
screen.consent.options.timeunit.minutes=Minutes
|
|
screen.consent.options.timeunit.hours=Hours
|
|
screen.consent.options.timeunit.days=Days
|
|
screen.consent.options.timeunit.weeks=Weeks
|
|
screen.consent.options.timeunit.months=Months
|
|
screen.consent.options.timeunit.years=Years
|
|
|
|
screen.consent.review.header=Review Attribute Consent
|
|
screen.consent.review.loading=Loading consent decisions...
|
|
screen.consent.review.noconsentdecisions=There are no consent decisions registered for you.
|
|
screen.consent.review.success=Consent decision was deleted successfully.
|
|
screen.consent.review.error=There was an error!
|
|
screen.consent.review.confirm=Delete consent decision for [{}]?
|
|
screen.consent.review.yes=Yes
|
|
screen.consent.review.no=No
|
|
screen.consent.review.date=Date
|
|
screen.consent.review.service=Service
|
|
screen.consent.review.delete=DELETE
|
|
screen.consent.review.createddate=Created Date:
|
|
screen.consent.review.reminder=Reminder:
|
|
screen.consent.review.option=Option:
|
|
screen.consent.review.options.attributename=Attribute Name
|
|
screen.consent.review.options.attributevalue=Attribute Value
|
|
screen.consent.review.options.always=Always
|
|
screen.consent.review.options.desc.always=Show the consent screen every time I attempt to log in.
|
|
screen.consent.review.options.desc.attributename=Show the consent screen, if an attribute is added or removed from the collection of attributes released.
|
|
screen.consent.review.options.desc.attributevalue=Show the consent screen, if 1) a new attribute is authorized for release, 2) an attribute is removed from the attribute bundle previously released, 3) the value of an attribute authorized for release has changed.
|
|
screen.consent.review.attributes=Attributes:
|
|
screen.consent.review.data.search=Search
|
|
screen.consent.review.data.zerorecords=No matching decisions found
|
|
screen.consent.review.data.info=Showing _START_ to _END_ of _TOTAL_ entries
|
|
screen.consent.review.data.infofiltered=(filtered from _MAX_ total entries)
|
|
screen.consent.review.data.infoempty=No decisions to show
|
|
screen.consent.review.logout.success=You have successfully logged out of the Consent Review page. You may completely <a href="../logout">log out</a> of the Central Authentication Service and end your single sign-on session.
|
|
|
|
screen.nonsecure.title=Non-secure Connection
|
|
screen.nonsecure.message=You are currently accessing CAS over a non-secure connection. Single Sign On WILL NOT WORK. In order to have single sign on work, you MUST log in over HTTPS.
|
|
|
|
screen.accountunlocked.heading=Your account is now unlocked.
|
|
screen.account.unlock.description=Your account has been locked and is unable to login. Please follow the instructions \
|
|
on the screen to unlock your account and then try to login again.
|
|
screen.account.unlock.label=Image Text
|
|
screen.account.unlock.hint=To continue, please enter the characters as you see in the image.
|
|
screen.account.unlock.fail=CAS is unable to reset and unlock your account. Contact your CAS administrator for more info.
|
|
screen.account.unlock.success=Your account status is now unlocked. Note that this change might take some time to fully take effect. \
|
|
You should now be able to login and proceed.
|
|
|
|
screen.defaultauthn.title=Static Authentication
|
|
screen.defaultauthn.heading=CAS is configured to accept a static list of users for primary authentication. This is <strong>ONLY</strong> useful for \
|
|
demo purposes. It is recommended that you connect CAS to LDAP, JDBC, etc instead.
|
|
logo.title=go to Apereo home page
|
|
copyright=Copyright © 2005–2022 Apereo, Inc.
|
|
screen.capslock.on = CAPSLOCK key is turned on!
|
|
screen.button.continue=Continue
|
|
screen.post.response.message=You are being redirected to {0}.
|
|
|
|
screen.interrupt.title=Authentication Interrupt
|
|
screen.interrupt.message=The authentication flow has been interrupted for <strong>{0}</strong>.
|
|
|
|
screen.mdui.infolink.text=<a href="{0}" target="_blank">More information about this application</a>.
|
|
screen.mdui.privacylink.text=<a href="{0}" target="_blank">Privacy statement for application</a>.
|
|
|
|
screen.interrupt.btn.proceed=Proceed
|
|
screen.interrupt.btn.cancel=Cancel
|
|
|
|
# Generic Error Pages 401, 404, 500, etc
|
|
########################################
|
|
screen.error.page.heading=Error
|
|
screen.error.page.invalidrequest.title=Unknown Request
|
|
screen.error.page.invalidrequest.desc=The authentication request submitted to CAS is invalid, incorrectly constructed, \
|
|
or contains parameters that are seen as invalid or expired. Please review the original request, consult CAS logs and try again.
|
|
screen.error.page.invalidrequest=Invalid/Unknown Request
|
|
screen.error.page.title.accessdenied=Error - 401
|
|
screen.error.page.title.permissiondenied=Error - Permission Denied
|
|
screen.error.page.title.pagenotfound=Error - Page Not Found
|
|
screen.error.page.title.requestunsupported=Error - Unsupported Request
|
|
screen.error.page.accessdenied=Access Denied
|
|
screen.error.page.permissiondenied=You do not have permission to view this page.
|
|
screen.error.page.requestunsupported=The request type or syntax is not supported.
|
|
screen.error.page.loginagain=Login Again
|
|
screen.error.page.notfound=Page Not Found
|
|
screen.error.page.doesnotexist=The page you are attempting to access does not exist at the moment.
|
|
screen.error.page.authdenied=Authorization Denied
|
|
|
|
# Remember-Me Authentication
|
|
screen.rememberme.checkbox.title=Remember Me
|
|
|
|
# Gua
|
|
screen.gua.confirm.message=If you do not recognize this image as yours, do NOT continue.
|
|
|
|
# Blocked Errors Page
|
|
screen.error.page.title.blocked=Error - Permission Denied
|
|
screen.blocked.header=Access Denied
|
|
screen.blocked.message=You've entered the wrong password for the user too many times. You've been throttled.
|
|
AbstractAccessDecisionManager.accessDenied=You are not authorized to access this resource. Contact your CAS administrator for more info.
|
|
|
|
# Confirmation Screen Messages
|
|
screen.confirmation.message=You asked to be warned before logging into applications. Please proceed.
|
|
screen.authentication.warning=Authentication Succeeded with Warnings
|
|
|
|
# Account Profile Messages
|
|
screen.account.success=You, <strong>{0}</strong>, have successfully logged into the Central Authentication Service. This page allows you to \
|
|
review and manage your account profile and verify the collection of person attributes retrieved by CAS.
|
|
screen.account.security=When you are finished, for security reasons, please <a href="logout">log out</a> and exit your web browser.
|
|
screen.account.tooltip.logout=This operation forces a logout prior to changing the password.
|
|
screen.account.failure=Operation Failure
|
|
screen.account.securityquestions.subtitle=You can review and update your security questions here. \
|
|
Remember that all security questions and answers <strong>MUST</strong> be unique. \
|
|
Duplicate questions or answers are rejected by CAS.
|
|
screen.account.mfadevices.title=Multifactor Authentication Devices
|
|
screen.account.mfadevices.subtitle=The following devices are registered under your account and may be used for multifactor authentication.
|
|
screen.account.auditlog.title=Audit Log
|
|
screen.account.auditlog.subtitle=Examine your audited authentication activity as recorded and captured by CAS.
|
|
screen.account.securityquestions.title=Manage Security Questions
|
|
screen.account.securityquestions.failure=Unable to accept and update your security questions.
|
|
screen.account.securityquestions.success=Security questions are now accepted and updated successfully.
|
|
screen.account.sessions=Review your active single sign-on sessions registered with CAS across all your devices and browsers.
|
|
screen.account.applications=There are applications registered with CAS for which CAS is authorized to allow you access.
|
|
screen.account.attributes=These are the attributes that CAS has found and attached to your authenticated profile. \
|
|
These attributes are included in the pool of available attributes that may be shared and released to applications.
|
|
screen.account.consent.title=Attribute Consent Decisions
|
|
screen.account.consent.subtitle=These are the attribute consent decisions that CAS has found and attached to your authenticated profile.
|
|
screen.account.consent.always=Always
|
|
screen.account.consent.attribute_name=Attribute Name Changes
|
|
screen.account.consent.attribute_value=Attribute Value Changes
|
|
|
|
# Generic Success Screen Messages
|
|
screen.success.header=Log In Successful
|
|
screen.success.success=You, <strong>{0}</strong>, have successfully logged into the Central Authentication Service. However, you are seeing \
|
|
this page because CAS does not know about your target destination and how to get you there. Examine the authentication request again and \
|
|
make sure a target service/application that is authorized and registered with CAS is specified.
|
|
screen.success.security=When you are finished, for security reasons, please <a href="logout">log out</a> and exit your web browser.
|
|
|
|
# Logout Screen Messages
|
|
screen.logout.confirm.header=Do you, <strong>{0}</strong>, want to log out completely?
|
|
screen.logout.confirm.text=<p>An application may have redirected you to the Central Authentication Service \
|
|
to completely log you out and destroy your single sign-on session. If you choose to log out, you will be asked again \
|
|
to provide your credentials and login again once you attempt to access an application.</p>
|
|
screen.logout.confirm.proceed=Do you want to proceed?
|
|
|
|
screen.logout.header=Logout successful
|
|
screen.logout.success=You have successfully logged out of the Central Authentication Service. You may <a href="login">log in</a> again.
|
|
screen.logout.fc.success=You have successfully logged out of the Central Authentication Service. Given single logout is enabled with CAS, \
|
|
the following list of applications are <strong> only notified</strong> to log you out and destroy your user session. Remember that this \
|
|
is just a notification, not a guarantee. It is up the application itself to honor these notifications and properly take action to log you \
|
|
out.
|
|
screen.logout.security=For security reasons, exit your web browser.
|
|
|
|
screen.service.sso.error.header=Re-Authentication Required to Access this Service
|
|
screen.service.sso.error.message=You attempted to access a service that requires authentication without re-authenticating. Please try authenticating again</a>.
|
|
screen.service.required.message=You attempted authentication without specifying the target application. Please re-examine the request and try again.
|
|
screen.service.initial.message=Attempting to access CAS or the indicated target application is disallowed at this time. \
|
|
The authentication policy requires that you change your starting application \
|
|
and then move onto other applications and services.
|
|
|
|
captchaError=reCAPTCHA validation failed.
|
|
username.required=Username is a required field.
|
|
password.required=Password is a required field.
|
|
source.required=Authentication source is a required field.
|
|
|
|
# Password Management
|
|
confirmedPassword.required=Password must be confirmed.
|
|
pm.passwordsMustMatch=Provided passwords do not match.
|
|
pm.passwordFailedCriteria=Provided password does not satisfy the password security policy. Please try again.
|
|
pm.updateFailure=Account password could not be modified. Please try again.
|
|
|
|
# Authentication failure messages
|
|
authenticationFailure.AccountDisabledException=This account has been disabled.
|
|
authenticationFailure.AccountLockedException=This account has been locked.
|
|
authenticationFailure.AccountExpiredException=This account has expired and is forbidden to login at this time.
|
|
authenticationFailure.CredentialExpiredException=Your password has expired.
|
|
authenticationFailure.InvalidLoginLocationException=You cannot login from this workstation.
|
|
authenticationFailure.UniquePrincipalRequiredException=You cannot login at this time, since you have another active single sign-on session in progress \
|
|
and CAS is configured with an authentication policy the prevents multiple concurrent single sign-on sessions.
|
|
authenticationFailure.InvalidLoginTimeException=Your account is forbidden to login at this time.
|
|
authenticationFailure.AccountNotFoundException=Your account is not recognized and cannot login at this time.
|
|
authenticationFailure.FailedLoginException=Authentication attempt has failed, likely due to invalid credentials. Please verify and try again.
|
|
authenticationFailure.MultifactorAuthenticationProviderAbsentException=Unable to satisfy multifactor authentication requirements. \
|
|
Your account is configured for a multifactor authentication strategy, yet CAS is unable to locate and execute that strategy \
|
|
most likely due to misconfiguration of the server. Contact the service administrators for assistance.
|
|
authenticationFailure.SurrogateAuthenticationException=You are not authorized to impersonate the indicated user at this time.
|
|
authenticationFailure.AccountPasswordMustChangeException=Your account password has expired and must be changed.
|
|
authenticationFailure.UnauthorizedServiceForPrincipalException=Service access denied due to missing privileges.
|
|
authenticationFailure.MultifactorAuthenticationRequiredException=Authentication attempt for your account is denied, \
|
|
because your account is not yet configured to go through multifactor authentication. Contact the service administrators \
|
|
for assistance, make sure your account is enrolled and eligible for multifactor authentication and try again.
|
|
authenticationFailure.UNKNOWN=Authentication attempt has failed.
|
|
authenticationFailure.AuthenticationException=Credentials are rejected/invalid and authentication attempt has failed.
|
|
|
|
INVALID_REQUEST_PROXY=The request is incorrectly formatted. Ensure all required parameters are properly encoded and included.
|
|
INVALID_TICKET_SPEC=Ticket failed validation specification. Possible errors could include attempting to validate a Proxy Ticket via a Service Ticket validator, or not complying with the renew true request.
|
|
INVALID_REQUEST=Unable to identify, authorize or complete this request, likely due to malformed or missing required parameters.
|
|
INVALID_AUTHENTICATION_CONTEXT=The validation request for [''{0}''] cannot be satisfied. The request is either unrecognized or unfulfilled.
|
|
INVALID_TICKET=Ticket ''{0}'' not recognized
|
|
INVALID_PROXY_GRANTING_TICKET=PGT already generated for this ST. Cannot grant more than one PGT for ST
|
|
INVALID_SERVICE=Ticket ''{0}'' does not match supplied service. The original service was ''{1}'' and the supplied service was ''{2}''.
|
|
INVALID_PROXY_CALLBACK=The supplied proxy callback url ''{0}'' could not be authenticated. Either ''{0}'' cannot be reached, it is not \
|
|
allowed to exercise proxy authentication.
|
|
UNAUTHORIZED_SERVICE_PROXY=The supplied service ''{0}'' is not authorized to use CAS proxy authentication.
|
|
UNSATISFIED_AUTHN_POLICY=Service access denied due to an unsatisfied authentication policy.
|
|
INVALID_AUTHN_REQUEST=Authentication attempt has failed, likely due to invalid credentials.
|
|
BLOCKED_AUTHN_REQUEST=Authentication attempt is blocked and cannot proceed, likely due to malformed or missing required parameters. \
|
|
Examine the CAS server logs to locate the root cause of the error.
|
|
UNSATISFIED_SAML_REQUEST=The SAML authentication request cannot be understood, accepted or validated by CAS, \
|
|
likely due to malformed or missing required parameters. Please examine the CAS server logs to locate the root cause of the error
|
|
|
|
screen.service.error.header=Application Not Authorized to Use CAS
|
|
service.principal.resolution.error=CAS is unable to determine the correct authentication principal. \
|
|
Either the principal could not be resolved correctly as a single unique entity or CAS has found \
|
|
mixed/multiple candidate principals and is unable to decide which should be used. \
|
|
This error may also be caused if the authenticated principal is not allowed to access the target application \
|
|
due to missing privileges set by the CAS server authorization policies.
|
|
service.not.authorized.missing.attr=You are not authorized to access the application as your account \
|
|
is missing privileges required by the CAS server to authenticate into this service. Please notify your support desk.
|
|
screen.service.error.message=The application you attempted to authenticate to is not authorized to use CAS. \
|
|
This usually indicates that the application is not registered with CAS, or its authorization policy defined in its registration record \
|
|
prevents it from leveraging CAS functionality, or it's malformed and unrecognized by CAS. \
|
|
Contact your CAS administrator to learn how you might register and integrate your application with CAS.
|
|
screen.service.empty.error.message=The services registry of CAS is empty and has no service definitions. \
|
|
Applications that wish to authenticate with CAS must explicitly be defined in the services registry.
|
|
screen.service.expired.message=The application you attempted to authenticate to has been expired in the CAS Service Registry. \
|
|
If this service should still be considered in use, please contact the service administrators to have the application renewed.
|
|
# Surrogate Account Selection
|
|
screen.surrogates.account.selection.header=Impersonation Account Selection
|
|
screen.surrogates.choose.account=Choose Account
|
|
screen.surrogates.message=<p>You are provided with a list of accounts on behalf of which you are allowed to authenticate.</p> \
|
|
<p>Select one and continue.</p>
|
|
screen.surrogates.button.cancel=Cancel
|
|
screen.surrogates.account.selection.error=You are not authorized to impersonate the indicated user at this time.
|
|
screen.surrogates.wildcard.title=Impersonation Account Selection
|
|
screen.surrogates.wildcard.description=Your account is internally recognized by CAS as one with special permissions, \
|
|
authorized to impersonate all users and accounts. Therefor, impersonation account selection is not allowed for your \
|
|
account. Instead, you may directly proceed to login and impersonate any other account using its username.
|
|
|
|
# Password policy
|
|
password.expiration.warning=Your password expires in {0} day(s). Please <a href="https://pm.example.edu">change your password</a> now.
|
|
password.expiration.loginsRemaining=You have {0} login(s) remaining before you <strong>MUST</strong> change your password.
|
|
screen.accountdisabled.heading=This account has been disabled.
|
|
screen.accountdisabled.message=Please contact the system administrator to regain access.
|
|
screen.accountlocked.heading=This account has been locked.
|
|
screen.accountlocked.message=Please contact the system administrator to regain access.
|
|
screen.expiredpass.heading=Hello, {0}. Your password has expired.
|
|
screen.expiredpass.message=Please <a href="{0}">change your password</a>.
|
|
screen.mustchangepass.heading=Hello, {0}. You must change your password.
|
|
screen.mustchangepass.message=Please <a href="{0}">change your password</a>.
|
|
screen.badhours.heading=Your account is forbidden to login at this time.
|
|
screen.badhours.message=Please try again later.
|
|
screen.authnblocked.heading=Authentication attempt is blocked.
|
|
screen.authnblocked.message=Your authentication attempt is untrusted and unauthorized from your current workstation.
|
|
screen.risk.authnblocked.heading=Authentication attempt is blocked.
|
|
screen.risk.authnblocked.message=Your authentication attempt is untrusted and unauthorized from your current workstation.
|
|
screen.badworkstation.heading=You cannot login from this workstation.
|
|
screen.badworkstation.message=Please contact the system administrator to regain access.
|
|
screen.button.changePassword=Change Password
|
|
|
|
screen.pm.success.header=Password Change Successful
|
|
screen.pm.success.message=Your account password is successfully updated.
|
|
|
|
screen.pm.confirmpsw=Confirm Password:
|
|
screen.pm.enterpsw=Enter Password:
|
|
|
|
screen.pac4j.authn.TechnicalException=Unable to locate or parse identity provider configuration, most likely due to misconfiguration. \
|
|
Review logs to find the root cause of the issue.
|
|
screen.pac4j.authn.unknown=Authentication response provided to CAS by the external identity provider cannot be accepted.
|
|
screen.pac4j.unauthz.pagetitle=Unauthorized Access
|
|
screen.pac4j.unauthz.gotoapp=Go to Application
|
|
screen.pac4j.unauthz.login=Back to CAS
|
|
screen.pac4j.unauthz.heading=Unauthorized Access
|
|
screen.pac4j.unauthz.message=Either the authentication request was rejected/cancelled, or the authentication provider denied access due \
|
|
to permissions, etc. Review logs to find the root cause of the issue.
|
|
screen.pac4j.button.retry=Try Again
|
|
screen.pac4j.discovery.intro=Please provide your username or email address so CAS can locate the correct identity provider for your account.
|
|
screen.pac4j.discovery.unknownclient=Delegated identity provider cannot be found based for this request.
|
|
screen.pac4j.button.selectprovider=Select Identity Provider
|
|
screen.pac4j.discovery.title=Delegated Authentication Dynamic Discovery
|
|
screen.pac4j.authn.SAMLException=Authentication response provided to CAS by the external identity provider cannot be accepted. \
|
|
Please examine the CAS server logs and configuration to locate the root cause of the issue, and then try again.
|
|
screen.pac4j.authn.SAMLIssueInstantException=Authentication response provided to CAS by the external identity provider cannot be accepted \
|
|
because the authentication issue instant, given the present CAS configuration, is either too old or set in the future.
|
|
|
|
screen.pac4j.credential-selection.title=Delegated Authentication Profile Selection
|
|
screen.pac4j.credential-selection.intro=CAS has found multiple profiles associated with your user account. Please choose the account \
|
|
with which you wish to login and proceed.
|
|
|
|
screen.delauthn.error.header=Delegated Authentication Failure
|
|
screen.delauthn.error.message=CAS is unable to complete the delegated authentication scenario, \
|
|
or redirect to the selected identity provider. Please examine the original authentication request and try again. \
|
|
You may need to close your browser and start again.
|
|
|
|
# GAuth
|
|
screen.authentication.gauth.register=Your account is not registered. Use the below settings to register your device with CAS.
|
|
screen.authentication.gauth.key=Secret key to register is: <pre>{0}</pre>
|
|
screen.authentication.gauth.scratchcodes=Scratch codes:
|
|
screen.authentication.gauth.selecteddevice=Your selected device for multifactor authentication is: <code>{0}</code>.
|
|
screen.authentication.gauth.selanotherdevice=You can select another device for multifactor authentication, if <code>{0}</code> is not your current device.
|
|
screen.authentication.gauth.name=Device Name:
|
|
screen.authentication.gauth.cancel=Cancel
|
|
screen.authentication.gauth.reganotherdevice=You can also register another device to use for multifactor authentication.
|
|
screen.authentication.gauth.selectdevice=Select Device
|
|
screen.authentication.gauth.deletedevice=Delete Device
|
|
screen.authentication.gauth.invalid=Unable to accept this authentication request. The selected device or given credentials is invalid.
|
|
screen.authentication.gauth.invalidtoken=Unable to accept this token. The given token is invalid, does not belong to the device or has expired.
|
|
screen.authentication.gauth.confirm.title=Confirm Account Registration
|
|
screen.authentication.gauth.confirm.desc=Confirm your account registration by providing a token \
|
|
from the authenticator app on your device. Once the token is validated, your account registration will be finalized.
|
|
|
|
screen.welcome.button.register-residentkey=Register Device with Discoverable Credentials
|
|
screen.authentication.webauthn.confirm.title=Confirm Account Registration
|
|
screen.authentication.webauthn.confirm.desc=Start the device registration process by assigning a friendly name to your FIDO2-enabled device.
|
|
screen.authentication.webauthn.name=Device Name
|
|
screen.authentication.webauthn.login.title=Login with FIDO2-enabled Device
|
|
screen.authentication.webauthn.login.desc=Use your registered FIDO2-enabled device to login. \
|
|
To successfully perform this action, your username and device must already be registered with CAS.
|
|
screen.authentication.webauthn.authn.fail.title=Authentication Failed
|
|
screen.authentication.webauthn.authn.fail.desc=The authentication attempt has failed. Please make sure \
|
|
your username and chosen device are registered with CAS.
|
|
|
|
# OAuth
|
|
screen.oauth.confirm.header=Authorization
|
|
screen.oauth.confirm.message=Do you want to grant access to "{0}" ?
|
|
screen.oauth.confirm.allow=Allow
|
|
screen.oauth.confirm.deny=Deny
|
|
cas.oauth.confirm.pagetitle=Approve Access
|
|
|
|
cas.oauth.device.confirm.header=Connect Device
|
|
cas.oauth.device.confirm.message=Enter the code displayed on your device to proceed.
|
|
|
|
cas.oauth.device.confirmed.header=Code Approved
|
|
cas.oauth.device.confirmed.message=Return to your device to continue.
|
|
|
|
cas.oauth.error.pagetitle=OAuth Error
|
|
cas.oauth.error.header=OAuth Authorization Error
|
|
OAUTH_BAD_SESSION_REQUEST=The OAuth request cannot be completed, as CAS is unable to locate or determine OAuth redirect URL. \
|
|
This is usually an indication of a stale or mismatched request where the processed request session id is different from the \
|
|
active session and may be caused by an complete logout operation. Clear cookies and history, restart your browser and try again please.
|
|
|
|
# OIDC
|
|
screen.oidc.confirm.infourl=Learn more about {0}.
|
|
screen.oidc.confirm.privacyurl=Learn about {0} privacy rules.
|
|
screen.oidc.confirm.scopes=Scopes
|
|
screen.oidc.confirm.claims=Claims
|
|
screen.oidc.confirm.scope.profile=This requests access to the profile claims excluding the address and email claims.
|
|
screen.oidc.confirm.scope.email=This requests access to the email claims.
|
|
screen.oidc.confirm.scope.address=This requests access to the address claims.
|
|
screen.oidc.confirm.scope.openid=This indicates an OpenID Connect authorization request.
|
|
screen.oidc.confirm.scope.phone=This requests access to the phone claims.
|
|
screen.oidc.confirm.scope.offline_access=This requests access for a refresh token used for offline access.
|
|
|
|
|
|
screen.oidc.confirm.claim.name=End-User's full name in displayable form including all name parts, possibly including titles and suffixes, ordered according to the End-User's locale and preferences.
|
|
screen.oidc.confirm.claim.given_name=Given name(s) or first name(s) of the End-User. Note that in some cultures, people can have multiple given names; all can be present, with the names being separated by space characters.
|
|
screen.oidc.confirm.claim.middle_name=Middle name(s) of the End-User. Note that in some cultures, people can have multiple middle names; all can be present, with the names being separated by space characters. Also note that in some cultures, middle names are not used.
|
|
screen.oidc.confirm.claim.family_name=Surname(s) or last name(s) of the End-User. Note that in some cultures, people can have multiple family names or no family name; all can be present, with the names being separated by space characters.
|
|
screen.oidc.confirm.claim.email=End-User's preferred e-mail address.
|
|
screen.oidc.confirm.claim.preferred_username=MAY be any valid JSON string including special characters such as @, /, or whitespace. The RP MUST NOT rely upon this value being unique.
|
|
screen.oidc.confirm.claim.profile=URL of the End-User's profile page. The contents of this Web page SHOULD be about the End-User.
|
|
screen.oidc.confirm.claim.picture=URL of the End-User's profile picture. This URL MUST refer to an image file (for example, a PNG, JPEG, or GIF image file), rather than to a Web page containing an image. Note that this URL SHOULD specifically reference a profile photo of the End-User suitable for displaying when describing the End-User, rather than an arbitrary photo taken by the End-User.
|
|
screen.oidc.confirm.claim.phone_number=End-User's preferred telephone number. It is RECOMMENDED as the format of this claim. \
|
|
For example, <code>+1 (425) 555-1212</code> or <code>+56 (2) 687 2400</code>.
|
|
|
|
screen.oidc.confirm.asksinfo=The client is asking for the following information:
|
|
screen.oidc.confirm.dynamic=This client was dynamically registered at <code>{0}</code>.
|
|
|
|
# Unavailable
|
|
screen.unavailable.header=CAS error
|
|
screen.unavailable.heading=CAS is unable to process this request: "{0}:{1}"
|
|
screen.unavailable.message=There was an error trying to complete your request. \
|
|
<strong>Please notify your support desk or try again.</strong> \
|
|
<div>Apereo is a non-profit open source software governance foundation. The CAS software is an Apereo sponsored project \
|
|
and is freely downloadable and usable by anyone. However, Apereo does not operate the systems of anyone using the \
|
|
software and in most cases doesn't even know who is using it or how to contact them unless they are an active part \
|
|
of the Apereo community.<br/></br>If you are having problems logging in using CAS, \
|
|
<strong>you will need to contact the IT staff or Help Desk of your organization for assistance</strong>. \
|
|
<br/><br/>We wish we could be more directly helpful to you.</div>
|
|
|
|
screen.mfaDenied.header=MFA Denied
|
|
screen.mfaDenied.heading=MFA attempt has been denied by provider
|
|
screen.mfaDenied.message=Your MFA provider has denied your attempt at second factor \
|
|
authentication. Contact your system administrator for help in restoring your account.
|
|
|
|
screen.mfaUnavailable.header=MFA Provider Unavailable
|
|
screen.mfaUnavailable.heading=MFA Provider Unavailable
|
|
screen.mfaUnavailable.message=CAS was unable to reach your configured MFA provider at this time. \
|
|
Due to failure policies configured for the service you are attempting to access, authentication can not \
|
|
be granted at this time.
|
|
|
|
#####################################################################
|
|
# Login View
|
|
#####################################################################
|
|
#Resources Labels
|
|
cas.login.pagetitle=Login
|
|
cas.login.resources.header=Resources
|
|
cas.login.resources.wiki=Documentation
|
|
cas.login.resources.endpoints=Actuator Endpoints
|
|
cas.login.resources.pulls=Pull Requests
|
|
cas.login.resources.mailinglist=Mailing Lists
|
|
cas.login.resources.chat=Chatroom
|
|
cas.login.resources.blog=Blog
|
|
cas.login.resources.support=Support
|
|
cas.login.resources.contribguide=Contributor Guidelines
|
|
|
|
####
|
|
# Acceptable Usage Policy View
|
|
#
|
|
cas.acceptableusagepolicyview.pagetitle=Acceptable Usage Policy View
|
|
|
|
##
|
|
# MFA
|
|
##
|
|
cas.mfa.providerselection.pagetitle=Multifactor Provider Selection
|
|
|
|
cas.mfa.providerselection.mfa-duo=Duo Security
|
|
cas.mfa.providerselection.mfa-duo.notes=Duo's wide variety of authentication methods enable every user to \
|
|
securely and quickly log in. Duo Push, sent by the Duo Mobile authentication app, allows users to approve \
|
|
push notifications to verify their identity.
|
|
|
|
cas.mfa.providerselection.mfa-webauthn=FIDO2 WebAuthn
|
|
cas.mfa.providerselection.mfa-webauthn.notes=WebAuthn is an API that makes it very easy for a relying party, \
|
|
such as a web service, to integrate strong authentication into applications using support built in to all \
|
|
leading browsers and platforms.
|
|
|
|
cas.mfa.providerselection.mfa-gauth=Google Authenticator
|
|
cas.mfa.providerselection.mfa-gauth.notes=Google Authenticator is a software-based authenticator that \
|
|
implements two-step verification services for authenticating users of mobile applications by Google.
|
|
cas.mfa.providerselection.mfa-simple=CAS Multifactor Authentication
|
|
cas.mfa.providerselection.mfa-simple.notes=Allow CAS to act as a multifactor authentication provider on its own, \
|
|
issuing tokens and sending them to end-users via pre-defined communication channels such as email or text messages.
|
|
cas.mfa.providerselection.mfa-yubikey=YubiKey Multifactor Authentication
|
|
cas.mfa.providerselection.mfa-yubikey.notes=Yubico is a cloud-based service that enables strong, easy-to-use \
|
|
and affordable two-factor authentication with one-time passwords through their flagship product, YubiKey.
|
|
cas.mfa.providerselection.mfa-u2f=YubiKey Multifactor Authentication
|
|
cas.mfa.providerselection.mfa-u2f.notes=U2F is an open authentication standard that enables internet users \
|
|
to securely access any number of online services, with one single device, instantly and with no drivers, or client software needed.
|
|
|
|
cas.mfa.duologin.pagetitle=Duo Security Login
|
|
|
|
cas.mfa.simple.pagetitle=CAS Multifactor Authentication Login
|
|
cas.mfa.simple.label.token=Token:
|
|
cas.mfa.simple.label.resend=Resend
|
|
cas.mfa.simple.label.tokensent=A multifactor authentication token is sent to you via an email or text message. \
|
|
Please locate the token and submit it here to continue. Note that the token will expire after a short period of time \
|
|
and will no longer be recognized by CAS, in which case, you may ask CAS to send you a new token.
|
|
|
|
cas.mfa.googleauth.pagetitle=Google Authenticator
|
|
cas.mfa.googleauth.label.token=Token:
|
|
|
|
cas.mfa.radius.pagetitle=Radius Authentication
|
|
|
|
screen.authentication.yubikey.reganotherdevice=You can also register another device to use for multifactor authentication.
|
|
screen.authentication.yubikey.name=Device Name:
|
|
cas.mfa.yubikey.pagetitle=YubiKey Authentication
|
|
cas.mfa.yubikey.authenticate=Use your registered YubiKey device(s) to authenticate.
|
|
cas.mfa.yubikey.register=Your device is not yet registered. Use the below form to register your device with CAS.
|
|
cas.mfa.yubikey.register.fail=Unable to register your YubiKey device for authentication. Provided token may be invalid, expired or otherwise compromised.
|
|
cas.mfa.yubikey.label.token=Token:
|
|
|
|
cas.mfa.u2f.pagetitle=U2F Authentication
|
|
cas.mfa.u2f.authentication.device=Authenticate Device
|
|
cas.mfa.u2f.authentication.message=<p><strong>Please touch the flashing U2F device now.</strong></p><p> You may be prompted to allow \
|
|
the site permission to access your security keys. After granting permission, the device will start to blink.</p>
|
|
cas.mfa.u2f.register.device=Register Device
|
|
cas.mfa.u2f.register.message=<p><strong>Please touch the flashing U2F device now.</strong></p><p> You may be prompted to allow \
|
|
the site permission to access your security keys. After granting permission, the device will start to blink.</p>
|
|
|
|
cas.mfa.webauthn.auth.fail=Unable to verify your device for authentication. Provided payloads may be invalid, expired or otherwise compromised.
|
|
|
|
cas.mfa.authy.pagetitle=Authy Login
|
|
cas.mfa.authy.error.authn=We are unable to contact Authy. CAS authentication attempt has failed. Your account may have been locked \
|
|
and disabled for too many incorrect attempts. Please contact your CAS administrator for more info.
|
|
|
|
cas.mfa.swivel.pagetitle=Swivel Authentication
|
|
cas.mfa.swivel.label.token=Token:
|
|
cas.mfa.swivel.label.header=Swivel Authentication
|
|
|
|
cas.mfa.registerdevice.label.title=Register Device
|
|
cas.mfa.registerdevice.label.intro=Please name the current device.
|
|
cas.mfa.registerdevice.pagetitle=Register Device
|
|
cas.mfa.registerdevice.label.name=Name
|
|
cas.mfa.registerdevice.label.duration=How long should we remember this device?
|
|
cas.mfa.registerdevice.label.expiration=Expiration
|
|
cas.mfa.registerdevice.button.register=Register
|
|
cas.mfa.registerdevice.button.skip=Skip
|
|
cas.mfa.registerdevice.options.timeunit.forever=Forever
|
|
|
|
passwordless.token.header=Provide Token
|
|
passwordless.token.description=Please provide the security token sent to you via email, phone, etc. \
|
|
Note that the token is valid for only a brief window and upon submission, all other tokens will be invalidated and removed.
|
|
|
|
passwordless.error.failure.title=Authentication Failure
|
|
passwordless.error.failure.description=The provided token could not be verified. It may have been invalidated, removed or expired.
|
|
|
|
passwordless.error.unknown.user=Provided username cannot be recognized and located by CAS.
|
|
passwordless.error.invalid.user=Provided username does not carry enough contact information.
|
|
|
|
cas.authn.qr.fail=Unable to accept authentication request based on QR code. Make sure the QR code is correctly scanned, \
|
|
and provided credentials are valid, issued by this CAS server and have not expired.
|
|
|
|
# Inwebo
|
|
cas.inwebo.checkresult.title=Checking Inwebo authentication
|
|
cas.inwebo.checkresult.heading=Waiting for the Inwebo notification to be approved:
|
|
cas.inwebo.checkresult.message=Please validate it on your phone/desktop...
|
|
cas.inwebo.error.title=Inwebo authentication error
|
|
cas.inwebo.error.heading=An error has occurred.
|
|
cas.inwebo.error.userrefusedortoolate=You refused the authentication or did not validate it quickly enough.
|
|
cas.inwebo.error.usernotregistered=Before any login, you must be registered at Inwebo. Check your mailbox to \
|
|
follow the enrollment process or fill in your activation and PIN codes below to enroll in your browser...
|
|
cas.inwebo.selectauthent.title=Select authentication
|
|
cas.inwebo.selectauthent.heading=Select your authentication method:
|
|
cas.inwebo.selectauthent.browser=Browser authentication
|
|
cas.inwebo.selectauthent.push=Mobile/desktop application authentication
|
|
cas.inwebo.browserauthent.title=Browser authentication
|
|
cas.inwebo.enroll.code=Activation code
|
|
cas.inwebo.enroll.button=Enroll for browser authentication
|
|
cas.inwebo.enroll.failure=The enrollment failed
|
|
cas.inwebo.pin=PIN code
|
|
cas.inwebo.pin2=PIN code confirmation
|
|
cas.inwebo.enroll.badpinconfirmation=PIN codes don't match
|
|
cas.inwebo.browser.heading=Fill in your PIN code:
|
|
cas.inwebo.browser.button=Log in in the browser
|
|
cas.inwebo.browser.failure=OTP generation error
|
|
cas.inwebo.retry.button=Retry the Inwebo multi-factor authentication
|
|
|
|
cas.screen.acct.title=Account Registration
|
|
cas.screen.acct.intro=Please complete the form below to register your new account with CAS. \
|
|
Once the form is submitted, you will receive an email with an account activation link to \
|
|
enable your account, set up your password and begin using CAS.
|
|
cas.screen.acct.infosent=Account activation instructions are successfully sent. \
|
|
Please check your email, etc and follow the instructions.
|
|
|
|
cas.screen.acct.intro.complete=Welcome back! Thank you for verifying your account. \
|
|
Please complete the form below to register your new account with CAS.
|
|
cas.screen.acct.intro.completed=Thank you! Your account is now activated and registered with CAS.
|
|
|
|
cas.screen.acct.button.submit=Submit
|
|
cas.screen.acct.button.cancel=Cancel
|
|
cas.screen.acct.button.update=Update
|
|
|
|
cas.screen.acct.error.provision=Unable to provision the requested account.
|
|
cas.screen.acct.error.fail=Unable to register the requested account, or send the account activation link.
|
|
cas.screen.acct.error.invalid-value=The provided value is missing, invalid or does not match the required pattern for the input type.
|
|
|
|
cas.screen.acct.label.email=Email Address
|
|
cas.screen.acct.title.email=This is the your primary email address to which the activation link would be sent.
|
|
cas.screen.acct.label.firstName=First Name
|
|
cas.screen.acct.title.firstName=Your first name.
|
|
cas.screen.acct.label.lastName=Last Name
|
|
cas.screen.acct.title.lastName=Your last/surname.
|
|
cas.screen.acct.label.username=Username
|
|
cas.screen.acct.title.username=The username you wish to use for login attempts.
|
|
cas.screen.acct.label.phone=Phone Number
|
|
cas.screen.acct.title.phone=This is the your phone number to which the activation link would be sent.
|
|
cas.screen.acct.label.country=Country
|
|
cas.screen.acct.title.country=This is the country linked associated to your phone number.
|
|
|
|
screen.acct.label.security.question.1=Security Question 1
|
|
screen.acct.label.security.question.2=Security Question 2
|
|
screen.acct.label.security.answer=Type your answer here...
|