Thanks Nathan here is what I changed it to in my code and it works but would you suggest I change it to get the host header? final HttpServletRequest request = (HttpServletRequest) servletRequest; final String serviceUrl = request.getRequestURL().toString();
Chris Whittle SWAT Team Developer J.B. Hunt Transport Services, Inc. Office Phone:(479) 419-3122 Ext:73122 Fax Phone:(479) 820-1769 chris_whit...@jbhunt.com What's your next move?TM Intermodal | Dedicated | Truckload | LTL | Delivery | Refrigerated | Flatbed | Expedited Nathan Kopp <nathan.k...@ccci.org> 03/02/2010 08:30 AM Please respond to cas-dev@lists.jasig.org To cas-dev@lists.jasig.org cc Subject RE: [cas-dev] Getting Rid of Computed Service Name What Consequences? Chris, The main thing you need to ensure is that the service value sent as a parameter to /cas/login EXACTLY matches the service value sent to /cas/serviceValidate (or proxyValidate, etc.). As long as these match, the CAS server will be happy. It’s all about consistency. Note, though, that depending on how you configured your load balancer and web server, you usually can get the “Host” information out of the HTTP headers. The “Host” header specifies the host name that the client originally used to look up the IP address, and it is sent as part of the HTTP message. For CAS, you usually you want to combine the Host value (instead of the serverName) with the URI value to get the URL, because this is what specifies the URL from the client’s perspective as opposed to the server’s perspective. Depending on the web server, you get the host information from different places. In Java, I think the best way is to use HttpServletRequest.getHeader(), passing it the string “Host”. If you have a proxy server, you should be able to configure it to pass the original host header (actually, this should be the default). Note that the Java CAS client probably should use the Host header by default instead of getServerName. If it doesn’t do this, I recommend that it be changed to follow this behavior. Nathan Kopp Applications Strategist Information Technology Group Campus Crusade for Christ, Int’l 407-826-2939 Office | 407-484-8485 Mobile | 407-826-2968 Fax From: chris_whit...@jbhunt.com [mailto:chris_whit...@jbhunt.com] Sent: Monday, March 01, 2010 11:58 AM To: cas-dev@lists.jasig.org Subject: [cas-dev] Getting Rid of Computed Service Name What Consequences? We have quite a few applications using DNS names instead of straight server names so when we are looking at using CAS one thing we hit against was the required server name that was being used to construct the serviceURL.... For example Our Liferay portal has several communities that have virtual hosts and when some one goes to one of them directly CAS would not work because the servername + URI does not match the actual URL... We have figured a change that would allow us to continue but I'm not sure on the consequences.. We have changed the Service URL that is passed to the CAS-SERVER to the request URL and also the validation Service URL to the same.... What issues does that bring up? Chris Whittle SWAT Team Developer J.B. Hunt Transport Services, Inc. Office Phone:(479) 419-3122 Ext:73122 Fax Phone:(479) 820-1769 chris_whit...@jbhunt.com What's your next move?TM Intermodal | Dedicated | Truckload | LTL | Delivery | Refrigerated | Flatbed | Expedited -- You are currently subscribed to cas-dev@lists.jasig.org as: nathan.k...@ccci.org To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev -- You are currently subscribed to cas-dev@lists.jasig.org as: chris_whit...@jbhunt.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
<<image/gif>>
<<image/gif>>
