Please see the FAQ that Luke pointed out. There's a reason WHY we don't use the host header. And its not because we don't know it exists ;-)
On Tue, Mar 2, 2010 at 9:29 AM, Nathan Kopp <nathan.k...@ccci.org> wrote: > Chris, > > > > The main thing you need to ensure is that the service value sent as a > parameter to /cas/login EXACTLY matches the service value sent to > /cas/serviceValidate (or proxyValidate, etc.). As long as these match, the > CAS server will be happy. It’s all about consistency. > > > > Note, though, that depending on how you configured your load balancer and > web server, you usually can get the “Host” information out of the HTTP > headers. The “Host” header specifies the host name that the client > originally used to look up the IP address, and it is sent as part of the > HTTP message. For CAS, you usually you want to combine the Host value > (instead of the serverName) with the URI value to get the URL, because this > is what specifies the URL from the client’s perspective as opposed to the > server’s perspective. > > > > Depending on the web server, you get the host information from different > places. In Java, I think the best way is to use > HttpServletRequest.getHeader(), passing it the string “Host”. If you have a > proxy server, you should be able to configure it to pass the original host > header (actually, this should be the default). > > > > Note that the Java CAS client probably should use the Host header by > default instead of getServerName. If it doesn’t do this, I recommend that > it be changed to follow this behavior. > > > > *Nathan Kopp* > > *Applications Strategist* > > *Information Technology Group* > > *Campus Crusade for Christ, Int’l* > > *407-826-2939 Office *|* 407-484-8485 Mobile *|* 407-826-2968 Fax* > > > > *From:* chris_whit...@jbhunt.com [mailto:chris_whit...@jbhunt.com] > *Sent:* Monday, March 01, 2010 11:58 AM > *To:* cas-dev@lists.jasig.org > *Subject:* [cas-dev] Getting Rid of Computed Service Name What > Consequences? > > > > > We have quite a few applications using DNS names instead of straight server > names so when we are looking at using CAS one thing we hit against was the > required server name that was being used to construct the serviceURL.... For > example Our Liferay portal has several communities that have virtual hosts > and when some one goes to one of them directly CAS would not work because > the servername + URI does not match the actual URL... > > We have figured a change that would allow us to continue but I'm not sure > on the consequences.. We have changed the Service URL that is passed to the > CAS-SERVER to the request URL and also the validation Service URL to the > same.... What issues does that bring up? > > Chris Whittle > SWAT Team Developer > J.B. Hunt Transport Services, Inc. > Office Phone:(479) 419-3122 > Ext:73122 > Fax Phone:(479) 820-1769 > chris_whit...@jbhunt.com > *What's your **next** move?TM* > Intermodal | Dedicated | Truckload | LTL | Delivery | Refrigerated | > Flatbed | Expedited > > -- > > You are currently subscribed to cas-dev@lists.jasig.org as: > nathan.k...@ccci.org > > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev > > -- > You are currently subscribed to cas-dev@lists.jasig.org as: > scott.battag...@gmail.com > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev > > -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
<<image001.gif>>
