I took the liberty of adding Fredrik's observation as a comment on the page he cites below. -Jonathan
On Fri, May 7, 2010 at 5:12 AM, Fredrik Norrström <[email protected]> wrote: > Hi, > > The otherwise excellent document, > http://www.ja-sig.org/wiki/display/CAS/Proxy+CAS+Walkthrough > could do with a completion. Before the request made by the CAS server to > deliver a proxy granting ticket (i.e, with the parameters pgtIou and > pgtId) the server makes an addtional request without any parameters at > all to which it exepects a 200 Ok success answer. Otherwise the GET > request with parameters is never attempted. I've been bitten by this > when implementing CAS proxy ticket support in django-cas. > > It would probably also be good to emphasize that the request to the > proxy callback URL is only made if it is protected by SSL with a valid > certificate that the server can verify, including any necessary > certificate chain. If the server cannot verify the certificate the call > to the proxy callback url is never attempted and this can only be > noticed in the CAS server log files. > > I hope someone with update privileges to this document reads this. > > Best regards, > /Fredrik > > -- > Fredrik Jönsson Norrström, M.Sc. Email: [email protected] > System architect Phone: +46 8 790 66 03 > Kungliga tekniska högskolan (KTH) Mobile: +46 73 595 66 03 > KTH/UF/ITA/Infosys > > > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
