Yeah well I wish there was another way though. Will keep on looking for an alternative, if not then I will have to do something like this.
On Thursday, December 14, 2017 at 5:17:43 PM UTC+8, Doug C wrote: > > Yeah. So in my cas I had to change this to match my Nginx proxy so I am > guessing in your case if you change these to your load balancer that will > help things a little bit. > > > > Doug > > > > *From:* [email protected] <javascript:> [mailto:[email protected] > <javascript:>] *On Behalf Of *casuser > *Sent:* Thursday, December 14, 2017 5:14 PM > *To:* CAS Community > *Subject:* Re: [cas-user] CAS 5.2.0 How to configure cas in that way so > that it listen to HTTP? > > > > Yes Right now I have : > > cas.server.name: http://localhost:8080 > cas.server.prefix: http://localhost:8080/cas > > in the cas.properties. > > FAZLA > > On Thursday, December 14, 2017 at 4:21:58 PM UTC+8, Doug C wrote: > > I’m curious what you have for your cas.server.name and cas.server.prefix > properties. They are the https address of your load balancer, right? > > > > Another thing I realize that might be different is that I am not currently > using a load balance but just using Nginx to proxy all web requests > including CAS. As a result I do have the following settings for the > location in Nginx > > > > proxy_set_header Host $host; > > proxy_set_header X-Forwarded-Proto $scheme; > > > > I wonder if you need to try something similar in your setup. > > > > Doug > > > > *From:* [email protected] [mailto:[email protected]] *On Behalf Of * > casuser > *Sent:* Thursday, December 14, 2017 3:54 PM > *To:* CAS Community > *Subject:* Re: [cas-user] CAS 5.2.0 How to configure cas in that way so > that it listen to HTTP? > > > > Thanks Doug for the reply, > > I have tried this configuration but I am still getting the same warning > "You are currently accessing CAS over a non-secure connection. Single Sign > On WILL NOT WORK." > > server.port=8080 > server.ssl.enabled=false > > > *FAZLA* > > On Thursday, December 14, 2017 at 3:31:03 PM UTC+8, Doug C wrote: > > This may not be what you are working for or it might be different in 5.2.0 > or it is possible I am forgetting something else but I believe all I did is > the following: > > > > *Configure CAS to only listen on port 8080* > > > > Edit cas.properties and add the following lines: > > > > # configure CAS to only listen for non-SSL traffic on port 8080 > > server.port=8080 > > server.ssl.enabled=false > > > > Doug > > > > *From:* [email protected] [mailto:[email protected]] *On Behalf Of * > casuser > *Sent:* Thursday, December 14, 2017 3:13 PM > *To:* CAS Community > *Subject:* Re: [cas-user] CAS 5.2.0 How to configure cas in that way so > that it listen to HTTP? > > > > Thank you Cristina, > > Actually what I meant was lets say https://example.com will go to a load > balancer and it will check the ssl and provide the ssl certificate then it > will go to CAS. I want to configure CAS in a way so that it doesn't need to > check for the ssl because from the load balancer there will be a http > connection will go to CAS and if CAS finds it as HTTP Single Sign On WILL > NOT WORK. So I need to configure CAS so that it listen to HTTP for the > Single Sign On to work. Is there a way to achieve that? > > Best Regards, > > FAZLA > > On Thursday, December 14, 2017 at 2:55:20 PM UTC+8, Cristina Vlaicu wrote: > > Hello, > > > > I had configured https on the application server. I had nothing to > configure in CAS properties. > > > > Thank you, > > Cristina > > > > > > > > On Dec 14, 2017 6:51 AM, "casuser" <[email protected]> wrote: > > There is a load balancer in between the user and the CAS . The load > balancer will check allow the SSL certificate. But from the load balancer > to the CAS the connection will be HTTP. > > > > How to configure cas in that way so that it listen to HTTP? > > > > I have tried this in my cas.properties but didn't solve my problem: > > cas.server.httpProxy.enabled=true > > cas.server.httpProxy.secure=false ## changed from True > > cas.server.httpProxy.protocol=AJP/1.3 > > cas.server.httpProxy.scheme=http ## changed to http > > cas.server.httpProxy.redirectPort=8080 > > cas.server.httpProxy.proxyPort=8080 > > cas.server.httpProxy.attributes.attributeName=attributeValue > > I do have the warning: > > "Non-secure Connection You are currently accessing CAS over a non-secure > connection. Single Sign On WILL NOT WORK. In order to have single sign on > work, you MUST log in over HTTPS." but the warning still remains. > > " > https://apereo.github.io/cas/5.2.x/installation/Configuration-Properties.html#http-proxying"; > > > > CAS Properties > <https://apereo.github.io/cas/5.2.x/installation/Configuration-Properties.html#http-proxying> > > apereo.github.io > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/0fa53de5-dc4e-42c8-ba3f-04e107a36aa5%40apereo.org > > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/0fa53de5-dc4e-42c8-ba3f-04e107a36aa5%40apereo.org?utm_medium=email&utm_source=footer> > . > > > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/1e2dc1f6-b27e-4f1f-9fad-bb973a2b2a4f%40apereo.org > > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/1e2dc1f6-b27e-4f1f-9fad-bb973a2b2a4f%40apereo.org?utm_medium=email&utm_source=footer> > . > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/59bfb03e-3b35-4a73-8b38-e063b7adce86%40apereo.org > > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/59bfb03e-3b35-4a73-8b38-e063b7adce86%40apereo.org?utm_medium=email&utm_source=footer> > . > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] <javascript:>. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/af9afc61-befc-41e7-8843-e31afb246b7f%40apereo.org > > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/af9afc61-befc-41e7-8843-e31afb246b7f%40apereo.org?utm_medium=email&utm_source=footer> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1849e69c-bc0c-4cd9-82b8-aac439ab0606%40apereo.org.
