I am running multiple HTTP Apache instances behind a SSL Terminated Load Balancer. Apache serves PHP Content on Port 80, but the user’s browser sees everything as fully encrypted.
Some of our developers use mod_auth_cas, where others use PhpCAS. We are hoping to find an apache solution for both of these without manually hardcoding URLs into the php / apache configuration. I realize that mod_auth_cas has a CASRootProxiedAs directive, but since it doesn’t take apache variables, the URLs would need to hardcoded. I am considering implementing the following patch: https://groups.google.com/forum/#!topic/jasig-cas-user/5I_hlBQmVM4 I have two questions: - Does PHPCas have a similar “CASRootProxiedAs” directive, so I can proxy the service URL away from HTTP à HTTPS - Is there an Apache configuration that can spoof the service URL (referrer) to CAS to append the HTTPS from both mod_auth_cas and PhpCas? We would like to avoid decrypting SSL on the apache instance if possible, but it looks like we may have to do that for the CAS implementation to be streamlined. Has anyone else solved this problem – am I over-looking something? Perhaps I can spoof HTTPS with some apache header change. Thanks, William Gleich University of Utah -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1890f89a-149b-45d8-91f2-112a11ff8c42%40apereo.org.
