Would any of you guys mind documenting (or updating documentation) in our wiki on using CAS with a reverse proxy? It would probably be useful for others.
Thanks Scott On Sat, May 9, 2009 at 5:36 PM, Micah Baker <[email protected]>wrote: > Thanks Pat, > > I was able to use your directions to get it working. Much appreciated. > > Micah > > > On 5/1/09 9:16 AM, "Pat Hennessy" <[email protected]> wrote: > > Micah, > > Make sure you set the proxyName and proxyport in your Tomcat connector for > port 8009. I use.. > > <Connector port="8009" > maxThreads="500" minSpareThreads="50" > connectionTimeout="100000" > enableLookups="false" protocol="AJP/1.3" > proxyName="myserver.mydomain" proxyPort="443" /> > > I also run two backend Tomcat servers, so I specify the jvmRoute as well.. > > <Engine name="Catalina" defaultHost="localhost" jvmRoute="tomcat01"> > > I configured the Apache virtual host like below.. > > # Rewrite requests that are not for static files above to go to the > Tomcat > # proxy balancer below. > # > RewriteEngine on > RewriteRule ^/$ https://myserver.mydomain/cas/ [R] > > # Proxy balencer. Send requests for /cas to backend Tomcat > instances. > # Attempt to keep matching JSESSIONID cookies on the same instance. > # > ProxyPass /cas balancer://casCluster/cas > stickysession=JSESSIONID|jsessionid > ProxyPassReverse /cas balancer://casCluster/cas > <Proxy balancer://casCluster> > Order deny,allow > allow from all > BalancerMember ajp://192.168.0.10:8009 < > http://192.168.0.10:8009> route=tomcat01 > BalancerMember ajp://192.168.0.11:8009 < > http://192.168.0.11:8009> route=tomcat02 > </Proxy> > > > I am not sure if this is the absolute best way to configure this with CAS, > but I put together this configuration from other articles online for using > Apache as a reverse proxy for Tomcat. If anyone else has any > recommendations, I'd be happy to hear them. This has been working well for > us though. > > On Fri, May 1, 2009 at 12:16 AM, Micah Baker < > [email protected]> wrote: > > Hello, > > I have been scouring the web for information regarding the use of reverse > proxy settings for CAS on an Apache web server to Apache Tomcat (I'm using > Leopard Server). I found this one from 2005 and another that says that this > bug was fixed in CAS 3.2: > http://tp.its.yale.edu/pipermail/cas/2005-August/001496.html. > > I am getting to my CAS login page but after I click the Login button I am > redirected from https://myserver.mydomain/cas/login to > https://cas/login?yadayada. It appears that the fqdn is stripped out at > some point. Does anyone have any advice on correcting this? > > Thank you for your help, > > Best, > > Micah > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > > -- > Micah Baker > District Technology Coordinator > Oregon City School District > (503) 785-8907 ~ V > (503) 785-8555 ~ F > > "A pessimist sees the difficulty in every opportunity; an optimist sees the > opportunity in every difficulty." ~ Winston Churchill > > -- > You are currently subscribed to [email protected] as: > [email protected] > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
