> Why would HTTPS be causing problems? Could it be that cookies > are not being set properly over SSL?
While it's true that CAS functions differently over SSL, I don't think that's the problem here. Since the CAS TGC cookie is only sent over SSL, you won't get single sign-in without SSL. In the stack trace you shared, it's failing parsing the CAS 2.0 protocol XML response. I've never seen this particular error before. It would be helpful if you could capture the exact XML payload and post it here. Manually intercepting the ticket using a Web proxy and manually validating it is one option. M -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
