-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
STOP READING MY SOURCE CODE.
Ok, it's open source, so carry on -- in fact, I would like to share.
I did not like using localhost for the services console, so I made the
following changes:
cas.securityContext.serviceProperties.service=${protocol.http}://${host.name}${port}/cas/services/j_acegi_cas_security_check
These hosts are clustered behind an F5, and
${protocol.http}://${host.name}${port} is ACLed so that only my team's
machines can access it.
This was depreciated before we ever launched, as we wrote a DB-side
registry management application. We are already looking at close to 300
Service IDs each for test, stage and prod -- this works out much better
for us.
Jeff
Marvin Addison wrote:
>>> No. The host.name property is used in at least a couple of places and
>>> should be the valid FQDN of the server.
>> It shouldn't be. We always named ours cas1 and cas2 :-)
>
> You're right. I grepped through the source and the only configuration
> references deal with ticket ID:
>
> cas-server-webapp/src/main/webapp/WEB-INF/spring-configuration/uniqueIdGenerators.xml:
> index="1"
> value="${host.name}" />
>
> cas-server-webapp/src/main/webapp/WEB-INF/cas-servlet.xml:
> p:casTicketSuffix="${host.name}">
>
> For some reason I thought it also influenced the hostname used for the
> services management app.
>
> M
>
- --
Jeff Chapin,
Assistant Systems/Applications Administrator
ITS-IS, University of Northern Iowa
Phone: 319-273-3162 Email: jeff.cha...@uni.edu
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAkvhxJ4ACgkQQiaEUfQoY7Te4QCffHLLFENBDkthOTGIEISmFwuI
CesAnR4V8426s21bF4t0sbdCAlFxDur7
=MgQr
-----END PGP SIGNATURE-----
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
