Hi, We opted not to add the SSL verification bypass capabilities into the .NET CAS client for security purposes because it affects code outside of the CasAuthenticationModule. If you need to get around SSL certificate verification, it would be best to do it in Global.asax by setting a ServicePointManager.ServerCertificateValidationCallback. Basically you can set it to a function that always returns true and .NET will make connections without performing any SSL certificate verification. For a slightly safer approach, you can inspect the SslPolicyErrors in the delegate function and selectively return true or false. This is fine for testing purposes, but make sure it doesn't make it into production. You are much better off resolving SSL trust issues through the respective certificate stores.
-ScottH On Fri, Jan 13, 2012 at 1:53 PM, Misagh Moayyed <[email protected]> wrote: > The 'infinite loop' problem is usually caused by the fact that either > IIS/CAS do not trust each other and can't validate the tickets. I'd > recommend that you make sure SSL certificates for both are properly created > and swapped. Make sure certs are registered for the fully qualified domain > name. > > I believe the CAS .NET client has a setting that you can set inside the > web.config file to ignore ssl checks. There's a similar setting for CAS > itself. > > -Misagh > > > -----Original Message----- > From: Chris Whisenhunt [mailto:[email protected]] > Sent: Thursday, January 12, 2012 11:13 AM > To: [email protected] > Subject: RE:[cas-user] Problem with .Net Cas setup > > Okay scratch that last error I posted about. I didn't have the server name > in the web.config correct. After I put it in there correctly and then tried > to login it timed out and it looked like it was in an infinite loop on the > cas server of action: SERVICE_TICKET_CREATED. > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
