Hello, My CAS server is listenning on port 8443 on a tomcat6 SSLed configuration.
I've setup a virtual host that act as a reverse proxy under
auth.domain.tld to access the CAS server. So far, so good.
I've tried to use CAS authentification type for an URI reverse proxied
too :
<IfModule mod_auth_cas.c>
CASDebug On
CASCertificatePath /etc/ssl/cacert.pem
CASValidateServer Off
CASLoginURL https://auth.domain.tld/cas/login
CASValidateURL https://auth.domain.tld/cas/serviceValidate
CASProxyValidateURL https://auth.domain.tld/cas/proxyValidate
CASCookieDomain .domain.tld
CASCookiePath /opt/tmp/cas/
<Location /ftpprivate>
AuthType CAS
AuthName "Service Central d'authentification"
Require valid-user
Order deny,allow
Allow from all
ProxyPass http://c1.domain.tld/ftpprivate
ProxyPassReverse http://c1.domain.tld/ftpprivate
</Location>
The pb is after the login screen, the browser complain about a wrong
redirection. I'm having hard time to figure out where I've made something
wrong. Is they're a list of the CAS server configuration directives file
by file ? I suspect the CAS server try to redirect wrongly after the
login splash screen.
cas.properties content :
server.prefix=https://auth.domain.tld:8443/cas
cas.securityContext.serviceProperties.service=${server.prefix}/services/j_acegi_cas_security_check
# Names of roles allowed to access the CAS service manager
cas.securityContext.serviceProperties.adminRoles=ROLE_ADMIN
cas.securityContext.casProcessingFilterEntryPoint.loginUrl=${server.prefix}/login
cas.securityContext.ticketValidator.casServerUrlPrefix=${server.prefix}
cas.themeResolver.defaultThemeName=cas-theme-default
cas.viewResolver.basename=default_views
host.name=auth.domain.tld
--
Jérôme Benoit aka fraggle
La Météo du Net - http://grenouille.com
OpenPGP Key ID : 9FE9161D
Key fingerprint : 9CA4 0249 AF57 A35B 34B3 AC15 FAA0 CB50 9FE9 161D
pgpljOsGxhIZK.pgp
Description: PGP signature
