Hi Richard, How do I change the PHP session cookie to not return as secure? Currently (for testing only), I'm using plain old HTTP - is there a setting I can change while not using HTTPS?
Thanks ________________________________________ From: Richard Frovarp [[email protected]] Sent: July-24-14 9:00 AM To: [email protected] Subject: Re: [cas-user] Too many redirects problem: CAS with WAMP, The other one is that the PHP session cookie is being returned as secure, but you're accessing the site over HTTP. On 07/24/2014 10:42 AM, John Gasper wrote: > You might consider enabling debugging in the php CAS Client to see what > is causing the loop. > (https://wiki.jasig.org/display/CASC/phpCAS+troubleshooting). > > My guess is a trust issue with the CAS Server cert. You'll notice in > this example > https://github.com/Jasig/phpCAS/blob/master/docs/examples/example_gateway.php: > > // For production use set the CA certificate that is the issuer of the cert > // on the CAS server and uncomment the line below > // phpCAS::setCasServerCACert($cas_server_ca_cert_path); > // For quick testing you can disable SSL validation of the CAS server. > // THIS SETTING IS NOT RECOMMENDED FOR PRODUCTION. > // VALIDATING THE CAS SERVER IS CRUCIAL TO THE SECURITY OF THE CAS PROTOCOL! > phpCAS::setNoCasServerValidation(); Do you have one of these lines in > your code? > > > > On 7/23/14, 2:38 PM, Haer, Neelam wrote: >> Hi, >> >> Has anyone seen any problems with too many redirects in a CAS >> integration with WAMP? >> >> >> I have the following scenario: >> >> >> 1. I point my browser to the page I have configured to work with CAS >> (PHP Server) >> >> 2. I am redirected to CAS server for login credentials >> >> 3. I log in successfully and redirected back to requesting page >> >> 4. The page request results in an HTTP 302, but it should be HTTP 200 >> OK - and keeps bouncing back and forth between CAS/requested page - >> until the browser errors out and says there were "Too many redirects" >> >> >> I have no idea what the problem might be or where to look - any >> pointers - or if anyone has had this issue and was able to resolve it >> - would be appreciated! >> >> >> Thanks >> >> -- >> You are currently subscribed [email protected] >> as:[email protected] >> To unsubscribe, change settings or access archives, >> seehttp://www.ja-sig.org/wiki/display/JSG/cas-user > > -- > *John Gasper* > IAM Consultant > Unicon, Inc. > PGP/GPG Key: 0xbafee3ef > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
