Getting pretty close. I got the module setup and installed. Configured a CA.crt, and then signed a key for tomcat. Set the mod_cas to trust the CA. When I go to the main url it redirects properly to the login page. Once I login I can checkout the catalina logs and see that it in fact granted the ticket, but fails to redirect back. The error I see in the apache logs is
[Tue Nov 07 12:56:15 2006] [notice] in do_cas() [Tue Nov 07 12:56:15 2006] [notice] portstr: [Tue Nov 07 12:56:15 2006] [notice] 80 [Tue Nov 07 12:56:15 2006] [notice] \n [Tue Nov 07 12:56:15 2006] [notice] service = 'http://<The Site>'; ticket = 'ST-33-0lIrZmvHPo61fIDLAeCxcehb7peWo1KY4gA-20' [Tue Nov 07 12:56:15 2006] [notice] about to call CAS_validate() [Tue Nov 07 12:56:15 2006] [notice] CAS validation failed Thoughts? I am not sure exactly why it is failing validation. -Eric Smith, Matt wrote: > Eric- > I have been playing with the mod_cas-VATECH posted at > http://www.ja-sig.org/wiki/display/CAS/MOD_CAS with Apache 2.2. I > haven't submitted a patch yet, but a simple replace of > "apr_group_name_get" with "apr_gid_name_get" in mod_cas.c line 1242 > makes it compile cleanly, and it seems to be working under 2.2 with no > problems for me. I have not rolled this out to production yet, so bugs > may still appear. Also note that with VA Tech's extensions, mod_cas is > configured with the CAS 2.0 Validation URL (/serviceValidate), instead > of the CAS 1.0 Validation URL (/validate). > > A simple extract of the tarball, the above mentioned change, and a > "apxs2 -i -c mod_cas.c ssl_client.c ezxml.c" should do the trick. > > HTH, > -Matt > > On Tue, 2006-11-07 at 09:53 -0500, Eric Faden wrote: > >> Hey all, >> >> I just got finished configuring cas-server to authenticate off of my >> LDAP server which works perfectly. I am using mod_jk to map the tomcat >> apps onto the main part of my server. It all works great, but now I >> actually need to use cas-server to protect some directories. I don't >> actually want to have to modify the pages in the directories, but do >> want them to be protected. I have looked at mod_cas and AuthCAS, but >> neither of which seem to work in apache2 (mod_perl2). I am in the >> process of attempting to hack together a sqlite3 version of AuthCAS >> which works in apache 2.2 with mod_perl 2, but was curious if someone >> was already working on something as I am positive other people have >> similar problems. Anyone? >> >> -Eric >> _______________________________________________ >> Yale CAS mailing list >> [email protected] >> http://tp.its.yale.edu/mailman/listinfo/cas >> >> ------------------------------------------------------------------------ >> >> _______________________________________________ >> Yale CAS mailing list >> [email protected] >> http://tp.its.yale.edu/mailman/listinfo/cas >> _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
