Re: Apache 2.2 via mod_cas or AuthCAS or anything?

Scott Battaglia Wed, 08 Nov 2006 07:04:33 -0800

If you guys are interested in developing this, we welcome its development under the auspices of JA-SIG, which would grant it access to all JA-SIG tools (LuntBuild, CVS, JIRA, etc.). You guys would be in charge of the specific project, release schedules, etc. If you're interested in this, let's move this discussion to the cas-dev list!

-Scott

On 11/8/06, Eric Faden <[EMAIL PROTECTED]> wrote:

It sounds like we could put togeather a sourceforge project.  I'm in.
Anyone else?

-Eric

Ken LAI wrote:
> Hi all,
>
> I have also refactored mod_cas to be Apache 2.2 compatible such that
>
> * no authz code and so can mix and match different mod_authz modules.
> I have made it successful working with mod_authnz_ldap module.
> * refactor to use Apache and APR API where possible
> * dump mmap and use APR shared memory for ticket cache
> * parse CAS2 response using APR XML API
>
> But the code is still messy for public use. It sounds good to
> consolidate various efforts to make a better mod_auth_cas module. And
> I can contribute our code for review.  Anyone would like to head it?
>
> -Ken
>
>
>
> On 11/8/06, Scott Battaglia <[EMAIL PROTECTED] > wrote:
>
>> If any of you guys are interested in working on this as a JA-SIG Client
>> module, let me know and we can use the JA-SIG CVS, etc.
>>
>> -Scott
>>
>>
>> On 11/7/06, Eric Faden <[EMAIL PROTECTED]> wrote:
>>
>>> Getting pretty close.  I got the module setup and installed.  Configured
>>> a CA.crt, and then signed a key for tomcat.  Set the mod_cas to trust
>>> the CA.  When I go to the main url it redirects properly to the login
>>> page.  Once I login I can checkout the catalina logs and see that it in
>>> fact granted the ticket, but fails to redirect back.  The error I see in
>>> the apache logs is
>>>
>>>
>>> [Tue Nov 07 12:56:15 2006] [notice] in do_cas()
>>> [Tue Nov 07 12:56:15 2006] [notice] portstr:
>>> [Tue Nov 07 12:56:15 2006] [notice] 80
>>> [Tue Nov 07 12:56:15 2006] [notice] \n
>>> [Tue Nov 07 12:56:15 2006] [notice]   service = 'http://<The Site>';
>>> ticket = 'ST-33-0lIrZmvHPo61fIDLAeCxcehb7peWo1KY4gA-20'
>>> [Tue Nov 07 12:56:15 2006] [notice] about to call CAS_validate()
>>> [Tue Nov 07 12:56:15 2006] [notice] CAS validation failed
>>>
>>> Thoughts?  I am not sure exactly why it is failing validation.
>>>
>>> -Eric
>>>
>>> Smith, Matt wrote:
>>>
>>>> Eric-
>>>>   I have been playing with the mod_cas-VATECH posted at
>>>> http://www.ja-sig.org/wiki/display/CAS/MOD_CAS with
>>>>
>> Apache 2.2.  I
>>
>>>> haven't submitted a patch yet, but a simple replace of
>>>> "apr_group_name_get" with "apr_gid_name_get" in mod_cas.c line 1242
>>>> makes it compile cleanly, and it seems to be working under 2.2 with no
>>>> problems for me.  I have not rolled this out to production yet, so bugs
>>>> may still appear.  Also note that with VA Tech's extensions, mod_cas is
>>>> configured with the CAS 2.0 Validation URL (/serviceValidate), instead
>>>> of the CAS 1.0 Validation URL (/validate).
>>>>
>>>>   A simple extract of the tarball, the above mentioned change, and a
>>>> "apxs2 -i -c mod_cas.c ssl_client.c ezxml.c" should do the trick.
>>>>
>>>> HTH,
>>>> -Matt
>>>>
>>>> On Tue, 2006-11-07 at 09:53 -0500, Eric Faden wrote:
>>>>
>>>>
>>>>> Hey all,
>>>>>
>>>>> I just got finished configuring cas-server to authenticate off of my
>>>>> LDAP server which works perfectly.  I am using mod_jk to map the tomcat
>>>>> apps onto the main part of my server.  It all works great, but now I
>>>>> actually need to use cas-server to protect some directories.  I don't
>>>>> actually want to have to modify the pages in the directories, but do
>>>>> want them to be protected.  I have looked at mod_cas and AuthCAS, but
>>>>> neither of which seem to work in apache2 (mod_perl2).  I am in the
>>>>> process of attempting to hack together a sqlite3 version of AuthCAS
>>>>> which works in apache 2.2 with mod_perl 2, but was curious if someone
>>>>> was already working on something as I am positive other people have
>>>>> similar problems.  Anyone?
>>>>>
>>>>> -Eric
>>>>> _______________________________________________
>>>>> Yale CAS mailing list
>>>>> [email protected]
>>>>> http://tp.its.yale.edu/mailman/listinfo/cas
>>>>>
>>>>>
>>>>>
>> ------------------------------------------------------------------------
>>
>>>>> _______________________________________________
>>>>> Yale CAS mailing list
>>>>> [email protected]
>>>>> http://tp.its.yale.edu/mailman/listinfo/cas
>>>>>
>>>>>
>>> _______________________________________________
>>> Yale CAS mailing list
>>> [email protected]
>>> http://tp.its.yale.edu/mailman/listinfo/cas
>>>
>>>
>> _______________________________________________
>> Yale CAS mailing list
>> [email protected]
>> http://tp.its.yale.edu/mailman/listinfo/cas
>>
>>
>>
>>
> _______________________________________________
> Yale CAS mailing list
> [email protected]
> http://tp.its.yale.edu/mailman/listinfo/cas
>

_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas

_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas

Re: Apache 2.2 via mod_cas or AuthCAS or anything?

Reply via email to