FYI, this issue disappeared once I setup CAS as the only authentication method, instead of having both password and CAS authentication available.
From: [email protected] [mailto:[email protected]] On Behalf Of Graham Faulkner Sent: Thursday, October 29, 2015 8:13 PM To: [email protected] Subject: [dspace-tech] how to remove port from CAS login link Hi all, Recently I added CAS authentication on our testing server for DSpace 5.3 (with Mirage2). That server uses just Tomcat and serves up DSpace at port 8080 and directory /xmlui. On our newer staging server we are using Apache as a reverse proxy alongside Tomcat, and are using XMLUI as the base app. Therefore there is no port 8080 or /xmlui used in the URLs. When I implement the CAS code on the new server (Apache/Tomcat), the login link always adds port 443 to the CAS login URL which causes a failure when a user attempts to login. i.e. the link is like https://cas.uwaterloo.ca/cas/login?service=https://ourhostname:443/cas-login instead of https://cas.uwaterloo.ca/cas/login?service=https://libuwspacestg01.uwaterloo.ca/cas-login However, if you copy and paste the hyperlink into the browser address bar and then remove the “:443” from the URL it will login a person successfully. In my CASAuthentication.java file there is the loginPageURL() method that includes this snippet that builds the login link: final String authServer = ConfigurationManager.getProperty("authentication-cas", "cas.server.url"); StringBuffer url=new StringBuffer(authServer); url.append("?service=").append(request.getScheme()).append("://").append(request.getServerName()); // code that is not used in the new Apache/Tomcat version //if(request.getServerPort()!=80) // url.append(":").append(request.getServerPort()); url.append(request.getContextPath()).append("/cas-login"); The code from the Tomcat-only server included a check for traffic on ports other than 80 and then would append that port to the CAS URL (see commented out section above). Any thoughts as to why the port is still being added to the CAS login link on the /login page? Cheers, Graham ----------------------------------------- Graham Faulkner Web Developer / Programmer Digital Initiatives, Library University of Waterloo Waterloo, Ontario N2L 3G1 CANADA 519-888-4567 x32461 [email protected]<mailto:[email protected]> -- You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]<mailto:[email protected]>. To post to this group, send email to [email protected]<mailto:[email protected]>. Visit this group at http://groups.google.com/group/dspace-tech. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/dspace-tech. For more options, visit https://groups.google.com/d/optout.
