In the process of CASifying a new ASP.NET MVC app I’ve created a small patch for development environments ONLY to override .NET’s ServerCertificateValidationCallback. This can be useful when quickly prototyping in new environments that maybe locked down or certs are continually bad (which throws the invalid cert exception when using streamread on most of the dotnetcasclient features).
It simply overrides ServerCertificateValidationCallback as always true when ‘ignoreInvalidSsl’ is set to true (defaulted false!) in the web.config, and resets it to null (its default) afterwards. I realize this is not in any way, shape or form secure for production :) and not thread safe (Potential to raise exception in multi-user environment between the time the callback is set & reset from users) so I’m going to make the following caps... ONLY FOR SINGLE USER DEVELOPMENT PURPOSES! I do see value in something so simple when hitting greenfield projects so I’m just attaching it here vs. creating any JIRA tickets. Thanks Michael Hans -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
debug_ignore_invalid_ssl_val.patch
Description: Binary data
