Hi,
I just found an issue with CAS-SPNEGO configuration in our environment. With following details: Our current environment has 2 load balancers running with keepalived and 2 CAS Servers running on failover. Our application that's publicly accessible like confluence and jira is using these CAS server for Authentication. So the configuration is this: A public DNS(sso.dns.com) for CAS is being called whenever there is a request from our applications inside or outside our network which point to the loadbalancer and loadbalancer will redirect the requests to any of the CAS server. So I first tried to configure CAS2 to have the SPNEGO in and it works with this url https://local-server-name/cas/login my question is i tried to access our application inside our network example: http://uat-kb.dns.com <http://uat-kb.dns.com/> and it redirects me to https://sso.dns.com/cas/login?service=http://uat-kb.dns.com which is true but SPNEGO doesn't work. How can I make this work? Thank you. Kind Regards, BARBOSA, Bernard Senior Administrator, System/Network MUSIC Group Macao Commercial Offshore Limited (Philippines) ROHQ IP Phone: 60651 ext 1245 Tel: +63 2 7505401 ext 1245 Email: infoservsys...@music-group.com <mailto:infoservsys...@music-group.com> Web: www.music-group.com <http://www.music-group.com/> | www.behringer.com <http://www.behringer.com/> | www.bugera-amps.com <http://www.bugera-amps.com/> youtube.com/behringer <http://www.youtube.com/behringer> twitter.com/behringer <http://www.twitter.com/behringer> facebook.com/behringer <http://www.facebook.com/behringer> myspace.com/behringer <http://www.myspace.com/behringer> flickr.com/behringerrocks <http://www.flickr.com/behringerrocks> :-) Build Teamwork :-) Take Ownership :-) Don't Waste Resources :-) Clean Workplace = Clean Mind :-) Respect Guidelines and Policies :-) Improve Yourself and Help Others :-) Don't Forget to Smile and Say Thank You This email is intended exclusively for the addressee(s) named above and may contain privileged and confidential information. If you are not (among) the intended recipient(s), you may not copy, utilize or distribute any of the information contained herein. If you have received this email in error, please notify us immediately via return email and delete the original from your mailbox. Thank you. -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
<<image006.jpg>>
<<image007.jpg>>
<<image008.jpg>>
<<image009.jpg>>
<<image010.jpg>>
