Hi Aarton, you can do it in service json file. just find default one (HTTPSandIMAPS-10000001.json)
just change "serviceId" : "^(https|imaps)://.*", to "serviceId" : "^(http|https)://.*", -- s pozdravem Petr Gašparík solution architect gsm: [+420] 603 523 860 e-mail: [email protected] AMI Praha a.s. Pláničkova 11 162 00 Praha 6 tel.: [+420] 274 783 239 web: www.ami.cz [image: AMI Praha a.s.] Textem tohoto e-mailu podepisující neslibuje uzavřít ani neuzavírá za společnost AMI Praha a.s. jakoukoliv smlouvu. Každá smlouva, pokud bude uzavřena, musí mít výhradně písemnou formu. 2017-12-04 21:53 GMT+01:00 Aaron Burton <[email protected]>: > "Very very strong should" noted. If I still wanted to disable https on > the service url callback what property do I set? I don't see anything that > looks like it in this https://apereo.github.io/cas/5.1.x/installation/ > Configuration-Properties.html#http-client > > Thank you > > > On Tuesday, January 26, 2016 at 2:56:37 PM UTC-6, Misagh Moayyed wrote: >> >> - Nothing in CAS “requires” https. As such, there is no MUST. >> There is a very very strong SHOULD. Everything if not all is by default >> configured to assume https. You can turn all that off to use http only, or >> a combination. You should not do that. >> >> - We recommend you use https for everything. That includes the >> CAS deployment, and all applications registered with CAS, and every >> callback URL and serviceId and logout URL and everything else. >> >> - Clients that initiate authentication with HTTP remain to be >> in HTTP as long as CAS allows HTTP access for that client. Same goes for >> HTTPS. You cannot change URL protocol in between. >> >> >> >> *From:* [email protected] [mailto:[email protected]] *On Behalf Of >> *Jonathan >> Labin >> *Sent:* Tuesday, January 26, 2016 12:59 PM >> *To:* CAS Community <[email protected]> >> *Subject:* [cas-user] Documentation Recommends https >> >> >> >> Could someone please help me understand the recommendation in the >> documentation to use Secure Transport >> <http://jasig.github.io/cas/4.1.x/planning/Security-Guide.html#secure-transport-https> >> ? >> >> During development, I've just used https for everything but I'd like to >> have a better understanding of which configuration items really require it. >> >> >> >> The page specifically states that "all CAS urls must use HTTPS" and to me >> this means all of the applications should configure their clients with >> https urls to endpoints such as loginURL, serverUrlPrefix, ... >> >> What about the URL provided as a service redirect argument to the /logout >> endpoint? >> >> I might guess this is O.K. to be http. >> >> >> >> The documentation also sates https should be used "when the generated >> service ticket is sent back to the application on the 'service' url" >> >> What is the practical implication of this? Does it mean that all serviceId >> values for registered services must begin with https? >> >> Does this also mean that the client callbackUrl must also be https? >> >> >> >> If these must all be https, does this mean that the application will >> always return from authentication in https? >> >> If the client was in http before authentication started, is there any way >> that they can end up in http after authentication? >> >> >> >> Thanks >> >> -- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> Visit this group at https://groups.google.com/a/ap >> ereo.org/group/cas-user/. >> > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit https://groups.google.com/a/ > apereo.org/d/msgid/cas-user/f505541a-d123-4d51-a39f- > cd83b0217a57%40apereo.org > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/f505541a-d123-4d51-a39f-cd83b0217a57%40apereo.org?utm_medium=email&utm_source=footer> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CABAspd09zOOkARROcY-cwb12jc9JYLKR_hTRcEbhp5yjNnea4w%40mail.gmail.com.
