Yeah. So in my cas I had to change this to match my Nginx proxy so I am guessing in your case if you change these to your load balancer that will help things a little bit.
Doug From: [email protected] [mailto:[email protected]] On Behalf Of casuser Sent: Thursday, December 14, 2017 5:14 PM To: CAS Community Subject: Re: [cas-user] CAS 5.2.0 How to configure cas in that way so that it listen to HTTP? Yes Right now I have : cas.server.name: http://localhost:8080 cas.server.prefix: http://localhost:8080/cas in the cas.properties. FAZLA On Thursday, December 14, 2017 at 4:21:58 PM UTC+8, Doug C wrote: I’m curious what you have for your cas.server.name and cas.server.prefix properties. They are the https address of your load balancer, right? Another thing I realize that might be different is that I am not currently using a load balance but just using Nginx to proxy all web requests including CAS. As a result I do have the following settings for the location in Nginx proxy_set_header Host $host; proxy_set_header X-Forwarded-Proto $scheme; I wonder if you need to try something similar in your setup. Doug From: [email protected] <javascript:> [mailto:[email protected] <javascript:> ] On Behalf Of casuser Sent: Thursday, December 14, 2017 3:54 PM To: CAS Community Subject: Re: [cas-user] CAS 5.2.0 How to configure cas in that way so that it listen to HTTP? Thanks Doug for the reply, I have tried this configuration but I am still getting the same warning "You are currently accessing CAS over a non-secure connection. Single Sign On WILL NOT WORK." server.port=8080 server.ssl.enabled=false FAZLA On Thursday, December 14, 2017 at 3:31:03 PM UTC+8, Doug C wrote: This may not be what you are working for or it might be different in 5.2.0 or it is possible I am forgetting something else but I believe all I did is the following: Configure CAS to only listen on port 8080 Edit cas.properties and add the following lines: # configure CAS to only listen for non-SSL traffic on port 8080 server.port=8080 server.ssl.enabled=false Doug From: [email protected] [mailto:[email protected]] On Behalf Of casuser Sent: Thursday, December 14, 2017 3:13 PM To: CAS Community Subject: Re: [cas-user] CAS 5.2.0 How to configure cas in that way so that it listen to HTTP? Thank you Cristina, Actually what I meant was lets say https://example.com will go to a load balancer and it will check the ssl and provide the ssl certificate then it will go to CAS. I want to configure CAS in a way so that it doesn't need to check for the ssl because from the load balancer there will be a http connection will go to CAS and if CAS finds it as HTTP Single Sign On WILL NOT WORK. So I need to configure CAS so that it listen to HTTP for the Single Sign On to work. Is there a way to achieve that? Best Regards, FAZLA On Thursday, December 14, 2017 at 2:55:20 PM UTC+8, Cristina Vlaicu wrote: Hello, I had configured https on the application server. I had nothing to configure in CAS properties. Thank you, Cristina On Dec 14, 2017 6:51 AM, "casuser" <[email protected]> wrote: There is a load balancer in between the user and the CAS . The load balancer will check allow the SSL certificate. But from the load balancer to the CAS the connection will be HTTP. How to configure cas in that way so that it listen to HTTP? I have tried this in my cas.properties but didn't solve my problem: cas.server.httpProxy.enabled=true cas.server.httpProxy.secure=false ## changed from True cas.server.httpProxy.protocol=AJP/1.3 cas.server.httpProxy.scheme=http ## changed to http cas.server.httpProxy.redirectPort=8080 cas.server.httpProxy.proxyPort=8080 cas.server.httpProxy.attributes.attributeName=attributeValue I do have the warning: "Non-secure Connection You are currently accessing CAS over a non-secure connection. Single Sign On WILL NOT WORK. In order to have single sign on work, you MUST log in over HTTPS." but the warning still remains. "https://apereo.github.io/cas/5.2.x/installation/Configuration-Properties.html#http-proxying"; <https://apereo.github.io/cas/5.2.x/installation/Configuration-Properties.html#http-proxying> CAS Properties apereo.github.io -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/0fa53de5-dc4e-42c8-ba3f-04e107a36aa5%40apereo.org <https://groups.google.com/a/apereo.org/d/msgid/cas-user/0fa53de5-dc4e-42c8-ba3f-04e107a36aa5%40apereo.org?utm_medium=email&utm_source=footer> . -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1e2dc1f6-b27e-4f1f-9fad-bb973a2b2a4f%40apereo.org <https://groups.google.com/a/apereo.org/d/msgid/cas-user/1e2dc1f6-b27e-4f1f-9fad-bb973a2b2a4f%40apereo.org?utm_medium=email&utm_source=footer> . -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected] <javascript:> . To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/59bfb03e-3b35-4a73-8b38-e063b7adce86%40apereo.org <https://groups.google.com/a/apereo.org/d/msgid/cas-user/59bfb03e-3b35-4a73-8b38-e063b7adce86%40apereo.org?utm_medium=email&utm_source=footer> . -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/af9afc61-befc-41e7-8843-e31afb246b7f%40apereo.org <https://groups.google.com/a/apereo.org/d/msgid/cas-user/af9afc61-befc-41e7-8843-e31afb246b7f%40apereo.org?utm_medium=email&utm_source=footer> . -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/022f01d374bc%245b9261f0%2412b725d0%24%40gmail.com.
