Hello,
We are running CAS 5.2.6 using the embedded tomcat container on private IPs 
behind an application load balancer for public access. This is all in the 
cloud with VPN access back to campus. The only internet access is via a 
squid web proxy. 

My problem is that CAS uses the httpclient library, which does not seem to 
use the system proxy settings, and I get an "
org.apache.http.conn.ConnectTimeoutException" in the logs. Is there a way 
to set a proxy address and port so the MFA (currently duo) can access the 
API URL? I have tried setting 
JAVA_OPTS="-Dhttp.proxyHost=http://proxy.example.com 
-Dhttp.proxyPort=3128 -Dhttps.proxyHost=http://proxy.example.com 
-Dhttps.proxyPort=3128", but that does not work. I found some settings for 
cas.httpclient.XXX in the documentation, but could not find anything about 
web proxy settings. 

Can CAS be set up to use a web proxy (and if so, how), or do we need to 
move the servers to public IPs? We may be able to set up a NAT gateway to 
allow traffic out, but because of the VPN, routing gets complicated.

Any help would be appreciated. Thanks


James

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/2e3c740a-da5e-4dff-acdd-884971849cbb%40apereo.org.

Reply via email to