Hi Jeremiah, I'm running CAS 6.6.x with an embedded Tomcat and trying to do exactly what you said: access it without specifing the port, so I can reach it with https://my.domain.com.br/cas/login Now I'm unable to do it. Even if I set the server name without the port I'm unable to reach the application for logging in.
Which properties you set to do so? Did you configured anything else outside the application or tomcat to reach it? Em sexta-feira, 5 de janeiro de 2024 às 13:58:59 UTC-3, Jeremiah Garmatter escreveu: > Hello, > > I am trying out CAS 7 with the embedded Tomcat instance. I noticed a > change in behavior that will impact my authentication flow and wanted to > see if anyone else has come across it and found a work around. > > I run my CAS server over port 8443 but, for user convenience, I forward > traffic from port 443 to 8443. This way my users can access SSO without > specifying a port number. In the past I have had no issues visiting > https://my.cas.server/cas/login, authenticating via LDAP, then MFA via > Duo. > > On CAS 7, it seems like CAS is more aware of the URL used during > authentication though. When I visit the URL without port 8443 specified, I > can LDAP auth and MFA through Duo, but upon *return* from Duo to CAS I > receive the "MFA provider unavailable" message. If I specify the port, > https://my.cas.server*:8443*/cas/login, I have no trouble returning to > CAS after Duo MFA. > > If I can't get this to work, I'll have to reach out to all my CAS services > and notify my organization to update any links. > -- - Website: https://apereo.github.io/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/fc414421-cc84-495f-a4c1-fea707fbbd19n%40apereo.org.
