Richard, Knee-jerk advice: upgrade your CAS client to use the JA-SIG CAS client. The Yale client is outdated and doesn¹t support the latest CAS features (single sign out).
Download URL from JASIG: http://www.ja-sig.org/downloads/cas-clients/cas-client-3.1.3-release.zip Wiki URL from JASIG website on configuring: http://www.ja-sig.org/wiki/display/CASC/CAS+Client+for+Java+3.1 Hope this helps, A- On 4/23/09 7:55 AM, "Spruit, Richard" <[email protected]> wrote: > We are using an application in Tomcat, behind a CAS-filter. However, the url > to connect to this application is https://<server>:9443/app/ > <https://%3cserver%3e:9443/app/> ... > > When I configure the web.xml file of this application, it looks like this: > > <filter> > <filter-name>CAS Filter</filter-name> > <filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class> > <init-param> > <param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name> > > <param-value>https://edlwwo41:9443/cas-server-webapp-3.3.1/login</param-value> > </init-param> > <init-param> > <param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name> > > <param-value>https://edlwwo41:9443/cas-server-webapp-3.3.1/serviceValidate</pa > ram-value> > </init-param> > <init-param> > <param-name>edu.yale.its.tp.cas.client.filter.serverName</param-name> > <param-value>edlwwo41:9443</param-value> > </init-param> > </filter> > <filter-mapping> > <filter-name>CAS Filter</filter-name> > <url-pattern>/*</url-pattern> > </filter-mapping> > > When I now open a browser and go to the url of this application > (https://edlwwo41:9443), I get redirected to the CAS login screen. After > supplying username/password, I get redirected back to http://edlwwo41:9443 > instead of https://edlwwo41:9443. Including https://¹ in the servername (like > <param-value>https://edlwwo41:9443</param-value > <https://edlwwo41:9443%3c/param-value> >) leads to a redirect to > http://https://edlwwo41:9443/app <http://https:/edlwwo41:9443/app> ). > > A bit of background: the edlwwo41 is the webserver where Apache httpd supplies > a reverse proxy. > > How should I configure this application so that I can use the url > https://edlwwo41:9443/app as the (secured) application url? > > Thanks in advance, > > Richard > > > Please help Logica to respect the environment by not printing this email / > Pour contribuer comme Logica au respect de l'environnement, merci de ne pas > imprimer ce mail / Bitte drucken Sie diese Nachricht nicht aus und helfen Sie > so Logica dabei die Umwelt zu schuetzen / Por favor ajude a Logica a > respeitar o ambiente não imprimindo este correio electrónico. This e-mail and > any attachment is for authorised use by the intended recipient(s) only. It may > contain proprietary material, confidential information and/or be subject to > legal privilege. It should not be copied, disclosed to, retained or used by, > any other party. If you are not an intended recipient then please promptly > delete this e-mail and any attachment and all copies and inform the sender. > Thank you. > > -- > Andrew Feller, Analyst > LSU University Information Services > 200 Frey Computing Services Center > Baton Rouge, LA 70803 > Office: 225.578.3737 > Fax: 225.578.6400 -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
