I deployed the CAS server on HTTP:8080 port without SSL. And I also made
sure that I set the following property in the CAS server
deployerConfigContext.xml
<bean
class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
p:httpClient-ref="httpClient"
p:requireSecure="false"/>
And Now I got two web application deployed are deployed on different tomcat
server with out SSL, and I also made sure that these application contacting
the CAS server with HTTP protocol instead.
And now with such a configuration and deployment structure SSO does not work
any more.
1. If CAS server sends the cookie only on SSL (HTTPS), then what is the need
for the flag "requireSecure" on the
"HttpBasedServiceCredentialsAuthenticationHandler"
Thanks
RR
--
View this message in context:
http://www.nabble.com/CAS-SERVER-with-deployed-with-requireSecure%3D%22false%22-does-not-do-SSO-tp23261229p23261229.html
Sent from the CAS Users mailing list archive at Nabble.com.
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
