Both apache servers are configured identically.
<Directory "/var/www/td">
AllowOverride AuthConfig
Order allow,deny
Allow from all
AuthType CAS
AuthName "xxx"
require valid-user
</Directory>
>you mean to sign again redirect to CAS or (re)supply username and password?
I get redirected to CAS where I enter a login/password and gets redirected
back to the resource.
I¹ve got 2 cookies for the CAS on the browser and a cookie for the first
apache server. I don¹t see a cookie added when I try accessing the second
apache server unless I sign in again.
Thierry.
On 11/07/2009 16:10, "Giovanni Cocco" <[email protected]> wrote:
> Probably in the second server you need to redirect to CAS
> (when you require a protected resources) and a this time SSO cookie
> would be accessed by CAS....
> you mean to sign again redirect to CAS or (re)supply username and password?
>
> GC
>
> ___________________________
>
> http://www.japsportal.org/
>
> 2009/7/11 Thierry Delaitre <[email protected]>
>> The 2 apache servers have https enabled and the tomcat server also. The
>> authentication works with each apache server. The problem is that I have to
>> sign in again when switching from one to the other.
>>
>> CASLoginURL https://xxx/cas-server-webapp-3.3.3/login
>> CASValidateURL https://xxx/cas-server-webapp-3.3.3/serviceValidate
>>
>> Cheers,
>>
>> Thierry.
>>
>>
>>
>> On 11/07/2009 15:56, "Scott Battaglia" <[email protected]
>> <http://[email protected]> > wrote:
>>
>>> The most common cause of this is that you're not running CAS over HTTPS. If
>>> CAS is not run over HTTPS, then it will not send the SSO session cookie to
>>> the browser.
>>>
>>> Cheers,
>>> Scott
>>>
>>>
>>> On Sat, Jul 11, 2009 at 10:48 AM, Thierry Delaitre
>>> <[email protected] <http://[email protected]> > wrote:
>>>> Hello,
>>>>
>>>> I¹ve just deployed Cas 3.3.3 on a debian box.
>>>>
>>>> I¹ve got 2 apache servers on 2 separate linux box using the above CAS
>>>> server.
>>>>
>>>> I can authenticate via cas on each apache server but I have to login to
>>>> each apache server. I don¹t seem to be able to login once and use any
>>>> server.
>>>>
>>>> It seems I have to login again when switching to the second apache server.
>>>> Isn¹t it meant to re-use the already logged in session/ticket ?
>>>>
>>>> This is what I see in the cas log when I¹m already logged in to one of the
>>>> 2 apache server and tries to use the second one:
>>>>
>>>> Can you help me ?
>>>>
>>>> Thanks
>>>>
>>>> Thierry.
>>>>
>>>> 2009-07-11 15:30:39,565 DEBUG
>>>> [org.jasig.cas.web.flow.InitialFlowSetupAction] - Action
>>>> 'InitialFlowSetupAction' beginning execution
>>>> 2009-07-11 15:30:39,566 DEBUG
>>>> [org.jasig.cas.web.flow.InitialFlowSetupAction] - Placing service in
>>>> FlowScope: https://users.ecs.westminster.ac.uk/td/
>>>> 2009-07-11 15:30:39,566 DEBUG
>>>> [org.jasig.cas.web.flow.InitialFlowSetupAction] - Action
>>>> 'InitialFlowSetupAction' completed execution; result is 'success'
>>>> 2009-07-11 15:30:39,566 DEBUG
>>>> [org.jasig.cas.web.flow.GenerateServiceTicketAction] - Action
>>>> 'GenerateServiceTicketAction' beginning execution
>>>> 2009-07-11 15:30:39,566 DEBUG
>>>> [org.jasig.cas.web.flow.GenerateServiceTicketAction] - Action
>>>> 'GenerateServiceTicketAction' completed execution; result is 'error'
>>>> 2009-07-11 15:30:39,566 DEBUG
>>>> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action
>>>> 'AuthenticationViaFormAction' beginning execution
>>>> 2009-07-11 15:30:39,566 DEBUG
>>>> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Executing setupForm
>>>> 2009-07-11 15:30:39,566 DEBUG
>>>> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Creating new form
>>>> object with name 'credentials'
>>>> 2009-07-11 15:30:39,566 DEBUG
>>>> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Creating new
>>>> instance of form object class [class
>>>> org.jasig.cas.authentication.principal.UsernamePasswordCredentials]
>>>> 2009-07-11 15:30:39,566 DEBUG
>>>> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Putting form object
>>>> of type [class
>>>> org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in
>>>> scope Flow with name 'credentials'
>>>> 2009-07-11 15:30:39,566 DEBUG
>>>> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Creating new form
>>>> errors for object with name 'credentials'
>>>> 2009-07-11 15:30:39,566 DEBUG
>>>> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - No property editor
>>>> registrar set, no custom editors to register
>>>> 2009-07-11 15:30:39,567 DEBUG
>>>> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Putting form errors
>>>> instance in scope Flash
>>>> 2009-07-11 15:30:39,567 DEBUG
>>>> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action
>>>> 'AuthenticationViaFormAction' completed execution; result is 'success'
>>>> 2009-07-11 15:30:39,567 DEBUG
>>>> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action
>>>> 'AuthenticationViaFormAction' beginning execution
>>>> 2009-07-11 15:30:39,567 DEBUG
>>>> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action
>>>> 'AuthenticationViaFormAction' completed execution; result is 'success'
>>>>
>>>> The University of Westminster is a charity and a company
>>>> limited by guarantee. Registration number: 977818 England.
>>>> Registered Office: 309 Regent Street, London W1B 2UW.
>>
>> The University of Westminster is a charity and a company
>> limited by guarantee. Registration number: 977818 England.
>> Registered Office: 309 Regent Street, London W1B 2UW.
--
The University of Westminster is a charity and a company limited by
guarantee. Registration number: 977818 England. Registered Office:
309 Regent Street, London W1B 2UW, UK.
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
