I'm looking for help to determine the correct way to configure mod_auth_cas when using port forwarding. Here is my network configuration (host names have been changed): Apache 2.2.x site running on http://private:88/. 'private' is an internal, private host, sitting behind a firewall, with mod_auth_cas loaded. This site can be accessed via http://public/, using the following port-forwarding pseudo-rule: public:80 -> private:88 When connecting to http://public/, mod_auth_cas redirects to our CAS login page, sending the following as the 'service=' parameter: http://public:88/. mod_auth_cas is using port 88, because that is the port that the actual Apache site is running on. The problem here is that http://public:88/ is incorrect, no site lives there, and our users will receive an error. Possible solutions I've identified: 1) Stop port forwarding, or ensure the public and private ports are identical. While not impossible, this has network and host configuration implications in my environment, so I'm looking for alternatives. 2) Modify the mod_auth_cas source code and compile a custom version. What I'm envisioning here is a new configuration directive, CASServiceURL, or similar. Is there a solution I'm not seeing? If #2 is a viable solution, I'd be more than happy to make the changes and submit a patch to the mod_auth_cas developers. Thanks, - Matt Hanger <mailto:[email protected]>
-- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
