The moment I sent my question, I knew the answer. I needed to turn off
certificate checks. SIlly me!
My real problem though is not solved yet. The real problem is that while
Apache/mod_auth_cas authentication works now, I don't know how to use that
authentication information (or really the user attributes) in a JSP
application in Tomcat, which connects to the front-end Apache through AJP
protocol. To make things easier, I have tried to do this first in a phpCAS
application in Apache itself. This is my test file
<?php
include_once('CAS.php');
phpCAS::setDebug();
phpCAS::client(CAS_VERSION_2_0,'admin.prx',8443,'cas',false);
phpCAS::setNoCasServerValidation();
//phpCAS::forceAuthentication();
phpCAS::isAuthenticated();
?>
<html>
<head>
<title>phpCAS simple client</title>
</head>
<body>
<p>the user's login is <?php echo phpCAS::getUser(); ?>.</p>
<p>phpCAS version is <?php echo phpCAS::getVersion(); ?>.</p>
<p> ?logout= Logout </p>
</body>
</html>
And what I get is this
the user's login is
phpCAS error: phpCAS::getUser(): authentication was checked (by
phpCAS::isAuthenticated() at /usr/share/php/CAS.php:1042) but the method
returned FALSE in /var/www/php/example.php on line 17
When I use forceAuthetnication it goes into redirect loop. Besides, I don't
want phpCAS to do authentication, because Apache's mod_auth_cas is already
doing that.
Is it something simple I am missing or maybe it is not possible to do what I
want?
--
View this message in context:
http://jasig.275507.n4.nabble.com/Apache-mod-auth-cas-trivial-problem-tp2321081p2321141.html
Sent from the CAS Users mailing list archive at Nabble.com.
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
