I can't speak to phpCAS, but using mod_auth_cas with Tomcat:
1) I generally use proxy_ajp, but either way make sure your AJP
connection is properly mapped.
2) In Tomcat's server.xml, set 'tomcatAuthentication="false"' on the AJP
<connector>.
3) In a servlet, use request.getRemoteUser(). I don't recall OTTOMH the
JSP equivalent.
HTH,
-Matt
On Wed, 2010-08-11 at 08:47 -0400, Andrus Suitsu wrote:
> The moment I sent my question, I knew the answer. I needed to turn off
> certificate checks. SIlly me!
>
> My real problem though is not solved yet. The real problem is that while
> Apache/mod_auth_cas authentication works now, I don't know how to use that
> authentication information (or really the user attributes) in a JSP
> application in Tomcat, which connects to the front-end Apache through AJP
> protocol. To make things easier, I have tried to do this first in a phpCAS
> application in Apache itself. This is my test file
>
>
> <?php
> include_once('CAS.php');
>
> phpCAS::setDebug();
> phpCAS::client(CAS_VERSION_2_0,'admin.prx',8443,'cas',false);
> phpCAS::setNoCasServerValidation();
>
> //phpCAS::forceAuthentication();
> phpCAS::isAuthenticated();
>
> ?>
> <html>
> <head>
> <title>phpCAS simple client</title>
> </head>
> <body>
> <p>the user's login is <?php echo phpCAS::getUser(); ?>.</p>
> <p>phpCAS version is <?php echo phpCAS::getVersion(); ?>.</p>
> <p> ?logout= Logout </p>
> </body>
> </html>
>
>
> And what I get is this
>
>
>
> the user's login is
> phpCAS error: phpCAS::getUser(): authentication was checked (by
> phpCAS::isAuthenticated() at /usr/share/php/CAS.php:1042) but the method
> returned FALSE in /var/www/php/example.php on line 17
>
> When I use forceAuthetnication it goes into redirect loop. Besides, I don't
> want phpCAS to do authentication, because Apache's mod_auth_cas is already
> doing that.
>
> Is it something simple I am missing or maybe it is not possible to do what I
> want?
>
> --
> View this message in context:
> http://jasig.275507.n4.nabble.com/Apache-mod-auth-cas-trivial-problem-tp2321081p2321141.html
> Sent from the CAS Users mailing list archive at Nabble.com.
>
--
Matthew J. Smith <[email protected]>
University Information Technology Services
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
