Thanks Scott trying things out now.
On Thu, Dec 9, 2010 at 8:53 AM, Scott Battaglia <[email protected]>wrote: > On Wed, Dec 8, 2010 at 10:21 PM, Vipin Jain <[email protected]> wrote: > >> ok, but i am using the same CAS server for issuing the ticket at both the >> clients. > > > It doesn't matter. You can only validate a service ticket once. So if > both clients get the same ticket, the second one will fail. > > > >> >> also, is remoteUser a header which i can read >> > > Its the HttpServletRequest#getRemoteUser(). > > > > >> >> >> On Thu, Dec 9, 2010 at 8:47 AM, Scott Battaglia < >> [email protected]> wrote: >> >>> Two of them can't read the same ticket. Tickets can only be used once. >>> >>> >>> On Wed, Dec 8, 2010 at 10:14 PM, Vipin Jain <[email protected]> wrote: >>> >>>> Thanks >>>> >>>> but we need protection even if anybody accesses the direct websphere >>>> application so have CAS clients at both levels. >>>> >>>> Can't we have two CAS clients working at a time? >>>> >>>> Thanks >>>> Vipin >>>> >>>> On Thu, Dec 9, 2010 at 8:37 AM, Scott Battaglia < >>>> [email protected]> wrote: >>>> >>>>> You only need one CAS client. You either need to use mod_auth_cas (and >>>>> then read the remoteUser) or use the CAS Client. >>>>> >>>>> >>>>> On Wed, Dec 8, 2010 at 10:05 PM, Vipin Jain <[email protected]>wrote: >>>>> >>>>>> Hello Scott, >>>>>> >>>>>> I have a peculiar problem >>>>>> >>>>>> We have configured the environment as below >>>>>> >>>>>> 1. Install CAS on Tomcat >>>>>> 2. Configured mod_auth_cas on Apache with CAS Tomcat URL >>>>>> 3. Configured CAS Client as TAI on Websphere with the same CAS Tomcat >>>>>> URL >>>>>> 4. Proxy all the access through Apache >>>>>> >>>>>> Here is the flow >>>>>> >>>>>> 1. User access websphere application thru Apache >>>>>> 2. mod_auth_cas intercepts and sends to Tomcat CAS Login page >>>>>> 3. User authenticates and it is redirected to the websphere >>>>>> application >>>>>> 4. Websphere CAS agent is not able to read the ticket and gives the >>>>>> below error >>>>>> >>>>>> [12/9/10 8:24:48:829 IST] 000000ee SystemOut O has ticket? =false >>>>>> [12/9/10 8:24:48:829 IST] 000000ee SystemOut O request url= >>>>>> https://in-ccuapp008:9443/TCLProcessUI/JSP/homepage/index.faces >>>>>> >>>>>> If we remove the mod_auth_cas from Apache and only Proxy the >>>>>> application through apache. Everything works fine. >>>>>> >>>>>> So mod_auth_cas is creating issues. >>>>>> >>>>>> Can you please help me whats the problem. >>>>>> >>>>>> Thanks >>>>>> Vipin >>>>>> >>>>>> -- >>>>>> You are currently subscribed to [email protected] as: >>>>>> [email protected] >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> To unsubscribe, change settings or access archives, see >>>>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>>>> >>>>>> >>>>> -- >>>>> You are currently subscribed to [email protected] as: >>>>> [email protected] >>>>> >>>>> >>>>> To unsubscribe, change settings or access archives, see >>>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>>> >>>>> >>>> -- >>>> You are currently subscribed to [email protected] as: >>>> [email protected] >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> To unsubscribe, change settings or access archives, see >>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>> >>>> >>> -- >>> You are currently subscribed to [email protected] as: >>> [email protected] >>> To unsubscribe, change settings or access archives, see >>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>> >>> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> >> >> >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
