This should be a cas-client side problem. The cas server just recognizes
that you use a try to verify a ticket for a different url than the one
used to create the ticket. This is a security check and should always fail.
It seems that your two phpCAS requests are handled by different vhosts.
The SERVER array is webserver specific array that is influenced by
virtuale hosts etc. It seems that the first time you hit your app you
access the service directly and the second time you are hitting a
diffent vhost that is accessed over a proxy maybe??
Cheers,
Joachim
Am 16.12.2010 13:37, schrieb Franco Casadei:
I'm currently unsing ver 1.3 phpClient to let my web application access through
a cas server. I've a redirection problem and I'm trying to figure out whether
the problem is at cas client side or Cas server side. The question is about
CASClient::getUrl() function.
I get the wrong
Final URI: http://SUBLQ11486.dom2.ad.sys/DDS/
while expecting
Final URI: http://10.115.0.46/DDS/
Note that the SUBLQ11486.dom2.ad.sys is the Cas server Url, while
http://10.115.0.46/DDS/ is my application Url.
getUrl() function builds the Final URI trhough the _SERVER[] array, and this is
suplied by the server (application web server or Cas server)
So, what it seems to me, is that when the CAS server calls back phpCAS::client
(after username/pwd request) with a wrong _SERVER[] array, hence the final URI
gets wrong (lines 47 in attached log file).
At line 49 I would expect
_SERVER[HTTP_X_FORWARDED_SERVER] = empty
_SERVER[SERVER_NAME] = 10.0.115.46
_SERVER[HTTP_HOST] = 10.0.115.46
but I get
_SERVER[HTTP_X_FORWARDED_SERVER] = SUBLQ11486.dom2.ad.sys
_SERVER[SERVER_NAME] = SUBLQ11486.dom2.ad.sys
_SERVER[HTTP_HOST] = SUBLQ11486.dom2.ad.sys
So I think the Cas server is not working properly.
Am I correct?
Thanks a lot for your help.
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
