Would the CASRootProxiedAs method serve your needs? -Phil
On Wed, Apr 6, 2011 at 3:54 PM, Nick Tkach <[email protected]> wrote: > Is there a way to get mod_auth_cas to strip off port numbers? We've got a > setup with web requests coming in through a hardware load balancer. That > does a port rewrite on the request to point to a non-standard port on a web > server. That then uses mod_auth_cas to go to a Tomcat for authentication. > That works fine, but when CAS builds its ticket for this request it keeps > the original name (which is fine), but it also keeps the non-standard port > that came in. > > For example, I have a request from the outside, http://mymail.com. The > server iron transparently rewrites that to go to > http://dmz.mymail.com:9120. An apache on dmz.mymail.com is listening on > 9120. It sends requests off to http://cas.mymail.com/cas/login. That > works fine, but I see in the logs that it's generating a ticket for > http://mymail.com:9120. Is that right? > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
