Yes, thanks! I found that just after I posted this. That does work for us!
----- Original Message ----- Would the CASRootProxiedAs method serve your needs? -Phil On Wed, Apr 6, 2011 at 3:54 PM, Nick Tkach < [email protected] > wrote: Is there a way to get mod_auth_cas to strip off port numbers? We've got a setup with web requests coming in through a hardware load balancer. That does a port rewrite on the request to point to a non-standard port on a web server. That then uses mod_auth_cas to go to a Tomcat for authentication. That works fine, but when CAS builds its ticket for this request it keeps the original name (which is fine), but it also keeps the non-standard port that came in. For example, I have a request from the outside, http://mymail.com . The server iron transparently rewrites that to go to http://dmz.mymail.com:9120 . An apache on dmz.mymail.com is listening on 9120. It sends requests off to http://cas.mymail.com/cas/login . That works fine, but I see in the logs that it's generating a ticket for http://mymail.com:9120 . Is that right? -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
