You should be able to append method=POST to the login url. Cheers, Scott
On Thu, Apr 7, 2011 at 11:59 AM, Nick Tkach <[email protected]> wrote: > Is there some way to make mod_auth_cas tell cas-server to use a POST rather > than a GET when it does its authentication? > > > For example, > > User hits http://mail.mycom.com (apache 2.2 server that's a reverse proxy > to an internal machine) > > mod_auth_cas redirects correctly to https://sso.mycom.com/cas/login > > User logs in okay > > cas-server then does a redirect to http://mail.mycom.com with an attached > ?ticket=blahblahuuid > > App that Apache is proxying to (we have no control over its code, so it's > not an option to rewrite it), http://intmail.mycom.com/app strips off all > arguments, thus confusing CAS into thinking you've not presented > authentication. That leaves the session in a weird state where it's > half-authenticated. It doesn't send you back to CAS, but it also doesn't > let you into the app. > > > Comparing this setup to a similar SSO we have (OpenSSO), I think that > possibly either making CAS do a POST rather than a GET might fix it. Either > that or, is there some way to make CAS store/read its ticket info from a > header or cookie rather than putting something in the url each time? > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
