> Browser : https://dev.miletrie.chl/cas/js/common_rosters.js > Server : HTTP/1.1 302 Déplacé Temporairement , Location: > https://dev.miletrie.chl/cas/login > > Ahem... why this redirection ??
Bet I know. By default CAS handles a 404 by issuing a 302 redirect to /login. Does that resource really exist? > Here it's triggering the login Webflow. I feel that I've a configuration > issue somewhere... > > From my computer, if I use wget to retrieve common_rosters.js, I get the same > redirection. > > >> I would argue that every X.509 deployment should be configured with >> two ports, one that is configured to want or require a cert to support >> the login Webflow, and all other requests. We do this and it has >> worked exceptionally well. > Would a two ports configuration work with our actual authentication scheme ? > - First CAS checks if a valid X509 certificate is provided by the client > - If not, a login/password is requested I don't see any reason why not. You would need some login web flow modifications to support this, but as I said we do it and it works well. As far as a more detailed description, maybe reviewing our login web flow would help: https://svn.middleware.vt.edu/svn/middleware/cas/cas-server/tags/cas-server-3.4.8/vt-cas-server-webapp/src/main/webapp/WEB-INF/login-webflow.xml. > M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
