Thank you very much for quick and very helpful answers. I will check. -- Regards, Dmitry
2011/8/24 Marvin Addison <[email protected]> > > Does it mean that if all my applications accessible over HTTPS even on > different > > domains SSO will work? > > The CAS clients can be on any number of domains; but there's no way to > scope the CAS SSO cookie to anything other than the domain where the > CAS server lives. > > > I have network configuration, where I have firewall and balancer which > > receives https:// but in internal network redirect via http. Do you > think it > > can be a problem or not? > > The only requirement is that the hosts _think_ they are over a secure > channel. The definitive test is that > > http://download.oracle.com/javaee/6/api/javax/servlet/ServletRequest.html#isSecure%28%29 > returns true for a Java application. I don't operate in this kind of > environment, but I believe there are configuration knobs you can turn > to make the host to believe it's secure even if the server connection > handler isn't terminating SSL. > > > Is it possible in test mode switch off "secure" flag? > > Yes, see the SSL section of > https://wiki.jasig.org/display/CASUM/Securing+Your+New+CAS+Server. > > M > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
