Is there anything in your log to indicate an error? CAS rarely redirects (except possibly if the session timeouts on the login page).
On Thu, Sep 29, 2011 at 11:22 AM, Kirk, Matt <[email protected]> wrote: > Scott / Marvin, > > Thanks for the help earlier, got another one... > > Getting an unexplainable intermittent scenario whilst trying to make our > CAS app production ready. We have the following architecture: > > 4 Tomcat servers with CAS 3.4.10 (plus our custom JSPs) deployed behind a > load balancer. Authenticating against LDAP using Fast Bind with a > JpaTicketRegistry (Oracle). When repeatedly hitting the CAS login page (via > the load balancer) over https we see random failures with a redirect back to > the login url but via http. At a complete loss as to what could be causing > the redirect switch from https to http. Any ideas? > > Thanks, > Matt > > > > ------------------------------ > *From:* Scott Battaglia [[email protected]] > *Sent:* 29 September 2011 14:53 > *To:* [email protected] > *Subject:* Re: [cas-user] Upgrade CAS 3.4.8 to 3.4.10 > > I promise that if I had been on a computer instead of my phone, my answer > would have been just as detailed ;-) > > > On Thu, Sep 29, 2011 at 9:16 AM, Marvin Addison > <[email protected]>wrote: > >> > If you have a custom jsp page, you may wish to compare it against the >> > default. >> >> This is an insightful suggestion, and I'll explain why. If you have >> modified your login page, that would likely explain the problem. >> 3.4.10 changed the way the LT is handled due to increased conformance >> with the CAS protocol, https://issues.jasig.org/browse/CAS-958. The >> end result is that the login form posts slightly different parameters, >> which if missing would cause authentication to fail before the >> authentication handler fires. >> >> https://github.com/Jasig/cas/commit/f5093358632c351594daecbe42b690c1382d24db >> clearly describes the exact changes. >> >> M >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > > Information in this email including any attachments may be privileged, > confidential and is intended exclusively for the addressee. The views > expressed may not be official policy, but the personal views of the > originator. If you have received it in error, please notify the sender by > return e-mail and delete it from your system. You should not reproduce, > distribute, store, retransmit, use or disclose its contents to anyone. > Please note we reserve the right to monitor all e-mail communication through > our internal and external networks. SKY and the SKY marks are trade marks of > British Sky Broadcasting Group plc and are used under licence. British Sky > Broadcasting Limited (Registration No. 2906991), Sky Interactive Limited > (Registration No. 3554332), Sky-In-Home Service Limited (Registration No. > 2067075) and Sky Subscribers Services Limited (Registration No. 2340150) are > direct or indirect subsidiaries of British Sky Broadcasting Group plc > (Registration No. 2247735). All of the companies mentioned in this paragraph > are incorporated in England and Wales and share the same registered office > at Grant Way, Isleworth, Middlesex TW7 5QD. > > -- > You are currently subscribed to [email protected] as: > [email protected] > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
