> I understand that CAS by default does not support HTTP protocol. But I am > currently in the development environment and don't have signed certificate to > use.
Self-signed certificates are the recommended practice in this case. > I would be appreciate if you can suggest me the code/settings changes to make > CAS-3.4.11 work on HTTP server. Toggle the cookieSecure property of the TGT cookie generator. See http://static.springsource.org/spring/docs/3.0.x/javadoc-api/org/springframework/web/util/CookieGenerator.html#setCookieSecure(boolean) for more info. We strongly recommend against this for anything but development and testing, and even then it's not advised. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
