Hi, You're right, you validate service tickets using a HTTPS url. Generally, people have problem with certificates but I don't think it's your case. It looks more like a network issue : where is your Tomcat located ? Can you "curl" this HTTPS url from your Tomcat server ? Best regards, Jérôme
2013/10/21 Michael Kromarek <[email protected]> > Hi Jérôme, > > My cas.properties file contains the following for the security > configuration > > ## > # Services Management Web UI Security > server.name=https://my_server.highline.edu:8443 > server.prefix=${server.name}/cas > > cas.securityContext.serviceProperties.service=${server.prefix}/services/j_acegi_cas_security_check > # Names of roles allowed to access the CAS service manager > cas.securityContext.serviceProperties.adminRoles=ROLE_ADMIN > > cas.securityContext.casProcessingFilterEntryPoint.loginUrl=${server.prefix}/login > cas.securityContext.ticketValidator.casServerUrlPrefix=${server.prefix} > > cas.securityContext.casProxyTicketValidator.casValidate=${server.prefix}/proxyValidate > # IP address or CIDR subnet allowed to access the /status URI of CAS that > exposes health check information > cas.securityContext.status.allowedSubnet=127.0.0.1 > > > cas.themeResolver.defaultThemeName=cas-theme-default > cas.viewResolver.basename=default_views > > ## > # Unique CAS node name > # host.name is used to generate unique Service Ticket IDs and > SAMLArtifacts. This is usually set to the specific > # hostname of the machine running the CAS node, but it could be any label > so long as it is unique in the cluster. > host.name=my_server.highline.edu > > > From the configuration I think I have all of my server validation going > through https. I also configured Tomcat 7 to redirect all traffic through > https as well. > > --Mike K. > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
