Hello, If your second URL is correct, the client call the cas login with the service URL : http%3A%2F%2FURL%2Fapp%2F wich is not secured.
I think your problem reside in the CAS client configuration. You should provide the secured service URL in it instead of the http one. 2013/11/4 Michael EDLICH <[email protected]> > Hi all ! > > I have a CAS server that works. However, despite the request of an > application via https, the CAS server, after authentication, referring > to the no-secure url (http). > > Ex: client ask for https://URL/app > url redirected to : > https://URL/cas/login?service=http%3A%2F%2FURL%2Fapp%2F > the url after authentification : http://URL/app > > The server and applications (LAN) are behind a reverse proxy. > The lan network is all HTTP. > Only the reverse proxy is https to secure all transactions with clients. > > It's been two days since I'm stuck on this problem, please ... HELP ! > > Michael. > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- Cordialement, Maxime BOSSARD. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
