Hi Maxime, I've looked for an error twice after your aswer, but I dont find anythings.
_The version of PhpCas is 1.3.2__._ The problem can be the version oh phpCAS ? _This is an example of app :_ ---------------- include_once($CASlib); // Your version of php_cas // initialize phpCAS phpCAS::client(SAML_VERSION_1_1,$CASurl,$CASport,'cas'); // IP_FQDN_cas_server, protocol : 80 or 443, folder ex. : cas // no SSL validation for the CAS server phpCAS::setNoCasServerValidation(); phpCAS::forceAuthentication(); // Get the username with SSO CAS $username = phpCAS::getUser(); ......... ---------------- _This is the configuration of the reverse proxy (apache) :_ ---------------- <VirtualHost *:443> ProxyRequests off ProxyPass /app http://URL.LAN/app ProxyPassReverse /app http://URL.LAN/app ProxyPass /cas http://URL.LAN:8080/cas ProxyPassReverse /cas http://URL.LAN:8080/cas SSLEngine on ...... ---------------- Le 04/11/2013 11:17, Maxime BOSSARD a écrit : > Hello, > > If your second URL is correct, the client call the cas login with the > service URL : http%3A%2F%2FURL%2Fapp%2F wich is not secured. > > I think your problem reside in the CAS client configuration. You > should provide the secured service URL in it instead of the http one. > > > 2013/11/4 Michael EDLICH <[email protected] <mailto:[email protected]>> > > Hi all ! > > I have a CAS server that works. However, despite the request of an > application via https, the CAS server, after authentication, referring > to the no-secure url (http). > > Ex: client ask for https://URL/app > url redirected to : > https://URL/cas/login?service=http%3A%2F%2FURL%2Fapp%2F > the url after authentification : http://URL/app > > The server and applications (LAN) are behind a reverse proxy. > The lan network is all HTTP. > Only the reverse proxy is https to secure all transactions with > clients. > > It's been two days since I'm stuck on this problem, please ... HELP ! > > Michael. > > > -- > You are currently subscribed to [email protected] > <mailto:[email protected]> as: [email protected] > <mailto:[email protected]> > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > > > > -- > Cordialement, Maxime BOSSARD. > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
