The probleme is with the client side,
in phpCas (v1.3.2), in the file Client.php, line 325, we can found that :
if ( empty($this->_server['login_url']) ) {
$this->_server['login_url'] = $this->_getServerBaseURL();
$this->_server['login_url'] .= 'login?service=';
$this->_server['login_url'] .= urlencode($this->getURL());
}
$url = $this->_server['login_url'];
But, this code => $this->getURL()
give the non-secure URL
So, is it possible to force the https URL with the php-cas client ?
Thanks for your help !
Michael.
Le 04/11/2013 11:52, Michael EDLICH a écrit :
> Hi Maxime,
>
> I've looked for an error twice after your aswer, but I dont find
> anythings.
>
> _The version of PhpCas is 1.3.2__._
>
> The problem can be the version oh phpCAS ?
>
> _This is an example of app :_
> ----------------
> include_once($CASlib); // Your version of php_cas
> // initialize phpCAS
> phpCAS::client(SAML_VERSION_1_1,$CASurl,$CASport,'cas'); //
> IP_FQDN_cas_server, protocol : 80 or 443, folder ex. : cas
> // no SSL validation for the CAS server
> phpCAS::setNoCasServerValidation();
>
> phpCAS::forceAuthentication();
>
> // Get the username with SSO CAS
> $username = phpCAS::getUser();
>
> .........
> ----------------
>
> _This is the configuration of the reverse proxy (apache) :_
>
> ----------------
>
> <VirtualHost *:443>
> ProxyRequests off
>
> ProxyPass /app http://URL.LAN/app
> ProxyPassReverse /app http://URL.LAN/app
>
> ProxyPass /cas http://URL.LAN:8080/cas
> ProxyPassReverse /cas http://URL.LAN:8080/cas
>
> SSLEngine on
>
> ......
>
>
> ----------------
>
>
>
>
>
>
>
>
>
>
>
>
> Le 04/11/2013 11:17, Maxime BOSSARD a écrit :
>> Hello,
>>
>> If your second URL is correct, the client call the cas login with the
>> service URL : http%3A%2F%2FURL%2Fapp%2F wich is not secured.
>>
>> I think your problem reside in the CAS client configuration. You
>> should provide the secured service URL in it instead of the http one.
>>
>>
>> 2013/11/4 Michael EDLICH <[email protected] <mailto:[email protected]>>
>>
>> Hi all !
>>
>> I have a CAS server that works. However, despite the request of an
>> application via https, the CAS server, after authentication,
>> referring
>> to the no-secure url (http).
>>
>> Ex: client ask for https://URL/app
>> url redirected to :
>> https://URL/cas/login?service=http%3A%2F%2FURL%2Fapp%2F
>> the url after authentification : http://URL/app
>>
>> The server and applications (LAN) are behind a reverse proxy.
>> The lan network is all HTTP.
>> Only the reverse proxy is https to secure all transactions with
>> clients.
>>
>> It's been two days since I'm stuck on this problem, please ... HELP !
>>
>> Michael.
>>
>>
>> --
>> You are currently subscribed to [email protected]
>> <mailto:[email protected]> as: [email protected]
>> <mailto:[email protected]>
>> To unsubscribe, change settings or access archives, see
>> http://www.ja-sig.org/wiki/display/JSG/cas-user
>>
>>
>>
>>
>> --
>> Cordialement, Maxime BOSSARD.
>> --
>> You are currently subscribed to [email protected] as:
>> [email protected]
>> To unsubscribe, change settings or access archives, see
>> http://www.ja-sig.org/wiki/display/JSG/cas-user
>
> --
> You are currently subscribed to [email protected] as:
> [email protected]
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
