Hi, In your CAS client, the service used for the validation is a property you can configure to a HTTPS url, isn't it? Best regards, Jérôme
2014-02-12 2:36 GMT+01:00 Joe Osowski <[email protected]>: > I'm not able to authenticate tickets as my service URL changes inside > the servlet container. > > My web application sits behind Nginx and it handles the HTTPS. The > connector to tomcat is wired for http. Like so: > > https->Nginx->http->tomcat->servlet > > So when cas authenticates my user: > > /cas/login?service=https%3A%2F%2Fserver.org%2F > > and redirects back my server like so: > https://server.org/?ticket=ST-4-cohYFICwLFQ2WkKqFfeU-cas > > By the time tomcat gets the request, it sees: > http://server.org/?ticket=ST-4-cohYFICwLFQ2WkKqFfeU-cas > > Now when I do the proxy validate, CAS won't confirm the ticket as the > service has changed. > > > /cas/proxyValidate?service=https%3A%2F%2Fserver.org%2F&ticket=ST-4-cohYFICwLFQ2WkKqFfeU-cas > > Is there a way to turn off checking the protocol? > > -Joe > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
