Hello,

Thank you to all that responded. We made one change and it all started working. I don't recall seeing this in the documentation, maybe it's an "assumed known" like 2+2=4 (except for extremely large 2's). We reviewed our cert. It wasn't set to the FQDN. Once we changed that, the redirection to localhost stopped happening and we are able to log into the services page and add service now.

Thanks again,
Roger


On 7/11/14, 2:42 PM, Ben Branch wrote:
" When you say a localhost entry on your desktop, do you mean in your hosts 
file?"
Yup.

What exactly are you using Apache for?  For all intents and purposes, you don't 
need it unless you have a specific use case.  I'm sure Marvin or some of the 
other guys will correct me if this isn't so.  Since I'm not sure what you're 
using Apache for, my first step would be to shutdown apache and test only with 
Tomcat running.  My initial suspicion is that something in the httpd 
configuration is redirecting to the localhost address, but I'm not sure, hence 
why I'm suggesting to conduct your testing with apache shutdown.

You should be able to disable the apache server with the following:  chkconfig 
httpd off
You can also shutdown the service the same way you shutdown tomcat: service 
httpd stop.

Is this a vanilla installation of Tomcat? Also, if you don't mind, post your 
cas.properties file (please scrubb any sensitive from the file before posting).


Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+, RHCSA

100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M: 405.550.6804 | [email protected] | www.uco.edu

"I am wiser than this man, for neither of us appears to know anything great and 
good; but he fancies he knows something, although he knows nothing; whereas I, as I do 
not know anything, so I do not fancy I do. In this trifling particular, then, I appear to 
be wiser than he, because I do not fancy I know what I do not know."  - Socrates


-----Original Message-----
From: Roger [mailto:[email protected]]
Sent: Friday, July 11, 2014 1:30 PM
To: [email protected]
Subject: Re: [cas-user] Service Management Redirects To Localhost

Hello,

Thanks for the information and reply.  Looking at your cas.properties, I 
believe ours to be correct now.  I believe the 8443 connecter is enabled, we 
are able to load the generic https://ourdevsystem.edu:8443/cas/login page and 
using username=password we can login.  We are using a self signed cert.

When you say a localhost entry on your desktop, do you mean in your hosts file? 
 I've checked my desktop hosts file and there are no entries for the CAS 
server.  I also checked the hosts file on the CAS server, just to be sure.  
There is a 127.0.0.1 localhost entry, I would assume some sort of loopback.  
Nothing for the ourdevsystem.edu though.

Anytime I make a change, I use the following commands.  Not sure if the apache 
command is necessary.  After 2 or 3 changes, I'll restart the box to just for 
good measure...just in case.

service tomcat6 restart
apachectl restart

Sometimes apache is already running, sometimes not.  Not sure if that matters 
in this case.

Thanks,
Roger



On 7/11/14 2:22 PM, Ben Branch wrote:
Roger,

Note: I am running CAS 3.5.2

I reviewed my cas.properties file and this is what I have for mine:

server.name=https://casdev.uco.edu:8443
server.prefix=${server.name}/cas

cas.securityContext.serviceProperties.service=${server.prefix}/service
s/j_acegi_cas_security_check
cas.securityContext.serviceProperties.adminRoles=ROLE_ADMIN
cas.securityContext.casProcessingFilterEntryPoint.loginUrl=${server.pr
efix}/login
cas.securityContext.ticketValidator.casServerUrlPrefix=${server.prefix
} cas.themeResolver.defaultThemeName=cas-theme-default
cas.viewResolver.basename=default_views

host.name=muninn
----------------------------------

So your server.name should be https://ourdevsystem.edu:8443.  Make sure that 
you have your 8443 Connector enabled in your tomcat configuration and that you 
have a self-signed certificate generated for Tomcat.  I know I've had this 
happen to me before and it ended up that I had created a local hosts entry on 
my desktop machine that was redirecting me to the wrong server.  Also, I'm sure 
you've done this, after you make the changes make sure that you restart Tomcat 
so that it can load the new configuration changes.

Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+, RHCSA

100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M: 405.550.6804 | [email protected] | www.uco.edu

"I am wiser than this man, for neither of us appears to know anything
great and good; but he fancies he knows something, although he knows
nothing; whereas I, as I do not know anything, so I do not fancy I do.
In this trifling particular, then, I appear to be wiser than he,
because I do not fancy I know what I do not know."  - Socrates


-----Original Message-----
From: Roger [mailto:[email protected]]
Sent: Friday, July 11, 2014 11:35 AM
To: [email protected]
Subject: Re: [cas-user] Service Management Redirects To Localhost

Hello,

Thank you for the reply and the suggestion.  Unfortunately, it did not solve 
the problem.  We are still being redirected to localhost:8080.

Any other tips, ideas or suggestions?

Thanks,
Roger

On 7/10/14 4:50 PM, Ben Branch wrote:
In our cas.properties, we have the following:
server.name=https://localhost:8443 <---- Change this from localhost
to
ourdevsystem.edu:8443 host.name=ourdevsystem.edu <--- This is used to appended 
the hostname to the end of the Ticket Granting Tickets and the Service Tickets 
(very useful in a clustered environment).

Ben Branch
UNIX/Linux Administrator
University of Central Oklahoma
ITIL Foundation v3, Network+, RHCSA

100 N. University Drive, Box 122
Edmond, OK 73034
D: 405.974.2649 | M: 405.550.6804 | [email protected] | www.uco.edu

"I am wiser than this man, for neither of us appears to know anything
great and good; but he fancies he knows something, although he knows
nothing; whereas I, as I do not know anything, so I do not fancy I do.
In this trifling particular, then, I appear to be wiser than he,
because I do not fancy I know what I do not know."  - Socrates

-----Original Message-----
From: Roger [mailto:[email protected]]
Sent: Thursday, July 10, 2014 3:39 PM
To: [email protected]
Subject: [cas-user] Service Management Redirects To Localhost

Hello,

We are just getting started with CAS.  We can load 
https://ourdevsystem.edu:8443/cas/ and login using username=password.
However, we are not able to load the service management page.  I'm using 
"ourdevsystem.edu" below in place of our real domain name.

When we try to load the Service Management page:
https://ourdevsystem.edu:8443/cas/services

We are always redirected to:
http://localhost:8080/cas/login?service=http%3A%2F%2Flocalhost%3A8080
% 2Fcas%2Fservices%2Fj_acegi_cas_security_check

Can anyone think of a setting that we missed in the install/configuration that 
would cause us to be redirected to localhost:8080?

In our cas.properties, we have the following:
server.name=https://localhost:8443
host.name=ourdevsystem.edu

Thanks in advance,
Roger

--
Roger Spears
Manager of Data Systems
Northwest State Community College
22600 State Route 34
Archbold, Ohio  43502
P: 419-267-1304
F: 419-267-3891



***********************************
This message and any attachment are confidential, intended solely for the use 
of the individual or entity to whom it is addressed and may be protected under 
FERPA (http://www2.ed.gov/policy/gen/reg/ferpa/index.html ). If you have 
received it by mistake, or are not the named recipient(s), please immediately 
notify the sender and delete the message. You are hereby notified that any 
unauthorized use, copying or dissemination of any or all information contained 
in this message is prohibited.  Northwest State Community College and/or any 
part thereof shall not be liable for the message if altered, falsified, or in 
case of error in the recipient.


--
You are currently subscribed to [email protected] as:
[email protected] To unsubscribe, change settings or access archives,
see http://www.ja-sig.org/wiki/display/JSG/cas-user
**Bronze+Blue=Green** The University of Central Oklahoma is Bronze, Blue, and 
Green! Please print this e-mail only if absolutely necessary!

**CONFIDENTIALITY** -This e-mail (including any attachments) may contain 
confidential, proprietary and privileged information. Any unauthorized 
disclosure or use of this information is prohibited.

--
Roger Spears
Manager of Data Systems
Northwest State Community College
22600 State Route 34
Archbold, Ohio  43502
P: 419-267-1304
F: 419-267-3891



***********************************
This message and any attachment are confidential, intended solely for the use 
of the individual or entity to whom it is addressed and may be protected under 
FERPA (http://www2.ed.gov/policy/gen/reg/ferpa/index.html ). If you have 
received it by mistake, or are not the named recipient(s), please immediately 
notify the sender and delete the message. You are hereby notified that any 
unauthorized use, copying or dissemination of any or all information contained 
in this message is prohibited.  Northwest State Community College and/or any 
part thereof shall not be liable for the message if altered, falsified, or in 
case of error in the recipient.


--
You are currently subscribed to [email protected] as:
[email protected] To unsubscribe, change settings or access archives,
see http://www.ja-sig.org/wiki/display/JSG/cas-user
**Bronze+Blue=Green** The University of Central Oklahoma is Bronze, Blue, and 
Green! Please print this e-mail only if absolutely necessary!

**CONFIDENTIALITY** -This e-mail (including any attachments) may contain 
confidential, proprietary and privileged information. Any unauthorized 
disclosure or use of this information is prohibited.

--
Roger Spears
Manager of Data Systems
Northwest State Community College
22600 State Route 34
Archbold, Ohio  43502
P: 419-267-1304
F: 419-267-3891



***********************************
This message and any attachment are confidential, intended solely for the use 
of the individual or entity to whom it is addressed and may be protected under 
FERPA (http://www2.ed.gov/policy/gen/reg/ferpa/index.html ). If you have 
received it by mistake, or are not the named recipient(s), please immediately 
notify the sender and delete the message. You are hereby notified that any 
unauthorized use, copying or dissemination of any or all information contained 
in this message is prohibited.  Northwest State Community College and/or any 
part thereof shall not be liable for the message if altered, falsified, or in 
case of error in the recipient.


--
You are currently subscribed to [email protected] as: [email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user
**Bronze+Blue=Green** The University of Central Oklahoma is Bronze, Blue, and 
Green! Please print this e-mail only if absolutely necessary!

**CONFIDENTIALITY** -This e-mail (including any attachments) may contain 
confidential, proprietary and privileged information. Any unauthorized 
disclosure or use of this information is prohibited.


--
Roger Spears
Manager of Data Systems
Northwest State Community College
22600 State Route 34
Archbold, Ohio  43502
P: 419-267-1304
F: 419-267-3891



***********************************
This message and any attachment are confidential, intended solely for the use 
of the individual or entity to whom it is addressed and may be protected under 
FERPA (http://www2.ed.gov/policy/gen/reg/ferpa/index.html ). If you have 
received it by mistake, or are not the named recipient(s), please immediately 
notify the sender and delete the message. You are hereby notified that any 
unauthorized use, copying or dissemination of any or all information contained 
in this message is prohibited.  Northwest State Community College and/or any 
part thereof shall not be liable for the message if altered, falsified, or in 
case of error in the recipient.


--
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Reply via email to