On Wed, Feb 11, 2015 at 04:30:59PM +0000, Chris Adams wrote: > I have read documentation for using CAS with Ezproxy and it seems to > agree with some postings on this list. However, I am missing something > and thought someone here might want to weigh in.
We use CAS for ezproxy with attributes for authorization, our config looks like: ::CAS LoginURL https://auth.csupomona.edu/cas/login ServiceValidateURL https://auth.csupomona.edu/cas/serviceValidate Group NULL Test //*/cas:csupomonaEduPersonAffiliation employee ; Group +authorized Test //*/cas:csupomonaEduPersonAffiliation student ; Group +authorized Test //*/cas:csupomonaEduPersonAffiliation leave_student ; Group +authorized Test //*/cas:csupomonaEduPersonAffiliation emeritus ; Group +authorized NoGroups; Deny unauthorized.html /CAS When I load a proxied URL such as: http://proxy.library.csupomona.edu/login?url=http://veterinaryrecord.bmj.com/content/current I get redirected to CAS: https://auth.csupomona.edu/cas/login?service=http%3a%2f%2fproxy.library.csupomona.edu%2flogin%3fqurl%3dezp.2aHR0cDovL3ZldGVyaW5hcnlyZWNvcmQuYm1qLmNvbS9jb250ZW50L2N1cnJlbnQ- and after authenticating, end up at the proxied page: http://veterinaryrecord.bmj.com.proxy.library.csupomona.edu/content/current We've never had an issue with it. I'm not sure what's causing your double authentication, maybe some other part of the config? -- Paul B. Henson | (909) 979-6361 | http://www.cpp.edu/~henson/ Operating Systems and Network Analyst | [email protected] California State Polytechnic University | Pomona CA 91768 -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
