> > This seems to be a new requirement for cas server 4.0. I suppose it could > be the new version of java (1.7) causing the requirement. >
Not Java per se but the LDAP integration library. CAS 4.0 uses the ldaptive library for LDAP integration, and it has strict hostname verification enabled by default, which is the most secure option. You can read more about the behavior here: http://www.ldaptive.org/docs/guide/connections#TOC-Hostname-Validation You could customize the behavior by implementing one of these: http://vt-middleware.googlecode.com/svn/ldaptive/javadoc/bundle-1.0.5/org/ldaptive/ssl/CertificateHostnameVerifier.html It's a very simple interface, so it should be straightforward to develop a custom strategy. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
