For the CAS cookies, you would need to look in the cas-servlet.xml for cookiegenerators and set their "secure" property to false.
-Scott
On 9/4/06, tom tom <[EMAIL PROTECTED]> wrote:
Can you let meknow which configuration are u talking about in item 1 which
you have stated.
What is meant by item 2 , does it mean we need to change the
HttpBasedServiceCredentialsAuthenticationHandler in the core CAS, to
facilitate the
HTTP service validate URLs
We allready changed the CAS client to get rid of the http check but need
clarifications on above items.
Thanks
Scott Battaglia-2 wrote:
>
> The CAS Server never enforces HTTPS except in two scenarios:
> 1. By default its cookiegenerators are designed to only send secure
> cookies
> (This can be changed in the configuration).
>
> 2. The Proxy callback authentication check is HTTPS (but that can be
> swapped out).
>
> On the other hand, the Yale CAS Client enforces HTTPS in its retrieval of
> web pages, so you'd have to modify the client to not use HTTPS.
>
> -Scott
>
> On 9/3/06, tom tom <[EMAIL PROTECTED]> wrote:
>>
>>
>> We are using CAS 3.03,
>>
>> When CAS is on production with a loadbalancer (like BigIP), is there a
>> property setting in CAS, so that we can
>> enforce HTTP request from the CAS virtual node on load balander to Actual
>> CAS server (service validate url).
>>
>> Reason for the above question is...........
>>
>> our uPortal web.xml got the following entry, works ok when requests goes
>> from the actual uPortal instance to virtual uPortal node on F5, but when
>> F5
>> rout to the Actual Cas server it is a HTTP hit (as our load balancer is
>> set
>> up as such),
>>
>> I know the service validate url should be HTTPs but when the CAS is
>> running
>> with loadbalancer with all of the hardware accelarators (also in a secure
>> network) Cant we make the validate URL http.
>>
>>
>> Is com.discursive.cas.extend.client.filter.serviceScheme which is in
>> EXTENDED CAS CLIENT something to do with this?
>>
>> .......
>>
>> <param-name>
>>
>> edu.yale.its.tp.cas.client.filter.validateUrl
>> </param-name>
>> <param-value>
>> https://<virutal cas node on load
>> balancer>/cas/serviceValidate
>> </param-value>
>>
>> ..............
>>
>>
>>
>> Is this something possible? Should this be done other way?
>>
>> Thanks
>> --
>> View this message in context:
>> http://www.nabble.com/CAS-with-Load-balancer-tf2213048.html#a6129270
>> Sent from the CAS Users forum at Nabble.com .
>>
>> _______________________________________________
>> Yale CAS mailing list
>> [email protected]
>> http://tp.its.yale.edu/mailman/listinfo/cas
>>
>
> _______________________________________________
> Yale CAS mailing list
> [email protected]
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
--
View this message in context: http://www.nabble.com/CAS-with-Load-balancer-tf2213048.html#a6144550
Sent from the CAS Users forum at Nabble.com.
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
