I have some questions about CAS and SSL. What parts of CAS actually require SSL? The client (CASFilter) seems to require that the validateUrl callback be "https" rather than "http". How about the server side? What parts there require SSL be used? The reason for these questions are that I am trying to find out if there is a way to use CAS without installing certificates. I know, Scott, Andrew and others on this forum have stated many times that CAS should be used with SSL. Still, I am in a situation where I need to use CAS with out any certificates being installed (because it is going to be hard to install it on the system in question). I saw a message (http://tp.its.yale.edu/pipermail/cas/2006-April/002652.html) where the implication seemed to be that SSL can be disabled with code changes. Can someone (Scott?) please provide more information on how to do this?
Thanks __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
