Believe must use machine name of CAS server home ,not "localhost". See wiki for more details on how to import import certificate from machine 1 to machine 2 (in particular step 13). Thanks. Uday
http://www.ja-sig.org/wiki/display/CASUM/Demo ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Graves, John Sent: Tuesday, June 05, 2007 7:42 AM To: [email protected] Subject: Problem connecting from other machines Hoping someone has run across this one and can point me in the proper direction... I've got CAS set up for an application on a local server. The ssl cert I created for that server is defined for localhost. The ssl cert has been imported into both the tomcat keystore and the JRE cacerts keystore. Using a browser on that machine, I have no problems authenticating and using the application. I can enter the application using either http://localhost:8080/myApp or http://my.web.server:8080/myApp. Attempting to connect to the application from another machine (in the same domain) using the latter URL, however, the application is unreachable. From the other machine, I have no problems reaching http://my.web.server:8443/cas/login, and the authentication works. (Using the CAS Login URL and the serviceUrl parameter for CASFilter does not route me to my requested destination application, though, from either machine.) This has to be some form of a configuration glitch on my part, as I have other, non-CASified applications on that server that I have no problems reaching from the other box. Here is my web.xml section from the CASified app... <filter> <filter-name>CAS Filter</filter-name> <filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class> <init-param> <param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name> <param-value>https://localhost:8443/cas/login</param-value> </init-param> <init-param> <param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name> <param-value>https://localhost:8443/cas/serviceValidate</param-value> </init-param> <!--init-param> <param-name>edu.yale.its.tp.cas.client.filter.serverName</param-name> <param-value>localhost:8080</param-value> </init-param--> <init-param> <param-name>edu.yale.its.tp.cas.client.filter.serviceUrl</param-name> <param-value>http://my.web.server:8080/myApp</param-value> </init-param> <init-param> <param-name>edu.yale.its.tp.cas.client.filter.wrapRequest</param-name> <param-value>true</param-value> </init-param> </filter> <!-- Everything must go through the CAS Filter--> <filter-mapping> <filter-name>CAS Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> John Graves Sr. Software Engineer Advanced Systems Group Essex 321-837-7014 This electronic message and any files transmitted with it contain information which may be privileged and/or proprietary. The information is intended for use solely by the intended recipient(s). If you are not the intended recipient, be aware that any disclosure, copying, distribution or use of this information is prohibited. If you have received this electronic message in error, please advise the sender by reply email or by telephone (301-939-7000) and delete the message.
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
