Some CAS clients implement an optional feature to redirect to the same page, but without the ticket. Not sure if that is something that would be useful for this CAS client.
-Scott On 8/2/07, Ames, Phillip <[EMAIL PROTECTED]> wrote: > > Josh, > There are some interesting "features" involving Apache and mod_dir (the > one that implements DirectoryIndex). When I was developing, I ran into > problems like this and this is what I believe is happening. > > 1. You request /private/ > 2. mod_dir intercepts your request since it is for a directory and > consults a list of things it will treat as Directory Indexes (in the > order you specify them) > 3. Mod_dir generates a subrequest from your original request and > specifies a file(whatever your first DirectoryIndex is), and then sends > your browser to it > 4. Mod_auth_cas now takes effect (mod_dir has hooks before mod_auth_cas) > and is given a resource, like /private/index.php > 5. Mod_auth_cas performs the CAS redirect and authenticates you to that > service, but that service may not exist (if your indexes are really HTL > files, for instance) and you get a 404 > > Alternatively, what could be happening since you mention refresh is that > your browser could be re-transmitting the old (used up) ticket in the > query string. This will fail verification. > > Another issue could be how Firefox and IE handle cookies on responses > like a 302 redirect. Have you had the opportunity to use something like > Live HTTP Headers in conjunction with CASDebug to see what is going back > and forth in the case of each browser? > > When using mod_cas by Yale I had to set the DirectoryIndex in each > directory that I wanted people to be able to access using the /path/ > notation to the proper name (e.g. "DirectoryIndex admin.php") > > -Phil > > > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > On Behalf Of Josh Kelley > Sent: Thursday, August 02, 2007 12:12 PM > To: [email protected] > Subject: mod_auth_cas redirects to nonexistent DirectoryIndex? > > I'm having a very odd problem with mod_auth_cas... The first time I > visit a CAS-protected web site (https://www/private/), it redirects me > to the CAS login page, as expected, and then redirects me back, with a > successful login. However, after having logged in and gotten a > ticket, if I try to reload the web site or revisit it, it redirects me > to the CAS serviceValidate page again (I thought that mod_auth_cas set > a cookie to remove the need for this?) and passes a service of > https://www/private/index.php, rather than using a service of > https://www/private/ and letting Apache's DirectoryIndex directive > figure out the rest. > > Even weirder is that only Firefox exhibits this behavior; Internet > Explorer works fine. > > Any suggestions for tracking down this problem? > > Josh Kelley > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > -- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
