Hi Dallas, Mod_auth_cas actually constructs the service URL based on what the current request is, so it should safely preserve HTTP/HTTPS. If it doesn't, let me know and I will take a look.
-Phil On 8/14/07 11:49 AM, "Dallas Wisehaupt" <[EMAIL PROTECTED]> wrote: > Heh.... Of course right after I posted this, I dug into the code and > found out that this appears to be "by design". We had the config setting > CASLocalCacheInsecure set to OFF, which apparently redirects all > requests to the CAS server with the service=https://. If we set it to > ON, it will send all requests as http://. > > That will fix the problem that we are seeing since it allows the http > requests through, but it creates an additional bother for those sites > that are https. Now we will get (as far as I can tell): > https request > CAS picks up and sends to CAS server as http > back to CAS client with CAS Ticket and http > CAS validate on the http > Apache sees http so rewrites to https > CAS validate on the rewrite to https > > This isn't ideal, but works for our scheme. If only there was a way to > have the best of both worlds. Perhaps I'll check out the new > mod_auth_cas > > Dallas > _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
