I'm only referring to the fact that there is a configuration option on mod_jk and I'm guessing mod_proxy_ajp to let Tomcat know that the original request came over HTTPS (such that request.isSecure() returns true).
-Scott -Scott Battaglia PGP Public Key Id: 0x383733AA LinkedIn: http://www.linkedin.com/in/scottbattaglia On Thu, Nov 20, 2008 at 12:49 PM, David Whitehurst <[EMAIL PROTECTED]>wrote: > Scott: > > This pertains to an issue I might have to resolve. If SSL via Apache, then > you only need to identify a 8443 connector and no keystore database, right? > I'm used to fronting all JBoss servers with Apache and now my implementation > is quite complicated. With AJP I can say 8009 directs to 8443. With HTTPS > on an Apache machine (with AJP to CAS e.g.) and then communicating with a > 8443 (HTTPS) connector directly, I'm having issue. > > Can you tell us exactly what it means to "make use Tomcat knows that SSL > was enabled". I may be doing something wrong that's why I'm asking. I > don't think so, but it doesn't hurt to ask. Also, I've seen some different > connector configurations with all the versions of Tomcat. > > > David > > > On 11/20/08, Scott Battaglia <[EMAIL PROTECTED]> wrote: >> >> SSL via Apache is fine (just make sure Tomcat knows that SSL was enabled). >> >> -Scott >> >> -Scott Battaglia >> PGP Public Key Id: 0x383733AA >> LinkedIn: http://www.linkedin.com/in/scottbattaglia >> >> >> On Thu, Nov 20, 2008 at 12:05 PM, Timothy Tagge <[EMAIL PROTECTED]>wrote: >> >>> That did the trick. Thanks. >>> >>> As a follow up question, is this requirement strictly for Tomcat SSL, >>> or can it be SSL via Apache instead? >>> >>> On Wed, Nov 19, 2008 at 1:52 PM, Scott Battaglia >>> <[EMAIL PROTECTED]> wrote: >>> > Are you running over HTTP or HTTPS? We only send the session cookie >>> > back over HTTPS. >>> > >>> > -Scott >>> > >>> > -Scott Battaglia >>> > PGP Public Key Id: 0x383733AA >>> > LinkedIn: http://www.linkedin.com/in/scottbattaglia >>> > >>> > >>> > >>> > On Wed, Nov 19, 2008 at 2:45 PM, Timothy Tagge <[EMAIL PROTECTED]> >>> wrote: >>> >> Hi, >>> >> I've configured CAS 3.3.1 and CAS client 2.0.11 to authenticate for >>> >> two different webapps running on the same instance of Tomcat 5.5.27. >>> >> For now, I've set the Filter for both to /* so that all requests to >>> >> those apps need to be authenticated. When going to any URL on App A, >>> >> CAS is prompting for a Login. This is expected. After successful >>> >> login, the requested page from App A is shown. The problem I'm having >>> >> is that linking from App A to App B is causing the CAS login screen to >>> >> come up once again. Instead of this behavior, I was expecting that >>> >> the user would already be logged in to both App A and App B. Am I >>> >> missing something in the documentation, or does CAS not support this >>> >> type of configuration? Thanks. >>> >> >>> >> Tim Tagge >>> >> _______________________________________________ >>> >> Yale CAS mailing list >>> >> [email protected] >>> >> http://tp.its.yale.edu/mailman/listinfo/cas >>> >> >>> > _______________________________________________ >>> > Yale CAS mailing list >>> > [email protected] >>> > http://tp.its.yale.edu/mailman/listinfo/cas >>> > >>> _______________________________________________ >>> Yale CAS mailing list >>> [email protected] >>> http://tp.its.yale.edu/mailman/listinfo/cas >>> >>> >> >> >> _______________________________________________ >> Yale CAS mailing list >> [email protected] >> http://tp.its.yale.edu/mailman/listinfo/cas >> >> > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > >
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
