Apache 2.2 via mod_cas or AuthCAS or anything?

Scott Battaglia scott.battaglia at gmail.com
Wed Nov 8 09:54:20 EST 2006 

If you guys are interested in developing this, we welcome its development
under the auspices of JA-SIG, which would grant it access to all JA-SIG
tools (LuntBuild, CVS, JIRA, etc.).  You guys would be in charge of the
specific project, release schedules, etc.  If you're interested in this,
let's move this discussion to the cas-dev list!

-Scott

On 11/8/06, Eric Faden <eric at techeminence.com> wrote:
>
> It sounds like we could put togeather a sourceforge project.  I'm in.
> Anyone else?
>
> -Eric
>
> Ken LAI wrote:
> > Hi all,
> >
> > I have also refactored mod_cas to be Apache 2.2 compatible such that
> >
> > * no authz code and so can mix and match different mod_authz modules.
> > I have made it successful working with mod_authnz_ldap module.
> > * refactor to use Apache and APR API where possible
> > * dump mmap and use APR shared memory for ticket cache
> > * parse CAS2 response using APR XML API
> >
> > But the code is still messy for public use. It sounds good to
> > consolidate various efforts to make a better mod_auth_cas module. And
> > I can contribute our code for review.  Anyone would like to head it?
> >
> > -Ken
> >
> >
> >
> > On 11/8/06, Scott Battaglia <scott.battaglia at gmail.com> wrote:
> >
> >> If any of you guys are interested in working on this as a JA-SIG Client
> >> module, let me know and we can use the JA-SIG CVS, etc.
> >>
> >> -Scott
> >>
> >>
> >> On 11/7/06, Eric Faden <eric at techeminence.com> wrote:
> >>
> >>> Getting pretty close.  I got the module setup and
> installed.  Configured
> >>> a CA.crt, and then signed a key for tomcat.  Set the mod_cas to trust
> >>> the CA.  When I go to the main url it redirects properly to the login
> >>> page.  Once I login I can checkout the catalina logs and see that it
> in
> >>> fact granted the ticket, but fails to redirect back.  The error I see
> in
> >>> the apache logs is
> >>>
> >>>
> >>> [Tue Nov 07 12:56:15 2006] [notice] in do_cas()
> >>> [Tue Nov 07 12:56:15 2006] [notice] portstr:
> >>> [Tue Nov 07 12:56:15 2006] [notice] 80
> >>> [Tue Nov 07 12:56:15 2006] [notice] \n
> >>> [Tue Nov 07 12:56:15 2006] [notice]   service = 'http://<The Site>';
> >>> ticket = 'ST-33-0lIrZmvHPo61fIDLAeCxcehb7peWo1KY4gA-20'
> >>> [Tue Nov 07 12:56:15 2006] [notice] about to call CAS_validate()
> >>> [Tue Nov 07 12:56:15 2006] [notice] CAS validation failed
> >>>
> >>> Thoughts?  I am not sure exactly why it is failing validation.
> >>>
> >>> -Eric
> >>>
> >>> Smith, Matt wrote:
> >>>
> >>>> Eric-
> >>>>   I have been playing with the mod_cas-VATECH posted at
> >>>> http://www.ja-sig.org/wiki/display/CAS/MOD_CAS with
> >>>>
> >> Apache 2.2.  I
> >>
> >>>> haven't submitted a patch yet, but a simple replace of
> >>>> "apr_group_name_get" with "apr_gid_name_get" in mod_cas.c line 1242
> >>>> makes it compile cleanly, and it seems to be working under 2.2 with
> no
> >>>> problems for me.  I have not rolled this out to production yet, so
> bugs
> >>>> may still appear.  Also note that with VA Tech's extensions, mod_cas
> is
> >>>> configured with the CAS 2.0 Validation URL (/serviceValidate),
> instead
> >>>> of the CAS 1.0 Validation URL (/validate).
> >>>>
> >>>>   A simple extract of the tarball, the above mentioned change, and a
> >>>> "apxs2 -i -c mod_cas.c ssl_client.c ezxml.c" should do the trick.
> >>>>
> >>>> HTH,
> >>>> -Matt
> >>>>
> >>>> On Tue, 2006-11-07 at 09:53 -0500, Eric Faden wrote:
> >>>>
> >>>>
> >>>>> Hey all,
> >>>>>
> >>>>> I just got finished configuring cas-server to authenticate off of my
> >>>>> LDAP server which works perfectly.  I am using mod_jk to map the
> tomcat
> >>>>> apps onto the main part of my server.  It all works great, but now I
> >>>>> actually need to use cas-server to protect some directories.  I
> don't
> >>>>> actually want to have to modify the pages in the directories, but do
> >>>>> want them to be protected.  I have looked at mod_cas and AuthCAS,
> but
> >>>>> neither of which seem to work in apache2 (mod_perl2).  I am in the
> >>>>> process of attempting to hack together a sqlite3 version of AuthCAS
> >>>>> which works in apache 2.2 with mod_perl 2, but was curious if
> someone
> >>>>> was already working on something as I am positive other people have
> >>>>> similar problems.  Anyone?
> >>>>>
> >>>>> -Eric
> >>>>> _______________________________________________
> >>>>> Yale CAS mailing list
> >>>>> cas at tp.its.yale.edu
> >>>>> http://tp.its.yale.edu/mailman/listinfo/cas
> >>>>>
> >>>>>
> >>>>>
> >>
> ------------------------------------------------------------------------
> >>
> >>>>> _______________________________________________
> >>>>> Yale CAS mailing list
> >>>>> cas at tp.its.yale.edu
> >>>>> http://tp.its.yale.edu/mailman/listinfo/cas
> >>>>>
> >>>>>
> >>> _______________________________________________
> >>> Yale CAS mailing list
> >>> cas at tp.its.yale.edu
> >>> http://tp.its.yale.edu/mailman/listinfo/cas
> >>>
> >>>
> >> _______________________________________________
> >> Yale CAS mailing list
> >> cas at tp.its.yale.edu
> >> http://tp.its.yale.edu/mailman/listinfo/cas
> >>
> >>
> >>
> >>
> > _______________________________________________
> > Yale CAS mailing list
> > cas at tp.its.yale.edu
> > http://tp.its.yale.edu/mailman/listinfo/cas
> >
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20061108/b71dad12/attachment.html

More information about the cas mailing list