CAS with Load balancer

Scott Battaglia scott.battaglia at gmail.com
Mon Sep 4 10:55:18 EDT 2006 

The CAS Server never enforces HTTPS except in two scenarios:
1. By default its cookiegenerators are designed to only send secure cookies
(This can be changed in the configuration).

2.  The Proxy callback authentication check is HTTPS (but that can be
swapped out).

On the other hand, the Yale CAS Client enforces HTTPS in its retrieval of
web pages, so you'd have to modify the client to not use HTTPS.

-Scott

On 9/3/06, tom tom <j_lalith at yahoo.com> wrote:
>
>
> We are using CAS 3.03,
>
> When CAS is on production with a loadbalancer (like BigIP), is there a
> property setting in CAS, so that we can
> enforce HTTP request from the CAS virtual node on load balander to Actual
> CAS server (service validate url).
>
> Reason for the above question is...........
>
> our uPortal web.xml got the following entry, works ok when requests goes
> from the actual uPortal instance to virtual uPortal node on F5, but when
> F5
> rout to the Actual Cas server it is a HTTP hit (as our load balancer is
> set
> up as such),
>
> I know the service validate url should be HTTPs but when the CAS is
> running
> with loadbalancer with all of the hardware accelarators (also in a secure
> network) Cant we  make the validate URL http.
>
>
> Is com.discursive.cas.extend.client.filter.serviceScheme which is in
> EXTENDED CAS CLIENT something to do with this?
>
> .......
>
> <param-name>
>
> edu.yale.its.tp.cas.client.filter.validateUrl
>                         </param-name>
>                         <param-value>
>                                 https://<virutal cas node on load
> balancer>/cas/serviceValidate
>                         </param-value>
>
> ..............
>
>
>
> Is this something possible? Should this be done other way?
>
> Thanks
> --
> View this message in context:
> http://www.nabble.com/CAS-with-Load-balancer-tf2213048.html#a6129270
> Sent from the CAS Users forum at Nabble.com.
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20060904/2163a30c/attachment.html

More information about the cas mailing list