CAS and proxy configuration questions
ann.campbell at shawinc.com
ann.campbell at shawinc.com
Fri Aug 1 15:29:10 EDT 2008
Alex,
I'm a nube myself, but it sounds like you may be getting the benefits of
Single Sign-On. I.e. when you auth through CAS for the first application,
you're auth-ing for both.
To be sure, the easiest thing to do is Reload CAS from your Tomcat Web
Application Manager (http://localhost/manager/html) and try the apps in
the reverse order.
Thanks,
Ann
------
G. Ann Campbell
Systems Engineer
Shaw Industries
Alex Johnson <sheep123 at hotmail.com>
Sent by: cas-bounces at tp.its.yale.edu
08/01/2008 02:52 PM
Please respond to
customerservice at louisfashionhouse.com; Please respond to
Yale CAS mailing list <cas at tp.its.yale.edu>
To
<cas at tp.its.yale.edu>
cc
Subject
RE: CAS and proxy configuration questions
Hi,
Any comments about below?
Alex
From: sheep123 at hotmail.com
To: cas at tp.its.yale.edu
Subject: CAS and proxy configuration questions
Date: Thu, 31 Jul 2008 23:00:25 +0000
Hi,
I have my CAS 2 working. Thank you for all the help from you. I still have
some silly questions. Hope you can continue to give me a hand.
(1). I download a sample application "mywebapp.war" from
http://www.ja-sig.org/wiki/pages/viewpageattachments.action?pageId=13569483
and dump it to my Tomcat webapp and copy all the Jars to lib folder
(2). I copy the CAS filter to my another application "testme" from the
web.xml of "mywebapp.war". Here is the filter
....
<filter>
<filter-name>CAS Authentication Filter</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>https://localhost/cas/login</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>https://localhost:8443</param-value>
</init-param>
<init-param>
<param-name>renew</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>gateway</param-name>
<param-value>false</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://localhost/cas/</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>https://localhost:8443</param-value>
</init-param>
<init-param>
<param-name>proxyCallbackUrl</param-name>
<param-value>https://localhost:8443/mywebapp/proxyCallback</param-value>
</init-param>
<init-param>
<param-name>proxyReceptorUrl</param-name>
<param-value>/mywebapp/proxyCallback</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<filter>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
</filter>
The only difference is below between "testme" and "mywebapp"
<param-value>https://localhost:8443/mywebapp/proxyCallback</param-value>
and
<param-value>/mywebapp/proxyCallback</param-value>
(3). I restart Tomcat and open these two applications
When I open "testme" application, it's re-directed me to CAS login page,
then I input login and jsp page is open.
When I open "mywebapp" application, it's directly open the jsp page
without CAS login page.
I got confused about that.
Because I think I am using proxy configuration, application should be open
directly without CAS login page.
My questions are
1. When using proxy configuration like above, applications should be open
directly without CAS login page popped up, right?
2. Why my two applications opened differently with the same proxy
configuration in web.xml
3. Both application are located in the same Tomcat, pointing to the same
CAS. I should not login into CAS twice, right? But, I need to login again
4. How to fix the problems if there is an error?
Thanks,
Alex
_______________________________________________
Yale CAS mailing list
cas at tp.its.yale.edu
http://tp.its.yale.edu/mailman/listinfo/cas
**********************************************************
Privileged and/or confidential information may be contained in this message. If you are not the addressee indicated in this message (or are not responsible for delivery of this message to that person) , you may not copy or deliver this message to anyone. In such case, you should destroy this message and notify the sender by reply e-mail.
If you or your employer do not consent to Internet e-mail for messages of this kind, please advise the sender.
Shaw Industries does not provide or endorse any opinions, conclusions or other information in this message that do not relate to the official business of the company or its subsidiaries.
**********************************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20080801/67309b31/attachment.html
More information about the cas
mailing list