Problems with x509 login in Safari
Sean.R.McNamara at Dartmouth.EDU
Sean.R.McNamara at Dartmouth.EDU
Tue Jun 3 10:38:44 EDT 2008
Hello all,
We've been having a problem with handling x509 logins since we
upgraded to OS X 10.5.3/Safari 3.1.1. This doesn't seem to be related
to CAS, but rather Safari does not seem to be sending the client
certificate to cas for login processing. There seems to have been
some certificate handling changes in OS X 10.5.3 according to
http://support.apple.com/kb/HT1679
but, the proposed fix doesn't have any effect. (We're not even
getting to the point where a cert is being requested)
If we configure Apache with "SSLVerifyClient require", x509 auth
works, but -- users w/o a cert obviously don't have the opportunity to
login with username/password in that case.
I know this isn't exactly a CAS issue, but, since there are probably
others out there using x509 auth, I was curious if anyone else has
encountered this problem and if so, if they were able to find a
solution.
Any help or insight would be greatly appreciated!
Thanks!
..Sean.
More information about the cas
mailing list