0 Replies Latest reply on Aug 28, 2009 1:33 PM by ike erhascy

    CAS SSO failed with https

    ike erhascy Newbie

      Hi! I've just implemented CAS according to http://docs.jboss.org/jbportal/sso/eclipse/portal_cas.html#1.3. Everything works fine when I use http protocol in portal, but fails with https. Looks like portal sends http service instead of https.

      21:16:37,799 INFO [STDOUT] 2009-08-28 21:16:37,798 ERROR [org.jasig.cas.CentralAuthenticationServiceImpl] - <ServiceTicket [ST-7-p2ZLXLJGIqtywrqjpWKH-localhost] with service [https://localhost/portal/authsec/portal/default/default does not match supplied service [http://localhost/portal/authsec/portal/default/default]>
      


      Why portal uses service [http://localhost/portal/authsec/portal/default/default] even if I browse it via https protocol?

      My configs:
      <Connector port="80" address="${jboss.bind.address}"
       maxThreads="250" maxHttpHeaderSize="8192"
       emptySessionPath="true" protocol="HTTP/1.1"
       enableLookups="false" redirectPort="443" acceptCount="100"
       connectionTimeout="20000" disableUploadTimeout="true"
      />
      


      <Connector port="443" maxHttpHeaderSize="8192" address="${jboss.bind.address}"
       maxThreads="250" minSpareThreads="25" maxSpareThreads="75"
       enableLookups="false" disableUploadTimeout="true"
       acceptCount="100" scheme="https" secure="true"
       clientAuth="false" sslProtocol="TLS"
       SSLEnabled="true"
       keystoreFile="${jboss.server.home.dir}/conf/server.keystore"
       keystorePass="changeit"
      />
      


      <Valve className="org.jboss.portal.identity.sso.cas.CASAuthenticationValve"
       casLogin="https://localhost/cas/login"
       casLogout="https://localhost/cas/logout"
       casValidate="https://localhost/cas/serviceValidate"
       casServerName="localhost"
       authType="FORM"
      />
      


      sudo ./run.sh -Djavax.net.ssl.trustStore="$JBOSS_HOME/server/default/conf/server.keystore"
      


      JBoss AS 4.2.3.GA
      JBoss Portal 2.7.2
      CAS 3.0.7
      Ubuntu linux (jaunty)

      I have another application uses acegi security with CAS. It works perfectly both with http and https.