httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From joon yang <joon_y...@yahoo.com>
Subject [users@httpd] Troubleshooting a custom module MOD_CAS
Date Thu, 22 Jul 2004 13:56:44 GMT
Hi folks,

I'm trying to implement a sing sign on solution
between Tomcat and Apache so I can deliver static
contents from Apache and dynamic contents from Tomcat
without requiring to users to log in twice.  Our user
info is in an LDAP server.

I've found an opensource SSO stuff from yale.edu,
called CAS (Central Authentication System)  It uses
ticket based authentication scheme to provide the SSO
functionality.  The CAS server (java servlet) issues
and validates tickets.  CAS Client (one for apache and
one for tomcat) checks all requests for ticket and
validate by forwarding to CAS Server.

Now, I got it almost working, but running into the
following problems and wanted to get some opinions.

1. Are there better/more widely accepted/easier way to
implement a single sign on between Apache and Tomcat?

2. The authenticated pages come back fine, but if it
has any embedded url, these contents don't show.  I've
played with it's formats to see if direct url vs.
relative url would make a difference and it didn't. 
The url's themselves work fine on its own.

3.  The Apache log shows that the embeded url
initiated another login request as if it didn't have
the needed tickets, but the browser and the request
ends in result code 200, OK.  However, the login
screen does not show up in the browser.  Where should
I look first?

Thanks for any input you can provide and I apologize
for the long e-mail.

JoOn


	
		
__________________________________
Do you Yahoo!?
Vote for the stars of Yahoo!'s next ad campaign!
http://advision.webevents.yahoo.com/yahoo/votelifeengine/

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message