Bryan K. Walton
unread,Oct 8, 2020, 11:41:32 AM10/8/20Sign in to reply to author
Sign in to forward
You do not have permission to delete messages in this group
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to cas-...@apereo.org
We are working to integrate mod_auth_cas with a university's CAS
server. We have this successfully working with over 120 other colleges
and universities. However, with this one, we are getting some bizarre
behavior, that I hope somebody can help explain:
1. The application successfully redirects the unauthenticated user to
their CAS server login page.
2. When I monitor the live HTTP headers, I see what looks like their CAS
login server redirecting to another server with a ../login/callback url.
3. Then it looks like something called a callback code is generated and
then a ticket of some time is created and then we are redirected back to
mod_auth_cas with a short query string of: "?ticket=8NWAY5Y9TD66jAnF"
4. But at this point, mod_auth_cas redirects back to the login url, not
the serviceValidate url, and we get a HTTP/2.0 400 Bad Request in the
http headers. All I see in our Apache debug log that seems related is:
mod_headers.c(848): AH01503: headers: ap_headers_error_filter()
I'm not familar with this callback thing. Is there something that we
need to be doing with mod_auth_cas to accomodate this?
BTW, if helpful, I can supply apache debug logs and live http headers.
Thanks,
Bryan