All, I was on vacation and just got back yesterday. Thank you for all your replies.
Ray, I tried configuring mgmt.server-name two ways: mgmt.server-name=https://cas-dev-mgmt.wichita.edu:443 still redirects to 9443 mgmt.server-name=https://cas-dev-mgmt.wichita.edu same as above Jonathan, SSLProxyEngine on SSLProxyVerify none SSLProxyCheckPeerCN off SSLProxyCheckPeerName off SSLProxyCheckPeerExpire off ProxyPass / https://localhost:9443/ ProxyPassReverse / https://localhost:9443/ The management webapp works behind the apache proxy, I just have to remove the :9443 from the url and refresh my browser,it effects 4 or less people. It's just annoying for me. As Ray said the app should not care what port its running on. So somewhere in the management.properties there should be a way to tell it use 443 or better yet, have it NOT inject server.port attribute in the url string. Or.. AJP could work? Maybe? Frabrice, Translating from your yaml config to my management.properties config, it looks like we have the same bits flipped but different ports and schemes. I do not have the access log turned on and use-forward- headers defaults to true for the tomcat embedded servlet container. So I'm not sure this is relevant, I'm sure this works with the main cas.war, which I think is the config you gave me, I'm not sure that ajp works with the cas-managment.war, or I haven't seen it work yet. I appreciate you taking the time to respond. Thanks again everyone. -- Erik Mallory Server Analyst Wichita State University On Mon, 2022-08-29 at 18:36 +0000, Ray Bon wrote: > Erik, > > The management server should not know what port it is running under. > Check mgmt.server-name. > > Ray > > On Tue, 2022-08-23 at 13:53 +0000, 'Mallory, Erik' via CAS Community > wrote: > > Notice: This message was sent from outside the University of > > Victoria email system. Please be cautious with links and sensitive > > information. > > > > > > Hello, > > Is there a way to get the CAS Management Webapp to use AJP ports, > > I'd > > like to front end the application with Apache. > > I attempted to use Apache's https proxy to 8443 which works, but > > when I > > authenticate against CAS it redirects me to cas- > > mgmt.domain.tld:8443. > > It would appear that the management app is inserting the > > server.port > > property into the the data sent to CAS, and cas dutifully returns > > the > > user to the server:port. > > > > If I could use AJP that would solve this problem. > > I includled the following in the build.gradle > > compile "org.apereo.cas:cas-mgmt-webapp- > > tomcat:${project.'casmgmt.version'} > > > > And attempted to use the following properties: > > > > server.tomcat.ajp.enabled=true > > server.tomcat.ajp.port=8009 > > server.tomcat.ajp.protocol=AJP/1.3 > > server.tomcat.ajp.async-timeout=5000 > > server.tomcat.ajp.scheme=https > > server.tomcat.ajp.max-post-size=20971520 > > server.tomcat.ajp.proxy-port=10443 > > server.tomcat.ajp.enable-lookups=false > > #cas.server.tomcat.ajp.redirect-port=-1 > > server.tomcat.ajp.allow-trace=false > > server.tomcat.ajp.secure=false > > > > If ajp does not work with the cas-management webapp > > Is there away to NOT send the server.port propperty in the > > connection string so cas will just redirect to cas-mgmt.domain.tld > > ? > > Thanks, > > -- > > Erik Mallory > > Server Analyst > > Wichita State University > > > > -- > > - Website: > > https://apereo.github.io/cas > > > > - Gitter Chatroom: > > https://gitter.im/apereo/cas > > > > - List Guidelines: > > https://goo.gl/1VRrw7 > > > > - Contributions: > > https://goo.gl/mh7qDG > > > > --- > > You received this message because you are subscribed to the Google > > Groups "CAS Community" group. > > To unsubscribe from this group and stop receiving emails from it, > > send an email to > > cas-user+unsubscr...@apereo.org > > . > > To view this discussion on the web visit > > > > https://groups.google.com/a/apereo.org/d/msgid/cas-user/1f0074b8f4e2d4828a06f766294e4ab148d83b38.camel%40wichita.edu > > . > > -- > Ray Bon > Programmer Analyst > Development Services, University Systems > 2507218831 | CLE 019 | r...@uvic.ca > > I acknowledge and respect the lək̓ʷəŋən peoples on whose traditional > territory the university stands, and the Songhees, Esquimalt and > WSÁNEĆ peoples whose historical relationships with the land continue > to this day. > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google > Groups "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, > send an email to cas-user+unsubscr...@apereo.org. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/7bed06562837ce108891fa68d0ab6d0e9f86212c.camel%40uvic.ca > . -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/e09d0d21e2e8d6a25ab61303666f3209c3ef1650.camel%40wichita.edu.
