Reputation: 706
Redirect issue with Jasig CAS and Websphere
We currently have a set up with a load balancer carrying out SSL offloading, an http server and a websphere app server. Having got over the initial hurdle of the offloading preventing CAS from thinking it was running under https (which we got around by using the httpsIndicatorHeader variable), we now have another issue. Despite the fact we can see CAS redirecting to the target application, the 'handshake' seems to fail, showing a loop of tickets being generated and tried, but never actually validating, and the target application is never reached. There do not seem to be any errors being generated however.
Has anyone experienced anything similar before?
Cheers,
Rob
Upvotes: 1
Views: 686
Answers (1)
Reputation: 706
After investigation, the problem was that the application redirect url set up in websphere was pointing to the original url, rather than suffixing /j_spring_cas_security_check. This caused the circular loop to occur without any attempt to validate the ticket.
Upvotes: 1
Related Questions
- Getting a Loop Redirect with Spring Security + CAS, but should be working
- Redirect loop with CAS and Spring Security
- jasig cas too many redirects issue
- Jasig CAS - how to customize WebFlow to redirect user after successful login?
- CAS 4 with Spring Security 4 (java config) - stuck in a redirect loop after ticket granted SSO
- Exception when accessing CAS login page deployed in JBoss
- JBOSS AS7 + CAS doesn't redirect after login
- CAS with SavedRequestAwareAuthenticationSuccessHandler no redirecting correctly
- CAS HTTP 401 - Authentication Failed: Bad credentials
- How to prevent JA-SIG CAS spring security redirect loop?