Unable to redirect to application page even after successful authentication in CAS server

Question

I deployed multiple applications in tomcat-7.0.55 and used Central authentication service(CAS) for single sign-on. But when I am accessing an application and when it is getting redirected to CAS login page, I understood it was authenticated successfully and TGT and ST tickets were also generated.

But after the successful authentication, it is not getting redirected to the application page. I observed that the Proxy callback authentication is failed and the corresponding ticket is not generated. I could see this information in the catalina.out file.

For more information, my CAS authentication is running on http instead of https. Please let me know if this could create any problem.

And more over, all my apps are hosted on the 8080 port but the proxyCallbackUrl I gave is on 80 port. First of all my URL for the proxyCallbackURL is http://my_server_private_ip/webappcas2/proxyCallback (this was configured earlier to me) but I am not sure what URL is to be given as for the proxyCallbackUrl in the web.xml file of the application.

Thanks in advance.

Answer 1

Running CAS on a nonsecure port will not allow you to use single sign on. Furthermore, proxy callbacks are required to be https by default which is why you are seeing that error. Switch to https and all your problems will go away.