topic Re: (Alfresco 5.1.2) CAS authentication through Apache mod_auth_cas returning Unauthorized in Alfresco Forum

(Alfresco 5.1.2) CAS authentication through Apache mod_auth_cas returning Unauthorized

mwatkins — Fri, 31 Mar 2017 03:48:47 GMT

I am attempting to integrate into our development environment mod_auth_cas (version 1.1 from https://github.com/Jasig/mod_auth_cas) for use in our existing Apache server 2.4 in order to authenticate share and alfresco.Our CAS Server is compiled via MAVEN from JASIG CAS version 3.5.2., and our Alfres

Re: (Alfresco 5.1.2) CAS authentication through Apache mod_auth_cas returning Unauthorized

amoae — Mon, 03 Apr 2017 07:43:33 GMT

Hi Michael,

It seems you have a SSL certificate validation problem between mod_auth_cas and your CAS server.

[Fri Mar 31 02:57:08.621355 2017] [ssl:info] [pid 1434] [client ::1:35280] AH02008: SSL library error 1 in handshake (server localhost:443)

The mod_auth_cas client must trust the CAS server in order to validate the serviceTicket during a callback request and thus retrieve the identified user login.

You have two solutions :

Register the CAS server certificate as trusted for mod_auth_cas
Disable certificate validation in the mod_auth_cas configuration with CASValidateServer Off. Be careful, this directive has been removed since the v1.1 version of the module

Regards,

Charles

Re: (Alfresco 5.1.2) CAS authentication through Apache mod_auth_cas returning Unauthorized

idwright — Mon, 03 Apr 2017 12:55:56 GMT

If you would like to use an amp based approach instead of mod_auth_cas then GitHub - wrighting/alfresco-cas: A project designed to show how to integrate Alfresco with CAS single sign on should work with your version.

(You should probably upgrade your CAS...)