Jasig › Jasig CAS › CAS Users

Re:CAS and OWA

3 messages

Andrew Tillinghast

Re:CAS and OWA

Reply Threaded

Some javascript/style in this post has been disabled (why?)

A few people have asked how we got CAS/OWA working together, we started from http://www.ja-sig.org/wiki/display/CAS/CASifying+Outlook+Web+Access+2

We actually didn't change anything on our exchange server despite the instructions indicating that we would have to change exchange login configurations.

Here is the files we're using live, the Jars and the xml files are the results of the patch provided by Matthieu Marc with one little change in the class because the security check in the original class didn't work on our exchange install.

This line: GetMethod get = new GetMethod(this.scheme + "://" + this.host + "/justToTestCookie.asp"); in OwaConnector,java

On our server https://holly.conncoll.edu/justToTestCookie.asp ALWAYS returns 403 Not Authorized.

I changed the line to GetMethod get = new GetMethod(this.scheme + "://" + this.host + "/" + this.destination + "/justToTestCookie.asp");

All credit on this goes to Matthieu I did nothing but apply the patch, tweak the files and build the jar. I hope the zip makes it through to the mailing list.

Also in the zip is a cas-server-owa directory with pom, xml and java source files. These files are appropriate to add to a maven build and I would suggest the directory could be added to the CAS distribution.

-- 
You are currently subscribed to [hidden email] as: [hidden email]
To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user

Andrew Tillinghast

Sr. Web Developer

[hidden email]

270 Mohegan Avenue

New London, CT 06320-4196

CAS-OWA.zip (38K) Download Attachment

image.gif (4K) Download Attachment

Ryan A

Re: Re:CAS and OWA

Reply Threaded

Andrew,

I have followed this same documentation in theory (didn't apply the actual patch but am doing basically the same thing) Have you had any problems with the domain being different for the owa cookies than for your CAS server? For example, if owa grants the cookie with a domain of owa.domain.edu how does CAS set it on its response that is coming from cas.domain.edu? Is this accomplished with all of the tomcat and apache configurations? Thanks!

Andrew Tillinghast wrote:

A few people have asked how we got CAS/OWA working together, we
started from http://www.ja-sig.org/wiki/display/CAS/CASifying+Outlook+Web+Access+2

We actually didn't change anything on our exchange server despite the
instructions indicating that we would have to change exchange login
configurations.

Here is the files we're using live, the Jars and the xml files are the
results of the patch provided by Matthieu Marc with one little change
in the class because the security check in the original class didn't
work on our exchange install.

This line: GetMethod get = new GetMethod(this.scheme + "://" +
this.host + "/justToTestCookie.asp"); in OwaConnector,java

On our server https://holly.conncoll.edu/justToTestCookie.asp ALWAYS
returns 403 Not Authorized.

I changed the line to GetMethod get = new GetMethod(this.scheme +
"://" + this.host + "/" + this.destination + "/justToTestCookie.asp");

All credit on this goes to Matthieu I did nothing but apply the patch,
tweak the files and build the jar. I hope the zip makes it through to
the mailing list.

Also in the zip is a cas-server-owa directory with pom, xml and java
source files. These files are appropriate to add to a maven build and
I would suggest the directory could be added to the CAS distribution.

Andrew Tillinghast
Sr. Web Developer
atilling@conncoll.edu
270 Mohegan Avenue
New London, CT 06320-4196

--
You are currently subscribed to cas-user@lists.jasig.org as: lists@nabble.com
To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user

Borchers, Kristopher C.

RE: Re:CAS and OWA

Reply Threaded

Has anyone gotten this to work with CAS and OWA on two separate sub-domains on two separate servers, both of which are MS Server 2003? Also, OWA is running on IIS, not Apache. The patch seems to work properly when I log in, the cookies are created but they are created under my CAS server's sub-domain, so when I'm returned to OWA, it just asks me to authenticate. I did try modifying SendOwaTicketAction.java to set the domains of the new cookies to just our domain without the sub-domain but that did not work either. The cookies were created with the correct domain but OWA still did not recognize them.

I have not done the Apache / mod_proxy stuff yet, obviously because it's IIS but I have found a few ISAPI filters that should do the same thing. I figured it should work to test though if I can get the cookies created and then just go to OWA it should be logged in but it's not.

Any thoughts would be much appreciated!

Thanks,
Kris

Kristopher Borchers
Web Application Developer - Content Analyst
Saint Xavier University
Ph. 773-298-3924
[hidden email]
www.sxu.edu

Saint Xavier University - Success with Purpose.

Saint Xavier University, a Catholic institution inspired by the heritage of the Sisters of Mercy, educates men and women to search for truth, to think critically, to communicate effectively, and to serve wisely and compassionately in support of human dignity and the common good.

-----Original Message-----
From: Ryan A [mailto:[hidden email]]
Sent: Tuesday, October 20, 2009 2:37 PM
To: [hidden email]
Subject: Re: Re:[cas-user] CAS and OWA

Andrew,

I have followed this same documentation in theory (didn't apply the actual
patch but am doing basically the same thing) Have you had any problems with
the domain being different for the owa cookies than for your CAS server?
For example, if owa grants the cookie with a domain of owa.domain.edu how
does CAS set it on its response that is coming from cas.domain.edu? Is this
accomplished with all of the tomcat and apache configurations? Thanks!

Andrew Tillinghast wrote:

>
> A few people have asked how we got CAS/OWA working together, we
> started from
> http://www.ja-sig.org/wiki/display/CAS/CASifying+Outlook+Web+Access+2
>
> We actually didn't change anything on our exchange server despite the
> instructions indicating that we would have to change exchange login
> configurations.
>
> Here is the files we're using live, the Jars and the xml files are the
> results of the patch provided by Matthieu Marc with one little change
> in the class because the security check in the original class didn't
> work on our exchange install.
>
> This line: GetMethod get = new GetMethod(this.scheme + "://" +
> this.host + "/justToTestCookie.asp"); in OwaConnector,java
>
> On our server https://holly.conncoll.edu/justToTestCookie.asp ALWAYS
> returns 403 Not Authorized.
>
> I changed the line to GetMethod get = new GetMethod(this.scheme +
> "://" + this.host + "/" + this.destination + "/justToTestCookie.asp");
>
> All credit on this goes to Matthieu I did nothing but apply the patch,
> tweak the files and build the jar. I hope the zip makes it through to
> the mailing list.
>
> Also in the zip is a cas-server-owa directory with pom, xml and java
> source files. These files are appropriate to add to a maven build and
> I would suggest the directory could be added to the CAS distribution.
>
>
>
>
>
>
> Andrew Tillinghast
> Sr. Web Developer
> [hidden email]
> 270 Mohegan Avenue
> New London, CT 06320-4196
>
>
> --
> You are currently subscribed to [hidden email] as:
> [hidden email]
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
>

--
View this message in context: http://n4.nabble.com/Re-CAS-and-OWA-tp265100p268959.html
Sent from the CAS Users mailing list archive at Nabble.com.

--
You are currently subscribed to [hidden email] as: [hidden email]
To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user

--
You are currently subscribed to [hidden email] as: [hidden email]
To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user