Why It changes the protocol from https to http

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Why It changes the protocol from https to http

j_lalith
This post has NOT been accepted by the mailing list yet.
We have a strange redirection problem where intermittently, redirection happens to an non existent CAS protocol http

What could be the reason for this


basically http://loginxxx.com/cas/login does not exist but https://loginxxx.com/cas/login does


Can someone shed some light into this, what is the reason for this?


POST https://loginxxx.com/cas/login?=http://test.com/uPortal/Login?enableDefaultRole HTTP/1.1
Host: loginxxx.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:27.0) Gecko/20100101 Firefox/27.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Referer: https://loginxxx.com/cas/login?service=http://test.com/uPortal/Login?enableDefaultRole
Cookie: JSESSIONID=E7E1FC1863696347A4862FAB14B1D30E; __utma=1.1052806862.1360815924.1422588118.1422837067.89; __utmz=1.1422837067.89.53.utmcsr=test.com|utmccn=(referral)|utmcmd=referral|utmcct=/uPortal/f/u25l1s5/normal/render.uP; __utmb=1.4.9.1422838388770; __utmc=1; __utmt=1
Content-Type: application/x-www-form-urlencoded
Content-Length: 147

HTTP/?.? 302 Found
Date: Mon, 02 Feb 2015 00:56:20 GMT
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store
Set-Cookie: CASPRIVACY=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/cas/
CASTGC=TGT-128-ckgAi5e5hSSAnuHIFLSl5tssmfRQIawXhNIVjeuNctmO5hxeak-cas01.example.org; Path=/cas/; Secure
JSESSIONID=F4A9C3842D0690350CA81198E81215B7; Path=/cas/; HttpOnly
Location: http://loginxxx.com/cas/login?=http://test.com/uPortal/Login?enableDefaultRole
Content-Length: 0
Connection: close
Content-Type: text/plain; charset=UTF-8
Reply | Threaded
Open this post in threaded view
|

Re: Why It changes the protocol from https to http

j_lalith
This post has NOT been accepted by the mailing list yet.
Just to add little bit more into this,

This only happens in a server env, where F5 comes into action,

in our situation even thought we got the F5 node, https://CASLOGON.com.xx, FS unwraps the SSL, and forwards to the application which accepts as a http request. The application does not know that it is https to the outside and looks like it redirect to  http://CASLOGON.com.xx which does not exist.

Can this be configured in CAS level?