jasig-cas IRC Logs-2011-10-03
[10:16:49 CDT(-0500)] <kickehy> anyone on this fine monday morning?
[10:17:03 CDT(-0500)] <kickehy> or afternoon, depending on where you are
[10:23:16 CDT(-0500)] <ries> morning here...
[10:24:32 CDT(-0500)] <kickehy> heh i'm getting a tomcat 404 when i go to https://server:8443/cas
[10:24:58 CDT(-0500)] <kickehy> when i stop tomcat, copy my custom cas.properties and deployerconfig over, and restart tomcat
[10:25:17 CDT(-0500)] <kickehy> is there a log i can look at?
[10:25:28 CDT(-0500)] <kickehy> oh yes
[10:25:37 CDT(-0500)] <kickehy> i found them as we speak
[10:42:56 CDT(-0500)] <foxnesn1> isnt it /cas/login ?
[10:43:29 CDT(-0500)] <kickehy> i think you're right but i still get the same thing
[10:43:42 CDT(-0500)] <kickehy> could it have anything to do with the fact that i force ssl?
[10:44:16 CDT(-0500)] <foxnesn1> what do you mean force ssl?
[10:44:33 CDT(-0500)] <foxnesn1> are you seeing https://yourdomain:8443 for tomcat?
[10:44:34 CDT(-0500)] <ries> foxnesn1: just /cas works here
[10:44:52 CDT(-0500)] <kickehy> foxnesn1: yes
[10:45:21 CDT(-0500)] <kickehy> in my cas.properties file i changed server.prefix to https://localhost:8443/cas
[10:45:29 CDT(-0500)] <foxnesn1> oh you're right
[10:45:32 CDT(-0500)] <foxnesn1> both work
[10:45:56 CDT(-0500)] <foxnesn1> kickehy: why would you do that? to force ssl?
[10:46:22 CDT(-0500)] <foxnesn1> i believe you would force ssl in tomcat, not in cas
[10:46:25 CDT(-0500)] <kickehy> foxnesn1: yes, i assumed that was bette for security's sake
[10:46:42 CDT(-0500)] <kickehy> foxnesn1: i did do it through tomcat via the server.xml file
[10:46:43 CDT(-0500)] <foxnesn1> so just comment out 8080 in the tomcat server.xml
[10:47:06 CDT(-0500)] <foxnesn1> i never made any changes to cas.properties
[10:47:14 CDT(-0500)] <kickehy> foxnesn1: actually i made tomcat forward everything from 8080 to 8443
[10:47:35 CDT(-0500)] <foxnesn1> then you shouldnt have to mess with cas.properties i dont think
[10:47:46 CDT(-0500)] <kickehy> mmmk i'll change it back and try again
[10:52:34 CDT(-0500)] <kickehy> or it could be because i screwed up my deployerConfig for LDAP
[10:52:43 CDT(-0500)] <kickehy> now just to figure out what i did
[10:55:07 CDT(-0500)] <foxnesn1> you connecting to an AD? just curious.
[10:55:35 CDT(-0500)] <kickehy> trying to
[10:58:33 CDT(-0500)] <foxnesn1> hrm, i hope to be doing the same thing by the end of the week
[10:58:50 CDT(-0500)] <foxnesn1> will you have a password self service solution?
[11:06:49 CDT(-0500)] <kickehy> ummm, not too sure what that is
[11:07:10 CDT(-0500)] <kickehy> in case someone forgets their AD password?
[11:52:58 CDT(-0500)] <kickehy> http://pastie.org/2632968 <--could anyone take a look and see if i've royal screwed something up? I'm at a loss on how to get this setup with ldap
[11:53:07 CDT(-0500)] <kickehy> royally*
[11:56:26 CDT(-0500)] <foxnesn1> kickehy: yea if someone forgets their password then a program like PWM can allow them to reset it based on a bunch of variables.
[11:57:24 CDT(-0500)] <kickehy> foxnesn1: then we probably won't do that
[11:57:30 CDT(-0500)] <kickehy> even though that idea is nice
[11:57:51 CDT(-0500)] <foxnesn1> do you not have students listed on the AD to get onto your domain then?
[11:59:59 CDT(-0500)] <kickehy> we do
[12:00:19 CDT(-0500)] <foxnesn1> so what happens if your students fogrget their password?
[12:00:29 CDT(-0500)] <kickehy> in order for them to reset their password they, currently, have to physically come to the help desk and verify their identity to reset their password
[12:00:35 CDT(-0500)] <kickehy> it's annoying i know
[12:00:39 CDT(-0500)] <kickehy> wasn't my decision
[12:01:12 CDT(-0500)] <foxnesn1> ahhh
[12:01:22 CDT(-0500)] <foxnesn1> ok, yea that has to be a pain but whatever
[12:01:30 CDT(-0500)] <kickehy> very much so
[12:01:58 CDT(-0500)] <kickehy> but that was the policy they established after this "red flags" security meeting
[12:02:23 CDT(-0500)] <kickehy> they as in my bosses
[12:02:49 CDT(-0500)] <kickehy> but if i could figure out a way to create a password reset policy, i bet they'd open that can of worms back up
[12:03:04 CDT(-0500)] * kickehy out to lunch
[13:22:50 CDT(-0500)] <kickehy> anyone have any ideas on that pastie i posted?
[13:41:56 CDT(-0500)] <foxnesn1> hrm looking at it now
[13:42:20 CDT(-0500)] <foxnesn1> does tomcat log throw an error?
[13:54:12 CDT(-0500)] <kickehy> foxnesn1: org.apache.catalina.core.StandardContext start
[13:54:15 CDT(-0500)] <kickehy> SEVERE: Context [/cas] startup failed due to previous errors
[13:54:41 CDT(-0500)] <kickehy> that's from the tomcat6-stderr log
[13:58:09 CDT(-0500)] <foxnesn1> woah no idea there