How to enable CAS without SSL

This is a tiny tutorial on steps required to enable CAS (Jasig, v3.4x ) single-sign-out without SSL. These are the steps involved to remove dependency on SSL – Use HTTP urls (instead of HTTPS ones) in all client configurations. Edit [CAS-server-deployment-root]/ WEB-INF/ spring-configuration/ ticketGrantingTicketCookieGenerator.xml Change the value of attribute “p:cookieSecure” to false. Edit [CAS-server-deployment-root]/ WEB-INF […]

Continue reading →