[Geoserver-devel] [jira] (GEOS-6109) CAS login request exposes internal server URL

Lazar Bodor created BugGEOS-6109
CAS login request exposes internal server URL

Issue Type:

BugBug

Affects Versions:

2.4.1

Assignee:

Andrea Aime

Components:

Security

Created:

23/Oct/13 10:47 PM

Description:

The CAS plugin when logging in constructs a URL like

http://external-server/cas-server/login?service=http://internal-server:8080/geoserver
instead of
http://external-server/cas-server/login?service=http://external-server/geoserver

The plugin doesn’t take into account the PROXY_BASE_URL context parameter or the Proxy Base URL value in the global settings. The callback URL comes from the java http request object.

Project:

GeoServer

Labels:

cas

Priority:

MinorMinor

Reporter:

Lazar Bodor

This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: [http://www.atlassian.com/software/jira](http://www.atlassian.com/software/jira)