Zimbra-CAS Multi-server Instance Redirecting to Wrong URL after CAS Authn
We are running Zimbra 6 in a multi-server environment with three store
servers. I successfully configured a single server installation of Zimbra to use CAS
by following CASifying Zimbra 6.0 - Zimbra :: Wiki.
However, I am now trying to do the same with a multi-server install and
having a problem. After authenticating correctly to my CAS server, I am
not redirected back to the correct page. Specifically, the URL I am
coming from as I am redirected to CAS, is not the URL I am being
redirected to after I authenticate with CAS.
In more detail:
I go to https://webmail.zdev.lafayette.edu/ I am then redirected to
Note that instead of having the GET variable for service set to
webmail.zdev.lafayette.edu, it is set to zdev.lafayette.edu (my domain).
After authenticating I get redirected back to zdev.lafayette.edu (which
is my domain not a host so there is no DNS for it aside from an MX
record). I should be redirected to webmail.zdev.lafayette.edu.
I generated a preauth key for the domain zdev.lafayette.edu (there is no
domain for webmail.zdev.lafayette.edu) . This key was put into
/opt/zimbra/jetty/webapps/zimbra/public/preauth.jsp as described in your
I tried updating preauth.jsp's generateRedirect() method to
return the hard coded value where I want the user to be sent and
restrarted zimbra but that didn't make a difference:
[zimbra@zstore00 DEV ~]$ diff
< // return
< return request.getScheme()+"://"+
> > return
[zimbra@zstore00 DEV ~]$
I added two beans to the CAS service registry for both URLs
(zdev.lafayette.edu and webmail.zdev.lafayette.edu). With both beans in
place I get a service ticket on CAS and I am redirected back to Zimbra
but still at zdev.lafayette.edu. If I don't have both service entries,
then a CAS service ticket is not issued.
Has anyone seen this problem or had success casifying Zimbra in a
multi-server environment? Thank you for any direction you can offer.