chore(apereo-cas): fix up configuration r/1239

- X-Forwarded-Proto support so it knows it's behind TLS - Remove extraneous logs and just log to stdout so it's caught be systemd Change-Id: I650777bbfd24a1922f26967ffff7da06d14b6639 Reviewed-on: https://cl.tvl.fyi/c/depot/+/952 Tested-by: BuildkiteCI Reviewed-by: glittershark <grfn@gws.fyi>
author: Luke Granger-Brown <hg@lukegb.com> 2020-07-07T22·54+0000
committer: lukegb <lukegb@tvl.fyi> 2020-07-08T17·49+0000
commit: 2c7e9986e2337959a25d449f9d18b60992dd31ea (patch)
tree: a378e59c03ddebc92dff1f681a31b0d2c1a6e7a5 /third_party/apereo-cas/overlay/etc/cas/config/cas.properties
parent: 37ec60c70629fa5f6ace47488ba035a9a0bbae96 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/third_party/apereo-cas/overlay/etc/cas/config/cas.properties b/third_party/apereo-cas/overlay/etc/cas/config/cas.properties
index 9ef983b174..e11d41fdd6 100644
--- a/third_party/apereo-cas/overlay/etc/cas/config/cas.properties
+++ b/third_party/apereo-cas/overlay/etc/cas/config/cas.properties
@@ -8,6 +8,14 @@ server.port=8443
 server.address=127.0.0.1
 server.ssl.enabled=false
 
+# Enable X-Forwarded-For using Tomcat.
+server.forward-headers-strategy=NATIVE
+server.tomcat.remoteip.remote-ip-header=x-forwarded-for
+server.tomcat.remoteip.protocol-header=x-forwarded-proto
+
+server.tomcat.basedir=/etc/cas/tomcat
+server.servlet.context-path=/
+
 cas.authn.saml-idp.entity-id=https://login.tvl.fyi
 
 cas.authn.accept.users=
author	Luke Granger-Brown <hg@lukegb.com>	2020-07-07T22·54+0000
committer	lukegb <lukegb@tvl.fyi>	2020-07-08T17·49+0000
commit	2c7e9986e2337959a25d449f9d18b60992dd31ea (patch)
tree	a378e59c03ddebc92dff1f681a31b0d2c1a6e7a5 /third_party/apereo-cas/overlay/etc/cas/config/cas.properties
parent	37ec60c70629fa5f6ace47488ba035a9a0bbae96 (diff)