From 2e4fb9fdf20269f444cd6093206a39d1c3d513c8 Mon Sep 17 00:00:00 2001 From: Danny Chan Date: Mon, 23 Oct 2023 11:35:39 -0400 Subject: [PATCH] INFRA-2595: Add CAS_CAS_FORCE_SSL_SERVICE_URL setting --- ctlsettings/shared.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/ctlsettings/shared.py b/ctlsettings/shared.py index d422acd..ce809a5 100644 --- a/ctlsettings/shared.py +++ b/ctlsettings/shared.py @@ -148,6 +148,10 @@ def common(**kwargs): CAS_ADMIN_REDIRECT = False CAS_MAP_AFFILIATIONS = True + # Force the service url to always target HTTPS. + # https://djangocas.dev/docs/latest/configuration.html#cas-force-ssl-service-url-optional + CAS_FORCE_SSL_SERVICE_URL = True + # Translate CUIT's CAS user attributes to the Django user model. # https://cuit.columbia.edu/content/cas-3-ticket-validation-response CAS_APPLY_ATTRIBUTES_TO_USER = True