redirect to port 80

@dkirmis: We’ve just started running into the same port:80 error, but only on WP sites created since the beginning of 2017. We have many dozens of installs created in 2016 or earlier for which CAS Maestro continues to handle authentication properly. Bizarrely enough, if we clone one of those older sites, CAS authentication continues to work on the old site but fails on the new copy, even though the code ought to be identical. Our sites are all hosted by WP Engine, and we suspect there’s been some change there that’s causing the problem (though of course they point the finger of blame at the plugin). Are you hosted on WP Engine as well, or elsewhere?

@mcstevem: Yes, it is running on wpengine. I talked to several of their tech support folks, and most of them blamed the plugin, but I did have one guy who seemed to think it was due to the way wpengine handles https traffic. The final response that I got from them was this:
“I know that if we run a curl -IL on the domain You can see that the connection is being sent as https. It redirects to the CAS plugin and finishes with a 200 ok. When it gets the 200 code I’m seeing a cookie set JSESSIONID=1D120E1DB80DB9236D2407CC0264F446.cas2; Path=/cas; Secure; HttpOnly. The HttpOnly could be why it’s returning back as connecting with port 80. It does look like the plugin is not seeing the request come in as https.”

I was able to install and configure this plugin: https://www.ads-software.com/plugins/wp-cassify/ and it works in our environment on wpengine.

After much back and forth with WPE, they acknowledged today that “a slight platform change” at their end was implicated in the problem. They’ve made ” a tiny workaround” (details unspecified), which cleared up the problem for a new site that had been cloned from an older template site, but it still hasn’t solved the issue for a brand new, clean install.

Thanks for the tip on wp-cassify, though with 100+ installs already using CAS Maestro, I’m hoping we can find a way to keep that plugin working for us.

I just experienced this problem yesterday and was able to fix it. If you simply update phpCAS to the current version of 1.3.4, it should prevent :80 from being appended. (FWIW, I was told the same thing by WP Engine that it was the plugin’s fault and nothing on their end.)

Steps:

1. Backup your site and deactivate the plugin.
2. Download the cas-maestro folder to your computer via SFTP. (Just makes things a bit easier. I also deleted the plugin from the site after downloading.)
3. Go inside the cas-maestro plugin you downloaded to your computer.
4. Remove everything inside the phpCAS folder
5. Go to https://wiki.jasig.org/display/CASC/phpCAS+installation+guide
6. Download the latest stable release (1.3.4) without PEAR
7. Unzip the file
8. Copy all of the files in the CAS-1.3.4 folder and paste them inside the phpCAS folder in the cas-maestro folder (cas-maestro\phpCAS)
9. Upload the cas-maestro folder back to your site via SFTP
10. Reactivate the plugin. Your setting should remain since they are stored in the database
11. Test by logging into WordPress via CAS and you shouldn’t see the :80 there anymore.

Hope this helps!

After going through six WPE support reps, I got confirmation that the problem was that “We recently pushed out some changes on our end to force all backend requests loaded over the WP Engine temporary URL to load over HTTPS,” which turns out to be incompatible with the current state of CAS Maestro. They provided us with a mu-plugin (x_disable_wpesec.php) that has solved the problem for existing sites, and that we’ll need to add to future clean installs (as opposed to copies from install templates that already include the fix).

Dealing with this problem again. Any way that we can get that mu-plugin? Do they have it available anywhere? If not, I suppose I can refer to this thread when talking to the support rep.

You could also refer the WP Engine support reps to the now-closed support request #812101 in their help system. And one of WPE’s last posts to that ticket said the plugin “can also be obtained from the MU-plugins directory via SFTP,” and that its content is as follows:

$ cat x_disable_wpesec.php
<?php

add_action( 'widgets_init', 'wpe_remove_encourage_tls', 0 );
function wpe_remove_encourage_tls() {
    remove_action( 'init', 'wpesec_encourage_tls' );
}

Oh, perfect! Thank you!