I have setup a CAS server at 172.16.238.10 that generally works with the CAS protocol. However, for OAuth2 there is a strange redirection behavior:
REQ: https://172.16.238.10:8443/ooscas/oauth2.0/authorize
RESP: 302, Location: https://localhost:8443/ooscas/login?service=https%3A%2F%2Flocalhost%3A8443%2Fooscas%2Foauth2.0%2FcallbackAuthorize%3Fclient_name%3DCasOAuthClient
Never mind the service and client_name parameters for this staged example, but my question is about the hostname:
Where does the "localhost" come from? How can I configure that to be something else?
In a real OAuth2 webflow localhost will simply not work, even if 172.16.238.10 happens to be localhost. The reason is that by posting the login form to localhost, the CAS server then redirects to itself using localhost (https://localhost:8443/oauth2.0/callbackAuthorize) and that will lead to an internal SSL handshake error, because the server's certificate is not valid for localhost.
Most likely, you need to define the following:
cas.server.name=
cas.server.prefix=${cas.server.name}/cas
You're referencing the prefix in your setup, but its definition seems absent. If you fail to do that, default values take place.
PS Always specify the CAS version in your posts.