Re: INVALID_TICKET/ticket not recognized error for just granted ticket...

tedzo Mon, 15 Jan 2007 00:56:20 -0800

Scott,
Thanks for your response. Appreciate you taking the time to help us folks out.


I poked a bit more and I think I kind of figured how to avoid the problem but 
not why it is happening. I have attached the log messages below for someone 
more knowledgeable like yourself to figure out if you wish (would help the rest 
of us understand CAS better if you did :-)

Essentially, I was trying to access my application's login.jsp. That would take 
me to the CAS login page where I would login and then I would be redirected 
back to my Application's login.jsp. In my web.xml, I used ServiceUrl and set it 
also to login.jsp, in effect, forcing CAS to route all successful logins to my 
application's  login.jsp. I think this kind off threw off CAS and caused the 
issues I described previously. Ofcourse, I did this since I was just trying to 
get something up and running and since login.jsp was the only page I could 
access, I used it in both places (to initially login and inside ServiceUrl). 
Normally one wouldn't perhaps set up ServiceUrl as I did. Things seemed to work 
fine when I changed ServiceUrl to point to a different url OR when I used 
ServerName (localhost:8080 in my case).

The logs when things go haywire are as below.

Thanks again.


2007-01-15 00:13:40,718 INFO 
[org.jasig.cas.web.flow.AutomaticCookiePathSetterAction] - <Setting ContextPath 
for cookies to: /cas>
2007-01-15 00:13:40,828 DEBUG [org.apache.catalina.core.ApplicationDispatcher] 
- <servletPath=/WEB-INF/view/jsp/default/ui/casLoginView.jsp, pathInfo=null, 
queryString=null, name=null>
2007-01-15 00:13:40,828 DEBUG [org.apache.catalina.core.ApplicationDispatcher] 
- < Path Based Forward>
2007-01-15 00:13:40,828 DEBUG [org.apache.jasper.servlet.JspServlet] - 
<JspEngine --> /WEB-INF/view/jsp/default/ui/casLoginView.jsp>
2007-01-15 00:13:40,828 DEBUG [org.apache.jasper.servlet.JspServlet] - <        
 ServletPath: /WEB-INF/view/jsp/default/ui/casLoginView.jsp>
2007-01-15 00:13:40,828 DEBUG [org.apache.jasper.servlet.JspServlet] - <        
    PathInfo: null>
2007-01-15 00:13:40,828 DEBUG [org.apache.jasper.servlet.JspServlet] - <        
    RealPath: C:\Program Files\Apache Software Foundation\Tomcat 
5.5\webapps\cas\WEB-INF\view\jsp\default\ui\casLoginView.jsp>
2007-01-15 00:13:40,828 DEBUG [org.apache.jasper.servlet.JspServlet] - <        
  RequestURI: /cas/WEB-INF/view/jsp/default/ui/casLoginView.jsp>
2007-01-15 00:13:40,828 DEBUG [org.apache.jasper.servlet.JspServlet] - <        
 QueryString: service=http%3A%2F%2Flocalhost%3A8080%2FDMM%2Flogin.jsp>
2007-01-15 00:13:40,828 DEBUG [org.apache.jasper.servlet.JspServlet] - <      
Request Params: >
2007-01-15 00:13:40,828 DEBUG [org.apache.jasper.servlet.JspServlet] - <        
 service = http://localhost:8080/DMM/login.jsp>
2007-01-15 00:13:40,953 DEBUG [org.apache.catalina.core.ApplicationDispatcher] 
- < Disabling the response for futher output>
2007-01-15 00:13:41,000 DEBUG [org.apache.catalina.core.ApplicationDispatcher] 
- <servletPath=/index.jsp, pathInfo=null, queryString=null, name=null>
2007-01-15 00:13:41,000 DEBUG [org.apache.catalina.core.ApplicationDispatcher] 
- < Path Based Forward>
2007-01-15 00:13:41,000 DEBUG [org.apache.jasper.servlet.JspServlet] - 
<JspEngine --> /index.jsp>
2007-01-15 00:13:41,000 DEBUG [org.apache.jasper.servlet.JspServlet] - <        
 ServletPath: /index.jsp>
2007-01-15 00:13:41,000 DEBUG [org.apache.jasper.servlet.JspServlet] - <        
    PathInfo: null>
2007-01-15 00:13:41,000 DEBUG [org.apache.jasper.servlet.JspServlet] - <        
    RealPath: C:\Program Files\Apache Software Foundation\Tomcat 
5.5\webapps\cas\index.jsp>
2007-01-15 00:13:41,000 DEBUG [org.apache.jasper.servlet.JspServlet] - <        
  RequestURI: /cas/>
2007-01-15 00:13:41,000 DEBUG [org.apache.jasper.servlet.JspServlet] - <        
 QueryString: null>
2007-01-15 00:13:41,000 DEBUG [org.apache.jasper.servlet.JspServlet] - <      
Request Params: >
2007-01-15 00:13:41,015 DEBUG [org.apache.catalina.core.ApplicationDispatcher] 
- < Disabling the response for futher output>
2007-01-15 00:13:41,015 DEBUG [org.apache.catalina.core.ApplicationDispatcher] 
- <servletPath=/WEB-INF/view/jsp/default/ui/casGenericSuccess.jsp, 
pathInfo=null, queryString=null, name=null>
2007-01-15 00:13:41,015 DEBUG [org.apache.catalina.core.ApplicationDispatcher] 
- < Path Based Forward>
2007-01-15 00:13:41,015 DEBUG [org.apache.jasper.servlet.JspServlet] - 
<JspEngine --> /WEB-INF/view/jsp/default/ui/casGenericSuccess.jsp>
2007-01-15 00:13:41,015 DEBUG [org.apache.jasper.servlet.JspServlet] - <        
 ServletPath: /WEB-INF/view/jsp/default/ui/casGenericSuccess.jsp>
2007-01-15 00:13:41,015 DEBUG [org.apache.jasper.servlet.JspServlet] - <        
    PathInfo: null>
2007-01-15 00:13:41,015 DEBUG [org.apache.jasper.servlet.JspServlet] - <        
    RealPath: C:\Program Files\Apache Software Foundation\Tomcat 
5.5\webapps\cas\WEB-INF\view\jsp\default\ui\casGenericSuccess.jsp>
2007-01-15 00:13:41,015 DEBUG [org.apache.jasper.servlet.JspServlet] - <        
  RequestURI: /cas/WEB-INF/view/jsp/default/ui/casGenericSuccess.jsp>
2007-01-15 00:13:41,015 DEBUG [org.apache.jasper.servlet.JspServlet] - <        
 QueryString: null>
2007-01-15 00:13:41,015 DEBUG [org.apache.jasper.servlet.JspServlet] - <      
Request Params: >
2007-01-15 00:13:41,015 DEBUG [org.apache.jasper.servlet.JspServlet] - <        
 null = >
2007-01-15 00:13:41,015 DEBUG [org.apache.catalina.core.ApplicationDispatcher] 
- < Disabling the response for futher output>
2007-01-15 00:13:46,343 INFO 
[org.jasig.cas.authentication.AuthenticationManagerImpl] - 
<AuthenticationHandler: 
org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler
 successfully authenticated the user which provided the following credentials: 
tt>
2007-01-15 00:13:46,359 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - 
<Granted service ticket [ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20] for 
service [http://localhost:8080/DMM/login.jsp] for user [tt]>
2007-01-15 00:13:48,359 DEBUG [org.apache.catalina.core.ApplicationDispatcher] 
- 
<servletPath=/WEB-INF/view/jsp/default/protocol/2.0/casServiceValidationSuccess.jsp,
 pathInfo=null, queryString=null, name=null>
2007-01-15 00:13:48,359 DEBUG [org.apache.catalina.core.ApplicationDispatcher] 
- < Path Based Forward>
2007-01-15 00:13:48,359 DEBUG [org.apache.jasper.servlet.JspServlet] - 
<JspEngine --> 
/WEB-INF/view/jsp/default/protocol/2.0/casServiceValidationSuccess.jsp>
2007-01-15 00:13:48,359 DEBUG [org.apache.jasper.servlet.JspServlet] - <        
 ServletPath: 
/WEB-INF/view/jsp/default/protocol/2.0/casServiceValidationSuccess.jsp>
2007-01-15 00:13:48,359 DEBUG [org.apache.jasper.servlet.JspServlet] - <        
    PathInfo: null>
2007-01-15 00:13:48,359 DEBUG [org.apache.jasper.servlet.JspServlet] - <        
    RealPath: C:\Program Files\Apache Software Foundation\Tomcat 
5.5\webapps\cas\WEB-INF\view\jsp\default\protocol\2.0\casServiceValidationSuccess.jsp>
2007-01-15 00:13:48,359 DEBUG [org.apache.jasper.servlet.JspServlet] - <        
  RequestURI: 
/cas/WEB-INF/view/jsp/default/protocol/2.0/casServiceValidationSuccess.jsp>
2007-01-15 00:13:48,359 DEBUG [org.apache.jasper.servlet.JspServlet] - <        
 QueryString: 
service=http%3A%2F%2Flocalhost%3A8080%2FDMM%2Flogin.jsp&ticket=ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20>
2007-01-15 00:13:48,359 DEBUG [org.apache.jasper.servlet.JspServlet] - <      
Request Params: >
2007-01-15 00:13:48,359 DEBUG [org.apache.jasper.servlet.JspServlet] - <        
 service = http://localhost:8080/DMM/login.jsp>
2007-01-15 00:13:48,359 DEBUG [org.apache.jasper.servlet.JspServlet] - <        
 ticket = ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20>
2007-01-15 00:13:48,406 DEBUG [org.apache.catalina.core.ApplicationDispatcher] 
- < Disabling the response for futher output>
2007-01-15 00:13:48,421 DEBUG [org.apache.catalina.core.ApplicationDispatcher] 
- 
<servletPath=/WEB-INF/view/jsp/default/protocol/2.0/casServiceValidationFailure.jsp,
 pathInfo=null, queryString=null, name=null>
2007-01-15 00:13:48,421 DEBUG [org.apache.catalina.core.ApplicationDispatcher] 
- < Path Based Forward>
2007-01-15 00:13:48,421 DEBUG [org.apache.jasper.servlet.JspServlet] - 
<JspEngine --> 
/WEB-INF/view/jsp/default/protocol/2.0/casServiceValidationFailure.jsp>
2007-01-15 00:13:48,421 DEBUG [org.apache.jasper.servlet.JspServlet] - <        
 ServletPath: 
/WEB-INF/view/jsp/default/protocol/2.0/casServiceValidationFailure.jsp>
2007-01-15 00:13:48,437 DEBUG [org.apache.jasper.servlet.JspServlet] - <        
    PathInfo: null>
2007-01-15 00:13:48,437 DEBUG [org.apache.jasper.servlet.JspServlet] - <        
    RealPath: C:\Program Files\Apache Software Foundation\Tomcat 
5.5\webapps\cas\WEB-INF\view\jsp\default\protocol\2.0\casServiceValidationFailure.jsp>
2007-01-15 00:13:48,437 DEBUG [org.apache.jasper.servlet.JspServlet] - <        
  RequestURI: 
/cas/WEB-INF/view/jsp/default/protocol/2.0/casServiceValidationFailure.jsp>
2007-01-15 00:13:48,437 DEBUG [org.apache.jasper.servlet.JspServlet] - <        
 QueryString: 
service=http%3A%2F%2Flocalhost%3A8080%2FDMM%2Flogin.jsp&ticket=ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20>
2007-01-15 00:13:48,437 DEBUG [org.apache.jasper.servlet.JspServlet] - <      
Request Params: >
2007-01-15 00:13:48,437 DEBUG [org.apache.jasper.servlet.JspServlet] - <        
 service = http://localhost:8080/DMM/login.jsp>
2007-01-15 00:13:48,437 DEBUG [org.apache.jasper.servlet.JspServlet] - <        
 ticket = ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20>
2007-01-15 00:13:48,437 DEBUG [org.apache.catalina.core.ApplicationDispatcher] 
- < Disabling the response for futher output>
2007-01-15 00:13:48,437 ERROR [http-8080-Processor24] client.CASReceipt:61     
- validation of [[edu.yale.its.tp.cas.client.ProxyTicketValidator 
proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator 
casValidateUrl=[https://localhost:8443/cas/serviceValidate] 
ticket=[ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20] 
service=[http%3A%2F%2Flocalhost%3A8080%2FDMM%2Flogin.jsp] 
errorCode=[INVALID_TICKET] errorMessage=[ticket 
'ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20' not recognized] renew=false 
entireResponse=[<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
    <cas:authenticationFailure code='INVALID_TICKET'>
        ticket 'ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20' not recognized
    </cas:authenticationFailure>
</cas:serviceResponse>
]]]] was not successful.
2007-01-15 00:13:48,453 ERROR [http-8080-Processor24] filter.CASFilter :380     
- edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to validate 
ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator 
proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator 
casValidateUrl=[https://localhost:8443/cas/serviceValidate] 
ticket=[ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20] 
service=[http%3A%2F%2Flocalhost%3A8080%2FDMM%2Flogin.jsp] 
errorCode=[INVALID_TICKET] errorMessage=[ticket 
'ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20' not recognized] renew=false 
entireResponse=[<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
    <cas:authenticationFailure code='INVALID_TICKET'>
        ticket 'ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20' not recognized
    </cas:authenticationFailure>
</cas:serviceResponse>
]]]]
2007-01-15 00:13:48,453 ERROR [http-8080-Processor24] [/DMM].[jsp]     :253     
- Servlet.service() for servlet jsp threw exception
edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to validate 
ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator 
proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator 
casValidateUrl=[https://localhost:8443/cas/serviceValidate] 
ticket=[ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20] 
service=[http%3A%2F%2Flocalhost%3A8080%2FDMM%2Flogin.jsp] 
errorCode=[INVALID_TICKET] errorMessage=[ticket 
'ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20' not recognized] renew=false 
entireResponse=[<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
    <cas:authenticationFailure code='INVALID_TICKET'>
        ticket 'ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20' not recognized
    </cas:authenticationFailure>
</cas:serviceResponse>
]]]]
    at edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:62)
    at 
edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:455)
    at edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:378)
    at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
    at 
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
    at 
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
    at 
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
    at 
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
    at 
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
    at 
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
    at 
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
    at 
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
    at 
org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
    at 
org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
    at 
org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
    at 
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
    at java.lang.Thread.run(Unknown Source)
2007-01-15 00:13:48,453 DEBUG [org.apache.catalina.core.ApplicationDispatcher] 
- <servletPath=/WEB-INF/application/error/exception.jsp, pathInfo=null, 
queryString=null, name=null>
2007-01-15 00:13:48,453 DEBUG [org.apache.catalina.core.ApplicationDispatcher] 
- < Path Based Forward>
Date: Mon Jan 15 00:13:48 PST 2007
Exception Status Code : 500
Resource : /DMM/login.jsp
Error : javax.servlet.ServletException: Unable to validate ProxyTicketValidator 
[[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] 
[edu.yale.its.tp.cas.client.ServiceTicketValidator 
casValidateUrl=[https://localhost:8443/cas/serviceValidate] 
ticket=[ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20] 
service=[http%3A%2F%2Flocalhost%3A8080%2FDMM%2Flogin.jsp] 
errorCode=[INVALID_TICKET] errorMessage=[ticket 
'ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20' not recognized] renew=false 
entireResponse=[<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
    <cas:authenticationFailure code='INVALID_TICKET'>
        ticket 'ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20' not recognized
    </cas:authenticationFailure>
</cas:serviceResponse>
]]]]
edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:381)
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
root cause: [edu.yale.its.tp.cas.client.CASAuthenticationException] :: Unable 
to validate ProxyTicketValidator 
[[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] 
[edu.yale.its.tp.cas.client.ServiceTicketValidator 
casValidateUrl=[https://localhost:8443/cas/serviceValidate] 
ticket=[ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20] 
service=[http%3A%2F%2Flocalhost%3A8080%2FDMM%2Flogin.jsp] 
errorCode=[INVALID_TICKET] errorMessage=[ticket 
'ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20' not recognized] renew=false 
entireResponse=[<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
    <cas:authenticationFailure code='INVALID_TICKET'>
        ticket 'ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20' not recognized
    </cas:authenticationFailure>
</cas:serviceResponse>
]]]]
edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:62)
edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:455)
edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:378)
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)

GET Query : ticket=ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20

2007-01-15 00:13:48,500 DEBUG [org.apache.catalina.core.ApplicationDispatcher] 
- < Disabling the response for futher output>
TICKET==========================null------> My app's debug message
2007-01-15 00:13:53,593 DEBUG [org.quartz.core.JobRunShell] - <Calling execute 
on job DEFAULT.jobDetailTicketRegistryCleaner>
2007-01-15 00:13:53,609 INFO 
[org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - 
<Starting cleaning of expired tickets from ticket registry at [Mon Jan 15 
00:13:53 PST 2007]>
2007-01-15 00:13:53,609 INFO 
[org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - <0 found 
to be removed.  Removing now.>
2007-01-15 00:13:53,609 INFO 
[org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - 
<Finished cleaning of expired tickets from ticket registry at [Mon Jan 15 
00:13:53 PST 2007]>





Scott Battaglia <[EMAIL PROTECTED]> wrote: If you turn on DEBUG level logging 
on the CAS server it should give you a better indication of why the server is 
rejecting the ticket.

-Scott

On 1/13/07,  tedzo <[EMAIL PROTECTED]> wrote: Hello,
With the CAS filters set, I am redirected to CAS's login page and after 
successful login (username=password), I am redirected to my app's page with a 
ticket. However, If you notice the log entries below, the first line mentions 
that a ticket was granted (ST-2....). The next line complains that the just 
granted ticket is invalid and is not recognized. Further down, at the bottom, 
another ticket appears to be granted (ST-3....). I am not sure why a second one 
was granted. 

My tomcat's logs-

2007-01-13 17:38:37,758 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - 
<Granted service ticket [ST-2-PgC9skgfRcVA9cqRbmwPcJAYQip0E0zmgES-20] for 
service [ http://localhost:8080/DMM/login.jsp] for user [ml]>
2007-01-13 17:38:38,211 ERROR [http-8080-Processor25] client.CASReceipt:61     
- validation of [[edu.yale.its.tp.cas.client.ProxyTicketValidator 
proxyList=[null] [ edu.yale.its.tp.cas.client.ServiceTicketValidator  
casValidateUrl=[https://localhost:8443/cas/proxyValidate] 
ticket=[ST-2-PgC9skgfRcVA9cqRbmwPcJAYQip0E0zmgES-20] 
service=[http%3A%2F%2Flocalhost%3A8080%2FDMM%2Flogin.jsp] 
errorCode=[INVALID_TICKET] errorMessage=[ticket 
'ST-2-PgC9skgfRcVA9cqRbmwPcJAYQip0E0zmgES-20' not recognized] renew=false 
entireResponse=[<cas:serviceResponse xmlns:cas=' http://www.yale.edu/tp/cas'>
    <cas:authenticationFailure code='INVALID_TICKET'> 
        ticket 'ST-2-PgC9skgfRcVA9cqRbmwPcJAYQip0E0zmgES-20' not recognized
    </cas:authenticationFailure>
</cas:serviceResponse>
]]]] was not successful.
2007-01-13 17:38:38,242 ERROR [http-8080-Processor25]  filter.CASFilter :380    
 - edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to validate 
ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator 
proxyList=[null]  [edu.yale.its.tp.cas.client.ServiceTicketValidator 
casValidateUrl=[https://localhost:8443/cas/proxyValidate ] 
ticket=[ST-2-PgC9skgfRcVA9cqRbmwPcJAYQip0E0zmgES-20] 
service=[http%3A%2F%2Flocalhost%3A8080%2FDMM%2Flogin.jsp] 
errorCode=[INVALID_TICKET] errorMessage=[ticket 
'ST-2-PgC9skgfRcVA9cqRbmwPcJAYQip0E0zmgES-20' not recognized] renew=false 
entireResponse=[<cas:serviceResponse xmlns:cas=' http://www.yale.edu/tp/cas'>
    <cas:authenticationFailure code='INVALID_TICKET'> 
        ticket 'ST-2-PgC9skgfRcVA9cqRbmwPcJAYQip0E0zmgES-20' not recognized
    </cas:authenticationFailure>
</cas:serviceResponse>
]]]]
2007-01-13 17:38:38,258 ERROR [http-8080-Processor25] [/DMM].[jsp]     :253     
-  Servlet.service() for servlet jsp threw exception
edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to validate 
ProxyTicketValidator  [[edu.yale.its.tp.cas.client.ProxyTicketValidator 
proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator 
casValidateUrl=[ https://localhost:8443/cas/proxyValidate] 
ticket=[ST-2-PgC9skgfRcVA9cqRbmwPcJAYQip0E0zmgES-20] 
service=[http%3A%2F%2Flocalhost%3A8080%2FDMM%2Flogin.jsp] 
errorCode=[INVALID_TICKET] errorMessage=[ticket 
'ST-2-PgC9skgfRcVA9cqRbmwPcJAYQip0E0zmgES-20' not recognized] renew=false 
entireResponse=[<cas:serviceResponse xmlns:cas=' http://www.yale.edu/tp/cas'>
    <cas:authenticationFailure code='INVALID_TICKET'> 
        ticket 'ST-2-PgC9skgfRcVA9cqRbmwPcJAYQip0E0zmgES-20' not recognized
    </cas:authenticationFailure>
</cas:serviceResponse>
]]]]
    at edu.yale.its.tp.cas.client.CASReceipt.getReceipt (CASReceipt.java:62)
    at  
edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:455)
......

2007-01-13 17:38:38,774 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - 
<Granted service ticket [ST-3-CJAKM2GaTN17LOYzwGxc12YCryRPVKe37KB-20] for 
service [ http://localhost:8080/DMM/login.jsp] for user [ml]>

I believe everything else is correctly setup. I can access  https://localhost 
and go to Tomcat's initial page. I have exported and imported certificates 
using keytool. The jvm that tomcat uses knows about the certificates as does 
Tomcat itself. 
web.xml
<filter>
    <filter-name>CAS Filter</filter-name>
    <filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class>
    <init-param>
      <param-name> edu.yale.its.tp.cas.client.filter.loginUrl</param-name>
       <param-value>https://localhost:8443/cas/login</param-value>
    </init-param>
     <init-param>
      <param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name>
      <param-value> https://localhost:8443/cas/proxyValidate</param-value>
    </init-param>
    <init-param>
      <param-name>edu.yale.its.tp.cas.client.filter.serviceUrl</param-name>
      <param-value> http://localhost:8080/DMM/login.jsp</param-value>
    </init-param>
  </filter> 

  <filter-mapping>
    <filter-name>CAS Filter</filter-name>
    <url-pattern>*.jsp</url-pattern>
     <dispatcher>FORWARD</dispatcher> 
    <dispatcher>INCLUDE</dispatcher> 
    <dispatcher>REQUEST</dispatcher> 
  </filter-mapping>

server.xml-
        <Connector port="8443" maxHttpHeaderSize="8192" 
               maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
               enableLookups="false" disableUploadTimeout="true"
               acceptCount="100" scheme="https" secure="true" 
               clientAuth="false" keystoreFile="C:\Documents and  
Settings\av\.keystore"
               keystorePass="changeit" sslProtocol="TLS"/>

Any help is appreciated.

Av.
   

---------------------------------
TV dinner still cooling?
Check out "Tonight's Picks"  on Yahoo! TV. 

_______________________________________________
Yale CAS mailing list
cas@tp.its.yale.edu
 http://tp.its.yale.edu/mailman/listinfo/cas




 _______________________________________________
Yale CAS mailing list
cas@tp.its.yale.edu
http://tp.its.yale.edu/mailman/listinfo/cas


 
---------------------------------
 Get your own web address.
 Have a HUGE year through Yahoo! Small Business.

_______________________________________________
Yale CAS mailing list
cas@tp.its.yale.edu
http://tp.its.yale.edu/mailman/listinfo/cas

Re: INVALID_TICKET/ticket not recognized error for just granted ticket...

Reply via email to