Scott,
Thanks for your response. Appreciate you taking the time to help us folks out.
I poked a bit more and I think I kind of figured how to avoid the problem but
not why it is happening. I have attached the log messages below for someone
more knowledgeable like yourself to figure out if you wish (would help the rest
of us understand CAS better if you did :-)
Essentially, I was trying to access my application's login.jsp. That would take
me to the CAS login page where I would login and then I would be redirected
back to my Application's login.jsp. In my web.xml, I used ServiceUrl and set it
also to login.jsp, in effect, forcing CAS to route all successful logins to my
application's login.jsp. I think this kind off threw off CAS and caused the
issues I described previously. Ofcourse, I did this since I was just trying to
get something up and running and since login.jsp was the only page I could
access, I used it in both places (to initially login and inside ServiceUrl).
Normally one wouldn't perhaps set up ServiceUrl as I did. Things seemed to work
fine when I changed ServiceUrl to point to a different url OR when I used
ServerName (localhost:8080 in my case).
The logs when things go haywire are as below.
Thanks again.
2007-01-15 00:13:40,718 INFO
[org.jasig.cas.web.flow.AutomaticCookiePathSetterAction] - <Setting ContextPath
for cookies to: /cas>
2007-01-15 00:13:40,828 DEBUG [org.apache.catalina.core.ApplicationDispatcher]
- <servletPath=/WEB-INF/view/jsp/default/ui/casLoginView.jsp, pathInfo=null,
queryString=null, name=null>
2007-01-15 00:13:40,828 DEBUG [org.apache.catalina.core.ApplicationDispatcher]
- < Path Based Forward>
2007-01-15 00:13:40,828 DEBUG [org.apache.jasper.servlet.JspServlet] -
<JspEngine --> /WEB-INF/view/jsp/default/ui/casLoginView.jsp>
2007-01-15 00:13:40,828 DEBUG [org.apache.jasper.servlet.JspServlet] - <
ServletPath: /WEB-INF/view/jsp/default/ui/casLoginView.jsp>
2007-01-15 00:13:40,828 DEBUG [org.apache.jasper.servlet.JspServlet] - <
PathInfo: null>
2007-01-15 00:13:40,828 DEBUG [org.apache.jasper.servlet.JspServlet] - <
RealPath: C:\Program Files\Apache Software Foundation\Tomcat
5.5\webapps\cas\WEB-INF\view\jsp\default\ui\casLoginView.jsp>
2007-01-15 00:13:40,828 DEBUG [org.apache.jasper.servlet.JspServlet] - <
RequestURI: /cas/WEB-INF/view/jsp/default/ui/casLoginView.jsp>
2007-01-15 00:13:40,828 DEBUG [org.apache.jasper.servlet.JspServlet] - <
QueryString: service=http%3A%2F%2Flocalhost%3A8080%2FDMM%2Flogin.jsp>
2007-01-15 00:13:40,828 DEBUG [org.apache.jasper.servlet.JspServlet] - <
Request Params: >
2007-01-15 00:13:40,828 DEBUG [org.apache.jasper.servlet.JspServlet] - <
service = http://localhost:8080/DMM/login.jsp>
2007-01-15 00:13:40,953 DEBUG [org.apache.catalina.core.ApplicationDispatcher]
- < Disabling the response for futher output>
2007-01-15 00:13:41,000 DEBUG [org.apache.catalina.core.ApplicationDispatcher]
- <servletPath=/index.jsp, pathInfo=null, queryString=null, name=null>
2007-01-15 00:13:41,000 DEBUG [org.apache.catalina.core.ApplicationDispatcher]
- < Path Based Forward>
2007-01-15 00:13:41,000 DEBUG [org.apache.jasper.servlet.JspServlet] -
<JspEngine --> /index.jsp>
2007-01-15 00:13:41,000 DEBUG [org.apache.jasper.servlet.JspServlet] - <
ServletPath: /index.jsp>
2007-01-15 00:13:41,000 DEBUG [org.apache.jasper.servlet.JspServlet] - <
PathInfo: null>
2007-01-15 00:13:41,000 DEBUG [org.apache.jasper.servlet.JspServlet] - <
RealPath: C:\Program Files\Apache Software Foundation\Tomcat
5.5\webapps\cas\index.jsp>
2007-01-15 00:13:41,000 DEBUG [org.apache.jasper.servlet.JspServlet] - <
RequestURI: /cas/>
2007-01-15 00:13:41,000 DEBUG [org.apache.jasper.servlet.JspServlet] - <
QueryString: null>
2007-01-15 00:13:41,000 DEBUG [org.apache.jasper.servlet.JspServlet] - <
Request Params: >
2007-01-15 00:13:41,015 DEBUG [org.apache.catalina.core.ApplicationDispatcher]
- < Disabling the response for futher output>
2007-01-15 00:13:41,015 DEBUG [org.apache.catalina.core.ApplicationDispatcher]
- <servletPath=/WEB-INF/view/jsp/default/ui/casGenericSuccess.jsp,
pathInfo=null, queryString=null, name=null>
2007-01-15 00:13:41,015 DEBUG [org.apache.catalina.core.ApplicationDispatcher]
- < Path Based Forward>
2007-01-15 00:13:41,015 DEBUG [org.apache.jasper.servlet.JspServlet] -
<JspEngine --> /WEB-INF/view/jsp/default/ui/casGenericSuccess.jsp>
2007-01-15 00:13:41,015 DEBUG [org.apache.jasper.servlet.JspServlet] - <
ServletPath: /WEB-INF/view/jsp/default/ui/casGenericSuccess.jsp>
2007-01-15 00:13:41,015 DEBUG [org.apache.jasper.servlet.JspServlet] - <
PathInfo: null>
2007-01-15 00:13:41,015 DEBUG [org.apache.jasper.servlet.JspServlet] - <
RealPath: C:\Program Files\Apache Software Foundation\Tomcat
5.5\webapps\cas\WEB-INF\view\jsp\default\ui\casGenericSuccess.jsp>
2007-01-15 00:13:41,015 DEBUG [org.apache.jasper.servlet.JspServlet] - <
RequestURI: /cas/WEB-INF/view/jsp/default/ui/casGenericSuccess.jsp>
2007-01-15 00:13:41,015 DEBUG [org.apache.jasper.servlet.JspServlet] - <
QueryString: null>
2007-01-15 00:13:41,015 DEBUG [org.apache.jasper.servlet.JspServlet] - <
Request Params: >
2007-01-15 00:13:41,015 DEBUG [org.apache.jasper.servlet.JspServlet] - <
null = >
2007-01-15 00:13:41,015 DEBUG [org.apache.catalina.core.ApplicationDispatcher]
- < Disabling the response for futher output>
2007-01-15 00:13:46,343 INFO
[org.jasig.cas.authentication.AuthenticationManagerImpl] -
<AuthenticationHandler:
org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler
successfully authenticated the user which provided the following credentials:
tt>
2007-01-15 00:13:46,359 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] -
<Granted service ticket [ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20] for
service [http://localhost:8080/DMM/login.jsp] for user [tt]>
2007-01-15 00:13:48,359 DEBUG [org.apache.catalina.core.ApplicationDispatcher]
-
<servletPath=/WEB-INF/view/jsp/default/protocol/2.0/casServiceValidationSuccess.jsp,
pathInfo=null, queryString=null, name=null>
2007-01-15 00:13:48,359 DEBUG [org.apache.catalina.core.ApplicationDispatcher]
- < Path Based Forward>
2007-01-15 00:13:48,359 DEBUG [org.apache.jasper.servlet.JspServlet] -
<JspEngine -->
/WEB-INF/view/jsp/default/protocol/2.0/casServiceValidationSuccess.jsp>
2007-01-15 00:13:48,359 DEBUG [org.apache.jasper.servlet.JspServlet] - <
ServletPath:
/WEB-INF/view/jsp/default/protocol/2.0/casServiceValidationSuccess.jsp>
2007-01-15 00:13:48,359 DEBUG [org.apache.jasper.servlet.JspServlet] - <
PathInfo: null>
2007-01-15 00:13:48,359 DEBUG [org.apache.jasper.servlet.JspServlet] - <
RealPath: C:\Program Files\Apache Software Foundation\Tomcat
5.5\webapps\cas\WEB-INF\view\jsp\default\protocol\2.0\casServiceValidationSuccess.jsp>
2007-01-15 00:13:48,359 DEBUG [org.apache.jasper.servlet.JspServlet] - <
RequestURI:
/cas/WEB-INF/view/jsp/default/protocol/2.0/casServiceValidationSuccess.jsp>
2007-01-15 00:13:48,359 DEBUG [org.apache.jasper.servlet.JspServlet] - <
QueryString:
service=http%3A%2F%2Flocalhost%3A8080%2FDMM%2Flogin.jsp&ticket=ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20>
2007-01-15 00:13:48,359 DEBUG [org.apache.jasper.servlet.JspServlet] - <
Request Params: >
2007-01-15 00:13:48,359 DEBUG [org.apache.jasper.servlet.JspServlet] - <
service = http://localhost:8080/DMM/login.jsp>
2007-01-15 00:13:48,359 DEBUG [org.apache.jasper.servlet.JspServlet] - <
ticket = ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20>
2007-01-15 00:13:48,406 DEBUG [org.apache.catalina.core.ApplicationDispatcher]
- < Disabling the response for futher output>
2007-01-15 00:13:48,421 DEBUG [org.apache.catalina.core.ApplicationDispatcher]
-
<servletPath=/WEB-INF/view/jsp/default/protocol/2.0/casServiceValidationFailure.jsp,
pathInfo=null, queryString=null, name=null>
2007-01-15 00:13:48,421 DEBUG [org.apache.catalina.core.ApplicationDispatcher]
- < Path Based Forward>
2007-01-15 00:13:48,421 DEBUG [org.apache.jasper.servlet.JspServlet] -
<JspEngine -->
/WEB-INF/view/jsp/default/protocol/2.0/casServiceValidationFailure.jsp>
2007-01-15 00:13:48,421 DEBUG [org.apache.jasper.servlet.JspServlet] - <
ServletPath:
/WEB-INF/view/jsp/default/protocol/2.0/casServiceValidationFailure.jsp>
2007-01-15 00:13:48,437 DEBUG [org.apache.jasper.servlet.JspServlet] - <
PathInfo: null>
2007-01-15 00:13:48,437 DEBUG [org.apache.jasper.servlet.JspServlet] - <
RealPath: C:\Program Files\Apache Software Foundation\Tomcat
5.5\webapps\cas\WEB-INF\view\jsp\default\protocol\2.0\casServiceValidationFailure.jsp>
2007-01-15 00:13:48,437 DEBUG [org.apache.jasper.servlet.JspServlet] - <
RequestURI:
/cas/WEB-INF/view/jsp/default/protocol/2.0/casServiceValidationFailure.jsp>
2007-01-15 00:13:48,437 DEBUG [org.apache.jasper.servlet.JspServlet] - <
QueryString:
service=http%3A%2F%2Flocalhost%3A8080%2FDMM%2Flogin.jsp&ticket=ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20>
2007-01-15 00:13:48,437 DEBUG [org.apache.jasper.servlet.JspServlet] - <
Request Params: >
2007-01-15 00:13:48,437 DEBUG [org.apache.jasper.servlet.JspServlet] - <
service = http://localhost:8080/DMM/login.jsp>
2007-01-15 00:13:48,437 DEBUG [org.apache.jasper.servlet.JspServlet] - <
ticket = ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20>
2007-01-15 00:13:48,437 DEBUG [org.apache.catalina.core.ApplicationDispatcher]
- < Disabling the response for futher output>
2007-01-15 00:13:48,437 ERROR [http-8080-Processor24] client.CASReceipt:61
- validation of [[edu.yale.its.tp.cas.client.ProxyTicketValidator
proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator
casValidateUrl=[https://localhost:8443/cas/serviceValidate]
ticket=[ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20]
service=[http%3A%2F%2Flocalhost%3A8080%2FDMM%2Flogin.jsp]
errorCode=[INVALID_TICKET] errorMessage=[ticket
'ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20' not recognized] renew=false
entireResponse=[<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationFailure code='INVALID_TICKET'>
ticket 'ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20' not recognized
</cas:authenticationFailure>
</cas:serviceResponse>
]]]] was not successful.
2007-01-15 00:13:48,453 ERROR [http-8080-Processor24] filter.CASFilter :380
- edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to validate
ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator
proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator
casValidateUrl=[https://localhost:8443/cas/serviceValidate]
ticket=[ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20]
service=[http%3A%2F%2Flocalhost%3A8080%2FDMM%2Flogin.jsp]
errorCode=[INVALID_TICKET] errorMessage=[ticket
'ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20' not recognized] renew=false
entireResponse=[<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationFailure code='INVALID_TICKET'>
ticket 'ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20' not recognized
</cas:authenticationFailure>
</cas:serviceResponse>
]]]]
2007-01-15 00:13:48,453 ERROR [http-8080-Processor24] [/DMM].[jsp] :253
- Servlet.service() for servlet jsp threw exception
edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to validate
ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator
proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator
casValidateUrl=[https://localhost:8443/cas/serviceValidate]
ticket=[ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20]
service=[http%3A%2F%2Flocalhost%3A8080%2FDMM%2Flogin.jsp]
errorCode=[INVALID_TICKET] errorMessage=[ticket
'ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20' not recognized] renew=false
entireResponse=[<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationFailure code='INVALID_TICKET'>
ticket 'ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20' not recognized
</cas:authenticationFailure>
</cas:serviceResponse>
]]]]
at edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:62)
at
edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:455)
at edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:378)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
at
org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
at
org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
at
org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Unknown Source)
2007-01-15 00:13:48,453 DEBUG [org.apache.catalina.core.ApplicationDispatcher]
- <servletPath=/WEB-INF/application/error/exception.jsp, pathInfo=null,
queryString=null, name=null>
2007-01-15 00:13:48,453 DEBUG [org.apache.catalina.core.ApplicationDispatcher]
- < Path Based Forward>
Date: Mon Jan 15 00:13:48 PST 2007
Exception Status Code : 500
Resource : /DMM/login.jsp
Error : javax.servlet.ServletException: Unable to validate ProxyTicketValidator
[[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null]
[edu.yale.its.tp.cas.client.ServiceTicketValidator
casValidateUrl=[https://localhost:8443/cas/serviceValidate]
ticket=[ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20]
service=[http%3A%2F%2Flocalhost%3A8080%2FDMM%2Flogin.jsp]
errorCode=[INVALID_TICKET] errorMessage=[ticket
'ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20' not recognized] renew=false
entireResponse=[<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationFailure code='INVALID_TICKET'>
ticket 'ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20' not recognized
</cas:authenticationFailure>
</cas:serviceResponse>
]]]]
edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:381)
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
root cause: [edu.yale.its.tp.cas.client.CASAuthenticationException] :: Unable
to validate ProxyTicketValidator
[[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null]
[edu.yale.its.tp.cas.client.ServiceTicketValidator
casValidateUrl=[https://localhost:8443/cas/serviceValidate]
ticket=[ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20]
service=[http%3A%2F%2Flocalhost%3A8080%2FDMM%2Flogin.jsp]
errorCode=[INVALID_TICKET] errorMessage=[ticket
'ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20' not recognized] renew=false
entireResponse=[<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationFailure code='INVALID_TICKET'>
ticket 'ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20' not recognized
</cas:authenticationFailure>
</cas:serviceResponse>
]]]]
edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:62)
edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:455)
edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:378)
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
GET Query : ticket=ST-2-XgmN7LCsalfRVeKvrAJbvqwjxyHIZ0u5glt-20
2007-01-15 00:13:48,500 DEBUG [org.apache.catalina.core.ApplicationDispatcher]
- < Disabling the response for futher output>
TICKET==========================null------> My app's debug message
2007-01-15 00:13:53,593 DEBUG [org.quartz.core.JobRunShell] - <Calling execute
on job DEFAULT.jobDetailTicketRegistryCleaner>
2007-01-15 00:13:53,609 INFO
[org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] -
<Starting cleaning of expired tickets from ticket registry at [Mon Jan 15
00:13:53 PST 2007]>
2007-01-15 00:13:53,609 INFO
[org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - <0 found
to be removed. Removing now.>
2007-01-15 00:13:53,609 INFO
[org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] -
<Finished cleaning of expired tickets from ticket registry at [Mon Jan 15
00:13:53 PST 2007]>
Scott Battaglia <[EMAIL PROTECTED]> wrote: If you turn on DEBUG level logging
on the CAS server it should give you a better indication of why the server is
rejecting the ticket.
-Scott
On 1/13/07, tedzo <[EMAIL PROTECTED]> wrote: Hello,
With the CAS filters set, I am redirected to CAS's login page and after
successful login (username=password), I am redirected to my app's page with a
ticket. However, If you notice the log entries below, the first line mentions
that a ticket was granted (ST-2....). The next line complains that the just
granted ticket is invalid and is not recognized. Further down, at the bottom,
another ticket appears to be granted (ST-3....). I am not sure why a second one
was granted.
My tomcat's logs-
2007-01-13 17:38:37,758 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] -
<Granted service ticket [ST-2-PgC9skgfRcVA9cqRbmwPcJAYQip0E0zmgES-20] for
service [ http://localhost:8080/DMM/login.jsp] for user [ml]>
2007-01-13 17:38:38,211 ERROR [http-8080-Processor25] client.CASReceipt:61
- validation of [[edu.yale.its.tp.cas.client.ProxyTicketValidator
proxyList=[null] [ edu.yale.its.tp.cas.client.ServiceTicketValidator
casValidateUrl=[https://localhost:8443/cas/proxyValidate]
ticket=[ST-2-PgC9skgfRcVA9cqRbmwPcJAYQip0E0zmgES-20]
service=[http%3A%2F%2Flocalhost%3A8080%2FDMM%2Flogin.jsp]
errorCode=[INVALID_TICKET] errorMessage=[ticket
'ST-2-PgC9skgfRcVA9cqRbmwPcJAYQip0E0zmgES-20' not recognized] renew=false
entireResponse=[<cas:serviceResponse xmlns:cas=' http://www.yale.edu/tp/cas'>
<cas:authenticationFailure code='INVALID_TICKET'>
ticket 'ST-2-PgC9skgfRcVA9cqRbmwPcJAYQip0E0zmgES-20' not recognized
</cas:authenticationFailure>
</cas:serviceResponse>
]]]] was not successful.
2007-01-13 17:38:38,242 ERROR [http-8080-Processor25] filter.CASFilter :380
- edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to validate
ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator
proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator
casValidateUrl=[https://localhost:8443/cas/proxyValidate ]
ticket=[ST-2-PgC9skgfRcVA9cqRbmwPcJAYQip0E0zmgES-20]
service=[http%3A%2F%2Flocalhost%3A8080%2FDMM%2Flogin.jsp]
errorCode=[INVALID_TICKET] errorMessage=[ticket
'ST-2-PgC9skgfRcVA9cqRbmwPcJAYQip0E0zmgES-20' not recognized] renew=false
entireResponse=[<cas:serviceResponse xmlns:cas=' http://www.yale.edu/tp/cas'>
<cas:authenticationFailure code='INVALID_TICKET'>
ticket 'ST-2-PgC9skgfRcVA9cqRbmwPcJAYQip0E0zmgES-20' not recognized
</cas:authenticationFailure>
</cas:serviceResponse>
]]]]
2007-01-13 17:38:38,258 ERROR [http-8080-Processor25] [/DMM].[jsp] :253
- Servlet.service() for servlet jsp threw exception
edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to validate
ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator
proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator
casValidateUrl=[ https://localhost:8443/cas/proxyValidate]
ticket=[ST-2-PgC9skgfRcVA9cqRbmwPcJAYQip0E0zmgES-20]
service=[http%3A%2F%2Flocalhost%3A8080%2FDMM%2Flogin.jsp]
errorCode=[INVALID_TICKET] errorMessage=[ticket
'ST-2-PgC9skgfRcVA9cqRbmwPcJAYQip0E0zmgES-20' not recognized] renew=false
entireResponse=[<cas:serviceResponse xmlns:cas=' http://www.yale.edu/tp/cas'>
<cas:authenticationFailure code='INVALID_TICKET'>
ticket 'ST-2-PgC9skgfRcVA9cqRbmwPcJAYQip0E0zmgES-20' not recognized
</cas:authenticationFailure>
</cas:serviceResponse>
]]]]
at edu.yale.its.tp.cas.client.CASReceipt.getReceipt (CASReceipt.java:62)
at
edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:455)
......
2007-01-13 17:38:38,774 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] -
<Granted service ticket [ST-3-CJAKM2GaTN17LOYzwGxc12YCryRPVKe37KB-20] for
service [ http://localhost:8080/DMM/login.jsp] for user [ml]>
I believe everything else is correctly setup. I can access https://localhost
and go to Tomcat's initial page. I have exported and imported certificates
using keytool. The jvm that tomcat uses knows about the certificates as does
Tomcat itself.
web.xml
<filter>
<filter-name>CAS Filter</filter-name>
<filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class>
<init-param>
<param-name> edu.yale.its.tp.cas.client.filter.loginUrl</param-name>
<param-value>https://localhost:8443/cas/login</param-value>
</init-param>
<init-param>
<param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name>
<param-value> https://localhost:8443/cas/proxyValidate</param-value>
</init-param>
<init-param>
<param-name>edu.yale.its.tp.cas.client.filter.serviceUrl</param-name>
<param-value> http://localhost:8080/DMM/login.jsp</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CAS Filter</filter-name>
<url-pattern>*.jsp</url-pattern>
<dispatcher>FORWARD</dispatcher>
<dispatcher>INCLUDE</dispatcher>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
server.xml-
<Connector port="8443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" keystoreFile="C:\Documents and
Settings\av\.keystore"
keystorePass="changeit" sslProtocol="TLS"/>
Any help is appreciated.
Av.
---------------------------------
TV dinner still cooling?
Check out "Tonight's Picks" on Yahoo! TV.
_______________________________________________
Yale CAS mailing list
cas@tp.its.yale.edu
http://tp.its.yale.edu/mailman/listinfo/cas
_______________________________________________
Yale CAS mailing list
cas@tp.its.yale.edu
http://tp.its.yale.edu/mailman/listinfo/cas
---------------------------------
Get your own web address.
Have a HUGE year through Yahoo! Small Business.
_______________________________________________
Yale CAS mailing list
cas@tp.its.yale.edu
http://tp.its.yale.edu/mailman/listinfo/cas