I try to configure Intalio bpms server 6.0beta to use CAS. I do steps: 1. configure all servlet filters in ui-fw/WEB-INF/web.xml like example (http://www.intalio.org/confluence/pages/viewpage.action?pageId=1834)
2. export a certificate from the intalion bpms server to $JAVA_HOME/jre/lib/security/cacerts 3. configure the cas installation Next I go to http://localhost:8080/ui-fw login to the cas and see a error in the tomcat log: ERROR [edu.yale.its.tp.cas.client.CASReceipt] - <edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to validate ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator casValidateUrl=[https://localhost:8443/cas/proxyValidate] proxyCallbackUrl=[https://localhost:8443/ui-fw/CasProxyServlet] ticket= [ST-1-Bn0WScujP0zeyVOcNBkN-cas] service=[http%3A%2F%2Flocalhost%3A8080%2Fui-fw] renew=false]]]> What I do wrong? a part from ui-fw/WEB-INF/web.xml <context-param> <param-name>edu.yale.its.tp.cas.proxyUrl</param-name> <param-value>https://localhost:8443/cas/proxy</param-value> </context-param> <filter> <filter-name>CAS Filter</filter-name> <filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class> <init-param> <param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name> <param-value>https://localhost:8443/cas/login</param-value> </init-param> <init-param> <param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name> <param-value>https://localhost:8443/cas/proxyValidate</param-value> </init-param> <init-param> <param-name>edu.yale.its.tp.cas.client.filter.serviceUrl</param-name> <param-value>http://localhost:8080/ui-fw</param-value> </init-param> <init-param> <param-name>edu.yale.its.tp.cas.client.filter.proxyCallbackUrl</param-name> <param-value>https://localhost:8443/ui-fw/CasProxyServlet</param-value> </init-param> </filter> <filter-mapping> <filter-name>CAS Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> I try to add my cert to trusted certs with InstallCert prog (see http://blogs.sun.com/andreas/entry/no_more_unable_to_find) but nothing changes -- Denis Kostousov email: d.kostousovTHEDOGffammDOTcom jabber: sandelloATjabber.ru fingerprint: FE3D 60AF E08D 2D2A 6A8B C891 70BB 0665 F047 ADAE -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
