As you can tell from the stack trace that you sent, the CAS client uses the libraries provided by the JVM. You may wish to look at the JVM's capabilities for validating wildcard certificates. I don't know if there are any, we don't use wildcard certificates here.
-Scott On Mon, Apr 6, 2009 at 8:42 AM, Stéphane Gully <[email protected]>wrote: > My servlet container is Tomcat. > I already tried to put > "-Dorg.apache.commons.ssl.HostnameVerifier=DEFAULT" in mu > CATALINA_OPTS but the parameter is just ignored by the java cas > client. > > In fact, i'm not sure this global parameter really exists... I'm not a > regular Java developer, i just imagined that this parameter could > exists :-) The real question i should ask is: is it possible to setup > a HostnameVerifier using CATALINA_OPTS ? > > Stéphane Gully > > > > On Mon, Apr 6, 2009 at 2:22 PM, Marvin Addison <[email protected]> > wrote: > >> If I could setup my JAVA apps with -D flag it would be perfect because > >> I prefere > >> a simple parameter to a more complex JAVA compilation. For exemple, > >> I'm looking for something like > >> -Dorg.apache.commons.ssl.HostnameVerifier=DEFAULT or > >> -Dorg.apache.commons.ssl.HostnameVerifier=ALLOW_ALL > > > > Where you put Java startup parameters is entirely dependent on the > > servlet container you're using to deploy Shib. For Tomcat, > > create/modify $TOMCAT_HOME/bin/setenv.sh: > > > > CATALINA_OPTS="$CATALINA_OPTS > -Dorg.apache.commons.ssl.HostnameVerifier=DEFAULT" > > export CATALINA_OPTS > > > > For JBoss, do similar in $JBOSS_HOME/bin/run.conf. > > > > Hope that helps, > > M > > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
