Inas, It is a SSL issue where the CAS server¹s SSL certificate is not trusted. I would recommend ensuring that Apache HTTPD is configured to serve the Intermediary CA certificate that issued your certificate if the Intermediary is not within your CA certificate bundle.
A- On 4/28/09 4:13 PM, "inas inassen" <[email protected]> wrote: > Hi all, > > I'm using JA-SIG CAS Client 3.1.3 in my application that's is running on one > tomcat instance connected to apache 2.2.4. > I have another tomcat instance hosting CAS with CAS 3.0 web application and > it's connected also to the same apache. > > Every url goes via apache to my tomcats even for login. > > every thing works fine but when my login succeeds and the I'm forweded to the > my application I got the following error: > It seems like a certificate probleme, but when I ran each application alone > using ssl it works fine. > > please any idea? > > thanks. > > Inas. > > SEVERE: Servlet.service() for servlet jsp threw exception > org.jasig.cas.client.validation.TicketValidationException: The CAS server > returned no response. > at > org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(Abstr > actUrlBasedTicketValidator.java:181) > at > org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(Abstra > ctTicketValidationFilter.java:132) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFi > lterChain.java:235) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChai > n.java:206) > at > org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(Authenticati > onFilter.java:111) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFi > lterChain.java:235) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChai > n.java:206) > at > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java > :233) > at > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java > :175) > at > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) > at > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) > at > org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:568) > at > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:1 > 09) > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286) > at > org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190) > at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:283) > at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:767) > at > org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:697) > at > org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:8 > 89) > at > org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java: > 690) > at java.lang.Thread.run(Thread.java:619) > [ERROR] [2009-04-28 16:47:20,397, 66266] [TP-Processor7] > [org.jasig.cas.client.validation.Cas20ServiceTicketValidator] (?:?) - > javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target > javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target > at > com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1591) > at > com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187) > at > com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:181) > at > com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshak > er.java:975) > at > com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker. > java:123) > at > com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516) > at > com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketIm > pl.java:1096) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1 > 123) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1 > 107) > at > sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:405) > at > sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Abstract > DelegateHttpsURLConnection.java:166) > at > sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.j > ava:977) > at > sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConne > ctionImpl.java:234) > at > org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.ret > rieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:35) > at > org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(Abstr > actUrlBasedTicketValidator.java:178) > at > org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(Abstra > ctTicketValidationFilter.java:132) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFi > lterChain.java:235) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChai > n.java:206) > at > org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(Authenticati > onFilter.java:111) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFi > lterChain.java:235) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChai > n.java:206) > at > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java > :233) > at > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java > :175) > at > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) > at > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) > at > org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:568) > at > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:1 > 09) > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286) > at > org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190) > at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:283) > at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:767) > at > org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:697) > at > org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:8 > 89) > at > org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java: > 690) > at java.lang.Thread.run(Thread.java:619) > Caused by: sun.security.validator.ValidatorException: PKIX path building > failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to > find valid certification path to requested target > at > sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:285) > at > sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:191) > at sun.security.validator.Validator.validate(Validator.java:218) > at > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImp > l.java:126) > at > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509Trust > ManagerImpl.java:209) > at > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509Trust > ManagerImpl.java:249) > at > com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshak > er.java:954) > ... 33 more > Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable > to find valid certification path to requested target > at > sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuild > er.java:174) > at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238) > at > sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280) > ... 39 more > [WARN ] [2009-04-28 16:47:20,397, 66266] [TP-Processor7] > [org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter] > (?:?) - org.jasig.cas.client.validation.TicketValidationException: The CAS > server returned no > response.org.jasig.cas.client.validation.TicketValidationException: The CAS > server returned no response. > at > org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(Abstr > actUrlBasedTicketValidator.java:181) > at > org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(Abstra > ctTicketValidationFilter.java:132) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFi > lterChain.java:235) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChai > n.java:206) > at > org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(Authenticati > onFilter.java:111) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFi > lterChain.java:235) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChai > n.java:206) > at > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java > :233) > at > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java > :175) > at > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) > at > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) > at > org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:568) > at > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:1 > 09) > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286) > at > org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190) > at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:283) > at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:767) > at > org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:697) > at > org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:8 > 89) > at > org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java: > 690) > at java.lang.Thread.run(Thread.java:619) > > > > Téléchargez le nouveau Windows Live Messenger ! Téléchargez Messenger, c'est > gratuit ! <http://get.live.com/messenger/overview> > > -- > Andrew Feller, Analyst > LSU University Information Services > 200 Frey Computing Services Center > Baton Rouge, LA 70803 > Office: 225.578.3737 > Fax: 225.578.6400 -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
