Inas,

It is a SSL issue where the CAS server¹s SSL certificate is not trusted.  I
would recommend ensuring that Apache HTTPD is configured to serve the
Intermediary CA certificate that issued your certificate if the Intermediary
is not within your CA certificate bundle.

A-
 


On 4/28/09 4:13 PM, "inas inassen" <[email protected]> wrote:

> Hi all,
>  
> I'm using JA-SIG CAS Client 3.1.3 in my application that's is running on one
> tomcat instance connected to apache 2.2.4.
> I have another tomcat instance hosting CAS with CAS 3.0 web application and
> it's connected also to the same apache.
>  
> Every url goes via apache to my tomcats even for login.
>  
> every thing works fine but when my login succeeds and the I'm forweded to the
> my application I got the following error:
> It seems like a certificate probleme, but when I ran each application alone
> using ssl it works fine.
>  
> please any idea?
>  
> thanks.
>  
> Inas. 
>  
> SEVERE: Servlet.service() for servlet jsp threw exception
> org.jasig.cas.client.validation.TicketValidationException: The CAS server
> returned no response.
>         at 
> org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(Abstr
> actUrlBasedTicketValidator.java:181)
>         at 
> org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(Abstra
> ctTicketValidationFilter.java:132)
>         at 
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFi
> lterChain.java:235)
>         at 
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChai
> n.java:206)
>         at 
> org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(Authenticati
> onFilter.java:111)
>         at 
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFi
> lterChain.java:235)
>         at 
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChai
> n.java:206)
>         at 
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java
> :233)
>         at 
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java
> :175)
>         at 
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
>         at 
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
>         at 
> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:568)
>         at 
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:1
> 09)
>         at 
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
>         at 
> org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190)
>         at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:283)
>         at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:767)
>         at 
> org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:697)
>         at 
> org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:8
> 89)
>         at 
> org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:
> 690)
>         at java.lang.Thread.run(Thread.java:619)
> [ERROR] [2009-04-28 16:47:20,397,  66266] [TP-Processor7]
> [org.jasig.cas.client.validation.Cas20ServiceTicketValidator] (?:?) -
> javax.net.ssl.SSLHandshakeException:
> sun.security.validator.ValidatorException: PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to find
> valid certification path to requested target
> javax.net.ssl.SSLHandshakeException:
> sun.security.validator.ValidatorException: PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to find
> valid certification path to requested target
>         at 
> com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
>         at 
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1591)
>         at 
> com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187)
>         at 
> com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:181)
>         at 
> com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshak
> er.java:975)
>         at 
> com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.
> java:123)
>         at 
> com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
>         at 
> com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
>         at 
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
>         at 
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketIm
> pl.java:1096)
>         at 
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1
> 123)
>         at 
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1
> 107)
>         at 
> sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:405)
>         at 
> sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Abstract
> DelegateHttpsURLConnection.java:166)
>         at 
> sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.j
> ava:977)
>         at 
> sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConne
> ctionImpl.java:234)
>         at 
> org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.ret
> rieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:35)
>         at 
> org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(Abstr
> actUrlBasedTicketValidator.java:178)
>         at 
> org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(Abstra
> ctTicketValidationFilter.java:132)
>         at 
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFi
> lterChain.java:235)
>         at 
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChai
> n.java:206)
>         at 
> org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(Authenticati
> onFilter.java:111)
>         at 
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFi
> lterChain.java:235)
>         at 
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChai
> n.java:206)
>         at 
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java
> :233)
>         at 
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java
> :175)
>         at 
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
>         at 
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
>         at 
> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:568)
>         at 
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:1
> 09)
>         at 
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
>         at 
> org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190)
>         at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:283)
>         at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:767)
>         at 
> org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:697)
>         at 
> org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:8
> 89)
>         at 
> org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:
> 690)
>         at java.lang.Thread.run(Thread.java:619)
> Caused by: sun.security.validator.ValidatorException: PKIX path building
> failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to
> find valid certification path to requested target
>         at 
> sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:285)
>         at 
> sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:191)
>         at sun.security.validator.Validator.validate(Validator.java:218)
>         at 
> com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImp
> l.java:126)
>         at 
> com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509Trust
> ManagerImpl.java:209)
>         at 
> com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509Trust
> ManagerImpl.java:249)
>         at 
> com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshak
> er.java:954)
>         ... 33 more
> Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable
> to find valid certification path to requested target
>         at 
> sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuild
> er.java:174)
>         at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
>         at 
> sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280)
>         ... 39 more
> [WARN ] [2009-04-28 16:47:20,397,  66266] [TP-Processor7]
> [org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter]
> (?:?) - org.jasig.cas.client.validation.TicketValidationException: The CAS
> server returned no
> response.org.jasig.cas.client.validation.TicketValidationException: The CAS
> server returned no response.
>         at 
> org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(Abstr
> actUrlBasedTicketValidator.java:181)
>         at 
> org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(Abstra
> ctTicketValidationFilter.java:132)
>         at 
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFi
> lterChain.java:235)
>         at 
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChai
> n.java:206)
>         at 
> org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(Authenticati
> onFilter.java:111)
>         at 
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFi
> lterChain.java:235)
>         at 
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChai
> n.java:206)
>         at 
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java
> :233)
>         at 
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java
> :175)
>         at 
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
>         at 
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
>         at 
> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:568)
>         at 
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:1
> 09)
>         at 
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
>         at 
> org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190)
>         at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:283)
>         at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:767)
>         at 
> org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:697)
>         at 
> org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:8
> 89)
>         at 
> org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:
> 690)
>         at java.lang.Thread.run(Thread.java:619)
> 
> 
> 
> Téléchargez le nouveau Windows Live Messenger ! Téléchargez Messenger, c'est
> gratuit ! <http://get.live.com/messenger/overview>
> 
> -- 
> Andrew Feller, Analyst
> LSU University Information Services
> 200 Frey Computing Services Center
> Baton Rouge, LA 70803
> Office: 225.578.3737
> Fax: 225.578.6400


-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Reply via email to