Felix, This is an SSL issue in that the SSL certificate isn't trusted; pretty common thread in the CAS mail list archives ( http://www.nabble.com/forum/Search.jtp?forum=15449&local=y&query=SSL ).
Try reading this thread: http://www.nabble.com/SSL-Issue-to10719386.html#a10719386 HTH, A- On 5/7/09 9:11 AM, "felix" <[email protected]> wrote: > Hallo. > > I have a problem with the validation. I hope somebody can help my. > > I call the URL: > > http://xilef:8080/examples/servlets/servlet/HelloWorldExample > > and the browser redirekt to the loginpage: > > https://xilef:8443/cas-server-webapp-3.3.2/login?service=http%3A%2F%2Fxilef%3A > 8080%2Fexamples%2Fservlets%2Fservlet%2FHelloWorldExample > > Till this piont it looks great. > If i sign on succsessfully I get this URL: > > http://xilef:8080/examples/servlets/servlet/HelloWorldExample?ticket=ST-1-d6OM > qJUeRWi4hENtdRQA-cas > > and this error-message: > > HTTP Status 500 - > > type Exception report > > message > > description The server encountered an internal error () that prevented it from > fulfilling this request. > > exception > > javax.servlet.ServletException: > edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to validate > ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator > proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator > casValidateUrl=[https://xilef:8443/cas-server-webapp-3.3.2/serviceValidate] > ticket=[ST-1-vbkblPNBjzMDbMoq9hyG-cas] > service=[http%3A%2F%2Fxilef%3A8080%2Fexamples%2Fservlets%2Fservlet%2FHelloWorl > dExample] renew=false]]] > edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:381) > > root cause > > edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to validate > ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator > proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator > casValidateUrl=[https://xilef:8443/cas-server-webapp-3.3.2/serviceValidate] > ticket=[ST-1-vbkblPNBjzMDbMoq9hyG-cas] > service=[http%3A%2F%2Fxilef%3A8080%2Fexamples%2Fservlets%2Fservlet%2FHelloWorl > dExample] renew=false]]] > edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:52) > edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.jav > a:455) > edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:378) > > root cause > > javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target > com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174) > com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1611) > com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187) > com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:181) > com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshak > er.java:1035) > com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker. > java:124) > com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516) > com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454) > com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884) > com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketIm > pl.java:1112) > com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1 > 139) > com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1 > 123) > sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:418) > sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Abstract > DelegateHttpsURLConnection.java:166) > sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.j > ava:1041) > sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConne > ctionImpl.java:234) > edu.yale.its.tp.cas.util.SecureURL.retrieve(SecureURL.java:84) > edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(ServiceTicketValida > tor.java:212) > edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:50) > edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.jav > a:455) > edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:378) > > root cause > > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target > sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:285) > sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:191) > sun.security.validator.Validator.validate(Validator.java:218) > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImp > l.java:126) > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509Trust > ManagerImpl.java:209) > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509Trust > ManagerImpl.java:249) > com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshak > er.java:1014) > com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker. > java:124) > com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516) > com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454) > com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884) > com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketIm > pl.java:1112) > com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1 > 139) > com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1 > 123) > sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:418) > sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Abstract > DelegateHttpsURLConnection.java:166) > sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.j > ava:1041) > sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConne > ctionImpl.java:234) > edu.yale.its.tp.cas.util.SecureURL.retrieve(SecureURL.java:84) > edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(ServiceTicketValida > tor.java:212) > edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:50) > edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.jav > a:455) > edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:378) > > root cause > > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target > sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuild > er.java:174) > java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238) > sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280) > sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:191) > sun.security.validator.Validator.validate(Validator.java:218) > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImp > l.java:126) > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509Trust > ManagerImpl.java:209) > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509Trust > ManagerImpl.java:249) > com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshak > er.java:1014) > com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker. > java:124) > com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516) > com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454) > com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884) > com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketIm > pl.java:1112) > com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1 > 139) > com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1 > 123) > sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:418) > sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Abstract > DelegateHttpsURLConnection.java:166) > sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.j > ava:1041) > sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConne > ctionImpl.java:234) > edu.yale.its.tp.cas.util.SecureURL.retrieve(SecureURL.java:84) > edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(ServiceTicketValida > tor.java:212) > edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:50) > edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.jav > a:455) > edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:378) > > > Thanks for your help !!! > > Greetings Felix -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
