Bryan, I would recommend searching the CAS mail list archives for fixing SSL issues ( http://www.nabble.com/CAS-f15448.html ). Your self-signed certificate is not trusted as it is not part of your keystore. You should take this moment to get a proper SSL certificate and import it rather than going further.
HTH, A- On 7/31/09 8:11 AM, "Bryan Wooten" <[email protected]> wrote: > Ok, when I add the CAS Validation Filter I run into a couple of problems: > > 1. Following the example in the link below I get a deployment error, > apparently the CAS Validation Filter requires ³service² or ³servername² > init-param. I added both and the deployment error went away. > > 2. With the CAS Validation Filter included in my CASifyed application¹s > web.xml I get a run time exception: (My CAS server is on a test machine that > does not have a trusted cert, is this the problem? Also we are running on > Glassfish, is there other configuration I need to worry about) > > > javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target > javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target > at > com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1584) > at > com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174) > at > com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:168) > at > com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshak > er.java:848) > at > com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker. > java:106) > at > com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495) > at > com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:877) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketIm > pl.java:1089) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1 > 116) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1 > 100) > at > sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:402) > at > sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Abstract > DelegateHttpsURLConnection.java:170) > at > sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.j > ava:934) > at > sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConne > ctionImpl.java:234) > at > org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.ret > rieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:35) > at > org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(Abstr > actUrlBasedTicketValidator.java:178) > at > org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(Abstra > ctTicketValidationFilter.java:132) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFi > lterChain.java:230) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChai > n.java:198) > at > org.netbeans.modules.web.monitor.server.MonitorFilter.doFilter(MonitorFilter.j > ava:390) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFi > lterChain.java:230) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChai > n.java:198) > at > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java > :288) > > > From: Scott Battaglia [mailto:[email protected]] > Sent: Thursday, July 30, 2009 4:33 PM > To: [email protected] > Subject: Re: [cas-user] How do I get prinicpal from CASifyed client program? > > Here's an example configuration: > http://www.ja-sig.org/wiki/display/CASC/web.xml+for+Tomcat+5.5+Tomcat+Manager > > On Thu, Jul 30, 2009 at 5:38 PM, Bryan Wooten <[email protected]> wrote: > > I can¹t seem to retrieve the principal from my cas client servlet. > > > > I tried adding the wrapper filter: > > > > <filter> > > <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> > > > <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filte > r-class> > > </filter> > > > > But request.getRemoteUser just returns null. > > > > I also tried: > > final Assertion assertion = AssertionHolder.getAssertion(); > > > > if (assertion == null) { > > System.out.println("assertion null!"); > > > > } else { > > final Principal p = assertion.getPrincipal(); > > System.out.println("principal: " + p.getName()); > > } > > > > But again all I get is null. > > > > > > I also tried adding the Assertion Filter Any ideas? > > > > Thanks, > > > > Bryan > > -- Andrew Feller, Business System Programmer LSU University Information Services 200 Frey Computing Services Center Baton Rouge, LA 70803 Office: 225.578.3737 Fax: 225.578.6400 -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
