Hi everyone, I'm trying to CASify WPS. I already used the tutorial and api<http://www.ja-sig.org/wiki/pages/viewpage.action?pageId=19314>on the ja-sig wiki. But I still have a problem. When I enter my login and password, I have the following error in the WAS log :
[12/08/09 16:17:24:139 CEST] 0000003a SystemOut O has ticket? =true [12/08/09 16:17:24:139 CEST] 0000003a SystemOut O request url= https://xx.xx.xx.xx:10035/wps/myportal/ [12/08/09 16:17:24:155 CEST] 0000003a SystemOut O try to get ticket [12/08/09 16:17:24:155 CEST] 0000003a SystemOut O ticket not null : ST-10-NXpH2PypmkntPqKFNSR6-cas [12/08/09 16:17:24:155 CEST] 0000003a SystemOut O new ticket validator [12/08/09 16:17:24:155 CEST] 0000003a SystemOut O serviceUrl generated: https://xx.xx.xx.xx:10035/wps/myportal/ [12/08/09 16:17:24:155 CEST] 0000003a SystemOut O set validation url : https://xx.xx.xx.xx:8443/cas/serviceValidate [12/08/09 16:17:24:155 CEST] 0000003a SystemOut O set service : https://xx.xx.xx.xx:10035/wps/myportal/ [12/08/09 16:17:24:155 CEST] 0000003a SystemOut O set ticket : ST-10-NXpH2PypmkntPqKFNSR6-cas [12/08/09 16:17:24:264 CEST] 0000003a SystemOut O error during validation : java.security.cert.CertificateException: Certificate not Trusted [12/08/09 16:17:24:358 CEST] 0000003a WebAuthentica E SECJ0126E: Trust Association failed during validation. The exception is com.ibm.websphere.security.WebTrustAssociationFailedException: java.security.cert.CertificateException: Certificate not Trusted at com.octo.cas.client.websphere.CasTAI511.negotiateValidateandEstablishTrust(CasTAI511.java:89) at com.ibm.ws.security.web.TAIWrapper.negotiateAndValidateEstablishedTrust(TAIWrapper.java:101) at com.ibm.ws.security.web.WebAuthenticator.handleTrustAssociation(WebAuthenticator.java:237) at com.ibm.ws.security.web.WebAuthenticator.authenticate(WebAuthenticator.java:1072) at com.ibm.ws.security.web.WebCollaborator.authorize(WebCollaborator.java:584) at com.ibm.ws.security.web.EJSWebCollaborator.preInvoke(EJSWebCollaborator.java:302) at com.ibm.ws.webcontainer.webapp.WebAppSecurityCollaborator.preInvoke(WebAppSecurityCollaborator.java:136) at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:464) at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:2965) at com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:221) at com.ibm.ws.webcontainer.VirtualHost.handleRequest(VirtualHost.java:210) at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:1931) at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:84) at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:472) at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewInformation(HttpInboundLink.java:411) at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.ready(HttpInboundLink.java:288) at com.ibm.ws.ssl.channel.impl.SSLConnectionLink.determineNextChannel(SSLConnectionLink.java:950) at com.ibm.ws.ssl.channel.impl.SSLConnectionLink$MyReadCompletedCallback.complete(SSLConnectionLink.java:582) at com.ibm.ws.ssl.channel.impl.SSLReadServiceContext$SSLReadCompletedCallback.complete(SSLReadServiceContext.java:1698) at com.ibm.ws.tcp.channel.impl.WorkQueueManager.requestComplete(WorkQueueManager.java:566) at com.ibm.ws.tcp.channel.impl.WorkQueueManager.attemptIO(WorkQueueManager.java:619) at com.ibm.ws.tcp.channel.impl.WorkQueueManager.workerRun(WorkQueueManager.java:952) at com.ibm.ws.tcp.channel.impl.WorkQueueManager$Worker.run(WorkQueueManager.java:1039) at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java(Compiled Code)) I concluded in a certicate error (yes I can read), but I really don't know how to configure WAS and avoid this error. For my test, I generated a dummy certificate on my tomcat server. Here is some info on my installation : - WAS 6.0 on windows dev machine - tomcat 6.0 on a remote linux (CentOS) machine - CAS 3.3.3 Thanks for your help. I am quite deseperate... Stéphane PROHASZKA -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
