RE: [cas-user] OOOOpppss what happens here with this ticket Exception

Thu, 20 Aug 2009 05:24:05 -0700 

In order for CAS to return a PGT to your caller, the callback must be https.
                <init-param>
                        <param-name>proxyCallbackUrl</param-name>
                        
<param-value>http://athenea:8080/sao/proxyCallback</param-value>
                </init-param>


This is wrong. CAS will not send you back the PGT.
You need to create an SSL certificate for SAO. 
You must also import that certificate into the java keystore used for CAS. 


-----Original Message-----
From: Carlos Adolfo Ortiz Q [mailto:[email protected]] 
Sent: Wednesday, August 19, 2009 6:04 PM
To: [email protected]
Subject: [cas-user] OOOOpppss what happens here with this ticket Exception

Hi

I've got this problem. I am new to CAS configuration settings but I am not sure 
what is going on. Any help appreciated?

Here is the description.
I have two Tomcat Servers with JDK 1.6 and Tomcat Version 6.0.18, that is, I 
want to test CAS usage from different servers.

In one server I have deployed CAS server (I have included CAS.PROPERTIES in the 
attachment), I am using CAS Server 3.3.1, I also have set HTTPS.  I am 
listening on port 7443 for this CAS server.

Now I want my other application deployed to the second server which does not 
have CAS server and this application is called SAO (I have included my WEB.XML 
for this application, so you can see my configuration. Thus, SAO is a client 
for CAS server (I am using cas-client-core-3.1.5.jar as the JAR library).

Well, when I type http://athenea:8080/sao and no authentication has occurred 
then effectively it redirects to 
https://athenea:7443/cas/login?service=http%3A%2F%2Fathenea%3A8080%2Fsao%2FgenerarPantallaMenu.do

I supply the user/login as valid in my system but when it tries to go to my SAO 
app then oooopppssss in the URL it shows this



http://athenea:8080/sao/generarPantallaMenu.do?ticket=ST-1-aTHyNV9d3LtFfbMijw1I-cas

and genereates the following Exception
Aug 19, 2009 5:12:06 PM org.apache.catalina.core.StandardWrapperValve invoke
SEVERE: Servlet.service() for servlet action threw exception
org.jasig.cas.client.validation.TicketValidationException: The CAS server 
returned no response.
        at 
org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:181)
        at 
org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:132)
        at 
co.com.arkimia.http.filters.DelegatingFilter.doFilter(DelegatingFilter.java:68)
        at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
        at 
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
        at 
org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:119)
        at 
co.com.arkimia.http.filters.DelegatingFilter.doFilter(DelegatingFilter.java:68)
        at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
        at 
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
        at 
org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:104)
        at 
co.com.arkimia.http.filters.DelegatingFilter.doFilter(DelegatingFilter.java:68)
        at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
        at 
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
        at 
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
        at 
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
        at 
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
        at 
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
        at 
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
        at 
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
        at 
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845)
        at 
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
        at 
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
        at java.lang.Thread.run(Thread.java:619)

mmmm??????? what is going on?

But this does not happen if both SAO and CAS are on same port or server.
--
You are currently subscribed to [email protected] as: 
[email protected] To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Reply via email to