Hi Marvin,
Thx for your reply. In my case I am
having a multiple web-apps in my environment, they just authenticate with CAS
using spring security. I had taken the sample cas integration files from the
Spring security application. How do I make sure that I don't need this proxy
granting ticket.
--Thx
Alok
-----Original Message-----
From: Marvin Addison [mailto:[email protected]]
Sent: Thursday, September 17, 2009 12:47 PM
To: [email protected]
Subject: Re: [cas-user] CAS deployed on tomcat and accessed through apache over
SSL.
> 2009-09-17 11:51:28,199 ERROR [org.jasig.cas.web.ServiceValidateController] -
><TicketException generating ticket for: [callbackUrl:
>http://acondev2.myofferpal.com/secure/receptor]>
> org.jasig.cas.ticket.TicketCreationException:
> error.authentication.credentials.bad
>
Looks like you're using an HTTP proxy ticket callback URL,
ttp://acondev2.myofferpal.com/secure/receptor, to request a proxy
granting ticket. The PGT callback URL MUST be HTTPS.
Before you proceed you should consider whether you really need to
request a proxy-granting ticket. If you confirm you do need proxy
capability, you will need to configure the service hosting your proxy
callback for SSL. A common problem that follows is SSL trust problems
caused by the CAS server not trusting the CA that issued the
certificate. If you use a self-signed cert or one by an uncommon
vendor, be sure to import it or the signing cert into the truststore
used by the CAS server.
M
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
