> [2009-10-14 15:23:39,779] [resin-http-10.28.121.60:8080-1] > Saml11TicketValidationFilter - > org.jasig.cas.client.validation.TicketValidationException: > org.opensaml.SAMLException: Success > sig.cas.client.validation.TicketValidationException: > org.opensaml.SAMLException: Success
Despite the exception message "Success," this is a general SAML error message for ticket validation failure. The most common cause of SAML validation failure is clock drift. If the system time on your client and server differ than more than a few seconds, this is likely the cause. For a number of reasons it's preferable to fix the clock drift problem (e.g. using NTP), but if you must you can increase the "tolerance" init param of the Saml11TicketValidationFilter to a value larger than the time deltas between machines. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
