Re: [cas-user] X509 Certificates

[Francisco Estanqueiro]

Oh, that was the problem! Thanks again

Scott Battaglia wrote:

You're using the wrong public property name. Look at the setter I sent via email.

On Thu, Feb 25, 2010 at 2:13 PM, Francisco Estanqueiro <fwestanque...@fc.ul.pt <mailto:fwestanque...@fc.ul.pt>> wrote:

    this:


      <bean
    
class="org.jasig.cas.adaptors.x509.authentication.handler.support.X509CredentialsAuthenticationHandler">
           <property name="trustedIssuerDnPattern" value="CN=EC de
    Autenticação do Cartão de Cidadão 0003"/>              <property
    name="maxPathLength_allowUnspecified" value="true" />

           <property name="checkKeyUsage" value="true" />
           <property name="requireKeyUsage" value="true" />
           </bean>

    gives me this

    ...ork.beans.InvalidPropertyException: Invalid property
    'maxPathLength_allowUnspecified' of bean class
    
[org.jasig.cas.adaptors.x509.authentication.handler.support.X509CredentialsAuthenticationHandler]:
    No property 'maxPathLength_allowUnspecified' found


    Scott Battaglia wrote:

        This property exists:
          /**
           * @param maxPathLength_allowUnspecified Allow CA certs to
        have unlimited intermediate certs (default=false).
           */
          public void setMaxPathLengthAllowUnspecified(boolean
        maxPathLength_allowUnspecified) {
              this.maxPathLength_allowUnspecified =
        maxPathLength_allowUnspecified;
          }




        On Thu, Feb 25, 2010 at 2:04 PM, Francisco Estanqueiro
        <fwestanque...@fc.ul.pt <mailto:fwestanque...@fc.ul.pt>
        <mailto:fwestanque...@fc.ul.pt
        <mailto:fwestanque...@fc.ul.pt>>> wrote:

           Hi,

           I'm having an error auth handler for X509 Certificates..:

           My Config Is:

              <bean

class="org.jasig.cas.adaptors.x509.authentication.handler.support.X509CredentialsAuthenticationHandler">

                   <property name="trustedIssuerDnPattern" value="EC de
           Autenticação do Cartão de Cidadão 0003"/>
                   <property name="maxPathLength" value="3" />
                   <property name="checkKeyUsage" value="true" />
                   <property name="requireKeyUsage" value="true" />
                   </bean>

           Witch gives me this error:

           2010-02-25 19:02:58,209 WARN

[org.jasig.cas.adaptors.x509.authentication.handler.support.X509CredentialsAuthenticationHandler]

           - <authentication failed; cert pathLength not specified and
           unlimited/unspecified not allowed by config *[see
           maxPathLength_allow_unlimited]*>
           2010-02-25 19:02:58,209 INFO
           [org.jasig.cas.authentication.AuthenticationManagerImpl] -
           <AuthenticationHandler:

org.jasig.cas.adaptors.x509.authentication.handler.support.X509CredentialsAuthenticationHandler

           failed to authenticate the user which provided the following
           credentials:

org.jasig.cas.adaptors.x509.authentication.principal.x509certificatecredenti...@f72e77>

           See maxPathLength_allow_unlimited WHERE?? There is no such
        property to
           config in deployerConfigContext..

           And if I change the maxPathLength to another value like "1", it
           tells me
           the pathLength should be 3.

           2010-02-25 18:58:00,608 WARN

[org.jasig.cas.adaptors.x509.authentication.handler.support.X509CredentialsAuthenticationHandler]

           - authentication failed; cert pathLength [3] is more than
        allowed by
           config [1]
           2010-02-25 18:58:00,608 INFO
           [org.jasig.cas.authentication.AuthenticationManagerImpl] -
           AuthenticationHandler:

org.jasig.cas.adaptors.x509.authentication.handler.support.X509CredentialsAuthenticationHandler

           failed to authenticate the user which provided the following
           credentials:

org.jasig.cas.adaptors.x509.authentication.principal.x509certificatecredenti...@1b0d235

           I keeping having the same error, and I'm kinda stuck..
        Anybody? I
           attached my cert path.

           Francisco

           --
           You are currently subscribed to cas-user@lists.jasig.org
        <mailto:cas-user@lists.jasig.org>
           <mailto:cas-user@lists.jasig.org
        <mailto:cas-user@lists.jasig.org>> as:
        scott.battag...@gmail.com <mailto:scott.battag...@gmail.com>
           <mailto:scott.battag...@gmail.com
        <mailto:scott.battag...@gmail.com>>

           To unsubscribe, change settings or access archives, see
           http://www.ja-sig.org/wiki/display/JSG/cas-user

-- You are currently subscribed to cas-user@lists.jasig.org

        <mailto:cas-user@lists.jasig.org> as: fwestanque...@fc.ul.pt
        <mailto:fwestanque...@fc.ul.pt>

        To unsubscribe, change settings or access archives, see
        http://www.ja-sig.org/wiki/display/JSG/cas-user

-- You are currently subscribed to cas-user@lists.jasig.org

    <mailto:cas-user@lists.jasig.org> as: scott.battag...@gmail.com
    <mailto:scott.battag...@gmail.com>
    To unsubscribe, change settings or access archives, see
    http://www.ja-sig.org/wiki/display/JSG/cas-user


--
You are currently subscribed to cas-user@lists.jasig.org as: 
fwestanque...@fc.ul.pt
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

--
You are currently subscribed to cas-user@lists.jasig.org as: 
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user