Hi, i had generated a certificate in the client app server and added this certificate to the thruststore of cas server. I think i have some progress since now it gives me the certificate error. Below is the log:
2010-05-26 04:13:04,010 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - Loaded 0 services. 2010-05-26 04:13:07,854 INFO [org.jasig.cas.util.AutowiringSchedulerFactoryBean] - Starting Quartz Scheduler now 2010-05-26 04:13:25,839 INFO [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - Beginning ticket cleanup. 2010-05-26 04:13:25,854 INFO [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - 0 tickets found to be removed. 2010-05-26 04:13:25,854 INFO [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - Finished ticket cleanup. 2010-05-26 04:15:04,229 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - Reloading registered services. 2010-05-26 04:15:04,229 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - Loaded 0 services. 2010-05-26 04:15:26,214 INFO [org.jasig.cas.web.flow.InitialFlowSetupAction] - Setting path for cookies to: /cas 2010-05-26 04:15:26,214 INFO [org.jasig.cas.web.flow.InitialFlowSetupAction] - Setting path for cookies to: /cas 2010-05-26 04:15:41,870 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - AuthenticationHandler: org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler successfully authenticated the user which provided the following credentials: [username: aluno] 2010-05-26 04:15:41,885 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - Granted service ticket [ST-1-hLmvFyMIDmsCshvBu5G2-cas] for service [ https://galaio:8443/netpa/AuthenticationHandler] for user [aluno] 2010-05-26 04:16:11,526 WARN [org.jasig.cas.util.HttpClient] - Error Sending message to url endpoint [https://galaio:8443/netpa/AuthenticationHandler]. Error is [sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target] 2010-05-26 04:17:04,229 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - Reloading registered services. 2010-05-26 04:17:04,229 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - Loaded 0 services. 2010-05-26 04:19:04,229 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - Reloading registered services. 2010-05-26 04:19:04,229 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - Loaded 0 services. >From what i seeing now. This is because there's some problem with the certificate. Is this the problem? Thanks, João On Tue, May 25, 2010 at 11:33 PM, Scott Battaglia <[email protected] > wrote: > No. As mentioned previously, the CAS server will programmatically call > back to the CAS client via Java. What you're showing is a browser redirect > which does nothing for single log out. > > > > On Tue, May 25, 2010 at 6:28 PM, João Galaio da Silva < > [email protected]> wrote: > >> ok, i didn't had yet the opportunity to make the ssl configuration on the >> client application. I will try it tomorrow. >> To call the logout is in this form? >> https://casserver:8443/cas/logout?service=https://myserviceserver:8443/applicationContext? >> >> >> thank you both. >> >> cheers, >> Galaio >> >> >> >> >> >> On Tue, May 25, 2010 at 11:10 PM, Scott Battaglia < >> [email protected]> wrote: >> >>> Its certificate trust and server reachability (which Marvin had mentioned >>> previously). If the CAS server cannot resolve the name of the server or >>> connect to the client then the callback will fail. >>> >>> Cheers, >>> Scott >>> >>> >>> On Tue, May 25, 2010 at 6:00 PM, Marvin Addison < >>> [email protected]> wrote: >>> >>>> > Is there any configuration needed on thee cas server to enable logout? >>>> I'm >>>> > using cas server 3.4.2 >>>> >>>> The only server configuration involved is certificate trust. The >>>> server must trust the SSL certificate presented by each client in >>>> order for the SAML LogoutRequest to be sent; recall that the server >>>> makes a connection to each client to send this message. If the SSL >>>> handshake fails due to trust problems, that particular client session >>>> will remain intact. >>>> >>>> M >>>> >>>> -- >>>> You are currently subscribed to [email protected] as: >>>> [email protected] >>>> >>>> To unsubscribe, change settings or access archives, see >>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>> >>> >>> -- >>> You are currently subscribed to [email protected] as: >>> [email protected] >>> >>> >>> >>> To unsubscribe, change settings or access archives, see >>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>> >>> >> -- >> >> You are currently subscribed to [email protected] as: >> [email protected] >> >> >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
