You only need proxy authentication of your client needs to access another
CASified resource on behalf of the user.  Imagine a portal attempting to
access a grades web service to display grades in the portal for a user.

Cheers,
Scott


On Fri, Jul 30, 2010 at 11:38 AM, Jiangpeng Shi <
[email protected]> wrote:

> Thanks a lot Scott! You give me a lot of help on understanding CAS. For now
> I have set up a very default cas, and several applications are using it as
> authentication server. The first step seems pretty good!
> I think I am still not quite clear about proxy ticket, so in all my client
> app, I just comment out the "proxyCallback" settings and exceptions are
> gone. But I really want to understand the concept of proxy ticket. Is it
> something about an application using a proxy server or so? What's this proxy
> tickets for?  I read the article    "Proxy CAS Walkthrough", but I guess I
> am not smart enough to understand all the ideas. Could you please give me
> some reference about the proxy ticket? Thanks a lot.
>
> >>> Scott Battaglia <[email protected]> 7/29/2010 9:41 PM >>>
> You're attempting to call back to the CAS client to send a proxy ticket.
>  Your CAS server is having trouble contacting the client.
>
>
> On Thu, Jul 29, 2010 at 2:43 PM, Jiangpeng Shi <
> [email protected]> wrote:
>
> > I got this  "java.net.SocketTimeoutException: Read timed out" error from
> > the server log. It is kind of very weird that seems it only happens each
> > time after I restart the cas server: every time if I restart cas server
> and
> > open a client app, then I got those exception:
> >
> > 2010-07-29 13:39:26,918 ERROR [org.jasig.cas.util.HttpClient] -
> > <java.net.SocketTimeoutException: Read timed out>
> > java.net.SocketTimeoutException: Read timed out
> >        at jrockit.net.SocketNativeIO.readBytesPinned(Native Method)
> >        at jrockit.net.SocketNativeIO.socketRead(SocketNativeIO.java:46)
> >        at java.net.SocketInputStream.socketRead0(SocketInputStream.java)
> >        at java.net.SocketInputStream.read(SocketInputStream.java:129)
> >        at
> > weblogic.utils.io.ChunkedInputStream.read(ChunkedInputStream.java:159)
> >        at java.io.InputStream.read(InputStream.java:85)
> >        at com.certicom.tls.record.ReadHandler.readFragment(Unknown
> Source)
> >        at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
> >        at
> > com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown
> > Source)
> >        at
> >
> com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown
> > Source)
> >        at com.certicom.tls.record.WriteHandler.write(Unknown Source)
> >        at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
> >        at
> > java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:66)
> >        at
> java.io.BufferedOutputStream.flush(BufferedOutputStream.java:124)
> >        at java.io.FilterOutputStream.flush(FilterOutputStream.java:124)
> >        at
> >
> weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:154)
> >        at
> >
> weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:358)
> >        at
> >
> weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:37)
> >        at
> >
> weblogic.net.http.HttpURLConnection.getResponseCode(HttpURLConnection.java:947)
> >        at
> > org.jasig.cas.util.HttpClient.isValidEndPoint(HttpClient.java:111)
> >        at
> >
> org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler.authenticate(HttpBasedServiceCredentialsAuthenticationHandler.java:59)
> >        at
> >
> org.jasig.cas.authentication.AuthenticationManagerImpl.authenticateAndObtainPrincipal(AuthenticationManagerImpl.java:74)
> >        at
> >
> org.jasig.cas.authentication.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:39)
> >        at
> >
> org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket(CentralAuthenticationServiceImpl.java:260)
> >        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> >        at
> >
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> >        at
> >
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> >        at java.lang.reflect.Method.invoke(Method.java:597)
> >        at
> >
> org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
> >        at
> >
> org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
> >        at
> >
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
> >        at
> >
> org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:106)
> >        at
> >
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
> >        at
> >
> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
> >        at $Proxy75.delegateTicketGrantingTicket(Unknown Source)
> >        at
> >
> org.jasig.cas.web.ServiceValidateController.handleRequestInternal(ServiceValidateController.java:126)
> >        at
> >
> org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153)
> >        at
> >
> org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48)
> >        at
> >
> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:875)
> >        at
> >
> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:807)
> >        at
> >
> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:571)
> >        at
> >
> org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:502)
> >        at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
> >        at javax.servlet.http.HttpServlet.service(HttpServlet.java:821)
> >        at
> >
> org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115)
> >        at
> >
> weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
> >        at
> >
> weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
> >        at
> >
> weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
> >        at
> weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:27)
> >        at
> >
> weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
> >        at
> >
> org.inspektr.common.web.ClientInfoThreadLocalFilter.doFilterInternal(ClientInfoThreadLocalFilter.java:48)
> >        at
> >
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
> >        at
> >
> weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
> >        at
> >
> weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3588)
> >        at
> >
> weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
> >        at
> > weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
> >        at
> >
> weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2200)
> >        at
> >
> weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2106)
> >        at
> >
> weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1428)
> >        at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
> >        at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
> > 2010-07-29 13:39:26,918 INFO
> > [org.jasig.cas.authentication.AuthenticationManagerImpl] -
> > <AuthenticationHandler:
> >
> org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler
> > failed to authenticate the user which provided the following credentials:
> > [callbackUrl:
> https://casServer.mydomain.com:7002/casClient/proxyCallback
> > ]>
> > 2010-07-29 13:39:26,934 ERROR
> [org.jasig.cas.web.ServiceValidateController]
> > - <TicketException generating ticket for: [callbackUrl:
> > https://casServer.mydomain.com:7002/casClient/proxyCallback]>
> > org.jasig.cas.ticket.TicketCreationException:
> > error.authentication.credentials.bad
> >        at
> >
> org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket(CentralAuthenticationServiceImpl.java:290)
> >        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> >        at
> >
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> >        at
> >
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> >        at java.lang.reflect.Method.invoke(Method.java:597)
> >        at
> >
> org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
> >        at
> >
> org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
> >        at
> >
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
> >        at
> >
> org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:106)
> >        at
> >
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
> >        at
> >
> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
> >        at $Proxy75.delegateTicketGrantingTicket(Unknown Source)
> >        at
> >
> org.jasig.cas.web.ServiceValidateController.handleRequestInternal(ServiceValidateController.java:126)
> >        at
> >
> org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153)
> >        at
> >
> org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48)
> >        at
> >
> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:875)
> >        at
> >
> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:807)
> >        at
> >
> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:571)
> >        at
> >
> org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:501)
> >        at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
> >        at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
> >        at
> >
> org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115)
> >        at
> >
> weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
> >        at
> >
> weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
> >        at
> >
> weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
> >        at
> weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
> >        at
> >
> weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
> >        at
> >
> org.inspektr.common.web.ClientInfoThreadLocalFilter.doFilterInternal(ClientInfoThreadLocalFilter.java:48)
> >        at
> >
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
> >        at
> >
> weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
> >        at
> >
> weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3588)
> >        at
> >
> weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
> >        at
> > weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
> >        at
> >
> weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2200)
> >        at
> >
> weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2106)
> >        at
> >
> weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1428)
> >        at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
> >        at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
> > Caused by: error.authentication.credentials.bad
> >        at
> >
> org.jasig.cas.authentication.handler.BadCredentialsAuthenticationException.<clinit>(BadCredentialsAuthenticationException.java:25)
> >        at
> >
> org.jasig.cas.authentication.AuthenticationManagerImpl.authenticateAndObtainPrincipal(AuthenticationManagerImpl.java:99)
> >        at
> >
> org.jasig.cas.authentication.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:39)
> >        at
> >
> org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket(CentralAuthenticationServiceImpl.java:260)
> >        ... 37 more
> >
> >
> > Although there are exceptions like this, but the login still works well.
> > Any suggestion? Thanks.
> >
> > --Jerry
> >
> > --
> > You are currently subscribed to [email protected] as:
> > [email protected]
> > To unsubscribe, change settings or access archives, see
> > http://www.ja-sig.org/wiki/display/JSG/cas-user
> >
> >
>
> --
> You are currently subscribed to [email protected] as:
> [email protected]
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
>
> --
> You are currently subscribed to [email protected] as:
> [email protected]
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
>
>

-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Reply via email to