> I already added org.jasig.cas.adaptors.ldap category to debug in my > log4j.xml file but it doesn't give much more information than before, after > a failed login attempt here is what it says: > > > 2010-08-16 17:10:13,544 DEBUG > [org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler] - > <Performing LDAP bind with credential: > uid=joel,ou=People,dc=mydomain,dc=org> > 2010-08-16 17:10:13,548 INFO > [org.jasig.cas.authentication.AuthenticationManagerImpl] - > <AuthenticationHandler: > org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler failed to > authenticate the user which provided the following credentials: [username: > joell]>
I believe you would see a stack trace in the case of failed SSL negotiation, but I can't say for sure. Scott's hunch about the username mismatch seems like a good bet. > I added this lines to the setenv.sh file: > ... > and when starting tomcat, it gives me: > > *** > found key for : tomcat > ... What is of interest is catalina.out after an authentication attempt. An SSL debug trace is pretty verbose and will contain much more of the certificate selection and key exchange in the case of SSL negotiation. That information is invaluable for troubleshooting SSL trust issues. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
