> 11-mar-2010 16.43.39 org.apache.catalina.core.StandardWrapperValve invoke > GRAVE: Servlet.service() for servlet cas threw exception > java.lang.ClassCastException: javax.security.auth.kerberos.KerberosTicket > cannot be cast to sun.security.krb5.Credentials
That's a strange error I've not seen before. What's really interesting, though, is that authentication clearly succeeds on the second attempt: > 2010-03-11 16:43:53,198 INFO > [org.jasig.cas.authentication.AuthenticationManagerImpl] - > <AuthenticationHandler: > org.jasig.cas.adaptors.ldap.BindLdapGssapiAuthenticationHandler successfully > authenticated the user which provided the following credentials: [username: > fizzi]> The error on the second attempt is caused by connectivity problems between the CAS client (Liferay) and the CAS server when the ticket is attempted to be validated. Connection refused is caused by a RST packet being sent in response to a SYN in the TCP handshake, so it's a pretty fundamental connection problem. I would recommend you review the CAS _client_ settings, in particular the serverName context param and the casServerUrlPrefix init param of the validation filter. I would imagine one of those points to the wrong host or port, and that's why connect is failing. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
