I am receiving an authentication error with CAS during an X509 authentication attempt. I am following the example found here (https://wiki.jasig.org/display/CASUM/X.509+Certificates ). I have updated the log4j properties file to set the level to DEBUG to see if it would help. I think it is something very simple in my understanding of certificates and what is attempting to be authenticated. But I am not sure how all of the authentication is being handled by CAS. Nothing in the log is jumping out at me as what is causing the error. Looks like it is evaluating my client certificate, the certificate that I select when I first attempt to hit the /cas/login page ( a window pops up in my browser for me to select a certificate). Which is what I expect. snippet from log: <Evaluating CN=TestCert,OU=test, O=test, ST=test, C=test, SerialNumber=112> <.* matches CN=TestCert,OU=test, O=test, ST=test, C=test == true> <CN="<DNS of test server>" matches CN=<DNS of test server>, C=Test, ST=Test, L=Test EMAILADDRESS=test, OU=test, O=test == false> <Found valid client certificate> <Failed to authenticate org.jasig.cas.adaptors.x509.authentication.principal.X509CertificateCredentials@44755866> ... log does not tell me much more. I am not sure what is happening with the false evaluation above. That is the server certificate where CAS is hosted inside the Tomcat servelet. Any insights or things to try? Thanks Schawn- -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
