The PKIX error is SSL related. "unable to find valid certification path to requested target" tells us it can't find a valid certificate chain for the presented cert. Most likely you are connecting to LDAP via SSL and the cert isn't trusted by Java. You'll need to add the root cert in to Java's cacerts file. There's lots of resources available via Google to help you with that.
--- *John Gasper* IAM Consultant Unicon, Inc. PGP/GPG Key: 0xbafee3ef On 10/13/14 4:13 AM, shyam soundar wrote: > > Hi, > > I am playing with cas-password-manager & facing some issues related > to ldap & theme. > > *Ref: https://github.com/Unicon/cas-password-manager* > > *Please find the error log below* > > > at java.lang.Thread.run(Thread.java:701) > Caused by: sun.security.validator.ValidatorException: PKIX path > building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to > find valid certification path to requested target > at > sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:324) > at > sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:224) > at sun.security.validator.Validator.validate(Validator.java:235) > at > sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:147) > at > sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:230) > at > sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:270) > at > sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1147) > ... 48 more > Caused by: sun.security.provider.certpath.SunCertPathBuilderException: > unable to find valid certification path to requested target > at > sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:197) > at > java.security.cert.CertPathBuilder.build(CertPathBuilder.java:255) > at > sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:319) > ... 54 more > 2014-10-13 10:32:41,383 WARN > [org.springframework.context.support.ResourceBundleMessageSource] - > <ResourceBundle [theme] not found for MessageSource: Can't find bundle > for base name theme, locale en_US> > 2014-10-13 10:32:41,383 WARN > [org.springframework.context.support.ResourceBundleMessageSource] - > <ResourceBundle [theme] not found for MessageSource: Can't find bundle > for base name theme, locale en_US> > 2014-10-13 10:32:41,383 ERROR > [org.springframework.web.servlet.tags.ThemeTag] - <Theme 'theme': No > message found under code 'standard.custom.css.file' for locale 'en_US'.> > javax.servlet.jsp.JspTagException: Theme 'theme': No message found > under code 'standard.custom.css.file' for locale 'en_US'. > > *While changing password* > > 2014-10-13 10:35:34,358 ERROR > [net.unicon.cas.passwordmanager.flow.ProcessChangePasswordAction] - > <Unknown exception changing user's password.> > org.springframework.ldap.NoPermissionException: [LDAP: error code 50 - > 00000005: SecErr: DSID-031A1169, problem 4003 (INSUFF_ACCESS_RIGHTS), > data 0 > ^@]; nested exception is javax.naming.NoPermissionException: [LDAP: > error code 50 - 00000005: SecErr: DSID-031A1169, problem 4003 > (INSUFF_ACCESS_RIGHTS), data 0 > > Can any one help me on this > > Thanks > Shyam > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
