-Scott
I recently deploy a cas server in 10.100.2.6(it's hostname is rsserver). I can login successfully to webapp1, but when I try to visit webapp2 ,I has to login again.
I check the log, and find this error occurs every login action(it doesn't stop login)
Is this error message the reason why I need to login for every single webapp?and what can I do with this problem.
2006-11-10 13:44:36,838 ERROR [org.jasig.cas.web.ServiceValidateController] - <TicketException generating ticket for: https://10.100.2.6:8443/contacts-cas/casProxy/receptor>
org.jasig.cas.ticket.TicketCreationException: error.authentication.credentials.bad
at org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket(CentralAuthenticationServiceImpl.java:215)
at org.jasig.cas.web.ServiceValidateController.handleRequestInternal(ServiceValidateController.java:159)
at org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153)
at org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:45)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:798)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:728)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:396)
at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:350)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:689)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:237)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:157)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:214)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:198)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:152)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:118)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929)
at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:705)
at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683)
at java.lang.Thread.run(Thread.java:536)
Caused by: error.authentication.credentials.bad
at org.jasig.cas.authentication.handler.BadCredentialsAuthenticationException.<clinit>(BadCredentialsAuthenticationException.java:25)
at org.jasig.cas.authentication.AuthenticationManagerImpl.authenticate(AuthenticationManagerImpl.java:105)
at org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket(CentralAuthenticationServiceImpl.java:194)
... 34 more
The following is the keystore assigned in tomcat server.xml
Keystore type: jks
Keystore provider: SUN
Your keystore contains 1 entry
Alias name: tomcat2
Creation date: Nov 10, 2006
Entry type: keyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=rsserver, OU=bjjdsy, O=bjjdsy, L=bj, ST=bj, C=cn
Issuer: CN=rsserver, OU=bjjdsy, O=bjjdsy, L=bj, ST=bj, C=cn
Serial number: 4553d8ab
Valid from: Fri Nov 10 09:40:59 CST 2006 until: Thu Feb 08 09:40:59 CST 2007
Certificate fingerprints:
MD5: A7:4F:F5:EE:82:7E:A2:23:3B:D6:E5:38:73:84:51:67
SHA1: E7:B8:C8:98:6D:B8:06:96:E2:C7:2A:EA:DD:C3:99:D9:DE:88:06:30
The following is the keystore in jdk
Alias name: tomcat3
Creation date: Nov 10, 2006
Entry type: trustedCertEntry
Owner: CN=rsserver, OU=bjjdsy, O=bjjdsy, L=bj, ST=bj, C=cn
Issuer: CN=rsserver, OU=bjjdsy, O=bjjdsy, L=bj, ST=bj, C=cn
Serial number: 4553d8ab
Valid from: Fri Nov 10 09:40:59 CST 2006 until: Thu Feb 08 09:40:59 CST 2007
Certificate fingerprints:
MD5: A7:4F:F5:EE:82:7E:A2:23:3B:D6:E5:38:73:84:51:67
SHA1: E7:B8:C8:98:6D:B8:06:96:E2:C7:2A:EA:DD:C3:99:D9:DE:88:06:30
The acegi config
<bean id="casProxyTicketValidator" class="org.acegisecurity.providers.cas.ticketvalidator.CasProxyTicketValidator">
<property name="casValidate"><value>https://rsserver:8443/cas/proxyValidate</value></property>
<property name="proxyCallbackUrl"><value>http://rsserver:8443/contacts-cas/casProxy/receptor </value></property>
<property name="serviceProperties"><ref bean="serviceProperties"/></property>
<!-- <property name="trustStore"><value>/some/path/to/your/lib/security/cacerts</value></property> -->
</bean>
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
