-Scott
On 11/15/06, asha latha <[EMAIL PROTECTED]> wrote:
Thank you Scott for your reply.(a) does not trust the CAS server certificate which means it just needs to be addedCan you please expain more on the point 'a' you specified.I am new to CAS, so I am not sure where to find enough information on this issue.
>(b) the CN does not match the hostname (in this case localhost).I think this is not the issue because my host name is localhost.
Scott Battaglia < [EMAIL PROTECTED]> wrote:It most likely means that the uPortal JVM either (a) does not trust the CAS server certificate which means it just needs to be added or (b) the CN does not match the hostname (in this case localhost).
-Scott
On 11/14/06, asha latha < [EMAIL PROTECTED]> wrote:Thank you very much for your support regarding this issue.Finally, my tomcat is working fine but I am still getting the error when I try to integrate CAS to uportal.I tried to access the uportal using the url https://localhost:8443/cas/login? service=http%3A%2F%2Flocalhost:8080%2FuPortal%2FLoginCAS login screen appeared and I have provided it withNetId: demoPassword: demoThe user is authenticated and it created a ticket and forwarded the request to uportalThese are the lines that are printed in the tomcat command prompt:[java] 2006-11-14 21:05:15,936 INFO [org.jasig.cas.web.flow.AutomaticCookie
PathSetterAction] - <Setting ContextPath for cookies to: /cas>
[java] 2006-11-14 21:06:15,882 INFO [org.jasig.cas.authentication.Authentic
ationManagerImpl] - <AuthenticationHandler: org.jasig.cas.authentication.handler
.support.SimpleTestUsernamePasswordAuthenticationHandler successfully authentica
ted the user which provided the following credentials: demo>
[java] 2006-11-14 21:06:15,912 INFO [org.jasig.cas.CentralAuthenticationSer
viceImpl] - <Granted service ticket [ST-2-nc4QVZbCvVrMfbukiTwiQlN9Ay6Yir09yd7-20
] for service [ http://localhost:8080/uPortal/Login] for user [demo]>
[java] 2006-11-14 21:09:49,279 INFO [ org.jasig.cas.CentralAuthenticationSer
viceImpl] - <Granted service ticket [ST-3-2ggz6GySwabK7ctCd0OfNbJYIhEs46H4kH9-20
] for service [ http://localhost:8080/uPortal/Login] for user [demo]>but at this particular point I am getting the following exception.exceptionjavax.servlet.ServletException : Unable to validate ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator casValidateUrl=[ https://localhost:8443/cas/serviceValidate] ticket=[ST-2-nc4QVZbCvVrMfbukiTwiQlN9Ay6Yir09yd7-20] service=[http%3A%2F%2Flocalhoat%3A8080%2FuPortal%2FLogin] renew=false]]] edu.yale.its.tp.cas.client.filter.CASValidateFilter.doFilter (CASValidateFilter.java:292)root causeedu.yale.its.tp.cas.client.CASAuthenticationException: Unable to validate ProxyTicketValidator [[ edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator
casValidateUrl=[ https://localhost:8443/cas/serviceValidate] ticket=[ST-2-nc4QVZbCvVrMfbukiTwiQlN9Ay6Yir09yd7-20]
service=[http%3A%2F%2Flocalhoat%3A8080%2FuPortal%2FLogin] renew=false]]] edu.yale.its.tp.cas.client.CASReceipt.getReceipt (CASReceipt.java:52) edu.yale.its.tp.cas.client.filter.CASValidateFilter.getAuthenticatedUser(CASValidateFilter.java:339) edu.yale.its.tp.cas.client.filter.CASValidateFilter.doFilter(CASValidateFilter.java:289)
Can anybody help me with this error.Thanks in advance.Thanks,Asha
John Thiltges < [EMAIL PROTECTED]> wrote:asha latha wrote:
> Thank you for your response John.
>
> I removed those two lines from the server.xml.
>
> > maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
> enableLookups="false" disableUploadTimeout="true"
> acceptCount="100" scheme="https" secure="true"
> clientAuth="false" sslProtocol="TLS"
> />
> Now I am not getting exceptions in tomcat.
Excellent.
> But when I try to open the SSL configuration by going to
> https://localhost:8443/
>
> I am getting the following error message .
>
> There is a problem with this website's security
> certificate.
> The security certificate presented by this website was not
> issued by a trusted certificate authority.
>
>
>
> Security certificate problems may indicate an attempt to fool you or
> intercept any data you send to the server.
>
> Do you have any idea what's going on?
>
Sounds like things are working fine.
Because you made a self-signed certificate, it's not automatically
trusted by your browser and you get the warning. For a production
service, you'll probably want to purchase an SSL certificate from a
certificate authority (CA). There are lots of vendors: Verisign/Thawte,
Comodo, GeoTrust, and many others.
John
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
Sponsored Link
Mortgage rates near 39yr lows. $510,000 Mortgage for $1,698/mo - Calculate new house payment
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
