Thank you very much Scott for your explanation.
Just now I realized that I am adding the certificate to 'C:\Program
Files\Java\jre1.5.0_05\lib\security\cacerts' file instead of 'C:\Program
Files\Java\jdk1.5.0_05\jre\lib\security\cacerts'. I have changed that and now I
am getting a different error.
Can you help me with this error.
This is the exception that I am getting
javax.servlet.ServletException:
Unable to validate ProxyTicketValidator
[[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null]
[edu.yale.its.tp.cas.client.ServiceTicketValidator
casValidateUrl=[https://localhost:8443/cas/serviceValidate]
ticket=[ST-2-d19NGCVjeQsnNzcnjcaD1d3DfM65oWCBfMt-20]
service=[http%3A%2F%2Flocalhoat%3A8080%2FuPortal%2FLogin]
errorCode=[INVALID_SERVICE]
errorMessage=[ticket 'ST-2-d19NGCVjeQsnNzcnjcaD1d3DfM65oWCBfMt-20' does
not match supplied service] renew=false entireResponse=[<cas:serviceResponse
xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationFailure code='INVALID_SERVICE'>
ticket 'ST-2-d19NGCVjeQsnNzcnjcaD1d3DfM65oWCBfMt-20' does not match supplied
service
</cas:authenticationFailure>
</cas:serviceResponse>
]]]]
edu.yale.its.tp.cas.client.filter.CASValidateFilter.doFilter(CASValidateFilter.java:292)
root cause
edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to validate
ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator
proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator
casValidateUrl=[https://localhost:8443/cas/serviceValidate]
ticket=[ST-2-d19NGCVjeQsnNzcnjcaD1d3DfM65oWCBfMt-20]
service=[http%3A%2F%2Flocalhoat%3A8080%2FuPortal%2FLogin]
errorCode=[INVALID_SERVICE] errorMessage=[ticket
'ST-2-d19NGCVjeQsnNzcnjcaD1d3DfM65oWCBfMt-20' does not match supplied service]
renew=false entireResponse=[<cas:serviceResponse
xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationFailure code='INVALID_SERVICE'>
ticket 'ST-2-d19NGCVjeQsnNzcnjcaD1d3DfM65oWCBfMt-20' does not match supplied
service
</cas:authenticationFailure>
</cas:serviceResponse>
]]]]
edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:62)
edu.yale.its.tp.cas.client.filter.CASValidateFilter.getAuthenticatedUser(CASValidateFilter.java:339)
edu.yale.its.tp.cas.client.filter.CASValidateFilter.doFilter(CASValidateFilter.java:289)
Thanks in advance.
Thanks,
Asha
Scott Battaglia <[EMAIL PROTECTED]> wrote: What I was saying was that the
certificate for the CAS Server may not be in the cacerts file for the uPortal
instance's JVM. It would need to be added. (I mention this explicitly because
sometimes people think they added it to the correct JVM and it turns out they
didn't).
-Scott
On 11/15/06, asha latha <[EMAIL PROTECTED]> wrote: Thank you Scott for your
reply.
(a) does not trust the CAS server certificate which means it just needs to be
added
Can you please expain more on the point 'a' you specified.
I am new to CAS, so I am not sure where to find enough information on this
issue.
>(b) the CN does not match the hostname (in this case localhost).
I think this is not the issue because my host name is localhost.
Scott Battaglia < [EMAIL PROTECTED]> wrote:
It most likely means that the uPortal JVM either (a) does not trust the CAS
server certificate which means it just needs to be added or (b) the CN does not
match the hostname (in this case localhost).
-Scott
On 11/14/06, asha latha < [EMAIL PROTECTED]> wrote: Thank you very much
for your support regarding this issue.
Finally, my tomcat is working fine but I am still getting the error when I
try to integrate CAS to uportal.
I tried to access the uportal using the url
https://localhost:8443/cas/login?
service=http%3A%2F%2Flocalhost:8080%2FuPortal%2FLogin
CAS login screen appeared and I have provided it with
NetId: demo
Password: demo
The user is authenticated and it created a ticket and forwarded the request
to uportal
These are the lines that are printed in the tomcat command prompt:
[java] 2006-11-14 21:05:15,936 INFO [org.jasig.cas.web.flow.AutomaticCookie
PathSetterAction] - <Setting ContextPath for cookies to: /cas>
[java] 2006-11-14 21:06:15,882 INFO [org.jasig.cas.authentication.Authentic
ationManagerImpl] - <AuthenticationHandler:
org.jasig.cas.authentication.handler
.support.SimpleTestUsernamePasswordAuthenticationHandler successfully
authentica
ted the user which provided the following credentials: demo>
[java] 2006-11-14 21:06:15,912 INFO
[org.jasig.cas.CentralAuthenticationSer
viceImpl] - <Granted service ticket
[ST-2-nc4QVZbCvVrMfbukiTwiQlN9Ay6Yir09yd7-20
] for service [ http://localhost:8080/uPortal/Login] for user [demo]>
[java] 2006-11-14 21:09:49,279 INFO [
org.jasig.cas.CentralAuthenticationSer
viceImpl] - <Granted service ticket
[ST-3-2ggz6GySwabK7ctCd0OfNbJYIhEs46H4kH9-20
] for service [ http://localhost:8080/uPortal/Login] for user [demo]>
but at this particular point I am getting the following exception.
exception
javax.servlet.ServletException
: Unable to validate ProxyTicketValidator
[[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null]
[edu.yale.its.tp.cas.client.ServiceTicketValidator casValidateUrl=[
https://localhost:8443/cas/serviceValidate]
ticket=[ST-2-nc4QVZbCvVrMfbukiTwiQlN9Ay6Yir09yd7-20]
service=[http%3A%2F%2Flocalhoat%3A8080%2FuPortal%2FLogin] renew=false]]]
edu.yale.its.tp.cas.client.filter.CASValidateFilter.doFilter
(CASValidateFilter.java:292)
root cause
edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to validate
ProxyTicketValidator [[
edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null]
[edu.yale.its.tp.cas.client.ServiceTicketValidator
casValidateUrl=[ https://localhost:8443/cas/serviceValidate]
ticket=[ST-2-nc4QVZbCvVrMfbukiTwiQlN9Ay6Yir09yd7-20]
service=[http%3A%2F%2Flocalhoat%3A8080%2FuPortal%2FLogin] renew=false]]]
edu.yale.its.tp.cas.client.CASReceipt.getReceipt
(CASReceipt.java:52)
edu.yale.its.tp.cas.client.filter.CASValidateFilter.getAuthenticatedUser(CASValidateFilter.java:339)
edu.yale.its.tp.cas.client.filter.CASValidateFilter.doFilter(CASValidateFilter.java:289)
Can anybody help me with this error.
Thanks in advance.
Thanks,
Asha
John Thiltges < [EMAIL PROTECTED]> wrote:
asha latha wrote:
> Thank you for your response John.
>
> I removed those two lines from the server.xml.
>
> > maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
> enableLookups="false" disableUploadTimeout="true"
> acceptCount="100" scheme="https" secure="true"
> clientAuth="false" sslProtocol="TLS"
> />
> Now I am not getting exceptions in tomcat.
Excellent.
> But when I try to open the SSL configuration by going to
> https://localhost:8443/
>
> I am getting the following error message .
>
> There is a problem with this website's security
> certificate.
> The security certificate presented by this website was not
> issued by a trusted certificate authority.
>
>
>
> Security certificate problems may indicate an attempt to fool you or
> intercept any data you send to the server.
>
> Do you have any idea what's going on?
>
Sounds like things are working fine.
Because you made a self-signed certificate, it's not automatically
trusted by your browser and you get the warning. For a production
service, you'll probably want to purchase an SSL certificate from a
certificate authority (CA). There are lots of vendors: Verisign/Thawte,
Comodo, GeoTrust, and many others.
John
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
---------------------------------
Sponsored Link
Mortgage rates near 39yr lows. $510,000 Mortgage for $1,698/mo - Calculate new
house payment
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
---------------------------------
Sponsored Link
Mortgage rates near 39yr lows. $420,000 Mortgage for $1,399/mo - Calculate new
house payment_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
