Re: Playing around with the new java client

Mon, 18 Dec 2006 07:10:55 -0800 

Your certificate may not be in your JVM's cacerts file.  Check out
http://www.ja-sig.org/products/cas/server/ssl/index.html

-Scott

On 12/15/06, Vinny <[EMAIL PROTECTED]> wrote:


When I hit my protected webapp   , I am properly redirected to the the cas
server , I login sucessfully (I think)
then get redirected back to my original page (service url?) and  get the
following exception:

javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
        at 
com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificateChain(SSLSessionImpl.java:394)
        at 
org.apache.commons.httpclient.contrib.ssl.StrictSSLProtocolSocketFactory.verifyHostname
(StrictSSLProtocolSocketFactory.java:280)
        at 
org.apache.commons.httpclient.contrib.ssl.StrictSSLProtocolSocketFactory.createSocket(StrictSSLProtocolSocketFactory.java:223)
        at org.apache.commons.httpclient.HttpConnection.open
(HttpConnection.java:706)
        at 
org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1321)
        at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry
(HttpMethodDirector.java:386)
        at 
org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:170)
        at 
org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:396)
        at org.apache.commons.httpclient.HttpClient.executeMethod
(HttpClient.java:324)
        at 
org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.getResponseFromURL(AbstractUrlBasedTicketValidator.java:76)
        at 
org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate
(AbstractUrlBasedTicketValidator.java:46)
        at 
org.jasig.cas.client.web.filter.TicketValidationFilter.doFilterInternal(TicketValidationFilter.java:91)
        at 
org.jasig.cas.client.web.filter.AbstractCasFilter.doFilter(AbstractCasFilter.java
:100)


now I am using a self-signed certificate with under the CN of localhost.
Does httpclient have a problem with those?



--
Ghetto Java: http://www.ghettojava.com
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas




_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas

Reply via email to