Hi,
I want to integer CAS with Jahia 5.0.1:
[EMAIL PROTECTED]:/opt/meditel/tomcat# mkdir ssl
[EMAIL PROTECTED]:/opt/meditel/tomcat# echo $JAVA_HOME
/opt/client/java
# $JAVA_HOME/bin/keytool -genkey -alias linuxapp.domaine.com -keyalg
RSA -keystore /opt/client/jahia/tomcat/ssl/keystore -validity 9999
Tapez le mot de passe du Keystore : changeit
Quels sont vos prÃ(c)nom et nom ?
[Unknown] : linuxapp.domaine.com
Quel est le nom de votre unitÃ(c) organisationnelle ?
[Unknown] : Compagny
Quelle est le nom de votre organisation ?
[Unknown] : Compagny
Quel est le nom de votre ville de rÃ(c)sidence ?
[Unknown] : Casablanca
Quel est le nom de votre Ã(c)tat ou province ?
[Unknown] : Casablanca
Quel est le code de pays à deux lettres pour cette unitÃ(c) ?
[Unknown] : MA
Est-ce CN=linuxapp.domaine.com, OU=Compagny, O=Compagny, L=Casablanca,
ST=Casablanca, C=MA ?
[non] : oui
=====
[EMAIL PROTECTED]:/opt/client/jahia/tomcat/ssl#
$JAVA_HOME/bin/keytool -export -alias linuxapp.domaine.com -keypass
changeit -keystore /opt/client/jahia/tomcat/ssl/keystore -file
/opt/client/jahia/tomcat/ssl/server.crt
Tapez le mot de passe du Keystore : changeit
Certificat enregistrÃ(c) dans le fichier
</opt/client/jahia/tomcat/ssl/server.crt>
====
# $JAVA_HOME/bin/keytool -import -file
/opt/client/jahia/tomcat/ssl/server.crt -keypass changeit -keystore
$JAVA_HOME/jre/lib/security/cacerts
Tapez le mot de passe du Keystore : changeit
PropriÃ(c)taire : CN=linuxapp.domaine.com, OU=Compagny, O=Compagny,
L=Casablanca, ST=Casablanca, C=MA
Ãmetteur : CN=linuxapp.domaine.com, OU=Compagny, O=Compagny,
L=Casablanca, ST=Casablanca, C=MA
NumÃ(c)ro de sÃ(c)rie : 461a6ab9
Valide du : Mon Apr 09 18:32:57 CEST 2007 au : Sun Jul 08 18:32:57 CEST 2007
Empreintes de certificat :
MD5 : 90:8F:81:43:C2:3D:E8:18:33:32:BB:0E:D7:A2:84:77
SHA1: 20:4A:98:E6:BD:80:0F:BB:5D:BC:83:F3:8B:9A:78:04:06:48:84:A3
Faire confiance à ce certificat ? [non] : oui
Certificat ajoutÃ(c) au Keystore
ACTIVATION SSL TOMCAT
=========================================
<Connector port="8080" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" redirectPort="443" acceptCount="100"
connectionTimeout="20000" disableUploadTimeout="true"
emptySessionPath="true"/>
<Connector port="8443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="ssl/keystore"
keystorePass="changeit"
keyAlias="linuxapp.domaine.com"
/>
<Connector port="8009"
enableLookups="false" redirectPort="8443" protocol="AJP/1.3"
emptySessionPath="true"/>
#############################################################################################################
# cd /opt/client/jahia/tomcat/webapps/jahia/WEB-INF/etc/cas
# vi cas.properties
Add :
cas.jahia.serviceUrl=http://linuxapp.domaine.com:8080/jahia
cas.server.validateUrl=https://linuxapp.domaine.com:8443/cas/serviceValidate
cas.server.loginUrl=https://linuxapp.domaine.com:8443/cas/login
#cd /opt/meditel/jahia/tomcat/webapps/jahia/WEB-INF/etc/config
# vi auth-pipeline.xml
Add :
<valveDescriptor>
<className>org.jahia.params.valves.CasAuthValveImpl</className>
</valveDescriptor>
# cd /opt/meditel/jahia5.0.1/tomcat/webapps/jahia/WEB-INF/etc/config
# vi log4j.xml
Add
<category name="org.jahia.services.sso">
<priority value="debug"/>
</category>
<category name="org.jahia.pipelines.valves.SsoValve">
<priority value="debug"/>
</category>
###########################################################################################
Connexion CAS with JAHIA
# cd /opt/client/jahia/tomcat/webapps/jahia/WEB-INF
# vi web.xml
<filter>
<filter-name>JahiaCASFilter</filter-name>
<filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class>
<init-param>
<param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name>
<param-value>https://linuxapp.domaine.com:8443/cas/login</param-value>
</init-param>
<init-param>
<param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name>
<param-value>https://linuxapp.domaine.com:8443/cas/serviceValidate</param-value>
</init-param>
<init-param>
<param-name>edu.yale.its.tp.cas.client.filter.serverName</param-name>
<param-value>linuxapp.domaine.com:8080</param-value>
</init-param>
</filter>
[....]
<filter-mapping>
<filter-name>JahiaCASFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
When I call my URL http://linuxapp.domaine.com:8080/jahia/Jahia
I will be redirect to CAS's authentification.When I put my login/passwd. I
have no connexion to jahia
I have this errror in catalina.out file :
2007-04-13 17:48:53,526 INFO
[org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service
ticket [ST-2-uq5GTEygAvX2JBZo9eTncmEK1WS3d727rcH-20] for service
[http://linuxapp.domaine.com:8080/jahia/Jahia] for user [meditelfixe]>
142082 [2007-04-13 17:48:53,819] [org.jahia.pipelines.valves.SsoValve]
DEBUG - starting org.jahia.params.valves.CasAuthValveImpl.invoke()...
142084 [2007-04-13 17:48:53,821] [org.jahia.pipelines.valves.SsoValve]
DEBUG - retrieving credentials...
142085 [2007-04-13 17:48:53,822] [org.jahia.pipelines.valves.SsoValve]
DEBUG - credentials = ST-2-uq5GTEygAvX2JBZo9eTncmEK1WS3d727rcH-20
142086 [2007-04-13 17:48:53,823] [org.jahia.pipelines.valves.SsoValve]
DEBUG - validating credentials...
142087 [2007-04-13 17:48:53,824] [org.jahia.services.sso.CasService]
DEBUG - cas.server.validateUrl =
https://linuxapp.domaine.com:8443/cas/serviceValidate
142088 [2007-04-13 17:48:53,825] [org.jahia.services.sso.CasService]
DEBUG - cas.jahia.serviceUrl =
http://linuxapp.domaine.com:8080/jahia/Jahia
org.jahia.exceptions.JahiaException: User message=Cannot validate CAS
credentials, System message=Cannot validate CAS credentials, root
cause:error #INVALID_TICKET while validating ticket
'ST-2-uq5GTEygAvX2JBZo9eTncmEK1WS3d727rcH-20': le ticket
'ST-2-uq5GTEygAvX2JBZo9eTncmEK1WS3d727rcH-20' est inconnu root
cause=edu.yale.its.tp.cas.client.CASAuthenticationException: error
#INVALID_TICKET while validating ticket
'ST-2-uq5GTEygAvX2JBZo9eTncmEK1WS3d727rcH-20': le ticket
'ST-2-uq5GTEygAvX2JBZo9eTncmEK1WS3d727rcH-20' est inconnu
at
org.jahia.params.valves.CasAuthValveImpl.validateCredentials(CasAuthValveImpl.java:59)
at org.jahia.pipelines.valves.SsoValve.invoke(SsoValve.java:99)
at
org.jahia.pipelines.impl.GenericPipeline.invokeNext(GenericPipeline.java:208)
at
org.jahia.pipelines.impl.GenericPipeline.invoke(GenericPipeline.java:195)
at org.jahia.params.ParamBean.resolveUser(ParamBean.java:3372)
at org.jahia.params.ParamBean.<init>(ParamBean.java:436)
at org.jahia.params.ParamBean.<init>(ParamBean.java:367)
at
org.jahia.params.ProcessingContextFactoryImpl.getContext(ProcessingContextFactoryImpl.java:52)
at org.jahia.bin.Jahia.createParamBean(Jahia.java:964)
at org.jahia.bin.Jahia.service(Jahia.java:844)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at
.....
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)
edu.yale.its.tp.cas.client.CASAuthenticationException: error
#INVALID_TICKET while validating ticket
'ST-2-uq5GTEygAvX2JBZo9eTncmEK1WS3d727rcH-20': le ticket
'ST-2-uq5GTEygAvX2JBZo9eTncmEK1WS3d727rcH-20' est inconnu
at
org.jahia.services.sso.CasService.validateTicket(CasService.java:177)
at
.....
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)
edu.yale.its.tp.cas.client.CASAuthenticationException: error
#INVALID_TICKET while validating ticket
'ST-2-uq5GTEygAvX2JBZo9eTncmEK1WS3d727rcH-20': le ticket
'ST-2-uq5GTEygAvX2JBZo9eTncmEK1WS3d727rcH-20' est inconnu
at
org.jahia.services.sso.CasService.validateTicket(CasService.java:177)
at
org.jahia.params.valves.CasAuthValveImpl.validateCredentials(CasAuthValveImpl.java:57)
at org.jahia.pipelines.valves.SsoValve.invoke(SsoValve.java:99)
at
org.jahia.pipelines.impl.GenericPipeline.invokeNext(GenericPipeline.java:208)
at
org.jahia.pipelines.impl.GenericPipeline.invoke(GenericPipeline.java:195)
at org.jahia.params.ParamBean.resolveUser(ParamBean.java:3372)
at org.jahia.params.ParamBean.<init>(ParamBean.java:436)
at org.jahia.params.ParamBean.<init>(ParamBean.java:367)
at
......
Anybody had this problem?If How toi resolve that?Else, any helps please !
I will ever glad if someone give the solution.
YThanks ou very much.
NB : I Had mda this JVM option :
"-Djava.net.ssl.trustStore=$JAVA_HOME/jre/lib/security/cacerts" in
catalina.sh file's Tomcat but it didn't accpet me this argument.
Thankyou very much.
--
View this message in context:
http://www.nabble.com/Jahia-%2B-CAS-tf3561514.html#a9946690
Sent from the CAS Users mailing list archive at Nabble.com.
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
