I am trying to set up x509 login with CAS. I get an error in starting tomcat activated with connector on port 8443 for https: http://www.cce.unipr.it/error8443.txt
I am on a SLES 10: java-1_4_2-ibm-1.4.2.s4-23.13 tomcat5-5.0.30-27.5.3 I tried to download jsse-1.0.3 but I get the same error. Is there a way to get x509 login to work without https-ing tomcat? I ngrepped port 8009 and I see that apache pass to tomcat my certificate (I put SSLVerifyClient optional in the apache virtualhost configuration): http://www.cce.unipr.it/proxypass.txt I followed the instructions at http://www.ja-sig.org/wiki/display/CASUM/X.509+Certificates and http://www.ja-sig.org/products/cas/server/certs/index.html so I added <bean class="org.jasig.cas.adaptors.x509.authentication.handler.support.X509CredentialsAuthenticationHandler"> <property name="trustedIssuerDnPattern" value="C=IT, O=GARR, OU=UNIPR"/> <!-- <property name="maxPathLength" value="3" /> <property name="checkKeyUsage" value="5" /> <property name="requireKeyUsage" value="5" /> --> </bean> to webapp/WEB-INF/deployerConfigContext.xml and log4j.logger.org.jasig.cas.adaptors.x509=DEBUG to webapp/WEB-INF/classes/log4j.properties but the only logs I see in catalina.out are: 2007-07-05 13:02:40,363 WARN [org.springframework.webflow.conversation.impl.ConversationLockFactory] - Unable to enable conversation locking. Switch to Java 5 or above, or put the 'util.concurrent' package on the classpath to enable locking in your environment. 2007-07-05 13:02:40,818 INFO [org.jasig.cas.adaptors.x509.authentication.handler.support.X509CredentialsAuthenticationHandler] - Using default Subject DN Pattern: .* Best regards Marco Panella -- Ing. Marco Panella - tecnico di elaborazione dati Settore Innovazione Tecnologie Informatiche, Universita' di Parma Via G.P. Usberti, 17/A, I-43100, Parma, Italy Phone:+39 - 0521 - 90 - 5470 Fax: +39 - 0521 - 90 - 5469 _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
