java.io.IOException: HTTPS hostname wrong

Tue, 11 Sep 2007 16:03:14 -0700 

I'm trying to get the CAS server working with the CASFilter on a tomcat
installation. I configured the server, called gammel1.devqa to use SSL
(via keytool). I created the certificates and put them in my client site
(following directions in
http://blogs.sun.com/andreas/entry/no_more_unable_to_find). When I try
to go to http://localhost:8080/casSample/index.html, I get redirected to
https://gammel1.devqa:8443/cas/login?service=http%3A%2F%2Flocalhost%3A8080%2FcasSample%2Findex.html%3F,
then back to
http://localhost:8080/casSample/index.html?&ticket=ST-4-ugNfcdPhkdO2rbNAlZR10HzV4mWwD11Io67-20.
I then get a failure message:

edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to validate
ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator casValidateUrl=[https://gammel1.devqa:8443/cas/serviceValidate] ticket=[ST-4-ugNfcdPhkdO2rbNAlZR10HzV4mWwD11Io67-20] service=[http%3A%2F%2Flocalhost%3A8080%2FcasSample%2Findex.html] renew=false]]] 

In the logs, I get the dreaded:

Caused by: java.io.IOException: HTTPS hostname wrong:  should be
<gammel1.devqa>
   at
sun.net.www.protocol.https.HttpsClient.checkURLSpoofing(HttpsClient.java:490)
   at
sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:415)

Here is the web.xml on my client:

<web-app xmlns="http://java.sun.com/xml/ns/j2ee";
   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
   xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd";
   version="2.4">
   <filter>
       <filter-name>CAS Filter</filter-name>
       <filter-class>
           edu.yale.its.tp.cas.client.filter.CASFilter
       </filter-class>
       <init-param>

<param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name>
           <param-value>https://gammel1.devqa:8443/cas/login</param-value>
       </init-param>
       <init-param>

<param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name>

<param-value>https://gammel1.devqa:8443/cas/serviceValidate</param-value>
       </init-param>
       <init-param>

<param-name>edu.yale.its.tp.cas.client.filter.serverName</param-name>
           <param-value>localhost:8080</param-value>
       </init-param>
   </filter>
   <servlet>
       <servlet-name>TestServlet</servlet-name>
       <servlet-class>com.TestServlet</servlet-class>
   </servlet>
   <servlet-mapping>
       <servlet-name>TestServlet</servlet-name>
       <url-pattern>/*</url-pattern>
   </servlet-mapping>
   <filter-mapping>
       <filter-name>CAS Filter</filter-name>
       <url-pattern>/*</url-pattern>
   </filter-mapping>
</web-app>

Here is the server.xml on the server (gammel1.devqa):

<Server port="8005" shutdown="SHUTDOWN">
 <GlobalNamingResources>
   <!-- Used by Manager webapp -->
   <Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
      description="User database that can be updated and saved"
          factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
         pathname="conf/tomcat-users.xml" />
 </GlobalNamingResources>

 <Service name="Catalina">
  <Connector port="8080" minSpareThreads="5" maxThreads="100"
enableLookups="false" acceptCount="10" debug="0"
connectionTimeout="20000"/>

   <!-- This is here for compatibility only, not required -->
   <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />

   <Connector port="8443" maxHttpHeaderSize="8192"
              maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
              enableLookups="false" disableUploadTimeout="true"
              acceptCount="100" scheme="https" secure="true"
              clientAuth="false" sslProtocol="TLS"
              keystoreFile="/usr/java/jre1.5.0_10/lib/security/cacerts" />

   <Engine name="Catalina" defaultHost="localhost">
     <Realm
className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase" />
     <Host name="localhost" appBase="webapps" >
       <Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs"  prefix="localhost_access_log." suffix=".txt"
pattern="common" resolveHosts="false"/>
       <Logger className="org.apache.catalina.logger.FileLogger"
directory="logs"  prefix="localhost_log." suffix=".txt" timestamp="true"/>
           <Context path="/alEJPStatic" appBase=""
docBase="ROOT/static"                   debug="99" reloadable="true">
          </Context>
     </Host>
   </Engine>
 </Service>
</Server>


Sorry for the long post. I figured most of this is relevant though. Feel
free to snip when you reply. I have spent a lot of time looking at
previous messages, but I can't seem to fix this. Help is appreciated.
Thanks,
Ross

_________________________________________________________________
Gear up for Halo® 3 with free downloads and an exclusive offer. http://gethalo3gear.com?ocid=SeptemberWLHalo3_MSNHMTxt_1 


_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas

Reply via email to