Ross, When you created your certificates via the keytool, what did you choose as the CN?
-Scott On 9/11/07, Ross Bleakney <[EMAIL PROTECTED]> wrote: > > I'm trying to get the CAS server working with the CASFilter on a tomcat > installation. I configured the server, called gammel1.devqa to use SSL > (via keytool). I created the certificates and put them in my client site > (following directions in > http://blogs.sun.com/andreas/entry/no_more_unable_to_find). When I try > to go to http://localhost:8080/casSample/index.html, I get redirected to > > https://gammel1.devqa:8443/cas/login?service=http%3A%2F%2Flocalhost%3A8080%2FcasSample%2Findex.html%3F > , > then back to > > http://localhost:8080/casSample/index.html?&ticket=ST-4-ugNfcdPhkdO2rbNAlZR10HzV4mWwD11Io67-20 > . > I then get a failure message: > > edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to validate > ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator > proxyList=[null] > [edu.yale.its.tp.cas.client.ServiceTicketValidator > casValidateUrl=[https://gammel1.devqa:8443/cas/serviceValidate] > ticket=[ST-4-ugNfcdPhkdO2rbNAlZR10HzV4mWwD11Io67-20] > service=[http%3A%2F%2Flocalhost%3A8080%2FcasSample%2Findex.html] > renew=false]]] > > In the logs, I get the dreaded: > > Caused by: java.io.IOException: HTTPS hostname wrong: should be > <gammel1.devqa> > at > sun.net.www.protocol.https.HttpsClient.checkURLSpoofing(HttpsClient.java > :490) > at > sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:415) > > Here is the web.xml on my client: > > <web-app xmlns="http://java.sun.com/xml/ns/j2ee" > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" > xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee > http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" > version="2.4"> > <filter> > <filter-name>CAS Filter</filter-name> > <filter-class> > edu.yale.its.tp.cas.client.filter.CASFilter > </filter-class> > <init-param> > > <param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name> > <param-value>https://gammel1.devqa:8443/cas/login > </param-value> > </init-param> > <init-param> > > <param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name> > > <param-value>https://gammel1.devqa:8443/cas/serviceValidate</param-value> > </init-param> > <init-param> > > <param-name>edu.yale.its.tp.cas.client.filter.serverName</param-name> > <param-value>localhost:8080</param-value> > </init-param> > </filter> > <servlet> > <servlet-name>TestServlet</servlet-name> > <servlet-class>com.TestServlet</servlet-class> > </servlet> > <servlet-mapping> > <servlet-name>TestServlet</servlet-name> > <url-pattern>/*</url-pattern> > </servlet-mapping> > <filter-mapping> > <filter-name>CAS Filter</filter-name> > <url-pattern>/*</url-pattern> > </filter-mapping> > </web-app> > > Here is the server.xml on the server (gammel1.devqa): > > <Server port="8005" shutdown="SHUTDOWN"> > <GlobalNamingResources> > <!-- Used by Manager webapp --> > <Resource name="UserDatabase" auth="Container" > type="org.apache.catalina.UserDatabase" > description="User database that can be updated and saved" > factory="org.apache.catalina.users.MemoryUserDatabaseFactory" > pathname="conf/tomcat-users.xml" /> > </GlobalNamingResources> > > <Service name="Catalina"> > <Connector port="8080" minSpareThreads="5" maxThreads="100" > enableLookups="false" acceptCount="10" debug="0" > connectionTimeout="20000"/> > > <!-- This is here for compatibility only, not required --> > <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" /> > > <Connector port="8443" maxHttpHeaderSize="8192" > maxThreads="150" minSpareThreads="25" maxSpareThreads="75" > enableLookups="false" disableUploadTimeout="true" > acceptCount="100" scheme="https" secure="true" > clientAuth="false" sslProtocol="TLS" > keystoreFile="/usr/java/jre1.5.0_10/lib/security/cacerts" > /> > > <Engine name="Catalina" defaultHost="localhost"> > <Realm > className="org.apache.catalina.realm.UserDatabaseRealm" > resourceName="UserDatabase" /> > <Host name="localhost" appBase="webapps" > > <Valve className="org.apache.catalina.valves.AccessLogValve" > directory="logs" prefix="localhost_access_log." suffix=".txt" > pattern="common" resolveHosts="false"/> > <Logger className="org.apache.catalina.logger.FileLogger" > directory="logs" prefix="localhost_log." suffix=".txt" timestamp="true"/> > <Context path="/alEJPStatic" appBase="" > docBase="ROOT/static" debug="99" reloadable="true"> > </Context> > </Host> > </Engine> > </Service> > </Server> > > > Sorry for the long post. I figured most of this is relevant though. Feel > free to snip when you reply. I have spent a lot of time looking at > previous messages, but I can't seem to fix this. Help is appreciated. > Thanks, > Ross > > _________________________________________________________________ > Gear up for Halo(r) 3 with free downloads and an exclusive offer. > http://gethalo3gear.com?ocid=SeptemberWLHalo3_MSNHMTxt_1 > > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > > -- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
