What is the CN of your certificate? -Scott
On 9/21/07, zahia ikhteah <[EMAIL PROTECTED]> wrote: > > Hi, > I have put in place a simple "CAS SSO" for the "Liferay" portal and it > works very well. > now I'm trying to extend this solution to put in place a proxy cas sso > that accesses to a portlet that, itself, accesses to "Alfresco" via web > services. > > What are the configurations to add in the class " > com.liferay.portal.servlet.filters.sso.cas.CASFilter" > to use the proxies and get the pgtiou I'd use to ask for proxy tickets??? > > > otherwise, I've tried to illustrate the mecanisme directly in a browser > like this: > - my server cas accessible on the port :8483 > - my server tomcat for liferay on : 8090 > - I also have the liferay's ssl port: 8445 > > So > - I put in the url "https://localhost:8443/cas/login"; for the > authentication on the "CAS" > - then the url > "https://localhost:8443/cas/login?service=localhost:8090/c/portal"; > to get the st for liferay > - validation of the service, ticket recovered on > https://localhost:8443/cas/serviceValidateticket=XXX&service=localhost:8090/c/portal&pgtUrl=https://localhost:8445 > /c/cas/proxyCallBack > > this is where I get the login but I have this exception: > > > > INFO: Server startup in 4596 ms > 2007-09-13 14:23:12,026 INFO [ > org.jasig.cas.ticket.registry.support.DefaultTicke > tRegistryCleaner] - <Starting cleaning of expired tickets from ticket > registry a > t [Thu Sep 13 14:23:12 CEST 2007]> > 2007-09-13 14:23:12,036 INFO [ > org.jasig.cas.ticket.registry.support.DefaultTicke > tRegistryCleaner] - <0 found to be removed. Removing now.> > 2007-09-13 14:23:12,046 INFO [ > org.jasig.cas.ticket.registry.support.DefaultTicke > tRegistryCleaner] - <Finished cleaning of expired tickets from ticket > registry a > t [Thu Sep 13 14:23:12 CEST 2007]> > 2007-09-13 14:38:32,650 INFO [ > org.jasig.cas.web.flow.InitialFlowSetupAction] - < > Setting ContextPath for cookies to: /cas> > 2007-09-13 14:39:14,991 INFO [ > org.jasig.cas.authentication.AuthenticationManager > Impl] - <AuthenticationHandler: > org.jasig.cas.authentication.handler.support.Sim > pleTestUsernamePasswordAuthenticationHandler successfully authenticated > the user > which provided the following credentials: joebloggs> > 2007-09-13 14:39:15,011 INFO [ > org.jasig.cas.CentralAuthenticationServiceImpl] - > <Granted service ticket [ST-1-o33NgonIFq7uJTQCTfy5f66I4OJJLJftVaQ-20] for > servic > e [http://localhost:9000/liferay] for user [joebloggs]> > 2007-09-13 14:40:07,106 INFO [ > org.jasig.cas.authentication.AuthenticationManager > Impl] - <AuthenticationHandler: > org.jasig.cas.authentication.handler.support.Htt > pBasedServiceCredentialsAuthenticationHandler failed to authenticate the > user wh > ich provided the following credentials: > https://localhost:8443/cas/proxyCallBack > > > 2007-09-13 14:40:07,106 ERROR [org.jasig.cas.web.ServiceValidateController] > - <T > icketException generating ticket for: > https://localhost:8443/cas/proxyCallBack> > org.jasig.cas.ticket.TicketCreationException: > error.authentication.credentials.b > ad > at > org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGranting > Ticket(CentralAuthenticationServiceImpl.java:271) > at > org.jasig.cas.web.ServiceValidateController.handleRequestInternal(Ser > viceValidateController.java:124) > at > org.springframework.web.servlet.mvc.AbstractController.handleRequest ( > AbstractController.java:153) > at > org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.ha > ndle(SimpleControllerHandlerAdapter.java:48) > at > org.springframework.web.servlet.DispatcherServlet.doDispatch(Dispatch > erServlet.java:857) > at org.springframework.web.servlet.DispatcherServlet.doService > (Dispatche > rServlet.java:792) > at > org.springframework.web.servlet.FrameworkServlet.processRequest(Frame > > workServlet.java:475) > at org.springframework.web.servlet.FrameworkServlet.doGet > (FrameworkServl > et.java:430) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:690) > at javax.servlet.http.HttpServlet.service (HttpServlet.java:803) > at org.jasig.cas.web.init.SafeDispatcherServlet.service > (SafeDispatcherSe > rvlet.java:115) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl > icationFilterChain.java :269) > at org.apache.catalina.core.ApplicationFilterChain.doFilter > (ApplicationF > ilterChain.java:188) > at org.apache.catalina.core.StandardWrapperValve.invoke > (StandardWrapperV > alve.java:210) > at org.apache.catalina.core.StandardContextValve.invoke > (StandardContextV > alve.java:174) > at org.apache.catalina.core.StandardHostValve.invoke( > StandardHostValve.j > ava:127) > at org.apache.catalina.valves.ErrorReportValve.invoke ( > ErrorReportValve.j > ava:117) > at org.apache.catalina.core.StandardEngineValve.invoke > (StandardEngineVal > ve.java:108) > at org.apache.catalina.connector.CoyoteAdapter.service( > CoyoteAdapter.jav > a:151) > at org.apache.coyote.http11.Http11Processor.process( > Http11Processor.java > :870) > at > org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.p > rocessConnection(Http11BaseProtocol.java :665) > at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket > (PoolTcpEndpo > int.java:528) > at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt > (LeaderFol > lowerWorkerThread.java:81) > at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run > (ThreadP > ool.java:685) > at java.lang.Thread.run(Unknown Source) > Caused by: error.authentication.credentials.bad > at > org.jasig.cas.authentication.handler.BadCredentialsAuthenticationExce > ption.<clinit>(BadCredentialsAuthenticationException.java:25) > at > org.jasig.cas.authentication.AuthenticationManagerImpl.authenticate(A > uthenticationManagerImpl.java:108) > at > org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGranting > Ticket(CentralAuthenticationServiceImpl.java:242) > ... 24 more > > for information, I've generated the certificate with the following > commands: > > ------keytool -genkey -alias tomcat -keypass changeit -keyalg RSA > ------keytool -export -alias tomcat -keypass changeit -file server.cert > ------keytool -import -alias tomcat -file server.cert -keypass changeit > -keystore %JAVA_HOME%/jre/lib/security/cacerts > > > > Thanks for your help > > > -- > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > > -- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
