I'm guessing there has to be an IOException...it was the only thing that doesn't appear to be logged at DEBUG level. Let me know if it tells you what the problem is.
-Scott On Nov 8, 2007 6:15 PM, Lucas Rockwell <[EMAIL PROTECTED]> wrote: > Hi Scott, > > Thanks for the suggestion. I added > log4j.logger.org.jasig.cas.util.HttpClient=DEBUG (although I had > already enabled log4j.logger.org.jasig=DEBUG), and I didn't get > anything new. > > I'll look at HttpClient and add the logging statement to my copy for > now. > > -lucas > > On Nov 8, 2007, at 2:12 PM, Scott Battaglia wrote: > > > Lucas, > > > > Try turning on debug mode for org.jasig.cas.util.HttpClient and > > seeing it it rejects any of the status codes. > > > > I also committed a change to the HttpClient in Subversion which > > logs if there is an IOException or not (it previously swallowed the > > exception). > > > > -Scott > > > > On Nov 7, 2007 5:17 PM, Lucas Rockwell <[EMAIL PROTECTED]> > > wrote: > > Hi Scott and others, > > > > I have recently run into this problem as well, but with a different > > error message. We have a cert authority on campus, and some of the > > dev machines use them. I have imported all 3 of the certs in the > > chain into the cacerts file (I tried with just the root cert, and > > that didn't work), but I still get errors like this: > > > > 2007-11-07 13:57:38,910 INFO > > [org.jasig.cas.authentication.AuthenticationManagerImpl] - > > <AuthenticationHandler: > > org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentia > > lsAuthenticationHandler failed to authenticate the user which > > provided the following credentials: https:// > > studentsdev.berkeley.edu/OSL/HelloCAS/testcerts.asp > > > 2007-11-07 13:57:38,911 ERROR > > [org.jasig.cas.web.ServiceValidateController] - <TicketException > > generating ticket for: https://studentsdev.berkeley.edu/OSL/ > > HelloCAS/testcerts.asp> > > org.jasig.cas.ticket.TicketCreationException: > > error.authentication.credentials.bad > > at > > org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingT > > icket (CentralAuthenticationServiceImpl.java:271) > > at > > org.jasig.cas.web.ServiceValidateController.handleRequestInternal > > (ServiceValidateController.java :124) > > at > > org.springframework.web.servlet.mvc.AbstractController.handleRequest > > (AbstractController.java:153) > > ... > > > > I turned on debugging, and got this extra line: > > > > 2007-11-07 14:12:47,178 DEBUG > > [org.jasig.cas.authentication.handler.support.HttpBasedServiceCredenti > > alsAuthenticationHandler ] - <Attempting to resolve credentials for > > https://studentsdev.berkeley.edu/OSL/HelloCAS/testcerts.asp> > > > > then the same as above: > > > > 2007-11-07 14:12:52,234 INFO > > [org.jasig.cas.authentication.AuthenticationManagerImpl] - > > <AuthenticationHandler: > > org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentia > > lsAuthenticationHandler failed to authenticate the user which > > provided the following credentials: https:// > > studentsdev.berkeley.edu/OSL/HelloCAS/testcerts.asp > > > 2007-11-07 14:12:52,239 ERROR > > [org.jasig.cas.web.ServiceValidateController] - <TicketException > > generating ticket for: https://studentsdev.berkeley.edu/OSL/ > > HelloCAS/testcerts.asp> > > org.jasig.cas.ticket.TicketCreationException: > > error.authentication.credentials.bad > > > > I have even pointed explicitly to the cacerts file in the tomcat > > startup script, using the - Djavax.net.ssl.trustStore= and - > > Djavax.net.ssl.trustStorePassword= arguments, and that does not > > help, either. I have also tried importing the actual public cert > > that was issued to the client, and no go. > > > > Does anyone have an hints about what I am doing wrong? Am I missing > > some xml config somewhere? > > > > This is with CAS 3.1.0. > > > > Thanks. > > > > -lucas > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > -- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
