-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I found another post on the same issue at
http://www.mail-archive.com/[email protected]/msg00135.html The explanation there points out that I have to install the server's certificate public key on my local machine where the client resides. If I look closer to your answer you say "the keystore of the client JVM", I should read the mails more carefully ;) Thx again, I'll try this immediatly Andrew Petro schrieb: > Arthur, > > It appears your CAS server is using a self-signed SSL certificate. Have > you installed the public key of this certificate into the keystore of > the client JVM so that it knows to trust this SSL certificate and can > successfully https: request to CAS to validate the ticket? > > SSL certificate installation issues are by far the most common cause of > inability to validate the ProxyTicketValidator in the Yale Java CAS Client. > > Andrew > > > > Arthur Erdös wrote: > Hello CAS experts ;) > > finally I made it to get the CAS server deployed in Tomcat and SSL > working... Now I'm facing the next problem when being redirected from > the cas server: > > CASAuthenticationException: Unable to validate ProxyTicketValidator > > I'm testing the HelloWorld Servlet running on the local machine. The cas > server runs on an extern machine. > > server catalina log: > > [org.jasig.cas.authentication.AuthenticationManagerImpl] - > <AuthenticationHandler: > org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler > successfully authenticated the user which provided the following > credentials: uday> > 2008-02-18 18:58:34,389 INFO > [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service > ticket [ST-4-k07YL5mH4zxYbOZccgKf] for service > [http://localhost:8180/servlets-examples/servlet/HelloWorldExample] for > user [uday]> > > client catalina log: > > 18.02.2008 17:10:12 edu.yale.its.tp.cas.client.CASReceipt getReceipt > SCHWERWIEGEND: edu.yale.its.tp.cas.client.CASAuthenticationException: > Unable to validate ProxyTicketValidator > [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] > [edu.yale.its.tp.cas.client.ServiceTicketValidator > casValidateUrl=[https://secure.bg-server.de:8443/cas/serviceValidate] > ticket=[ST-4-k07YL5mH4zxYbOZccgKf] > service=[http%3A%2F%2Flocalhost%3A8180%2Fservlets-examples%2Fservlet%2FHelloWorldExample] > renew=false]]] > 18.02.2008 17:10:12 edu.yale.its.tp.cas.client.filter.CASFilter doFilter > SCHWERWIEGEND: edu.yale.its.tp.cas.client.CASAuthenticationException: > Unable to validate ProxyTicketValidator > [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] > [edu.yale.its.tp.cas.client.ServiceTicketValidator > casValidateUrl=[https://secure.bg-server.de:8443/cas/serviceValidate] > ticket=[ST-4-k07YL5mH4zxYbOZccgKf] > service=[http%3A%2F%2Flocalhost%3A8180%2Fservlets-examples%2Fservlet%2FHelloWorldExample] > renew=false]]] > > > anybody an idea what is still missing?? > > thx in advance! _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHurGCdPoEKckmzw4RAvY6AJwNAld+VqhyjEOiwvhd6W7TLYciVACglVJq 5S4G8SOSg240Lm9xBM+brL4= =TqTt -----END PGP SIGNATURE----- _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
