You're passing it a proxy callback url. You probably didn't configure that to accept non-SSL urls (and you really shouldn't, not that CAS should be configured without it either ;-)) -Scott
-Scott Battaglia PGP Public Key Id: 0x383733AA LinkedIn: http://www.linkedin.com/in/scottbattaglia On Thu, Jul 24, 2008 at 10:16 PM, Andrew Bruno <[EMAIL PROTECTED]> wrote: > I finally managed to get CAS working without SSL. > > Although a prototype application, it seems to work well locally in my > dev environment (hostname cas=127.0.0.1). > > I have the CAS server listening on http://cas:8080/sso and a sample > "service" web app listing on http://cas:8080/simple_web_1 which has a > public and private area. > > When I click on private area, I get redirected to > http://cas:8080/sso/login?service=http.... > I login and and it redirects back to private area. > Great! it seems to work beautifully, > > BUT > > I am getting an ERROR in the log files: > > org.jasig.cas.ticket.TicketCreationException: > error.authentication.credentials.bad > > I turned on DEBUG, and have pasted the logs below. > > Any ideas? Is there a configuration that I need to set? Has anyone > ever setup CAS without SSL? > > Cheers > Andrew > > > 2008-07-25 12:13:10,293 DEBUG > [org.jasig.cas.web.support.CasArgumentExtractor] - <Extractor > generated service for: http://cas:8080/simple_web_1/protected/> > 2008-07-25 12:13:10,293 DEBUG > > [org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler] > - <Authentication failed because url was not secure.> > 2008-07-25 12:13:10,293 INFO > [org.jasig.cas.authentication.AuthenticationManagerImpl] - > <AuthenticationHandler: > > org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler > failed to authenticate the user which provided the following > credentials: [callbackUrl: > http://cas:8080/simple_web_1/proxyCallback]> > 2008-07-25 12:13:10,309 ERROR > [org.jasig.cas.web.ServiceValidateController] - <TicketException > generating ticket for: [callbackUrl: > http://cas:8080/simple_web_1/proxyCallback]> > org.jasig.cas.ticket.TicketCreationException: > error.authentication.credentials.bad > at > org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket(CentralAuthenticationServiceImpl.java:291) > at > org.jasig.cas.web.ServiceValidateController.handleRequestInternal(ServiceValidateController.java:126) > at > org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153) > at > org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48) > at > org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:875) > at > org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:809) > at > org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:571) > at > org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:501) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:690) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:803) > at > org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > at > org.inspektr.common.web.ClientInfoThreadLocalFilter.doFilterInternal(ClientInfoThreadLocalFilter.java:48) > at > org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > at > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) > at > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175) > at > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) > at > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) > at > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286) > at > org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844) > at > org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) > at > org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) > at java.lang.Thread.run(Thread.java:619) > Caused by: error.authentication.credentials.bad > at > org.jasig.cas.authentication.handler.BadCredentialsAuthenticationException.<clinit>(BadCredentialsAuthenticationException.java:25) > at > org.jasig.cas.authentication.AuthenticationManagerImpl.authenticate(AuthenticationManagerImpl.java:113) > at > org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket(CentralAuthenticationServiceImpl.java:262) > ... 26 more > 2008-07-25 12:13:10,309 DEBUG > [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to > retrieve ticket [ST-1-YrcOjk6g3vkN07eK4U5q-cas]> > 2008-07-25 12:13:10,309 DEBUG > [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Ticket > [ST-1-YrcOjk6g3vkN07eK4U5q-cas] found in registry.> > 2008-07-25 12:13:10,309 DEBUG > [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Removing > ticket [ST-1-YrcOjk6g3vkN07eK4U5q-cas] from registry> > 2008-07-25 12:13:10,324 DEBUG > [org.springframework.validation.DataBinder] - <DataBinder requires > binding of required fields [renew]> > 2008-07-25 12:13:10,340 DEBUG > [org.springframework.beans.factory.support.DefaultListableBeanFactory] > - <Returning cached instance of singleton bean > 'casServiceSuccessView'> > 2008-07-25 12:13:10,340 DEBUG > [org.springframework.web.servlet.view.ResourceBundleViewResolver] - > <Cached view [casServiceSuccessView_en_AU]> > 2008-07-25 12:13:10,340 DEBUG > [org.springframework.web.servlet.DispatcherServlet] - <Rendering view > [org.springframework.web.servlet.view.JstlView: name > 'casServiceSuccessView'; URL > [/WEB-INF/view/jsp/protocol/2.0/casServiceValidationSuccess.jsp]] in > DispatcherServlet with name 'cas'> > 2008-07-25 12:13:10,340 DEBUG > [org.springframework.web.servlet.view.JstlView] - <Rendering view with > name 'casServiceSuccessView' with model > {assertion=[principals={[[Principal=us_web_2, > > attributes={authenticationMethod=com.lonelyplanet.sso.handler.UserServiceAuthenticationHandler}]]} > for service=http://cas:8080/simple_web_1/protected/]} and static > attributes {}> > 2008-07-25 12:13:10,340 DEBUG > [org.springframework.web.servlet.view.JstlView] - <Added model object > 'assertion' of type [org.jasig.cas.validation.ImmutableAssertionImpl] > to request in view with name 'casServiceSuccessView'> > 2008-07-25 12:13:10,340 DEBUG > [org.springframework.web.servlet.view.JstlView] - <Forwarding to > resource [/WEB-INF/view/jsp/protocol/2.0/casServiceValidationSuccess.jsp] > in InternalResourceView 'casServiceSuccessView'> > 2008-07-25 12:13:10,636 DEBUG > [org.springframework.web.servlet.DispatcherServlet] - <Cleared > thread-bound request context: > [EMAIL PROTECTED]> > 2008-07-25 12:13:10,636 DEBUG > [org.springframework.web.servlet.DispatcherServlet] - <Successfully > completed request> > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas >
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
