Did you add it to the JVM's cacerts file?

-Scott

-Scott Battaglia
PGP Public Key Id: 0x383733AA
LinkedIn: http://www.linkedin.com/in/scottbattaglia


On Fri, Aug 15, 2008 at 6:04 PM, Sandor Nemeth <[EMAIL PROTECTED]
> wrote:

> I took a look at debug mode, and I realized a strange thing. Now the system
> is under testing (as you may recognized it) and I'm using a test certificate
> generated with
>
> $JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA
>
> I configured the tomcat SSL connector:
>
>  <Connector port="8443" minSpareThreads="5" maxSpareThreads="75"
>         enableLookups="true" disableUploadTimeout="true"
>         acceptCount="100"  maxThreads="200"
>         scheme="https" secure="true" SSLEnabled="true"
>         keystoreFile="${user.home}/.keystore" keystorePass="xxxxxx"
>         clientAuth="false" sslProtocol="TLS"
>     />
>
> It seems that the tomcat, which runs the application does not recognize and
> accept the certificate, which is served by itself. How can I make tomcat
> accept its certificate?
>
> Regards,
> Sandor Nemeth
>
>
> On Fri, Aug 15, 2008 at 11:29 PM, Scott Battaglia <
> [EMAIL PROTECTED]> wrote:
>
>> 2008-08-15 22:09:07,922 ERROR [org.jasig.cas.client.
>> validation.Cas20ServiceTicketValidator] - <java.net.ConnectException:
>> Connection refused>
>> java.net.ConnectException: Connection refused
>>
>> My guess is there may be a typo in one of the urls in the cas.properties
>> file.  Otherwise there's a url accidentally hard-coded in the
>> securityContext.xml that we somehow missed.
>>
>> -Scott
>>
>> -Scott Battaglia
>> PGP Public Key Id: 0x383733AA
>> LinkedIn: http://www.linkedin.com/in/scottbattaglia
>>
>>
>> On Fri, Aug 15, 2008 at 5:20 PM, Sandor Nemeth <
>> [EMAIL PROTECTED]> wrote:
>>
>>> Ok, thanks, I understand now, how this works, but I can not get it to
>>> work.
>>>
>>> I get this error message:
>>> You are not authorized to use this application for the following reason:
>>> ; nested exception is
>>> org.jasig.cas.client.validation.TicketValidationException: The CAS server
>>> returned no response..
>>>
>>> I get this exception:
>>> 2008-08-15 22:09:07,922 ERROR
>>> [org.jasig.cas.client.validation.Cas20ServiceTicketValidator] -
>>> <java.net.ConnectException: Connection refused>
>>> java.net.ConnectException: Connection refused
>>>
>>> According to logs, I have authenticated to the CAS service. I have this
>>> login name in the InMemoryDaoImpl, I've changed the URL-s in cas.properties,
>>> as the Wiki's Configuration page describes.
>>>
>>> Regards,
>>>  Sandor Nemeth
>>>
>>>
>>> On Fri, Aug 15, 2008 at 10:38 PM, Scott Battaglia <
>>> [EMAIL PROTECTED]> wrote:
>>>
>>>> If you're using CAS to authenticate to the services management tool, all
>>>> it can find is what's in your LDAP server. The InMemoryDaoImpl merely lists
>>>> the users and roles that have access to the Services Management tool.
>>>> Putting a password in the InMemoryDaoImpl is meaningless if you're using 
>>>> CAS
>>>> to authenticate.  Likewise, putting a username there that doesn't exist in
>>>> LDAP won't help you since LDAP will never find that username.
>>>>
>>>> -Scott
>>>>
>>>> -Scott Battaglia
>>>> PGP Public Key Id: 0x383733AA
>>>> LinkedIn: http://www.linkedin.com/in/scottbattaglia
>>>>
>>>>
>>>>
>>>> On Fri, Aug 15, 2008 at 4:29 PM, Sandor Nemeth <
>>>> [EMAIL PROTECTED]> wrote:
>>>>
>>>>> I banged my head around too, but this version change did solve my
>>>>> problem. But I should suggest you to add the following to the dependencies
>>>>> if you want to use a not-hsqldb solution for storing services:
>>>>>
>>>>> <dependency>
>>>>>   <groupId>org.springframework</groupId>
>>>>>   <artifactId>spring-jdbc</artifactId>
>>>>>   <version>${spring.version}</version>
>>>>> </dependency>
>>>>>
>>>>> I had a lot of trouble with it :)
>>>>>
>>>>> And I'll submit a bug to JIRA because there is a simple escaping error
>>>>> in one of the JSP files, and my tomcat (6.0) is shouting for it.
>>>>>
>>>>> One more question.
>>>>> I was trying to get the service management work. I followed the
>>>>> tutorial, and modified the deployerConfigContext.xml:
>>>>> <bean id="userDetailsService"
>>>>> class="org.springframework.security.userdetails.memory.InMemoryDaoImpl">
>>>>>   <property name="userMap">
>>>>>     <value>
>>>>>       cas-admin=xxxxxx,ROLE_ADMIN
>>>>>     </value>
>>>>>   </property>
>>>>> </bean>
>>>>>
>>>>> but as I try to authenticate, it fails as the
>>>>> BindLdapAuthenticationHandler can not find this username and password.
>>>>> Do I have to sign in elsewhere, or did I again miss something in the
>>>>> configuration? :S
>>>>>
>>>>> Regards,
>>>>> Sandor Nemeth
>>>>>
>>>>> On Fri, Aug 15, 2008 at 6:11 PM, <[EMAIL PROTECTED]> wrote:
>>>>>
>>>>>>
>>>>>> I just finished banging my head against something very similar. I was
>>>>>> ending up with both the 2.0.7 *and* 2.5.5 jars in my war & getting
>>>>>> 'no such method' exceptions. Try running: mvn clean. Then do your build.
>>>>>>
>>>>>> Also, Scott shared in a Jira task that there's a difference in the way
>>>>>> dependencies are handled between Maven 2.0.9 and 2.0.8 (presumably 
>>>>>> anything
>>>>>> below?) So you might want to make sure you have the very latest Maven 
>>>>>> too.
>>>>>>
>>>>>>
>>>>>> Thanks,
>>>>>> Ann
>>>>>>
>>>>>> ------
>>>>>> G. Ann Campbell
>>>>>> Systems Engineer
>>>>>> Shaw Industries
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>  *"Sandor Nemeth" <[EMAIL PROTECTED]>*
>>>>>> Sent by: [EMAIL PROTECTED]
>>>>>>
>>>>>> 08/15/2008 11:45 AM
>>>>>>  Please respond to
>>>>>> Yale CAS mailing list <[email protected]>
>>>>>>
>>>>>>   To
>>>>>> "Yale CAS mailing list" <[email protected]>
>>>>>>  cc
>>>>>>
>>>>>>  Subject
>>>>>> CAS 3.3 Final dependencies error
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> Hi again,
>>>>>>
>>>>>> I faced a new problem here. I thought I just simply make a new build
>>>>>> with 3.3 sources, with the same config I built *3.2.1.1*<http://3.2.1.1/>
>>>>>> , but it looks like some dependencies are wrong. I took a look at the
>>>>>> pom.xml files, but <spring-version> shows me the correct 2.5.5 version. 
>>>>>> But
>>>>>> M2 downloads spring-core v2.0.7 and spring-beans v2.0.7.
>>>>>>
>>>>>>
>>>>>> So there are some missing classes appearing at deploy:
>>>>>> org.springframework.beans.PropertyAccessorFactory
>>>>>> org.springframework.core.SmartClassLoader
>>>>>>
>>>>>> Did I miss something at the configuration?
>>>>>>
>>>>>> I could download the correct jars from the m2 repository ( I'll give
>>>>>> it a try, and I think it will work with the v2.5.5 jars) but I think you
>>>>>> should be aware of it, if others will experience this problem.
>>>>>>
>>>>>> Regards,
>>>>>> Sandor Nemeth_______________________________________________
>>>>>> Yale CAS mailing list
>>>>>> [email protected]
>>>>>> http://tp.its.yale.edu/mailman/listinfo/cas
>>>>>>
>>>>>> **********************************************************
>>>>>> Privileged and/or confidential information may be contained in this 
>>>>>> message. If you are not the addressee indicated in this message (or are 
>>>>>> not responsible for delivery of this message to that person) , you may 
>>>>>> not copy or deliver this message to anyone. In such case, you should 
>>>>>> destroy this message and notify the sender by reply e-mail.
>>>>>>
>>>>>>
>>>>>>
>>>>>> If you or your employer do not consent to Internet e-mail for messages 
>>>>>> of this kind, please advise the sender.
>>>>>> Shaw Industries does not provide or endorse any opinions, conclusions or 
>>>>>> other information in this message that do not relate to the official 
>>>>>> business of the company  or its subsidiaries.
>>>>>>
>>>>>>
>>>>>>
>>>>>> **********************************************************
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> Yale CAS mailing list
>>>>>> [email protected]
>>>>>> http://tp.its.yale.edu/mailman/listinfo/cas
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Sandor Nemeth
>>>>>
>>>>> PHP Developer
>>>>> mobile: +36 30 862 15 47
>>>>> google talk: sandor.nemeth.1986 [at] gmail [dot] com
>>>>> msn: praise [at] uw [dot] hu
>>>>> skype: prez.nemeth
>>>>> blog: http://phptools-alp.blogspot.com/
>>>>>
>>>>> _______________________________________________
>>>>> Yale CAS mailing list
>>>>> [email protected]
>>>>> http://tp.its.yale.edu/mailman/listinfo/cas
>>>>>
>>>>>
>>>>
>>>> _______________________________________________
>>>> Yale CAS mailing list
>>>> [email protected]
>>>> http://tp.its.yale.edu/mailman/listinfo/cas
>>>>
>>>>
>>>
>>>
>>> --
>>> Sandor Nemeth
>>>
>>> PHP Developer
>>> mobile: +36 30 862 15 47
>>> google talk: sandor.nemeth.1986 [at] gmail [dot] com
>>> msn: praise [at] uw [dot] hu
>>> skype: prez.nemeth
>>> blog: http://phptools-alp.blogspot.com/
>>>
>>> _______________________________________________
>>> Yale CAS mailing list
>>> [email protected]
>>> http://tp.its.yale.edu/mailman/listinfo/cas
>>>
>>>
>>
>> _______________________________________________
>> Yale CAS mailing list
>> [email protected]
>> http://tp.its.yale.edu/mailman/listinfo/cas
>>
>>
>
>
> --
> Sandor Nemeth
>
> PHP Developer
> mobile: +36 30 862 15 47
> google talk: sandor.nemeth.1986 [at] gmail [dot] com
> msn: praise [at] uw [dot] hu
> skype: prez.nemeth
> blog: http://phptools-alp.blogspot.com/
>
> _______________________________________________
> Yale CAS mailing list
> [email protected]
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas

Reply via email to