Scott Battaglia schrieb: > Martin, > > I'm not sure I follow what you're asking. > Sorry for my bad English :-X > Are you asking about a potential redirect after using /logout (i.e. > /logout?service=foo). If that's the case it only works if you've enabled > that on the logout controller. > I call CAS to logout with a URL like.... cas/logout?service=http://... But I never be redirected to the service-url :-( What do you mean with "enable that on the logout controller"? Just turn it on the application that starts logout? That's already done. Is there something else to configure in CAS? > If you're asking about errors for the callback of the logout (i.e. notifying > each application that the user logged out), then you may have an application > that uses a self-signed certificate which may not be in the JVM's cacerts > file. > The application is notified. Well, the user isn't logged in any more. But I get this error-message:
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target Every time someone logs out. But you're right, the certificate isn't in the JVM cacerts. Interesting that this only matters, when a user logout - login works without any error-messages in the log. Thanks a lot Martin > -Scott > > -Scott Battaglia > PGP Public Key Id: 0x383733AA > LinkedIn: http://www.linkedin.com/in/scottbattaglia > > > On Fri, Aug 15, 2008 at 4:21 AM, Martin Lamprechter < > [EMAIL PROTECTED]> wrote: > > >> Hi, >> >> I use CAS 3.2.1.1 and I guess everything works fine. >> But today I have a look at the log-file and I saw many errors like this: >> >> >>> PKIX path building failed: >>> sun.security.provider.certpath.SunCertPathBuilderException: unable to >>> find valid certification path to requested target >>> >> On every logout a new error-log is written. >> >> Maybe it is something wrong with the logout service-redirectURL - it is >> signed, but the cert doesn't match the URL (just testing right now). >> But when CAS is so strong with certs, why can I login to the same URL? >> >> And if everything works fine - should I be redirected to the >> ?service-URL? In my case logout ends on the CAS-Logout site.... >> >> Best regards >> Martin >> _______________________________________________ >> Yale CAS mailing list >> [email protected] >> http://tp.its.yale.edu/mailman/listinfo/cas >> >> > > > ------------------------------------------------------------------------ > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
