Re: cas proxy

Wed, 19 Nov 2008 04:39:50 -0800 

hi everyone,
     can anybody help me?

   first time  I am implementing single sign on using CAS and acegi.i did
configuration for acegi and it acts as a client.
    i m using CAS 3.31 and JBOSS 4.2.3 GA server.

     request is going to CAS server. and is authenticating fine .but while
redirecting i am getting following error .  it is  as follows

Authentication request failed: *
org.acegisecurity.AuthenticationServiceException*: *
sun.security.validator.ValidatorException*: PKIX path building failed: *
sun.security.provider.certpath.SunCertPathBuilderException*: unable to find
valid certification path to requested target.

  i have gone through  some forums and  found some reasons to this exception
, saying due to some SSL cerificate problems
  i tried to fix it,still it is  showing error .

     these are the following steps i have done it.

  %JAVA_HOME%\bin\keytool -delete -alias tomcat -keypass changeit

 %JAVA_HOME%\bin\keytool -genkey -alias tomcat -keypass changeit -keyalg RSA
 %JAVA_HOME%\bin\keytool -export -alias tomcat -keypass changeit  -file
server.crt
 %JAVA_HOME%\bin\keytool -import -file server.crt -keypass changeit
-keystore %JAVA_HOME%/jre/lib/security/cacerts


  after that  in server.xml(jboss-4.2.3 GA)


<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"-->

<maxThreads="150" scheme="https" secure="true">

clientAuth="false"

 keystoreFile=""C:\Documents and Settings\Niranjana.HC\.keystore>

 keystorePass="changeit<truststoreFile="C:\JavaCaps6\keystore\cacerts.jks"

truststorePass="changeit"

 sslProtocol="TLS" />

here i m having doubt that do we need to use SSL port and truststore and
keystore concept?
 and solution to the  following error

  Authentication request failed: *
org.acegisecurity.AuthenticationServiceException*: *
sun.security.validator.ValidatorException*: PKIX path building failed: *
sun.security.provider.certpath.SunCertPathBuilderException*: unable to find
valid certification path to requested to target

_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas

Reply via email to