Jens Greive wrote:
Hi,
I followed the instructions from this site
http://cwiki.apache.org/confluence/display/ROLLER/Roller+4.0+with+LDAP+and+CAS to
integrate roller with CAS (http://www.ja-sig.org/products/cas/). Now
when I try to login into roller I am redirected to the CAS login page
and can login there successfully. But after being redirected to roller,
roller shows the message "Wrong User-Password-Combination". I searched
the internet and found some reports from users who were experiencing the
same problem. But nobody has posted a solution so far. Does anyone has
an idea?
You're not testing with a self-signed certificate by any chance are you?
If you are, you'll need to import the certificate you are using so that
JSSE trust it. If you don't, on the redirect back to Roller from CAS,
when the CASProcessingFilter tries to validate the CAS ticket, it winds
up blowing up with some crazy exception that looks like:
javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
Unfortunately this exception seems to be "swallowed" down in the bowels
of the CAS processing so you never see it in the log. The only way
I found out this was happening to me was by stepping through
the code in the debugger.
Anyway, if this is the same problem you're getting, see this webpage for
details on how to load the certificate into your JRE so that it
will work.
<http://blogs.sun.com/andreas/entry/no_more_unable_to_find>
TTYL,
--
Phillip Rhodes
Chief Architect - OpenQabal
https://openqabal.dev.java.net
LinkedIn: http://www.linkedin.com/in/philliprhodes
