cas problem...
Scott Battaglia
scott.battaglia at gmail.com
Tue Aug 29 08:51:04 EDT 2006
Harry,
What CN name did you put in the certificate? Also, what hostname do you use
to access the CAS server? The two should match (i.e. both should be
localhost).
-Scott
On 8/29/06, Harry Ng <harryworld at gmail.com> wrote:
>
> Dear,
>
> I'm writing to ask for help on solving the SSL handshake problem. After
> looking through many resources and articles, following those steps, I'm
> still unable to fix the problem.
>
> Here is my configuration:
> Fedora Core Linux 4
> Tomcat 5.0.28 / 5.5.12
> JAVA 1.5.0_05
> cas-server-3.0.5
> cas-client-java-2.1.1
>
> My situation is just similar to most people, which shows the exception for
> edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to
> validate ProxyTicketValidator
> after entering the username and password on the default
> SimpleTestUsernamePasswordAuthenticationHandler
>
> I followed the method of generating my certificate and put into the
> cacerts according to this page
> http://www.ja-sig.org/products/cas/server/ssl/index.html
>
> and simply set my CASFilter according to this
> http://www.ja-sig.org/products/cas/client/javaclient/index.html
>
> Please help to take a look. Thanks a lot.
>
> Regards,
> Harry
>
> --------------------------------------------------------------------------
> Quote:
> Note from the stack trace the bit about SSL handshake problems. You
> don't have a valid cert for localhost installed. Consequently, your
> CASified tomcat examples are unable to validate the ticket at your CAS
> server instance over SSL.
>
> This is a very common problem among relative newcomers to CAS.
>
> Our online documentation that's evolved into a Wiki page continues to
> improve thanks to excellent feedback on and off this list. I hope both
> that this documentation will help you resolve your problem and that once
> your problem is resolved you'll be able to take a moment to review this
> documentation and provide feedback about how we can make it better,
> easier to find, more correct, etc.
>
> http://jasigch.princeton.edu:9000/display/CAS/Solving+SSL+issues
>
> Notice especially the links to threads from the email archives on this
> topic.
>
>
> While this page is about CASifying uPortal, its content about installing
> self-signed certs is on-topic:
>
> http://jasigch.princeton.edu:9000/display/CAS/Legacy+uPortal+client
>
>
> If after reviewing some of the available documentation online you're
> still not able to get CAS working for the JSP examples, please do write
> back on this list.
>
> Best wishes,
>
> Andrew
>
> --------------------------------------------------------------------------
> My Weblog - http://wpmu.planner4u.org/
>
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20060829/af39d6d6/attachment.html
More information about the cas
mailing list