x509 logins
Scott Battaglia
scott_battaglia at rutgers.edu
Tue Jun 20 09:36:44 EDT 2006
Steve,
I just attempted this using Apache Tomcat 5.5.17 and Firefox using a
certificate signed by CACert.org (and trusted by my JVM). I had no
issues with CAS getting and validating a certificate.
At the DEBUG level, CAS should tell you whether their was a certificate
found in the request or not. If there was not, that means Tomcat did
not properly receive the certificate.
-Scott
Stephen A. Cochran wrote:
> I'm still seeing occasional login requests not recognizing an x509
> cert, but I have more details now. Start by restarting Tomcat. First,
> it only happens when there's a service ticket, so go to some CASified
> app and attempt to login. I get the web form. If I delete the URL
> params and just hit the login URL, it successfully authenticates. If
> I then go to the URL with the service ticket again, it presents the
> web form again. If I then hit the logout and back to the URL with the
> service ticket, it uses the x509 cert.
>
> Not much shows in the log with the debug setting that seems to be
> useful, but I'll keep poking around. This is with 3.0.4 final.
>
> Steve Cochran
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
More information about the cas
mailing list