Bad credentials on the CAS client
Scott Battaglia
scott.battaglia at gmail.com
Tue Sep 19 08:16:59 EDT 2006
Can you set debug level on for the CAS service to see what is going on?
Also, make sure that your JVM trusts your self-signed certificate.
-Scott
On 9/19/06, Wong-Ho, Malcom <MWong-Ho at fnb.co.za> wrote:
>
> Hi,
>
> The user is able authenticate on the CAS server and grant a ticket but
> fails on the client side with the return message 'Bad credentials'.
>
> Any ideas?
>
> 2006-09-19 07:35:11,328 INFO [
> org.jasig.cas.authentication.AuthenticationManagerImpl] -
> <AuthenticationHandler:
> org.acegisecurity.adapters.cas3.CasAuthenticationHandler successfully
> authenticated the user which provided the following credentials: marissa>
> 2006-09-19 07:35:11,343 INFO [
> org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket
> [ST-2-kH9Y5JMRR0iUGr2JkJ4i9rIYsDYBt2dZAxu-20] for service [
> https://localhost:8443/client-webapp/j_acegi_cas_security_check] for user
> [marissa]>
> 2006-09-19 07:35:11,375 DEBUG [
> org.acegisecurity.intercept.web.PathBasedFilterInvocationDefinitionMap] -
> <Converted URL to lowercase, from: '/j_acegi_cas_security_check'; to:
> '/j_acegi_cas_security_check'>
> 2006-09-19 07:35:11,375 DEBUG [
> org.acegisecurity.intercept.web.PathBasedFilterInvocationDefinitionMap] -
> <Converted URL to lowercase, from: '/j_acegi_cas_security_check'; to:
> '/j_acegi_cas_security_check'>
> 2006-09-19 07:35:11,375 DEBUG [
> org.acegisecurity.intercept.web.PathBasedFilterInvocationDefinitionMap] -
> <Converted URL to lowercase, from: '/j_acegi_cas_security_check'; to:
> '/j_acegi_cas_security_check'>
> 2006-09-19 07:35:11,375 DEBUG [
> org.acegisecurity.intercept.web.PathBasedFilterInvocationDefinitionMap] -
> <Candidate is: '/j_acegi_cas_security_check'; pattern is /**; matched=true>
> 2006-09-19 07:35:11,375 DEBUG [
> org.acegisecurity.intercept.web.PathBasedFilterInvocationDefinitionMap] -
> <Candidate is: '/j_acegi_cas_security_check'; pattern is /**; matched=true>
> 2006-09-19 07:35:11,375 DEBUG [
> org.acegisecurity.intercept.web.PathBasedFilterInvocationDefinitionMap] -
> <Candidate is: '/j_acegi_cas_security_check'; pattern is /**; matched=true>
> 2006-09-19 07:35:11,375 DEBUG [org.acegisecurity.util.FilterChainProxy] -
> </j_acegi_cas_security_check?ticket=ST-2-kH9Y5JMRR0iUGr2JkJ4i9rIYsDYBt2dZAxu-20
> at position 1 of 7 in additional filter chain; firing Filter: '
> org.acegisecurity.context.HttpSessionContextIntegrationFilter at a0a36'>
> 2006-09-19 07:35:11,375 DEBUG [org.acegisecurity.util.FilterChainProxy] -
> </j_acegi_cas_security_check?ticket=ST-2-kH9Y5JMRR0iUGr2JkJ4i9rIYsDYBt2dZAxu-20
> at position 1 of 7 in additional filter chain; firing Filter: '
> org.acegisecurity.context.HttpSessionContextIntegrationFilter at a0a36'>
> 2006-09-19 07:35:11,375 DEBUG [org.acegisecurity.util.FilterChainProxy] -
> </j_acegi_cas_security_check?ticket=ST-2-kH9Y5JMRR0iUGr2JkJ4i9rIYsDYBt2dZAxu-20
> at position 2 of 7 in additional filter chain; firing Filter: '
> org.acegisecurity.ui.cas.CasProcessingFilter at 287811'>
> 2006-09-19 07:35:11,375 DEBUG [org.acegisecurity.util.FilterChainProxy] -
> </j_acegi_cas_security_check?ticket=ST-2-kH9Y5JMRR0iUGr2JkJ4i9rIYsDYBt2dZAxu-20
> at position 2 of 7 in additional filter chain; firing Filter: '
> org.acegisecurity.ui.cas.CasProcessingFilter at 287811'>
> 2006-09-19 07:35:11,375 DEBUG [
> org.acegisecurity.ui.cas.CasProcessingFilter] - <Request is to process
> authentication>
> 2006-09-19 07:35:11,375 DEBUG [
> org.acegisecurity.ui.cas.CasProcessingFilter] - <Request is to process
> authentication>
> 2006-09-19 07:35:11,375 DEBUG [
> org.acegisecurity.ui.cas.CasProcessingFilter] - <Updated
> SecurityContextHolder to contain null Authentication>
> 2006-09-19 07:35:11,375 DEBUG [
> org.acegisecurity.ui.cas.CasProcessingFilter] - <Updated
> SecurityContextHolder to contain null Authentication>
> 2006-09-19 07:35:11,375 DEBUG [
> org.acegisecurity.ui.cas.CasProcessingFilter] - <Authentication request
> failed: org.acegisecurity.BadCredentialsException: Bad credentials>
> 2006-09-19 07:35:11,375 DEBUG [
> org.acegisecurity.ui.cas.CasProcessingFilter] - <Authentication request
> failed: org.acegisecurity.BadCredentialsException: Bad credentials>
>
> To read FirstRand Bank's Disclaimer for this email click on the following
> address or copy into your Internet browser:
> https://www.fnb.co.za/disclaimer.html
>
> If you are unable to access the Disclaimer, send a blank e-mail to
> firstrandbankdisclaimer at fnb.co.za and we will send you a copy of the
> Disclaimer.
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20060919/57784a61/attachment.html
More information about the cas
mailing list