problem when changing of server

Scott Battaglia scott.battaglia at gmail.com
Fri Feb 2 09:22:33 EST 2007 

You need to add your certificate to your JVM's keystore.  This has more
information on it:
http://www.ja-sig.org/products/cas/server/ssl/index.html

-Scott

On 2/1/07, Leonardo Otoni de Assis <leo at powerlogic.com.br> wrote:
>
>  Scott, I do the modifications mentioned for you (include ssl suport for
> the application servers) and still continue don't working.
> Well, I like show my environment configurations and later comment the
> errors.
>
> I modify the cas-client.properties located in my protected applications:
>
> cas.server.gateway=false
> cas.server.renew=false
> cas.server.url=https://plcbhdesev05:8443/cas/
> cas.server.proxyCallbackUrl=https://plcbhdesev05:8443/cas/proxy/Receptor
> cas.client.serverName=plcbhdesev05:8444
> cas.client.proxyCallbackUrl=
> https://plcbhdesev05:8444/powerportal/casProxyReceptor
>
> Explainig better:
> plcbhdesev05:8443 => default ssl port of tomcat's cas server;
> plcbhdesev05:8444 => default ssl port of tomcat's cas client;
> powerportal => my protected application;
> casProxyReceptor => I don't now what is this, considering that not exists
> this severvlet mapping on web.xml of my app; you It could explain this
> better???
>
> In excution time, debugging cas client, after call the url:
> https://plcbhdesev05:8444/powerportal I'm redirected to
> https://plcbhdesev05:8443/cas (login page), until here, this ok, however,
> after login, in the method getResponseFromURL() from the class
> AbstractUrlBasedTicketValidator, I get the exception:
>
> javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
>
> It seems the client don't obtain access in the server to validate the
> ticket.
> You would know to say what it can be the error?
> My properties file is correct?
>
> Thanks!
>
>
>
>
> Leonardo Otoni de Assis
> Desenvolvimento Java - Produto eCompany
> Powerlogic Consultoria e Sistemas S/A
> (31) 3286-1691
> leo at powerlogic.com.br
>
>
>
> Scott Battaglia escreveu:
>
> If you are running CAS over a non-SSL port, the secure cookie will not be
> sent back to the browser.  This means that each redirect to CAS will cause a
> request for credentials.
>
> -Scott
>
> On 2/1/07, Leonardo Otoni de Assis <leo at powerlogic.com.br> wrote:
> >
> > Hi everybody!
> >
> > I have a cas server implemented with "cas client for java" and be
> > working...
> > I do a copy of my server with application protected by cas client and
> > starts this in differents ports (the app server is tomcat 559 with jsdk
> > 1.5) and the same working too.
> >
> > Both, tomcat1 and tomcat2 redirect's correctly to cas server and then
> > returns for one of then after user's login.
> >
> > My environment:
> >
> > The tomcat1 listen on: http://plcbhdesev05:8001;
> > The tomcat2 listen on: http://plcbhdesev05:8002;
> > The cas server listen on http://plcbhdesev05:8080;
> >
> > If I call tomcat1, log the user in cas server and turn to tomcat1 and
> > them, call tomcat2, changing only the server port, I come back to the
> > cas server login page.
> > If the user have a ticket, why the cas client redirect me to the cas
> > server login page?
> >
> > Thanks,
> >
> > --
> >
> > Leonardo Otoni de Assis
> > Desenvolvimento Java - Produto eCompany
> > Powerlogic Consultoria e Sistemas S/A
> > (31) 3286-1691
> > leo at powerlogic.com.br
> >
> >
> > --
> > Esta mensagem foi verificada pelo sistema de antivírus e
> > acredita-se estar livre de perigo.
> >
> > _______________________________________________
> > Yale CAS mailing list
> > cas at tp.its.yale.edu
> > http://tp.its.yale.edu/mailman/listinfo/cas
> >
>
>
> --
> Esta mensagem foi verificada pelo sistema de antivírus e
> acredita-se estar livre de perigo.
>
> ------------------------------
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.eduhttp://tp.its.yale.edu/mailman/listinfo/cas
>
>
> --
> Esta mensagem foi verificada pelo sistema de antivírus e
> acredita-se estar livre de perigo.
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20070202/fc635aca/attachment.html

More information about the cas mailing list