What values to use for certificate and web.xml?

Scott Battaglia scott.battaglia at gmail.com
Mon Feb 19 22:38:23 EST 2007 

demo1.bingo.com should be the server name that you want.  It would need to
be imported into the cacerts file for the JVM that is being used to deploy
the client application.

This might help: http://www.ja-sig.org/products/cas/server/ssl/index.html

-Scott

On 2/19/07, t ray <t_ray9505 at yahoo.com> wrote:
>
> I have CAS installed and working with my webapps on my local machine. I
> used localhost for all ip addresses in my web.xml when it was running on
> my local machine. I am now trying to get all this up and running on a
> different demo server and things have fallen apart. Its a certificate
> problem I believe. Essentially, CAS and all the webapps that will use CAS
> and the instance of tomcat that will run all of this will be on a single
> machine. I am not sure what values to use while creating the certificate and
> also what values to use in my web.xml. This is what I tried-
> 1. https://localhost:8443/cas/login (loginUrl)
> https://localhost:8443/cas/serviceValidate (validateUrl) and
> localhost:8080 (serverName)
>
> 2. While creating the certificate, I used cn=localhost
>
> This didn't work because after authentication, I was navigated to
> http://localhost:8080/bings/start.jsp which ofcourse turned out to be
> nothing (since localhost referred to the desktop where the browser was
> running).
>
> 3. I modified this to
> https://demo1.bingo.com:8443/cas/login (loginUrl)
> https://demo1.bingo.com:8443/cas/serviceValidate (validateUrl) and
> demo1.bingo.com:8080 (serverName)
>
> 4. While creating the certificate, I tried cn=demo1, cn=demo1.bingo.com,
> cn=bingo.com. None of them worked.
>
> I am getting the usual cannot validate ProxyTicketValidator error. Now I
> am not sure whats happening.
>
> I created 1 keystore for tomcat to use, exported to a certificate file and
> imported it into the only cacerts file on the server.
>
> What am I missing?
>
>
> ------------------------------
> Expecting? Get great news right away with email Auto-Check.<http://us.rd.yahoo.com/evt=49982/*http://advision.webevents.yahoo.com/mailbeta/newmail_tools.html>
> Try the Yahoo! Mail Beta.<http://us.rd.yahoo.com/evt=49982/*http://advision.webevents.yahoo.com/mailbeta/newmail_tools.html>
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20070219/8266fe72/attachment.html

More information about the cas mailing list