Problem with proxyValidate
Scott Battaglia
scott.battaglia at gmail.com
Mon Nov 19 14:28:38 EST 2007
Dale,
If you're using a non-commercial CA, then you will need to add it to the CAS
Server JVM's cacerts file.
-Scott
On Nov 19, 2007 2:09 PM, dale77 <Dale.Ogilvie at trimble.co.nz> wrote:
>
> Hello,
>
> I'm trying to utilize CAS proxy using the Yale java client, basic CAS is
> working fine.
>
> On the CAS server I see that a service ticket is generated, and I can see
> the request to proxyValidate coming in with a pgturl that matches the
> callback I set up (https://my.server.com/YaleClient/CasProxyServlet)
>
> But CAS throws an exception trying to authenticate the callback url
> https://my.server.com/YaleClient/CasProxyServlet and no PGTIOU is passed
> to
> my web application. Is there something I need to do to make CAS accept my
> callback url?
>
> I have verified that I can send a PGTIOU to my callback using "curl" on
> the
> cas server. Is it possibly a SSL issue? My http server on the application
> server uses a company CA signed cert, I had to add our CA cert to the OS
> CA
> bundle to get curl to work. Perhaps I need to do the same for the tomcat
> container where CAS is running? The authentication exception is thrown
> from
> ServiceValidationController.java I think.
>
> Thanks for any help you can give.
>
> Dale
>
> --
> View this message in context:
> http://www.nabble.com/Problem-with-proxyValidate-tf4838600.html#a13842835
> Sent from the CAS Users mailing list archive at Nabble.com.
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
--
-Scott Battaglia
LinkedIn: http://www.linkedin.com/in/scottbattaglia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20071119/1c505ac4/attachment.html
More information about the cas
mailing list