CAS Client (Tomca Filter) gets "Connection refused: connect" when CAS Server is on another PC
Winterflood, Jonathan
jonathan.winterflood at capgemini.com
Wed Nov 28 04:59:59 EST 2007
Hi,
"Connection refused: connect" means the filter couldn't open a socket to the CAS server, besides any authentication problems.
I would guess there's some kind of firewall problem, or maybe the CAS filter isn't properly configured and is trying to access the wrong CAS server.
About the certificate: You will need to import the CAS's CA certificate into the keystore used by the Filter (either the Java keystore (lib/security/cacerts) or tomcat's keystore)
HTH,
Jonathan
-----Message d'origine-----
De : cas-bounces at tp.its.yale.edu [mailto:cas-bounces at tp.its.yale.edu] De la part de Matteo Matteo
Envoyé : mercredi 28 novembre 2007 10:29
À : Yale CAS mailing list
Objet : CAS Client (Tomca Filter) gets "Connection refused: connect" when CAS Server is on another PC
I could start CAS server on one PC and use there CAS client too. But when I'm trying to use CAS client (web Filter) on another PC - I get an exception (the listing is below).
So I have several questions:
- I've generated a SSL certificate myself (so it's not really "trusted")
- should I import it on a client PC to a Java keystore too?
- if I should not import to to a client keystore - where could be an error?
Thanks
Matvey
=========================================================
javax.servlet.ServletException: Connection refused: connect
edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:254)
edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:184)
root cause
java.net.ConnectException: Connection refused: connect
java.net.PlainSocketImpl.socketConnect(Native Method)
java.net.PlainSocketImpl.doConnect(Unknown Source)
java.net.PlainSocketImpl.connectToAddress(Unknown Source)
java.net.PlainSocketImpl.connect(Unknown Source)
java.net.Socket.connect(Unknown Source)
java.net.Socket.connect(Unknown Source)
sun.net.NetworkClient.doConnect(Unknown Source)
sun.net.www.http.HttpClient.openServer(Unknown Source)
sun.net.www.http.HttpClient.openServer(Unknown Source)
sun.net.www.protocol.https.HttpsClient.<init>(Unknown Source)
sun.net.www.protocol.https.HttpsClient.New(Unknown Source)
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(Unknown Source)
sun.net.www.protocol.http.HttpURLConnection.plainConnect(Unknown Source)
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
edu.yale.its.tp.cas.util.SecureURL.retrieve(SecureURL.java:70)
edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(ServiceTicketValidator.java:212)
edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:219)
edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:184)
_______________________________________________
Yale CAS mailing list
cas at tp.its.yale.edu
http://tp.its.yale.edu/mailman/listinfo/cas
This message contains information that may be privileged or confidential and is the property of the Capgemini Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message.
More information about the cas
mailing list