[CAS] Redirecting Problem

Alvin Pandrya alvin.pandrya at gmail.com
Fri Sep 14 01:57:21 EDT 2007 

Hi Scott,

Thanks for the reply. Yes, I have set up port 8443 as https port. The
server.xml for tomcat in the two computers are the same which is:

<!-- Define a SSL HTTP/1.1 Connector on port 8443 -->

    <Connector port="8443" maxHttpHeaderSize="8192"
               maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
               enableLookups="false" disableUploadTimeout="true"
               acceptCount="100" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS"
           keystoreFile="/home/alvin/.keystore"
           keystorePass="changeit"
           truststoreFile="/usr/lib/jvm/java-6-sun/jre/lib/security/cacerts"

           truststorePass="changeit" />



On 9/14/07, Scott Battaglia <scott.battaglia at gmail.com> wrote:
>
> Do you have port 8443 set up on your Tomcat instance for CAS?  you're
> trying to connect to the secure port for ticket validation.
>
> -Scott
>
> On 9/13/07, Alvin Pandrya <alvin.pandrya at gmail.com> wrote:
>
> > Hello,
> >
> > I've got CAS running and I'm trying to test it using two computers by
> > following the guide in this page http://www.ja-sig.org/wiki/display/CASUM/Demo
> >
> >
> > Assume the first comp is named chipz. This is where CAS is installed.
> > The second comp is named chipzfyp.
> >
> > Here is what I did using computer 1 (chipz):
> >
> > - Visit http://chipzfyp:8080 -> tomcat welcome page (no problem)
> >
> > - Visit http://chipzfyp:8080/servlets-examples/servlet/HelloWorldExample
> > -> redirected to https://chipz:8443/cas/login?service=http%3A%2F%2Fchipzfyp%3A8080%2Fservlets-examples%2Fservlet%2FHelloWorldExample
> > (which is the login page of CAS in chipz. I think this is the expected
> > behaviour)
> >
> > - Then I input valid net id and password.
> >
> > I believe after this the browser should bring me back to the helloworld
> > example. But it just waited until get this connection timed out error:
> >
> > *exception*
> >
> > javax.servlet.ServletException: Unable to validate ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator
> >
> >  casValidateUrl=[https://chipz:8443/cas/serviceValidate] ticket=[ST-1-q76k2dkwY5oPxZRHzAZaqAFu7XT9fFFWzeR-20] service=[http%3A%2F%2Fchipzfyp%3A8080%2Fservlets-examples%2Fservlet%2FHelloWorldExample] renew=false]]]
> >
> >
> > 	edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:381)
> > 	filters.ExampleFilter.doFilter(ExampleFilter.java:102)
> >
> > *root cause*
> >
> > edu.yale.its.tp.cas.client.CASAuthenticationException
> >
> > : Unable to validate ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator casValidateUrl=[
> >
> > https://chipz:8443/cas/serviceValidate] ticket=[ST-1-q76k2dkwY5oPxZRHzAZaqAFu7XT9fFFWzeR-20] service=[http%3A%2F%2Fchipzfyp%3A8080%2Fservlets-examples%2Fservlet%2FHelloWorldExample] renew=false]]]
> > 	edu.yale.its.tp.cas.client.CASReceipt.getReceipt
> >
> > (CASReceipt.java:52)
> > 	edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:455)
> > 	edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:378)
> > 	filters.ExampleFilter.doFilter
> >
> > (ExampleFilter.java:102)
> >
> > *root cause*
> >
> > java.net.ConnectException: Connection timed out
> > 	java.net.PlainSocketImpl.socketConnect(Native Method)
> > 	java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java
> >
> > :333)
> > 	java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:195)
> > 	java.net.PlainSocketImpl.connect(PlainSocketImpl.java:182)
> > 	java.net.Socket.connect(Socket.java:519)
> > 	java.net.Socket.connect(Socket.java
> >
> > :469)
> > 	sun.net.NetworkClient.doConnect(NetworkClient.java:157)
> > 	sun.net.www.http.HttpClient.openServer(HttpClient.java:388)
> > 	sun.net.www.http.HttpClient.openServer(HttpClient.java:500)
> > 	sun.net.www.protocol.https.HttpsClient
> >
> > .<init>(HttpsClient.java:271)
> > 	sun.net.www.protocol.https.HttpsClient.New(HttpsClient.java:328)
> > 	sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(AbstractDelegateHttpsURLConnection.java
> >
> > :176)
> > 	sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:733)
> > 	sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:162)
> >
> > 	sun.net.www.protocol.http.HttpURLConnection.getInputStream
> > (HttpURLConnection.java:981)
> > 	sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234)
> > 	edu.yale.its.tp.cas.util.SecureURL.retrieve
> > (SecureURL.java:84)
> > 	edu.yale.its.tp.cas.client.ServiceTicketValidator.validate
> > (ServiceTicketValidator.java:212)
> > 	edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:50)
> > 	edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser
> > (CASFilter.java:455)
> > 	edu.yale.its.tp.cas.client.filter.CASFilter.doFilter
> > (CASFilter.java:378)
> > 	filters.ExampleFilter.doFilter(ExampleFilter.java:102)
> >
> >
> > The catalina.out contains the following:
> >
> > 2007-09-13 22:06:55,293 INFO [
> > org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service
> > ticket [ST-1-q76k2dkwY5oPxZRHzAZaqAFu7XT9fFFWzeR-20] for service [
> > http://chipzfyp:8080/servlets-examples/servlet/HelloWorldExample] for
> > user [alvin]>
> > 2007-09-13 23:23:42,162 INFO [
> > org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner ] -
> > <Starting cleaning of expired tickets from ticket registry at [Thu Sep 13
> > 23:23:42 SGT 2007]>
> > 2007-09-13 23:23:42,163 INFO [
> > org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - <1
> > found to be removed.  Removing now.>
> > 2007-09-13 23:23:42,163 INFO [
> > org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] -
> > <Finished cleaning of expired tickets from ticket registry at [Thu Sep 13
> > 23:23:42 SGT 2007]>
> >
> > I believe the user has been granted ticket, but the problem is that it
> > does not redirect me to the helloworld page. Can anyone help me to figure
> > out what's wrong? Thanks!
> >
> > Regards,
> >
> > Alvin Pandrya
> >
> > _______________________________________________
> > Yale CAS mailing list
> > cas at tp.its.yale.edu
> > http://tp.its.yale.edu/mailman/listinfo/cas
> >
> >
>
>
> --
> -Scott Battaglia
>
> LinkedIn: http://www.linkedin.com/in/scottbattaglia
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20070914/055e1c82/attachment.html

More information about the cas mailing list