[CAS] Redirecting Problem

Alvin Pandrya alvin.pandrya at gmail.com
Fri Sep 14 08:58:00 EDT 2007 

Hi Scott,

Sorry it was because of my carelessness. I set the IP wrongly. Now I have
got it working. Thanks so much for your time!

Regards,
Alvin

On 9/14/07, Alvin Pandrya <alvin.pandrya at gmail.com> wrote:
>
> Hi Scott,
>
> Thanks for the reply. Yes, I have set up port 8443 as https port. The
> server.xml for tomcat in the two computers are the same which is:
>
> <!-- Define a SSL HTTP/1.1 Connector on port 8443 -->
>
>     <Connector port="8443" maxHttpHeaderSize="8192"
>                maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
>                enableLookups="false" disableUploadTimeout="true"
>                acceptCount="100" scheme="https" secure="true"
>                clientAuth="false" sslProtocol="TLS"
>            keystoreFile="/home/alvin/.keystore"
>            keystorePass="changeit"
>
> truststoreFile="/usr/lib/jvm/java-6-sun/jre/lib/security/cacerts"
>            truststorePass="changeit" />
>
>
>
> On 9/14/07, Scott Battaglia <scott.battaglia at gmail.com> wrote:
> >
> > Do you have port 8443 set up on your Tomcat instance for CAS?  you're
> > trying to connect to the secure port for ticket validation.
> >
> > -Scott
> >
> > On 9/13/07, Alvin Pandrya <alvin.pandrya at gmail.com> wrote:
> >
> > >  Hello,
> > >
> > > I've got CAS running and I'm trying to test it using two computers by
> > > following the guide in this page http://www.ja-sig.org/wiki/display/CASUM/Demo
> > >
> > >
> > > Assume the first comp is named chipz. This is where CAS is installed.
> > > The second comp is named chipzfyp.
> > >
> > > Here is what I did using computer 1 (chipz):
> > >
> > > - Visit http://chipzfyp:8080 -> tomcat welcome page (no problem)
> > >
> > > - Visit http://chipzfyp:8080/servlets-examples/servlet/HelloWorldExample
> > > -> redirected to https://chipz:8443/cas/login?service=http%3A%2F%2Fchipzfyp%3A8080%2Fservlets-examples%2Fservlet%2FHelloWorldExample
> > > (which is the login page of CAS in chipz. I think this is the expected
> > > behaviour)
> > >
> > > - Then I input valid net id and password.
> > >
> > > I believe after this the browser should bring me back to the
> > > helloworld example. But it just waited until get this connection timed out
> > > error:
> > >
> > > *exception*
> > >
> > > javax.servlet.ServletException: Unable to validate ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator
> > >
> > >
> > >  casValidateUrl=[https://chipz:8443/cas/serviceValidate] ticket=[ST-1-q76k2dkwY5oPxZRHzAZaqAFu7XT9fFFWzeR-20] service=[http%3A%2F%2Fchipzfyp%3A8080%2Fservlets-examples%2Fservlet%2FHelloWorldExample] renew=false]]]
> > >
> > >
> > >
> > > 	edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:381)
> > > 	filters.ExampleFilter.doFilter(ExampleFilter.java:102)
> > >
> > > *root cause*
> > >
> > > edu.yale.its.tp.cas.client.CASAuthenticationException
> > >
> > >
> > > : Unable to validate ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator casValidateUrl=[
> > >
> > >
> > > https://chipz:8443/cas/serviceValidate] ticket=[ST-1-q76k2dkwY5oPxZRHzAZaqAFu7XT9fFFWzeR-20] service=[http%3A%2F%2Fchipzfyp%3A8080%2Fservlets-examples%2Fservlet%2FHelloWorldExample] renew=false]]]
> > > 	edu.yale.its.tp.cas.client.CASReceipt.getReceipt
> > >
> > >
> > > (CASReceipt.java:52)
> > > 	edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:455)
> > > 	edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:378)
> > > 	filters.ExampleFilter.doFilter
> > >
> > >
> > > (ExampleFilter.java:102)
> > >
> > > *root cause*
> > >
> > > java.net.ConnectException: Connection timed out
> > > 	java.net.PlainSocketImpl.socketConnect(Native Method)
> > > 	java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java
> > >
> > >
> > > :333)
> > > 	java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:195)
> > > 	java.net.PlainSocketImpl.connect(PlainSocketImpl.java:182)
> > > 	java.net.Socket.connect(Socket.java:519)
> > > 	java.net.Socket.connect
> > > (Socket.java
> > >
> > > :469)
> > > 	sun.net.NetworkClient.doConnect(NetworkClient.java:157)
> > > 	sun.net.www.http.HttpClient.openServer(HttpClient.java:388)
> > > 	sun.net.www.http.HttpClient.openServer(HttpClient.java:500)
> > > 	sun.net.www.protocol.https.HttpsClient
> > >
> > >
> > > .<init>(HttpsClient.java:271)
> > > 	sun.net.www.protocol.https.HttpsClient.New(HttpsClient.java:328)
> > > 	sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(AbstractDelegateHttpsURLConnection.java
> > >
> > >
> > > :176)
> > > 	sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:733)
> > > 	sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:162)
> > >
> > >
> > > 	sun.net.www.protocol.http.HttpURLConnection.getInputStream
> > > (HttpURLConnection.java:981)
> > > 	sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234)
> > > 	edu.yale.its.tp.cas.util.SecureURL.retrieve
> > >
> > > (SecureURL.java:84)
> > > 	edu.yale.its.tp.cas.client.ServiceTicketValidator.validate
> > > (ServiceTicketValidator.java:212)
> > > 	edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:50)
> > > 	edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser
> > >
> > > (CASFilter.java:455)
> > > 	edu.yale.its.tp.cas.client.filter.CASFilter.doFilter
> > > (CASFilter.java:378)
> > > 	filters.ExampleFilter.doFilter(ExampleFilter.java:102)
> > >
> > >
> > > The catalina.out contains the following:
> > >
> > > 2007-09-13 22:06:55,293 INFO [
> > > org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service
> > > ticket [ST-1-q76k2dkwY5oPxZRHzAZaqAFu7XT9fFFWzeR-20] for service [
> > > http://chipzfyp:8080/servlets-examples/servlet/HelloWorldExample] for
> > > user [alvin]>
> > > 2007-09-13 23:23:42,162 INFO [
> > > org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner ] -
> > > <Starting cleaning of expired tickets from ticket registry at [Thu Sep 13
> > > 23:23:42 SGT 2007]>
> > > 2007-09-13 23:23:42,163 INFO [
> > > org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] -
> > > <1 found to be removed.  Removing now.>
> > > 2007-09-13 23:23:42,163 INFO [
> > > org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] -
> > > <Finished cleaning of expired tickets from ticket registry at [Thu Sep 13
> > > 23:23:42 SGT 2007]>
> > >
> > > I believe the user has been granted ticket, but the problem is that it
> > > does not redirect me to the helloworld page. Can anyone help me to figure
> > > out what's wrong? Thanks!
> > >
> > > Regards,
> > >
> > > Alvin Pandrya
> > >
> > > _______________________________________________
> > > Yale CAS mailing list
> > > cas at tp.its.yale.edu
> > > http://tp.its.yale.edu/mailman/listinfo/cas
> > >
> > >
> >
> >
> > --
> > -Scott Battaglia
> >
> > LinkedIn: http://www.linkedin.com/in/scottbattaglia
> > _______________________________________________
> > Yale CAS mailing list
> > cas at tp.its.yale.edu
> > http://tp.its.yale.edu/mailman/listinfo/cas
> >
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20070914/846ac9e2/attachment.html

More information about the cas mailing list