Certs OK, Service not allowed to validate?
David Whitehurst
dlwhitehurst at gmail.com
Fri Mar 7 10:53:11 EST 2008
Hi.
I'm having difficulty with service proxy. I had issue with the certs but
now have server1 (CAS box) cert in server2 and trusted in cacerts. But, I
can't find any info on this ...
*root cause*
edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to
validate ProxyTicketValidator
[[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null]
[edu.yale.its.tp.cas.client.ServiceTicketValidator
casValidateUrl=[https://dot-jbprest01.dot.nc.net:8443/cas/serviceValidate]
ticket=[ST-7-aR6hJorQljBkfiARzoaQ]
service=[https%3A%2F%2Fdot-jbprest01.dot.nc.net%3A8443%2Fpms_systst%2FControllerServlet%3Faction_id%3Dprocess_login]
errorCode=[Service not allowed to validate tickets.]
errorMessage=[Service not allowed to validate tickets.] renew=false
entireResponse=[<cas:serviceResponse
xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationFailure code='Service not allowed to validate tickets.'>
Service not allowed to validate tickets.
</cas:authenticationFailure>
</cas:serviceResponse>
]]]]
edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:62)
edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:455)
edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:378)
org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
Thanks for any help,
David Whitehurst
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20080307/d314c242/attachment.html
More information about the cas
mailing list