ProxyTicketReceptor

Scott Battaglia scott.battaglia at gmail.com
Wed Sep 10 09:37:03 EDT 2008 

By default you can't do proxying over an HTTP Proxy Servlet.  Either use
HTTPS or turn off HTTPS in the
HttpBasedServiceCredentialsAuthenticationHandler (I forgot the exact
property name).

-Scott

-Scott Battaglia
PGP Public Key Id: 0x383733AA
LinkedIn: http://www.linkedin.com/in/scottbattaglia


On Wed, Sep 10, 2008 at 7:01 AM, Dario Gallicchio
<dario.gallicchio at zenvoo.ch> wrote:

>  Hello all,
>
> I'm using CAS to authenticate users and services in my system.
> Now I've got this scenario:
>
>    - User connects via browser to Web_Server, that acts as a proxy for
>    services running on Application_Server_1. This works all fine, I'm using
>    phpCAS library on Web_Server.
>    - Now, I want a service (Java servlet) running on Application_Server_1
>    to connect to another service (another Java servlet) running on
>    Application_Server_2. So, I need to get a proxy ticket in order to
>    authenticate Application_Server_1 to Application_Server_2. I'm using CAS
>    client java 2.1.1 and I'm trying to follow the guidelines found on
>    http://www.ja-sig.org/products/cas/client/javaclient/index.html
>
>
> Specifically, I've defined the ProxyTicketReceptor servlet in my web.xml
> and I've used the code fragments from the examples to get a proxy ticket.
> When I call the pv.validate() method, I get this exception from CAS server
> log:
>
> 2008-09-10 15:16:56,287 INFO
> [org.jasig.cas.authentication.AuthenticationManagerImpl] -
> <AuthenticationHandler:
> org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler
> failed to authenticate the user which provided the following credentials:
> http://marmotta.zenvoo.ch:8080/zenvoo-publish/CasProxyServlet>
> 2008-09-10 15:16:56,287 ERROR [org.jasig.cas.web.ServiceValidateController]
> - <TicketException generating ticket for:
> http://marmotta.zenvoo.ch:8080/zenvoo-publish/CasProxyServlet>
> org.jasig.cas.ticket.TicketCreationException:
> error.authentication.credentials.bad
>         at
> org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket(CentralAuthenticationServiceImpl.java:271)
>         at
> org.jasig.cas.web.ServiceValidateController.handleRequestInternal(ServiceValidateController.java:125)
>         at
> org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153)
>         at
> org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48)
>         at
> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:857)
>         at
> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:792)
>         at
> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:475)
>         at
> org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:430)
>         at javax.servlet.http.HttpServlet.service(Unknown Source)
>         at javax.servlet.http.HttpServlet.service(Unknown Source)
>         at
> org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115)
>         at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Unknown
> Source)
>         at org.apache.catalina.core.ApplicationFilterChain.doFilter(Unknown
> Source)
>         at org.apache.catalina.core.StandardWrapperValve.invoke(Unknown
> Source)
>         at org.apache.catalina.core.StandardContextValve.invoke(Unknown
> Source)
>         at org.apache.catalina.core.StandardHostValve.invoke(Unknown
> Source)
>         at org.apache.catalina.valves.ErrorReportValve.invoke(Unknown
> Source)
>         at org.apache.catalina.core.StandardEngineValve.invoke(Unknown
> Source)
>         at org.apache.catalina.connector.CoyoteAdapter.service(Unknown
> Source)
>         at org.apache.coyote.http11.Http11Processor.process(Unknown Source)
>         at
> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Unknown
> Source)
>         at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(Unknown
> Source)
>         at java.lang.Thread.run(Thread.java:595)
> ......
>
>
> In my servlet, when I call ProxyTicketReceptor.getProxyTicket() I get this
> error message:
>
> 10-set-2008 12:45:04 edu.yale.its.tp.cas.proxy.ProxyTicketReceptor
> getProxyTicket
>
> GRAVE: No ProxyGrantingTicket found for pgtIou=[null]
>
> So, the pv.getPgtIou() method returns null.
>
> I've tried to instantiate both a ProxyTicketValidator and a
> ServiceTicketValidator, with the same error.
>
> I'm using Tomcat 6.0.13 and JDK 1.6.0_05.
>
> Can you help me figuring out what I'm missing?
>
> Thank you very much and best regards
>
> Dario Gallicchio - Zenvoo Team
>
>
>
>
>
>
>
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20080910/158ae8d5/attachment.html

More information about the cas mailing list