[cas-user] SimpleHttpClient.java Security Review positive to DOS
Hi there,a security scan done with IBM appscan indicates that SimpleHttpClient
can be vulnerable to DOS.
in = new BufferedReader(new
InputStreamReader(connection.getInputStream()));
boolean readInput = true; while (readInput) {
readInput =StringUtils.isNotBlank(in.readLine());
}
This part of the code reads the buffer without considering the lenght of the
stream so if there are no spaces in it,we can have a out of memory error, if we
have spaces with a huge buffer the appserver can close the connection givin a
DOS.
This is the result of a static analisys.
I think it would be useful to share.
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
[cas-user] PreventedExcetpion is swallowed or can be logged?
hi there,QueryDatabaseHandler throws a preventedException that wraps an sqlexception preventing authentication.I'd like to have evidence of this kind of problems, but i can't find where this exception is catched,or if there's a mechanism to log it.Any ideas?thanks -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
[cas-user] Changing language with spring plugin
of resources on internet
about Nginx configuration.
Here is an example:
server {
listen 80;
listen 443 ssl;
ssl_certificate /data/nginx/certs/ssl-bundle.crt;
ssl_certificate_key /data/nginx/certs/private_key_wildcard.key;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
server_name your.example.com
error_page 502 504 /error.html;
location ~ ^/(error.html) {
root /data/nginx/www;
}
location / {
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://localhost:8080/;
proxy_read_timeout 10s;
proxy_send_timeout 10s;
}
}
Best regards,
Jérôme
2015-04-21 0:40 GMT+02:00 jieryn jie...@gmail.com:
Does anyone have this working? In any capacity?
I'd like to have nginx be the CAS and SSL endpoint and then proxy all
requests to Tomcat.
I have been unsuccessful to even have nginx sit in front of an
otherwise working CAS-ified application on http/https and just proxy
everything straight on through.
Any help is appreciated, thanks!
--
You are currently subscribed to cas-user@lists.jasig.org as:
lel...@gmail.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to cas-user@lists.jasig.org as:
jie...@gmail.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to cas-user@lists.jasig.org as:
lel...@gmail.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to cas-user@lists.jasig.org as:
jie...@gmail.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to cas-user@lists.jasig.org as:
waldb...@lafayette.edu
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to cas-user@lists.jasig.org as: jie...@gmail.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to cas-user@lists.jasig.org as:
mrcrowley...@yahoo.it
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
Re: [cas-user] Which version sould I upgrate to 3.5.3 or 4.01
I'm giving 4.0.1 a try , I've decided to do this double jump without net.Seems to go fine Il Mercoledì 4 Marzo 2015 15:40, Milt Epstein mepst...@illinois.edu ha scritto: What is the expected release date of 4.1? Thanks. Milt Epstein Programmer in Computational Genomics Institute for Genomic Biology (IGB) University of Illinois at Urbana-Champaign (UIUC) mepst...@illinois.edu On Wed, 4 Mar 2015, Marvin Addison wrote: Same as object I'm coming from 3.4.3 and looking for and advice if is better to go straight to 4.0.1 or maybe stop at 3.5.3 There will be more configuration work to upgrade from 3.x to 4.x, but it's work you'll have to do eventually since the 3.5.x branch is in maintenance-only mode. My recommendation is try to upgrade to 4.x as soon as possible. M -- You are currently subscribed to cas-user@lists.jasig.org as: mepstein@illino is.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.or g/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: mrcrowley...@yahoo.it To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
[cas-user] Which version sould I upgrate to 3.5.3 or 4.01
Same as object I'm coming from 3.4.3 and looking for and advice if is better to go straight to 4.0.1 or maybe stop at 3.5.3Any issues?thank you in advance! -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
[cas-user] was 8.5.5 suggested Cas Version based on experience
Hi all, we're using jasig-cas 3.4.3 with ibm websphere 6.1, we're migrating the appservers to websphere 8.5.5 due to 6.1 reached endof life last year.While we're migrating all our apps (including CAS) I was wandering to upgrade and based on other user's experience which version fits best with WAS8.5.5. Any Experience\Advice too share? thank you -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
Re: [cas-user] http error 407 issue
Thanks Jerome but the problem is that I can't understand where I need Proxy autenthication and why! I mean: I access the app with spring plugin with my browser and it's local, the app redirects me to CAS (deployed on the same server) and then CAS posts back with the security ticket on the first path. I miss who needs proxy autenthication in this process...I'm going mad! Il Mercoledì 11 Giugno 2014 8:00, Jérôme LELEU lel...@gmail.com ha scritto: Hi, The HTTP 407 code means that you need some authorization for a proxy: http://www.checkupdown.com/status/E407.html. Does it help? Thanks. Best regards, Jérôme LELEU Founder of CAS in the cloud: www.casinthecloud.com | Twitter: @leleuj Chairman of CAS: www.jasig.org/cas | Creator of pac4j: www.pac4j.org 2014-06-10 15:37 GMT+02:00 MrCrowley mrcrowley...@yahoo.it: Hi there, I have CAS 3.4.3 working in production envirovment within a cluster and apache as webserver in front of Websphere 6.1. Now for some reasons I have to put two application on a development environment which for a lot of reasons is quite different. Basically I have the CAS war and myApplication.The two are deployed on same WAS 6.1 singlenode. Keep in mind I use spring security in the app and I want to go in plain HTTP for now. So when I request a protected URL in myApplication I'm correctly redirected to CAS webapp, I go through the login process and I'm granted a ticket, but when I close the trip with the request back to myAPP with the ticket i get this exception: 2014-06-10 15:24:04,429 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - AuthenticationHandler: org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler successfully authenticated the user which provided the following credentials: [username: usrname] [10/06/14 15:24:04:444 CEST] 0501 SystemOut O 2014-06-10 15:24:04,429 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - Granted service ticket [ST-2-LY6mdKFA4RODJUo0WLH2-cas] for service [http://theserver:9080/myApplication/j_spring_cas_security_check] for user [usrname] [10/06/14 15:24:04:476 CEST] 0501 Cas20ServiceT E org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator retrieveResponseFromServer java.io.IOException: Server returned HTTP response code: 407 for URL: http://theserver:9080/CAS/serviceValidate?service=http%3A%2F%2Ftheserver%3A9080%myApplication%2Fj_spring_cas_security_checkticket=ST-2-LY6mdKFA4RODJUo0WLH2-cas; java.io.IOException: Server returned HTTP response code: 407 for URL: http://theserver:9080/CAS/serviceValidate?service=http%3A%2F%2Ftheserver%3A9080%2FmyApplication%2Fj_spring_cas_security_checkticket=ST-2-LY6mdKFA4RODJUo0WLH2-cas; at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1179) at org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:35) at org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:178) at org.springframework.security.cas.authentication.CasAuthenticationProvider.authenticateNow(CasAuthenticationProvider.java:131) at org.springframework.security.cas.authentication.CasAuthenticationProvider.authenticate(CasAuthenticationProvider.java:117) at org.springframework.security.authentication.ProviderManager.doAuthentication(ProviderManager.java:130) at org.springframework.security.authentication.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:48) at org.springframework.security.cas.web.CasAuthenticationFilter.attemptAuthentication(CasAuthenticationFilter.java:111) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(Abs Any IDEAS?I'm going crazy! Thanks a lot -- You are currently subscribed to cas-user@lists.jasig.org as: lel...@gmail.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: mrcrowley...@yahoo.it To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
[cas-user] http error 407 issue
Hi there, I have CAS 3.4.3 working in production envirovment within a cluster and apache as webserver in front of Websphere 6.1. Now for some reasons I have to put two application on a development environment which for a lot of reasons is quite different. Basically I have the CAS war and myApplication.The two are deployed on same WAS 6.1 singlenode. Keep in mind I use spring security in the app and I want to go in plain HTTP for now. So when I request a protected URL in myApplication I'm correctly redirected to CAS webapp, I go through the login process and I'm granted a ticket, but when I close the trip with the request back to myAPP with the ticket i get this exception: 2014-06-10 15:24:04,429 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - AuthenticationHandler: org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler successfully authenticated the user which provided the following credentials: [username: usrname] [10/06/14 15:24:04:444 CEST] 0501 SystemOut O 2014-06-10 15:24:04,429 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - Granted service ticket [ST-2-LY6mdKFA4RODJUo0WLH2-cas] for service [http://theserver:9080/myApplication/j_spring_cas_security_check] for user [usrname] [10/06/14 15:24:04:476 CEST] 0501 Cas20ServiceT E org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator retrieveResponseFromServer java.io.IOException: Server returned HTTP response code: 407 for URL: http://theserver:9080/CAS/serviceValidate?service=http%3A%2F%2Ftheserver%3A9080%myApplication%2Fj_spring_cas_security_checkticket=ST-2-LY6mdKFA4RODJUo0WLH2-cas; java.io.IOException: Server returned HTTP response code: 407 for URL: http://theserver:9080/CAS/serviceValidate?service=http%3A%2F%2Ftheserver%3A9080%2FmyApplication%2Fj_spring_cas_security_checkticket=ST-2-LY6mdKFA4RODJUo0WLH2-cas; at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1179) at org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:35) at org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:178) at org.springframework.security.cas.authentication.CasAuthenticationProvider.authenticateNow(CasAuthenticationProvider.java:131) at org.springframework.security.cas.authentication.CasAuthenticationProvider.authenticate(CasAuthenticationProvider.java:117) at org.springframework.security.authentication.ProviderManager.doAuthentication(ProviderManager.java:130) at org.springframework.security.authentication.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:48) at org.springframework.security.cas.web.CasAuthenticationFilter.attemptAuthentication(CasAuthenticationFilter.java:111) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(Abs Any IDEAS?I'm going crazy! Thanks a lot -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
Re: [cas-user] Cas LOGUT Rejected Concurrent Exception
The Machines have identical configuration since test environment is cloned from production, I can't figure out what's happening. Consider I've done the test with only one user working (me). And the error occurs only in logout. Da: Marvin Addison marvin.addi...@gmail.com A: cas-user@lists.jasig.org Inviato: Lunedì 11 Febbraio 2013 15:37 Oggetto: Re: [cas-user] Cas LOGUT Rejected Concurrent Exception com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:751) at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:881) at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1497) Caused by: java.util.concurrent.RejectedExecutionException Here's that the javadocs say about RejectedExecutionException: Exception thrown by an Executor when a task cannot be accepted for execution. Based on that description and that the stack trace is coming from the HTTP connection handling machinery, I'd expect that you're hitting some kind of connection limit. I have no experience whatever with Websphere, but many containers use an executor with a bounded queue to dispatch requests onto a worker pool. I'd imagine you're exceeding the queue limit or something similar. M -- You are currently subscribed to cas-user@lists.jasig.org as: mrcrowley...@yahoo.it To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
Re: re:[cas-user] CAS Spring Client Clustered Envirment-401 Auth failed Cas returned no Response
I think you've replied on the wrong 3d. Da: Hendrik Coetzee hendrik.coet...@uct.ac.za A: cas-user@lists.jasig.org Inviato: Giovedì 24 Gennaio 2013 13:18 Oggetto: RE: re:[cas-user] CAS Spring Client Clustered Envirment-401 Auth failed Cas returned no Response Thanks gents, As stated this is not a problem happening continuously, but today we had an occurrence of 26 vs. 3514 successful logins. Also I ruled out the timeout as seen on the log, it is within minutes of the original request... One of the differences that is apparent is the differing IP's, but I am unsure if changing IP's causes ticket validation to fail ? Any clues appreciated. -Original Message- From: jleleu [mailto:lel...@gmail.com] Sent: 24 January 2013 01:49 PM To: cas-user@lists.jasig.org Subject: re:[cas-user] CAS Spring Client Clustered Envirment-401 Auth failed Cas returned no Response Hi, It looks like you get a service ticket (what you called a token). The service ticket validation happens directly between the application and the CAS server. In your case, it seems that you have a problem there. Regarding your configuration, the application will call the https://www.james.dean.com:9445/CASUSER/serviceValidate url to validate the service ticket. Is the communication ok between your app and the CAS server for this url ? Best regards, Jérôme -- You are currently subscribed to cas-user@lists.jasig.org as: hendrik.coet...@uct.ac.za To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user UNIVERSITY OF CAPE TOWN This e-mail is subject to the UCT ICT policies and e-mail disclaimer published on our website at http://www.uct.ac.za/about/policies/emaildisclaimer/ or obtainable from +27 21 650 9111. This e-mail is intended only for the person(s) to whom it is addressed. If the e-mail has reached you in error, please notify the author. If you are not the intended recipient of the e-mail you may not use, disclose, copy, redirect or print the content. If this e-mail is not related to the business of UCT it is sent by the sender in the sender's individual capacity. -- You are currently subscribed to cas-user@lists.jasig.org as: mrcrowley...@yahoo.it To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
Re: [cas-user] Logout with CAS\logout needs closing browser window
Thanks, I've added the listener and checked de filter-mapping order in the web.xml and now It's all set fine. By the way the troubled app is JForum, which appens to mantain in session the user, so I've had to modify It's logout process and than redirect to CAS logout page. Doing this way I can fully logout without closing the browser. There's still one question I don't understand: Jforum mantains session info about the user ,but if I invalidate cas-session and ticket via CAS Logout page, the resource being protected by Cas Filter (Jforum context in this case) must not be accessible right? Or I'm missing something? Da: jleleu lel...@gmail.com A: cas-user@lists.jasig.org Inviato: Martedì 11 Settembre 2012 20:44 Oggetto: re:[cas-user] Logout with CAS\logout needs closing browser window Hi, I think that you also need to add the SingleSignOutHttpSessionListener in your web.xml : https://wiki.jasig.org/display/CASC/Configuring+Single+Sign+Out. Best regards, Jérôme -- You are currently subscribed to cas-user@lists.jasig.org as: mrcrowley...@yahoo.it To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
[cas-user] Logout with CAS\logout needs closing browser window
Hi there, I'm using cas 3.4.3, and I've casified two application, one with filter on web.xml, the other via Spring Security. It works fine, but when I logout from cas via casserver/cas/logout from the app with web.xml filter if I don't close the browser's window I'm still able to enter the application without being challenged. The application using Spring works correctly. I suppose the first application memorizes userprincipal in his application-session,what I don't understand is why, if the ticket is invalidated, I'm still able to obtain that resource without being challenged. Any Ideas? This is the filter configuration : !-- CAS CLIENT CONFIGURATION-- filter filter-nameCAS Single Sign Out Filter/filter-name filter-classorg.jasig.cas.client.session.SingleSignOutFilter/filter-class /filter filter filter-nameCAS Authentication Filter/filter-name filter-classorg.jasig.cas.client.authentication.AuthenticationFilter/filter-class init-param param-namecasServerLoginUrl/param-name param-valuehttps://stc.test.me:9444/GESTUSER/login/param-value /init-param init-param param-nameserverName/param-name param-valuehttps://stc.test.me:19443/param-value /init-param /filter filter filter-nameCAS Validation Filter/filter-name filter-classorg.jasig.cas.client.validation.Cas10TicketValidationFilter/filter-class init-param param-namecasServerUrlPrefix/param-name param-valuehttps://stc.test.me:9444/GESTUSER/param-value /init-param init-param param-nameserverName/param-name param-valuehttps://stc.test.me:19443/param-value /init-param /filter -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
Re: [cas-user] CAS 3.4.2 on Websphere 6.1 Errors during start
Ok find a workaround: I've created a classloader and pointed to a shared library with all libs required by cas.Classloader set to PARENT_LAST Needed to add XercesImpl and xalan to the libs, but now seems it is the wrong version i used: Xerces-J 2.9.1 as stated in its manifest.So I needed to copy xml.jar in appserver\java\lib in my libs directory and add this to shared libraries. Doing this way cas is up and running. I still don't understand why i need xalan and xercesimpl if I'm using xml.jar from was... Da: MrCrowley mrcrowley...@yahoo.it A: cas-user@lists.jasig.org Inviato: Lunedì 28 Novembre 2011 15:43 Oggetto: Re: [cas-user] CAS 3.4.2 on Websphere 6.1 Errors during start Yes there are two , because I hadn't considered Websphere 6.1 is shipped with and old version of aspectjrt.jar which should be pre 1.5 version with a different version. Any Ideas to avoid changing classloader policies? thanx Da: Scott Battaglia scott.battag...@gmail.com A: cas-user@lists.jasig.org Inviato: Venerdì 25 Novembre 2011 14:34 Oggetto: Re: [cas-user] CAS 3.4.2 on Websphere 6.1 Errors during start There appears to be some conflict with AspectJ. Do you have two versions on the classpath? On Fri, Nov 25, 2011 at 6:49 AM, mrCas mrcrowley...@yahoo.it wrote: Hi there, I've installed CAS 3.4.2 on tomcat and all went fine. Now I need to run it on Websphere 6.1 I have errors in startup and i can't go on.Can someone help me? Thank you the sysout is like this: 25/11/11 12.18.07:049 CET] 0020 WebApp E [Servlet Error]-[Failed to load listener: org.jasig.cas.web.init.SafeContextLoaderListener]: java.lang.NoSuchMethodError: org/aspectj/runtime/reflect/Factory.makeMethodSig(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)Lorg/aspectj/lang/reflect/MethodSignature; at org.jasig.cas.web.init.SafeContextLoaderListener.clinit(SafeContextLoaderListener.java:1) at java.lang.J9VMInternals.initializeImpl(Native Method) at java.lang.J9VMInternals.initialize(J9VMInternals.java:177) at java.lang.Class.newInstanceImpl(Native Method) at java.lang.Class.newInstance(Class.java:1263) at java.beans.Beans.instantiate(Beans.java:219) at java.beans.Beans.instantiate(Beans.java:63) at com.ibm.ws.webcontainer.webapp.WebApp.loadListener(WebApp.java:1485) at com.ibm.ws.webcontainer.webapp.WebApp.loadLifecycleListeners(WebApp.java:1409) at com.ibm.ws.webcontainer.webapp.WebApp.commonInitializationStart(WebApp.java:426) at com.ibm.ws.wswebcontainer.webapp.WebApp.initialize(WebApp.java:250) at com.ibm.ws.wswebcontainer.webapp.WebGroup.addWebApplication(WebGroup.java:93) at com.ibm.ws.wswebcontainer.VirtualHost.addWebApplication(VirtualHost.java:162) at com.ibm.ws.wswebcontainer.WebContainer.addWebApp(WebContainer.java:673) at com.ibm.ws.wswebcontainer.WebContainer.addWebApplication(WebContainer.java:626) at com.ibm.ws.webcontainer.component.WebContainerImpl.install(WebContainerImpl.java:335) at com.ibm.ws.webcontainer.component.WebContainerImpl.start(WebContainerImpl.java:551) at com.ibm.ws.runtime.component.ApplicationMgrImpl.start(ApplicationMgrImpl.java:1274) at com.ibm.ws.runtime.component.DeployedApplicationImpl.fireDeployedObjectStart(DeployedApplicationImpl.java:1138) at com.ibm.ws.runtime.component.DeployedModuleImpl.start(DeployedModuleImpl.java:569) at com.ibm.ws.runtime.component.DeployedApplicationImpl.start(DeployedApplicationImpl.java:817) at com.ibm.ws.runtime.component.ApplicationMgrImpl.startApplication(ApplicationMgrImpl.java:921) at com.ibm.ws.runtime.component.ApplicationMgrImpl$1.run(ApplicationMgrImpl.java:1461) at com.ibm.ws.security.auth.ContextManagerImpl.runAs(ContextManagerImpl.java:4149) at com.ibm.ws.security.auth.ContextManagerImpl.runAsSystem(ContextManagerImpl.java:4246) at com.ibm.ws.security.core.SecurityContext.runAsSystem(SecurityContext.java:245) at com.ibm.ws.runtime.component.ApplicationMgrImpl.startApplication(ApplicationMgrImpl.java:1466) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:64) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:615) at sun.reflect.misc.Trampoline.invoke(MethodUtil.java:62) at sun.reflect.GeneratedMethodAccessor15.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:615) at sun.reflect.misc.MethodUtil.invoke(MethodUtil.java:265
Re: [cas-user] CAS 3.4.2 on Websphere 6.1 Errors during start
Yes there are two , because I hadn't considered Websphere 6.1 is shipped with and old version of aspectjrt.jar which should be pre 1.5 version with a different version. Any Ideas to avoid changing classloader policies? thanx Da: Scott Battaglia scott.battag...@gmail.com A: cas-user@lists.jasig.org Inviato: Venerdì 25 Novembre 2011 14:34 Oggetto: Re: [cas-user] CAS 3.4.2 on Websphere 6.1 Errors during start There appears to be some conflict with AspectJ. Do you have two versions on the classpath? On Fri, Nov 25, 2011 at 6:49 AM, mrCas mrcrowley...@yahoo.it wrote: Hi there, I've installed CAS 3.4.2 on tomcat and all went fine. Now I need to run it on Websphere 6.1 I have errors in startup and i can't go on.Can someone help me? Thank you the sysout is like this: 25/11/11 12.18.07:049 CET] 0020 WebApp E [Servlet Error]-[Failed to load listener: org.jasig.cas.web.init.SafeContextLoaderListener]: java.lang.NoSuchMethodError: org/aspectj/runtime/reflect/Factory.makeMethodSig(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)Lorg/aspectj/lang/reflect/MethodSignature; at org.jasig.cas.web.init.SafeContextLoaderListener.clinit(SafeContextLoaderListener.java:1) at java.lang.J9VMInternals.initializeImpl(Native Method) at java.lang.J9VMInternals.initialize(J9VMInternals.java:177) at java.lang.Class.newInstanceImpl(Native Method) at java.lang.Class.newInstance(Class.java:1263) at java.beans.Beans.instantiate(Beans.java:219) at java.beans.Beans.instantiate(Beans.java:63) at com.ibm.ws.webcontainer.webapp.WebApp.loadListener(WebApp.java:1485) at com.ibm.ws.webcontainer.webapp.WebApp.loadLifecycleListeners(WebApp.java:1409) at com.ibm.ws.webcontainer.webapp.WebApp.commonInitializationStart(WebApp.java:426) at com.ibm.ws.wswebcontainer.webapp.WebApp.initialize(WebApp.java:250) at com.ibm.ws.wswebcontainer.webapp.WebGroup.addWebApplication(WebGroup.java:93) at com.ibm.ws.wswebcontainer.VirtualHost.addWebApplication(VirtualHost.java:162) at com.ibm.ws.wswebcontainer.WebContainer.addWebApp(WebContainer.java:673) at com.ibm.ws.wswebcontainer.WebContainer.addWebApplication(WebContainer.java:626) at com.ibm.ws.webcontainer.component.WebContainerImpl.install(WebContainerImpl.java:335) at com.ibm.ws.webcontainer.component.WebContainerImpl.start(WebContainerImpl.java:551) at com.ibm.ws.runtime.component.ApplicationMgrImpl.start(ApplicationMgrImpl.java:1274) at com.ibm.ws.runtime.component.DeployedApplicationImpl.fireDeployedObjectStart(DeployedApplicationImpl.java:1138) at com.ibm.ws.runtime.component.DeployedModuleImpl.start(DeployedModuleImpl.java:569) at com.ibm.ws.runtime.component.DeployedApplicationImpl.start(DeployedApplicationImpl.java:817) at com.ibm.ws.runtime.component.ApplicationMgrImpl.startApplication(ApplicationMgrImpl.java:921) at com.ibm.ws.runtime.component.ApplicationMgrImpl$1.run(ApplicationMgrImpl.java:1461) at com.ibm.ws.security.auth.ContextManagerImpl.runAs(ContextManagerImpl.java:4149) at com.ibm.ws.security.auth.ContextManagerImpl.runAsSystem(ContextManagerImpl.java:4246) at com.ibm.ws.security.core.SecurityContext.runAsSystem(SecurityContext.java:245) at com.ibm.ws.runtime.component.ApplicationMgrImpl.startApplication(ApplicationMgrImpl.java:1466) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:64) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:615) at sun.reflect.misc.Trampoline.invoke(MethodUtil.java:62) at sun.reflect.GeneratedMethodAccessor15.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:615) at sun.reflect.misc.MethodUtil.invoke(MethodUtil.java:265) at javax.management.modelmbean.RequiredModelMBean.invokeMethod(RequiredModelMBean.java:1089) at javax.management.modelmbean.RequiredModelMBean.invoke(RequiredModelMBean.java:971) at com.sun.jmx.mbeanserver.DynamicMetaDataImpl.invoke(DynamicMetaDataImpl.java:231) at com.sun.jmx.mbeanserver.MetaDataImpl.invoke(MetaDataImpl.java:238) at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:833) at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:802) at com.ibm.ws.management.AdminServiceImpl$1.run(AdminServiceImpl.java:1139) at com.ibm.ws.security.util.AccessController.doPrivileged(AccessController.java:118
