> My cert already was imported to $JAVA_HOME/jre/lib/security/cacerts Client or server? There are two keystores (actually truststores in this case) in your setup. You need to import the CAS server cert into your client's truststore (cacerts by default) to get ticket validation of any sort to work. Additionally, to enable CAS proxy support you also need to import the client cert into the server keystore.
> I commented > <!-- > <init-param> > > <param-name>edu.yale.its.tp.cas.client.filter.proxyCallbackUrl</param-name> > > <param-value>https://angara.techinfocom.com:8443/ui-fw/CasProxyServlet</param-value> > </init-param> > --> > > but nothing changed. You'll also need to change the ticket validation URL: <init-param> <param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name> <param-value>https://localhost:8443/cas/proxyValidate</param-value> </init-param> Needs to be https://localhost:8443/cas/serviceValidate. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
