Thank you for trying out the client. I think the problem you're running into is ColdFusion's JRun server does not trust your SSL cert that the tomcat server uses for CAS. So when ColdFusion tries to contact your CAS server it's not actually getting a response for CAS but rather an error about an invalid cert. So the client gets stuck in an infinite loop trying to send user to cas login, validate, fail validation, rinse and repeat.
In my test environment I created my own CA and I import my CA's cert into all my different server's keystore so that any certs I sign are automatically trusted. I run CentOS and used these instructions: http://dev.antoinesolutions.com/openssl Then use: /opt/coldfusion8/runtime/jre/bin/keytool To import the cert into: /opt/coldfusion8/runtime/jre/lib/security/cacerts Detailed instructions: http://www.coldfusionmuse.com/index.cfm/2005/1/29/keystore Hope that solves your problem, John On Wed, May 13, 2009 at 12:18, Xuejin Ruan <[email protected]> wrote: > > Hi John, > > Thanks so much for sharing the Coldfusion CAS Client Component with the > community. I am new to CAS, but would like to explore the potential of > using CAS as an SSO solution to our portal (which has Coldfusion as well as > Java applications). This morning I was playing with CAS clients your wrote, > and encountered some problem. I am wondering whether you could shed some > lights on. > > The following is my basic environment: > CAS server: 3.3.2 > Coldfusion: 8 > Tomcat: 6.0.18 > > I've downloaded cas server 3.3.2 and put the war file in Tomcat webapp > directory. I also create a self-authored server certificate using Keytool. > The CAS server is running fine. Then I download the cas.cfc component and > put it in folder C:\ColdFusion8\CustomTags. I have a very simple application > casTesting, which only has one file: index.cfm (output HelloWorld). I > download Application.cfc and put in in the folder of casTesting. And I only > made the following modification in Application.cfc: > <cfset Variables.CAS_arguments = { cas_server = > "https://<myServerName>:8443/cas", > service = > "http://<myServerName>:8500/casTesting", > direct_forwarding = true } /> > > Then I tried to run the application: http://<myServerName>:8500/casTesting > It got redirected to the CAS login page. I typed login credentials, and > after a long long while, it returned the following url: > http://<myServerName>:8500/casTesting?ticket=ST-4024-Or6y4zgpleq6MtM93qxr-cas > > And the page says: Page not found, connection failure. > > On Tomcat console window, it seems it is running a endless loop issueing > ticket for the application until it timeouts. > > > If I tried page: http://<myServerName>:8500/casTesting without having > Application.cfc in the folder, HelloWorld did get displayed correctly. > > Am I missing something in the configuration? > > Thanks! > > Xuejin > > > > John Watson-13 wrote: >> >> I wrote a new ColdFusion CAS client in order to take advantage of Single >> Sign Out and Attribute releasing. Since I use an Application.cfc in my >> applications, I figured it was time to for the existing client to be >> rewritten as a ColdFusion component (CFC) and now I'm ready to release it >> to >> the community. >> >> I hope to hear feedback from the community and improvements/bug fixes are >> very welcome. >> >> http://www.ja-sig.org/wiki/display/CASC/ColdFusion+CAS+Client+Component >> John Watson >> Jr. Web Developer >> University of California, Merced >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> > > -- > View this message in context: > http://www.nabble.com/New-ColdFusion-CAS-Client-tp23343215p23526600.html > Sent from the CAS Users mailing list archive at Nabble.com. > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
