Hi!
I have a problem with next scenario:
Tomcat 7.0.12 + APR
CAS 3.4.5
Java SE 6.0.24
Tomcat https connector:
-------------------------------
<Connector maxThreads="150" port="8443" protocol="HTTP/1.1" scheme="https"
secure="true"
SSLEngine="on" SSLEnabled="true" SSLVerifyClient="require"
SSLCertificateFile="${catalina.home}/conf/tomcatkey.pem"
SSLCACertificateFile="${catalina.home}/conf/chain.pem"
SSLPassword="xxx"
SSLProtocol="TLSv1"
/>
------------------------------------------
When I try to login into a java webapp, after send a valid cert I get following
response:
2011-05-20 13:13:31,250 INFO
[com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit
trail record BEGIN
=============================================================
WHO: <nombre_de_usuario>
WHAT: ST-1-Il9Oop9eHnK9U7SknLps-cas for
https://<hostname>:8443/c/portal/login?p_l_id=13403
ACTION: SERVICE_TICKET_CREATED
APPLICATION: CAS
WHEN: Fri May 20 13:13:31 ART 2011
CLIENT IP ADDRESS: <clientIP>
SERVER IP ADDRESS: <serverIP>
=============================================================
>
13:13:32,453 ERROR [CommonUtils:294] Connection reset
java.net.SocketException: Connection reset
at java.net.SocketInputStream.read(SocketInputStream.java:168)
at com.sun.net.ssl.internal.ssl.InputRecord.readFully(InputRecord.java:293)
at com.sun.net.ssl.internal.ssl.InputRecord.read(InputRecord.java:331)
...
13:13:32,468 ERROR [CASFilter:136] java.lang.RuntimeException:
java.net.SocketException: Connection reset
java.lang.RuntimeException: java.net.SocketException: Connection reset
at
org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:295)
at
org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:33)
....
Caused by: java.net.SocketException: Connection reset
at java.net.SocketInputStream.read(SocketInputStream.java:168)
at com.sun.net.ssl.internal.ssl.InputRecord.readFully(InputRecord.java:293)
at com.sun.net.ssl.internal.ssl.InputRecord.read(InputRecord.java:331)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:798)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1138)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1165)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1149)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)
at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
at
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1172)
at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234)
at
org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:281)
... 46 more
If I change the tomcat https connector to use JSSE (java keystore certificates)
and disable APR listener, all work fine without any further change.
I missed something? Thanks in advance.
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
