|
3x for you reply. ’m tring to access the CAS server via SSL, isn’t it right? How
to enable cookie on the server side? Sorry, I’m a newbie . 发件人: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] 代表 Scott Battaglia Are you attempting to access the CAS server
via SSL? Are cookies enabled? On I recently deploy a cas server in 10.100.2.6(it's hostname is rsserver).
I can login successfully to webapp1, but when I try to visit webapp2 ,I has to
login again. I check the log, and find this error occurs every login action(it
doesn't stop login) Is this error message the reason why I need to login for every single
webapp?and what can I do with this problem. 2006-11-10 13:44:36,838 ERROR
[org.jasig.cas.web.ServiceValidateController] - <TicketException generating
ticket for: https://10.100.2.6:8443/contacts-cas/casProxy/receptor> org.jasig.cas.ticket.TicketCreationException:
error.authentication.credentials.bad at
org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket(CentralAuthenticationServiceImpl.java:215) at
org.jasig.cas.web.ServiceValidateController.handleRequestInternal(ServiceValidateController.java:159) at
org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153) at
org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:45) at
org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:798) at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:728) at
org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:396) at
org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:350) at
javax.servlet.http.HttpServlet.service(HttpServlet.java:689) at
javax.servlet.http.HttpServlet.service(HttpServlet.java:802) at
org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115) at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:237) at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:157) at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:214) at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104) at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:198) at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:152) at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104) at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137) at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104) at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:118) at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102) at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104) at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929) at
org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160) at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799) at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:705) at
org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577) at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683) at
java.lang.Thread.run(Thread.java:536) Caused by: error.authentication.credentials.bad at
org.jasig.cas.authentication.handler.BadCredentialsAuthenticationException.<clinit>(BadCredentialsAuthenticationException.java:25) at
org.jasig.cas.authentication.AuthenticationManagerImpl.authenticate(AuthenticationManagerImpl.java:105) at
org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket(CentralAuthenticationServiceImpl.java:194) ... 34 more The following is the keystore assigned in tomcat server.xml Keystore type: jks Keystore provider: SUN Your keystore contains 1 entry Alias name: tomcat2 Creation date: Nov 10, 2006 Entry type: keyEntry Certificate chain length: 1 Certificate[1]: Owner: CN=rsserver, OU=bjjdsy, O=bjjdsy, L=bj, ST=bj, C=cn Issuer: CN=rsserver, OU=bjjdsy, O=bjjdsy, L=bj, ST=bj, C=cn Serial number: 4553d8ab Valid from: Fri Nov 10 09:40:59 CST 2006 until: Thu Feb 08 09:40:59 CST
2007 Certificate fingerprints: MD5: A7: SHA1:
E7:B8:C8:98:6D:B8:06:96:E2:C7: The following is the keystore in jdk Alias name: tomcat3 Creation date: Nov 10, 2006 Entry type: trustedCertEntry Owner: CN=rsserver, OU=bjjdsy, O=bjjdsy, L=bj, ST=bj, C=cn Issuer: CN=rsserver, OU=bjjdsy, O=bjjdsy, L=bj, ST=bj, C=cn Serial number: 4553d8ab Valid from: Fri Nov 10 09:40:59 CST 2006 until: Thu Feb 08 09:40:59 CST
2007 Certificate fingerprints: MD5: A7: SHA1:
E7:B8:C8:98:6D:B8:06:96:E2:C7: The acegi config <bean
id="casProxyTicketValidator"
class="org.acegisecurity.providers.cas.ticketvalidator.CasProxyTicketValidator"> <property
name="casValidate"><value>https://rsserver:8443/cas/proxyValidate</value></property>
<property
name="proxyCallbackUrl"><value>http://rsserver:8443/contacts-cas/casProxy/receptor
</value></property> <property
name="serviceProperties"><ref
bean="serviceProperties"/></property> <!--
<property name="trustStore"><value>/some/path/to/your/lib/security/cacerts</value></property>
--> </bean>
|
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
