Re: Problem transferring control from CAS to uportal

[asha latha]

Thank you Scott for your reply.

 

(a) does not trust the CAS server certificate which means it just needs to be added

 Can you please expain more on the point 'a' you specified.

 

 I am new to CAS, so I am not sure where to find enough information on this issue.

>(b) the CN does not match the hostname (in this case localhost).

I think this is not the issue because my host name is localhost.

Scott Battaglia <[EMAIL PROTECTED]> wrote:

It most likely means that the uPortal JVM either (a) does not trust the CAS server certificate which means it just needs to be added or (b) the CN does not match the hostname (in this case localhost).

-Scott

On 11/14/06, asha latha <[EMAIL PROTECTED]> wrote:

Thank you very much for your support regarding this issue.

 

Finally, my tomcat is working fine but I am still getting the error when I try to integrate CAS to uportal.

I tried to access the uportal using the url https://localhost:8443/cas/login? service=http%3A%2F%2Flocalhost:8080%2FuPortal%2FLogin

 

CAS login screen appeared and I have provided it with

NetId: demo

Password: demo

The user is authenticated and it created a ticket and forwarded the request to uportal

 

These are the lines that are printed in the tomcat command prompt:

    

[java] 2006-11-14 21:05:15,936 INFO [org.jasig.cas.web.flow.AutomaticCookie
PathSetterAction] - <Setting ContextPath for cookies to: /cas>
     [java] 2006-11-14 21:06:15,882 INFO [org.jasig.cas.authentication.Authentic
ationManagerImpl] - <AuthenticationHandler: org.jasig.cas.authentication.handler
.support.SimpleTestUsernamePasswordAuthenticationHandler successfully authentica
ted the user which provided the following credentials: demo>
     [java] 2006-11-14 21:06:15,912 INFO [org.jasig.cas.CentralAuthenticationSer
viceImpl] - <Granted service ticket [ST-2-nc4QVZbCvVrMfbukiTwiQlN9Ay6Yir09yd7-20
] for service [http://localhost:8080/uPortal/Login] for user [demo]>
     [java] 2006-11-14 21:09:49,279 INFO [ org.jasig.cas.CentralAuthenticationSer
viceImpl] - <Granted service ticket [ST-3-2ggz6GySwabK7ctCd0OfNbJYIhEs46H4kH9-20
] for service [ http://localhost:8080/uPortal/Login] for user [demo]>

 

 

 

 but at this particular point I am getting the following exception.

 

exception

javax.servlet.ServletException  : Unable to validate ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator casValidateUrl=[  https://localhost:8443/cas/serviceValidate] ticket=[ST-2-nc4QVZbCvVrMfbukiTwiQlN9Ay6Yir09yd7-20] service=[http%3A%2F%2Flocalhoat%3A8080%2FuPortal%2FLogin] renew=false]]]   edu.yale.its.tp.cas.client.filter.CASValidateFilter.doFilter  (CASValidateFilter.java:292)  

root cause

edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to validate ProxyTicketValidator [[  edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator
 casValidateUrl=[  https://localhost:8443/cas/serviceValidate] ticket=[ST-2-nc4QVZbCvVrMfbukiTwiQlN9Ay6Yir09yd7-20]
 service=[http%3A%2F%2Flocalhoat%3A8080%2FuPortal%2FLogin] renew=false]]]   edu.yale.its.tp.cas.client.CASReceipt.getReceipt  (CASReceipt.java:52)   edu.yale.its.tp.cas.client.filter.CASValidateFilter.getAuthenticatedUser(CASValidateFilter.java:339)   edu.yale.its.tp.cas.client.filter.CASValidateFilter.doFilter(CASValidateFilter.java:289)  

Can anybody help me with this error.

 

 

Thanks in advance.

 

Thanks,

Asha

 

John Thiltges < [EMAIL PROTECTED]> wrote:

asha latha wrote:
> Thank you for your response John.
>
> I removed those two lines from the server.xml.
>

> > maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
> enableLookups="false" disableUploadTimeout="true"
> acceptCount="100" scheme="https" secure="true"
> clientAuth="false" sslProtocol="TLS"
> />
> Now I am not getting exceptions in tomcat.
Excellent.
> But when I try to open the SSL configuration by going to
> https://localhost:8443/
>
> I am getting the following error message .
>
> There is a problem with this website's security
> certificate.
> The security certificate presented by this website was not
> issued by a trusted certificate authority.
>
>
>
> Security certificate problems may indicate an attempt to fool you or
> intercept any data you send to the server.
>
> Do you have any idea what's going on?
>
Sounds like things are working fine.

Because you made a self-signed certificate, it's not automatically
trusted by your browser and you get the warning. For a production
service, you'll probably want to purchase an SSL certificate from a
certificate authority (CA). There are lots of vendors: Verisign/Thawte,
Comodo, GeoTrust, and many others.

John
_______________________________________________
Yale CAS mailing list
cas@tp.its.yale.edu
http://tp.its.yale.edu/mailman/listinfo/cas

---

Sponsored Link

Mortgage rates near 39yr lows. $510,000 Mortgage for $1,698/mo - Calculate new house payment

_______________________________________________
Yale CAS mailing list
cas@tp.its.yale.edu
http://tp.its.yale.edu/mailman/listinfo/cas

_______________________________________________
Yale CAS mailing list
cas@tp.its.yale.edu
http://tp.its.yale.edu/mailman/listinfo/cas

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com

_______________________________________________
Yale CAS mailing list
cas@tp.its.yale.edu
http://tp.its.yale.edu/mailman/listinfo/cas