If you look in the log, it states that you're missing the groovy jar for some reason:
java.lang.NoClassDefFoundError: org/codehaus/groovy/control/CompilationFailedException -Scott On 6/7/07, bozhe <[EMAIL PROTECTED]> wrote:
Scott, Thank you for the reply. I did as you said and the associated error notice went away. However, I'm still not redirected to the webmail application. I've attached my cas.login DEBUG mode. I appreciate any assistance you can provide. Thanks - http://www.nabble.com/file/p11019876/cas.log cas.log Joe Scott Battaglia-2 wrote: > > Joe, > > You attempted to get a ProxyGrantingTicket for the Webmail service and the > JVM that the CAS server is running in is unable to validate the > certificate > of the Webmail server. > > [org.jasig.cas.authentication > .handler.support.HttpBasedServiceCredentialsAuthenticationHandler] > - javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated > javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated > at > com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificateChain( > SSLSessionImpl.java:401) > > Is it a non-commercial certificate? If so, it will need to be added to > the > CAS JVM. > > -Scott > > > On 6/6/07, bozhe <[EMAIL PROTECTED]> wrote: >> >> >> Scott, >> Thanks for the quick reply. Here is the cas.log in debug mode from the >> actions outlined in my previous email ("web flow problem?"): >> >> I turned tomcat off, deleted cas.log, and turned tomcat back on. That >> gave >> me this: >> >> 2007-06-06 17:28:24,494 WARN >> [org.springframework.ldap.support.LdapContextSource] - Property >> 'userName' >> not set - anonymous context will be used for read-write operations >> 2007-06-06 17:28:24,501 INFO >> [org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler] - No >> PasswordEncoder set. Using default: >> org.jasig.cas.authentication.handler.PlainTextPasswordEncoder >> 2007-06-06 17:28:24,501 INFO >> [org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler] - No >> Class >> to Support set. Using default: >> org.jasig.cas.authentication.principal.UsernamePasswordCredentials >> 2007-06-06 17:28:24,518 INFO >> [org.jasig.cas.ticket.proxy.support.Cas20ProxyHandler] - No >> UniqueTicketIdGenerator specified for >> org.jasig.cas.ticket.proxy.support.Cas20ProxyHandler. Using >> org.jasig.cas.util.DefaultUniqueTicketIdGenerator >> 2007-06-06 17:28:24,988 INFO >> [org.jasig.cas.web.ServiceValidateController] >> - >> No authentication specification class set. Defaulting to >> org.jasig.cas.validation.Cas20ProtocolValidationSpecification >> 2007-06-06 17:28:24,988 INFO >> [org.jasig.cas.web.ServiceValidateController] >> - >> No successView specified. Using default of casServiceSuccessView >> 2007-06-06 17:28:24,988 INFO >> [org.jasig.cas.web.ServiceValidateController] >> - >> No failureView specified. Using default of casServiceFailureView >> 2007-06-06 17:28:24,997 INFO >> [org.jasig.cas.web.ServiceValidateController] >> - >> No successView specified. Using default of casServiceSuccessView >> 2007-06-06 17:28:24,997 INFO >> [org.jasig.cas.web.ServiceValidateController] >> - >> No failureView specified. Using default of casServiceFailureView >> 2007-06-06 17:28:25,035 INFO >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - FormObjectClass >> not >> set. Using default class of >> org.jasig.cas.authentication.principal.UsernamePasswordCredentials with >> formObjectName credentials and validator >> org.jasig.cas.validation.UsernamePasswordCredentialsValidator. >> 2007-06-06 17:28:44,580 INFO >> [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - >> Starting cleaning of expired tickets from ticket registry at [Wed Jun 06 >> 17:28:44 EDT 2007] >> 2007-06-06 17:28:44,580 INFO >> [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - 0 >> found to be removed. Removing now. >> 2007-06-06 17:28:44,580 INFO >> [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - >> Finished cleaning of expired tickets from ticket registry at [Wed Jun 06 >> 17:28:44 EDT 2007] >> >> >> Then I logged successfully into CAS by itself (at >> https://www.norwood-ma.gov/cas): >> >> 2007-06-06 17:37:04,178 INFO >> [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - >> Starting cleaning of expired tickets from ticket registry at [Wed Jun 06 >> 17:37:04 EDT 2007] >> 2007-06-06 17:37:04,178 INFO >> [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - 0 >> found to be removed. Removing now. >> 2007-06-06 17:37:04,178 INFO >> [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - >> Finished cleaning of expired tickets from ticket registry at [Wed Jun 06 >> 17:37:04 EDT 2007] >> 2007-06-06 17:37:59,453 INFO >> [org.jasig.cas.web.flow.AutomaticCookiePathSetterAction] - Setting >> ContextPath for cookies to: /cas >> 2007-06-06 17:38:09,424 INFO >> [org.jasig.cas.authentication.AuthenticationManagerImpl] - >> AuthenticationHandler: >> org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler >> successfully >> authenticated the user which provided the following credentials: >> jsalvaggio >> >> Then I closed and reopened my browser and attempted to log in to >> webmail.norwood-ma.gov: >> >> 2007-06-06 17:41:56,850 INFO >> [org.jasig.cas.authentication.AuthenticationManagerImpl] - >> AuthenticationHandler: >> org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler >> successfully >> authenticated the user which provided the following credentials: >> jsalvaggio >> 2007-06-06 17:41:56,857 INFO >> [org.jasig.cas.CentralAuthenticationServiceImpl] - Granted service ticket >> [ST-2-IFs6D3RnhK0B2Ud92c1JifcYLfVthnARypg-20] for service >> [http://webmail.norwood-ma.gov/src/login.php] for user [jsalvaggio] >> 2007-06-06 17:41:57,352 ERROR >> [ >> org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler >> ] >> - javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated >> javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated >> at >> com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificateChain( >> SSLSessionImpl.java:401) >> at >> >> org.apache.commons.httpclient.contrib.ssl.StrictSSLProtocolSocketFactory.verifyHostname >> (StrictSSLProtocolSocketFactory.java:280) >> at >> >> org.apache.commons.httpclient.contrib.ssl.StrictSSLProtocolSocketFactory.createSocket >> (StrictSSLProtocolSocketFactory.java:223) >> at >> org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java :706) >> at >> >> org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open >> (MultiThreadedHttpConnectionManager.java:1321) >> at >> org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry( >> HttpMethodDirector.java:386) >> at >> org.apache.commons.httpclient.HttpMethodDirector.executeMethod( >> HttpMethodDirector.java:170) >> at >> org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java >> :396) >> at >> org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java >> :324) >> at >> >> org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler.authenticate >> (HttpBasedServiceCredentialsAuthenticationHandler.java:75) >> at >> org.jasig.cas.authentication.AuthenticationManagerImpl.authenticate( >> AuthenticationManagerImpl.java:79) >> at >> >> org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket >> (CentralAuthenticationServiceImpl.java:194) >> at >> org.jasig.cas.web.ServiceValidateController.handleRequestInternal( >> ServiceValidateController.java:159) >> at >> org.springframework.web.servlet.mvc.AbstractController.handleRequest( >> AbstractController.java:153) >> at >> org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle( >> SimpleControllerHandlerAdapter.java:48) >> at >> org.springframework.web.servlet.DispatcherServlet.doDispatch( >> DispatcherServlet.java:819) >> at >> org.springframework.web.servlet.DispatcherServlet.doService( >> DispatcherServlet.java:754) >> at >> org.springframework.web.servlet.FrameworkServlet.processRequest( >> FrameworkServlet.java:399) >> at >> org.springframework.web.servlet.FrameworkServlet.doGet( >> FrameworkServlet.java:354) >> at javax.servlet.http.HttpServlet.service(HttpServlet.java:690) >> at javax.servlet.http.HttpServlet.service(HttpServlet.java:803) >> at >> org.jasig.cas.web.init.SafeDispatcherServlet.service( >> SafeDispatcherServlet.java:115) >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( >> ApplicationFilterChain.java:290) >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter( >> ApplicationFilterChain.java:206) >> at >> org.apache.catalina.core.StandardWrapperValve.invoke( >> StandardWrapperValve.java:228) >> at >> org.apache.catalina.core.StandardContextValve.invoke( >> StandardContextValve.java:175) >> at >> org.apache.catalina.core.StandardHostValve.invoke( StandardHostValve.java >> :128) >> at >> org.apache.catalina.valves.ErrorReportValve.invoke( ErrorReportValve.java >> :104) >> at >> org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.java >> :393) >> at >> org.apache.catalina.core.StandardEngineValve.invoke( >> StandardEngineValve.java:109) >> at >> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java >> :216) >> at >> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java :844) >> at >> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process ( >> Http11Protocol.java:634) >> at org.apache.tomcat.util.net.JIoEndpoint$Worker.run( >> JIoEndpoint.java:445) >> at java.lang.Thread.run(Thread.java:619) >> 2007-06-06 17:41:57,354 INFO >> [org.jasig.cas.authentication.AuthenticationManagerImpl] - >> AuthenticationHandler: >> >> org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler >> failed to authenticate the user which provided the following credentials: >> https://webmail.norwood-ma.gov/src/login.php >> 2007-06-06 17:41:57,354 ERROR >> [org.jasig.cas.web.ServiceValidateController >> ] >> - TicketException generating ticket for: >> https://webmail.norwood-ma.gov/src/login.php >> org.jasig.cas.ticket.TicketCreationException: >> error.authentication.credentials.bad >> at >> >> org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket >> (CentralAuthenticationServiceImpl.java:215) >> at >> org.jasig.cas.web.ServiceValidateController.handleRequestInternal( >> ServiceValidateController.java:159) >> at >> org.springframework.web.servlet.mvc.AbstractController.handleRequest( >> AbstractController.java:153) >> at >> org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle( >> SimpleControllerHandlerAdapter.java:48) >> at >> org.springframework.web.servlet.DispatcherServlet.doDispatch( >> DispatcherServlet.java:819) >> at >> org.springframework.web.servlet.DispatcherServlet.doService( >> DispatcherServlet.java:754) >> at >> org.springframework.web.servlet.FrameworkServlet.processRequest( >> FrameworkServlet.java:399) >> at >> org.springframework.web.servlet.FrameworkServlet.doGet( >> FrameworkServlet.java:354) >> at javax.servlet.http.HttpServlet.service(HttpServlet.java:690) >> at javax.servlet.http.HttpServlet.service(HttpServlet.java:803) >> at >> org.jasig.cas.web.init.SafeDispatcherServlet.service( >> SafeDispatcherServlet.java:115) >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( >> ApplicationFilterChain.java:290) >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter( >> ApplicationFilterChain.java:206) >> at >> org.apache.catalina.core.StandardWrapperValve.invoke( >> StandardWrapperValve.java:228) >> at >> org.apache.catalina.core.StandardContextValve.invoke( >> StandardContextValve.java:175) >> at >> org.apache.catalina.core.StandardHostValve.invoke( StandardHostValve.java >> :128) >> at >> org.apache.catalina.valves.ErrorReportValve.invoke( ErrorReportValve.java >> :104) >> at >> org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.java >> :393) >> at >> org.apache.catalina.core.StandardEngineValve.invoke( >> StandardEngineValve.java:109) >> at >> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java >> :216) >> at >> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java :844) >> at >> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process ( >> Http11Protocol.java:634) >> at org.apache.tomcat.util.net.JIoEndpoint$Worker.run( >> JIoEndpoint.java:445) >> at java.lang.Thread.run(Thread.java:619) >> Caused by: error.authentication.credentials.bad >> at >> org.jasig.cas.authentication.handler.BadCredentialsAuthenticationException >> .<clinit>(BadCredentialsAuthenticationException.java:25) >> at >> org.jasig.cas.authentication.AuthenticationManagerImpl.authenticate( >> AuthenticationManagerImpl.java:105) >> at >> >> org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket >> (CentralAuthenticationServiceImpl.java:194) >> ... 23 more >> >> >> Thank you, Scott, or anyone else, who can help me figure this out. >> >> >> Joe Salvaggio >> >> >> Scott Battaglia-2 wrote: >> > >> > You should be able to tell in the CAS log file if the ticket was >> > authenticated successfully or not (if you can't see it, try turning the >> > logging level to DEBUG) >> > >> > Your "You are not authenticated" message is coming from squirrelmail >> not >> > CAS. >> > >> > -Scott >> > >> > On 6/6/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> >> > wrote: >> >> >> >> I'll replicate the problem in steps: >> >> >> >> Background: CAS Server 3.0.7 >> >> CAS Clients installed: esup-phpcas-0.5.1-1 >> >> >> Pam_cas- >> >> 2.0.11-esup-2.0.4 >> >> >> >> I've followed a document on cas-ifying squirrelmail. It includes a >> >> downloadable squirrelmail login.php modified with CAS . >> >> When I put the url "webmail.norwood-ma.gov" in the url and hit enter >> it >> >> takes me to the CAS login page with the following in the url:" >> >> >> https://www.norwood-ma.gov/cas/login?service=http%3A%2F%2Fwebmail.norwood-ma.gov%2Fsrc%2Flogin.php >> >> I enter my username and password (I set it up with ldap-fastbind) hit >> >> enter and it takes me to: >> >> CAS Authentication failed! >> >> >> >> You were not authenticated. >> >> >> >> You may submit your request again by clicking >> >> here<http://webmail.norwood-ma.gov/src/login.php> >> >> . >> >> >> >> If the problem persists, you may contact the administrator of this >> >> site<[EMAIL PROTECTED]> >> >> . >> >> ------------------------------ >> >> phpCAS 0.5.1-1 using server >> >> https://www.norwood-ma.gov:443/cas/<https://www.norwood-ma.gov/cas/ >> >(CAS >> >> 2.0) >> >> >> >> --with a url of " >> >> >> http://webmail.norwood-ma.gov/src/login.php?ticket=ST-3-aBnEtPuMqqWdyat97ywctFPe7pkHXlcgW6C-20 >> >> " >> >> >> >> When I the click the link on the bottom it takes me to this: >> >> Log In Successful >> >> >> >> You have successfully logged into the Central Authentication Service. >> >> >> >> -with the url of "https://www.norwood-ma.gov/cas/login?null"; >> >> When I go to the CAS login page by itself >> >> (https://www.norwood-ma.gov/cas) >> >> I can log on with no problem . >> >> Joe Salvaggio >> >> _______________________________________________ >> >> Yale CAS mailing list >> >> [email protected] >> >> http://tp.its.yale.edu/mailman/listinfo/cas >> >> >> >> >> > >> > >> > -- >> > -Scott Battaglia >> > >> > LinkedIn: http://www.linkedin.com/in/scottbattaglia >> > >> > _______________________________________________ >> > Yale CAS mailing list >> > [email protected] >> > http://tp.its.yale.edu/mailman/listinfo/cas >> > >> > >> >> -- >> View this message in context: >> http://www.nabble.com/web-flow-problem--tf3879194.html#a10997918 >> Sent from the CAS Users mailing list archive at Nabble.com. >> >> _______________________________________________ >> Yale CAS mailing list >> [email protected] >> http://tp.its.yale.edu/mailman/listinfo/cas >> > > > > -- > -Scott Battaglia > > LinkedIn: http://www.linkedin.com/in/scottbattaglia > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > > -- View this message in context: http://www.nabble.com/web-flow-problem--tf3879194.html#a11019876 Sent from the CAS Users mailing list archive at Nabble.com. _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
-- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
