Arthur, It appears your CAS server is using a self-signed SSL certificate. Have you installed the public key of this certificate into the keystore of the client JVM so that it knows to trust this SSL certificate and can successfully https: request to CAS to validate the ticket?
SSL certificate installation issues are by far the most common cause of inability to validate the ProxyTicketValidator in the Yale Java CAS Client. Andrew Arthur Erdös wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hello CAS experts ;) > > finally I made it to get the CAS server deployed in Tomcat and SSL > working... Now I'm facing the next problem when being redirected from > the cas server: > > CASAuthenticationException: Unable to validate ProxyTicketValidator > > I'm testing the HelloWorld Servlet running on the local machine. The cas > server runs on an extern machine. > > server catalina log: > > [org.jasig.cas.authentication.AuthenticationManagerImpl] - > <AuthenticationHandler: > org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler > successfully authenticated the user which provided the following > credentials: uday> > 2008-02-18 18:58:34,389 INFO > [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service > ticket [ST-4-k07YL5mH4zxYbOZccgKf] for service > [http://localhost:8180/servlets-examples/servlet/HelloWorldExample] for > user [uday]> > > client catalina log: > > 18.02.2008 17:10:12 edu.yale.its.tp.cas.client.CASReceipt getReceipt > SCHWERWIEGEND: edu.yale.its.tp.cas.client.CASAuthenticationException: > Unable to validate ProxyTicketValidator > [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] > [edu.yale.its.tp.cas.client.ServiceTicketValidator > casValidateUrl=[https://secure.bg-server.de:8443/cas/serviceValidate] > ticket=[ST-4-k07YL5mH4zxYbOZccgKf] > service=[http%3A%2F%2Flocalhost%3A8180%2Fservlets-examples%2Fservlet%2FHelloWorldExample] > renew=false]]] > 18.02.2008 17:10:12 edu.yale.its.tp.cas.client.filter.CASFilter doFilter > SCHWERWIEGEND: edu.yale.its.tp.cas.client.CASAuthenticationException: > Unable to validate ProxyTicketValidator > [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] > [edu.yale.its.tp.cas.client.ServiceTicketValidator > casValidateUrl=[https://secure.bg-server.de:8443/cas/serviceValidate] > ticket=[ST-4-k07YL5mH4zxYbOZccgKf] > service=[http%3A%2F%2Flocalhost%3A8180%2Fservlets-examples%2Fservlet%2FHelloWorldExample] > renew=false]]] > > > anybody an idea what is still missing?? > > thx in advance! > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.6 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iD4DBQFHua9MdPoEKckmzw4RAqBGAJiZBu34KT8SjoXCBbQitmp23R3pAJ0fdTsY > BA/XudTqfVMWlqCc+tMdAg== > =+/wa > -----END PGP SIGNATURE----- > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
