Thanks Alex. That fixed the SNI issue, so I can at least see the relevant errors generated by DSpace now. =)
Cheers, Graham -----Original Message----- From: Àlex Magaz Graça [mailto:alexandre.ma...@udl.cat] Sent: Thursday, April 23, 2015 3:27 AM To: Graham Faulkner Cc: dspace-tech@lists.sourceforge.net Subject: Re: [Dspace-tech] CAS for DSpace 5.1 XMLUI (Mirage 2) El 22/04/15 a les 21:14, Graham Faulkner ha escrit: > Hi there, > > We are trying to set up CAS authentication for a DSpace 5.1 instance > running XMLUI (Mirage 2). > > I have taken some cues from this GitHub pull request > (https://github.com/DSpace/DSpace/pull/804) and from a custom CAS > implementation from our DS 3.1 instance. We have installed a > certificate and can view things via https on port 8443. > > However, upon performing the CAS login and returning to the website, > we encounter this error: “HTTP Status 500 - > javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name” > > Doing some Googling, it seems like this is an issue with the newer > JVM, and that we need to disable SNI, by setting this flag: > “-Djsse.enableSNIExtension=false”. (e.g. > https://wiki.jasig.org/display/CASUM/SSL+Troubleshooting+and+Reference > +Guide) > > > I added it to JAVA_OPTS value in the /dspace-source/dspace/bin/dspace > file, and rebuilt everything. However, I’m still encountering the > error when attempting a CAS login. > > Has anyone successfully got CAS working with DSpace 5.1, XMLUI (Mirage > 2), or have pointers in the right direction? > > Cheers, > > Graham > > ----------------------------------------- > > Graham Faulkner > > Web Developer / Programmer > > Digital Initiatives, Library > > University of Waterloo > > Waterloo, Ontario N2L 3G1 CANADA > > 519-888-4567 x32461 > > graham.faulk...@uwaterloo.ca <mailto:graham.faulk...@uwaterloo.ca> > > > > ---------------------------------------------------------------------- > -------- BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT > Develop your own process in accordance with the BPMN 2 standard Learn > Process modeling best practices with Bonita BPM through live exercises > http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- > event?utm_ > source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF > > > > _______________________________________________ > DSpace-tech mailing list > DSpace-tech@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/dspace-tech > List Etiquette: > https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette > Hi Graham, I'm not sure this will solve the problem, but I'd say you should set JAVA_OPTS for Tomcat instead. For example, if you are using Ubuntu, you can set it in /etc/default/tomcat7. Cheers, Àlex ------------------------------------------------------------------------------ BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT Develop your own process in accordance with the BPMN 2 standard Learn Process modeling best practices with Bonita BPM through live exercises http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_ source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF _______________________________________________ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette