我目前正在为我的项目设置开发环境,但他们已经使用CAS进行中央身份验证&我对CAS很新。我仍然可以看到使用ldap服务器进行用户身份验证的开发环境的cas登录页面,但是当我点击登录按钮时它会抛出异常。我附加链接到配置Jboss for ssl连接我使用但仍然得到相同的异常。请帮忙
2012-12-17 15:33:51,575 INFO [STDOUT] 15:33:51,575 ERROR [CASReceipt] edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to validate ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator casValidateUrl=[https://IN-HODPDT-0010.glenmark.com/cas/serviceValidate] ticket=[ST-1-KRWufbKdoPaes3pBNKeBJEE30gXjF2lIcTy-20] service=[http%3A%2F%2FIN-HODPDT-0010.glenmark.com%2Ftraveldesk%2Flogin%2Floginaction.do] renew=false]]]
2012-12-17 15:33:51,575 INFO [STDOUT] 15:33:51,575 ERROR [CASFilter] edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to validate ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator casValidateUrl=[https://IN-HODPDT-0010.glenmark.com/cas/serviceValidate] ticket=[ST-1-KRWufbKdoPaes3pBNKeBJEE30gXjF2lIcTy-20] service=[http%3A%2F%2FIN-HODPDT-0010.glenmark.com%2Ftraveldesk%2Flogin%2Floginaction.do] renew=false]]]
2012-12-17 15:33:51,575 ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost].[/traveldesk].[action]] Servlet.service() for servlet action threw exception
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
答案 0 :(得分:0)
看起来您的CAS服务器的SSL存在问题。本指南可能会对您有所帮助:https://wiki.jasig.org/display/CASUM/SSL+Troubleshooting+and+Reference+Guide。
答案 1 :(得分:0)
您应该将server.cer导入客户端JRE!
keytool -import -trustcacerts -alias tomcat -keystore "%JAVA_HOME%/JRE/LIB/SECURITY/CACERTS" -storepass changeit -file c:\myserver.cer