关于CAS单点登录的问题

浏览 1795 次

主题：关于CAS单点登录的问题该帖已经被评为新手帖
作者	正文
cn_arthurs 等级: 初级会员文章: 10 积分: 20	最后更新时间：2008-01-23 关键字: cas 引用相关文章: Yale CAS最佳实践 --全部 Yale CAS 最佳实践第一部分：配置篇求助：Yale CAS客户端应用平台为WEBLOGIC814时报错推荐圈子: liferay 更多相关推荐我碰到的问题是,我现在用一台机器,两个版本的tomcat做测试在服务器端打开这个https://localhost:8443/cas/地址,能够现实登录页也能登录成功但是我用另一tomcat版本做客户端的时候,访问http://localhost:8088/jsp-examples的时候,能够跳转到https://localhost:8443/cas/login?service=http%3A%2F%2Flocalhost%3A8088%2Fjsp-examples%2F的登录页面,但是输入完用户名密码提交后,出现下面错误 javax.servlet.ServletException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:254) edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:184) root cause javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150) com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1476) com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174) com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:168) com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:846) com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:106) com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495) com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433) com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:815) com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1025) com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1038) sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:405) sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:170) sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:905) sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234) edu.yale.its.tp.cas.util.SecureURL.retrieve(SecureURL.java:70) edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(ServiceTicketValidator.java:212) edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:219) edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:184) root cause sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:221) sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:145) sun.security.validator.Validator.validate(Validator.java:203) com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:172) com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(SSLContextImpl.java:320) com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:839) com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:106) com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495) com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433) com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:815) com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1025) com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1038) sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:405) sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:170) sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:905) sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234) edu.yale.its.tp.cas.util.SecureURL.retrieve(SecureURL.java:70) edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(ServiceTicketValidator.java:212) edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:219) edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:184) root cause sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:236) java.security.cert.CertPathBuilder.build(CertPathBuilder.java:194) sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:216) sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:145) sun.security.validator.Validator.validate(Validator.java:203) com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:172) com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(SSLContextImpl.java:320) com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:839) com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:106) com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495) com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433) com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:815) com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1025) com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1038) sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:405) sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:170) sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:905) sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234) edu.yale.its.tp.cas.util.SecureURL.retrieve(SecureURL.java:70) edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(ServiceTicketValidator.java:212) edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:219) edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:184) 声明：JavaEye文章版权属于作者，受法律保护。没有作者书面许可不得转载。推荐链接 Windows7在微软WinHEC 2008上揭开神秘面纱在繁琐中挣扎还是简化自主管理？ IBM Rational软件开发高峰论坛9月揭幕
返回顶楼

murainwood 等级: 初级会员文章: 215 积分: 0	最后更新时间：2008-01-23 引用导入证书没？
返回顶楼	0 0 请登录后投票

cn_arthurs 等级: 初级会员文章: 10 积分: 20	最后更新时间：2008-01-25 引用问题解决了,是证书的问题,cacerts文件需要放 JAVA_HOME的jre目录下,不是跟jdk同级的jre目录例如:D:\tools\Java\jdk1.5.0_01\jre\lib\security\
返回顶楼	0 0 请登录后投票

cwx714 等级: 初级会员性别: 文章: 55 积分: 86 来自: 北京	最后更新时间：2008-06-03 引用我也遇见问题: 严重: edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to validate ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator casValidateUrl=[https://localhost:8443/cas/proxyValidate] ticket=[ST-2-l0Tw4QixqhGbKzSbbSNC-cas] service=[http%3A%2F%2Flocalhost%3A8080%2Fcasdemo%2Findex.jsp] renew=false]]] 2008-6-3 16:15:33 edu.yale.its.tp.cas.client.filter.CASFilter doFilter 严重: edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to validate ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator casValidateUrl=[https://localhost:8443/cas/proxyValidate] ticket=[ST-2-l0Tw4QixqhGbKzSbbSNC-cas] service=[http%3A%2F%2Flocalhost%3A8080%2Fcasdemo%2Findex.jsp] renew=false]]] 2008-6-3 16:15:33 org.apache.catalina.core.StandardWrapperValve invoke 严重: Servlet.service() for servlet jsp threw exception sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source) at java.security.cert.CertPathBuilder.build(Unknown Source) at sun.security.validator.PKIXValidator.doBuild(Unknown Source) at sun.security.validator.PKIXValidator.engineValidate(Unknown Source) at sun.security.validator.Validator.validate(Unknown Source) at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(Unknown Source) at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source) at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source) at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source) at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source) at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source) at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source) at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source) at edu.yale.its.tp.cas.util.SecureURL.retrieve(SecureURL.java:84) at edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(ServiceTicketValidator.java:212) at edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:50) at edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:453) at edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:376) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:228) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:216) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:634) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:445) at java.lang.Thread.run(Unknown Source) 我的配置路径没问题,登录页面能出来,输入用户密码提交后就报这个错误.
返回顶楼	0 0 请登录后投票

论坛首页 → 入门讨论版 → Tomcat

跳转论坛:

JavaEye推荐