Subject: JA-SIG Winter Conference – Call for Proposals Deadline Extended! - msg#00064

Previous Message by Date: click to view message preview

Re: wrong credential, reload error

It appears to occur with newer versions of Spring Web Flow (they throw an additional exception if a Converesation can't be found).-ScottOn 10/11/06, Albert Luo <alb.luo-Re5JQEeQqe8AvxtiuMwx3w@xxxxxxxxxxxxxxxx> wrote: I am testing CAS 3.0.5. If a user input wrong password in the loginpage, he will get a new page with a notice of "wrong credential", ifhe hit "reload" bottom on the browser, the following error message shows up: A general exception occurred while trying to access CAS.Please notify your system administrator.I tried some of the CAS deployers, they don't have such problem. Howcan I remove the problem? Thanks. _______________________________________________Yale CAS mailing listcas-c5E7yoNEsvRIM2btvs0Z1A@xxxxxxxxxxxxxxxxhttp://tp.its.yale.edu/mailman/listinfo/cas

Next Message by Date: click to view message preview

Re: error with org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource

Thanks a lot Scott. I also had to copy ldaptemplate-1.0.2.jar there. I'm now two steps further (as I also set up SSL), which is good but (there's always a but) now I'm getting this (taken from logs/catalina.out) when trying a connection: org.springframework.webflow.ActionState$NoMatchingActionResultTransitionExce ption: Cannot find a transition matching an action result event; continuing with next action... at org.springframework.webflow.ActionState.getRequiredTransition(ActionState.ja va:150) at org.springframework.webflow.TransitionableState.onEvent(TransitionableState. java:102) at org.springframework.webflow.Flow.onEvent(Flow.java:603) at org.springframework.webflow.execution.impl.RequestControlContextImpl.signalE vent(RequestControlContextImpl.java:199) .../... I suspect this is linked to the local ldap settings in deployerConfigContext.xml. Could it be that the connection works but it doesn't know what to do after? Also is there a way to enable more logging? Or a file that already has something like a trace of connection attempts? Thanks in advance, Laurent ----- Original Message ----- > Date: Thu, 12 Oct 2006 10:22:06 -0400 > From: "Scott Battaglia" > <scott.battaglia-Re5JQEeQqe8AvxtiuMwx3w@xxxxxxxxxxxxxxxx> > Subject: Re: error with > org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource > To: "Yale CAS mailing list" <cas-c5E7yoNEsvRIM2btvs0Z1A@xxxxxxxxxxxxxxxx> > Message-ID: > <1bbd36a10610120722x1febc270p38ebd566c409cd41-JsoAwUIsXosN+BqQ9rBEUg@xxxxxxxxxxxxxxxx> > Content-Type: text/plain; charset="iso-8859-1" > > You'll need to place the ldap jar from the "target" directory into your > localPlugins/lib directory and build the war. > > That should work. > > -Scott > > On 10/12/06, Laurent Domenech > <domenela-hLEZQOUd2fpGWvitb5QawA@xxxxxxxxxxxxxxxx> wrote: > > > > Hi there, > > > > I'm trying to setup a CAS server with authentication to our LDAP servers. > > I'm using the search-and-bind authentication method as described in > > http://www.ja-sig.org/products/cas/server/ldapauthhandler/index.html. > > > > I have changed (inside the /webapp/WEB-INF/deployerConfigContext.xml file) > > the server, username and password values to reflect our local setup and > > built it using "ant clean; ant jar; ant war". Then I have deployed the new > > cas.war file to my tomcat server. > > > > Unfortunately, after I deploy the cas.war file and try to connect to it, > > I'm > > getting the following error: > > > > The Throwable encountered at context listener initialization was: > > > > org.springframework.beans.factory.BeanDefinitionStoreException: Error > > registering bean with name 'contextSource' defined in ServletContext > > resource [/WEB-INF/deployerConfigContext.xml]: Bean class > > [org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource] not > > found; > > nested exception is java.lang.ClassNotFoundException: > > org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource > > > > It seems like the > > org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource is > > missing. > > >From what I can see, it's only referred to in the > > deployerConfigContext.xml > > file. > > > > Am I missing something? > > > > Any help will be greatly appreciated. > > > > Regards, > > Laurent

Previous Message by Thread: click to view message preview

Re: To configure client to access CAS Filter

Hi,    Can I set some attribute in session in CAS.    If yes ,how  On 9/29/06, zheng.guozhu <zhenggz-Re5JQEeQqe8AvxtiuMwx3w@xxxxxxxxxxxxxxxx> wrote: Manisha,Because the CAS filter requests the validation information through SSL channel. It works when you deploy both the CAS server and filter because they are using the same JVM with the same certification keystore. If the CAS filter is deployed in the other server with a different JVM, you must export the certification file from the server and import it into the filter server. There maybe exist a Wiki page of manual, pls check it. Zheng Guozhu On 9/29/06, Manisha Satija < manishasatija-Re5JQEeQqe8AvxtiuMwx3w@xxxxxxxxxxxxxxxx> wrote: Hi, When I deploy CAS ans Sample Application on the same server it works fine, but when I deployed them on two different server it gives me the cas login screen , but After login I gets Exception as  SEVERE: Servlet.service() for servlet HelloServlet threw exceptionjavax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException : unable to find valid certification path to requested target at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source) at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE (Unknown Source) at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source) at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source) at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage (Unknown Source) at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source) at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord (Unknown Source) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source) at sun.net.www.protocol.https.HttpsClient.afterConnect (Unknown Source) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream (Unknown Source) at edu.yale.its.tp.cas.util.SecureURL.retrieve(SecureURL.java:84) at edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(ServiceTicketValidator.java:212) at edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser (CASFilter.java:100) at edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:73) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:186) at org.apache.catalina.core.ApplicationFilterChain.doFilter (ApplicationFilterChain.java:157) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:214) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) at org.apache.catalina.core.StandardEngineValve.invoke (StandardEngineValve.java:107) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:825) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection (Http11Protocol.java:731) at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:526) at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)  at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684) at java.lang.Thread.run(Unknown Source)Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException : unable to find valid certification path to requested target at sun.security.validator.PKIXValidator.doBuild(Unknown Source) at sun.security.validator.PKIXValidator.engineValidate(Unknown Source) at sun.security.validator.Validator.validate (Unknown Source) at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source) at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(Unknown Source) ... 29 more Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source) at java.security.cert.CertPathBuilder.build (Unknown Source) ... 34 more  Thank You   Regards, Manisha  On 9/28/06, Scott Battaglia < scott.battaglia-Re5JQEeQqe8AvxtiuMwx3w@xxxxxxxxxxxxxxxx > wrote: You'll want to configure the new application similar to the current application such that when you attempt to access /sample it will redirect you to CAS which will recognize the existing SSO session. -Scott On 9/28/06, Manisha Satija < manishasatija-Re5JQEeQqe8AvxtiuMwx3w@xxxxxxxxxxxxxxxx > wrote: Hi,     I have deployed CAS and portal application on server and in web xml file of portal i have given the entries as below <filter>    <filter-name>CAS Filter</filter-name>    <filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class>    <init-param>      <param-name> edu.yale.its.tp.cas.client.filter.loginUrl</param-name>      <param-value>https://portalserver:8443/cas/login </param-value>    </init-param>     <init-param>      <param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name>      <param-value> https://portalserver:8443/cas/proxyValidate </param-value>    </init-param>    <init-param>      <param-name>edu.yale.its.tp.cas.client.filter.serviceUrl</param-name>       <param-value> http://portalserver:8080/casSample/index.jsp</param-value>     </init-param>  </filter>  <filter-mapping>    <filter-name>CAS Filter</filter-name>    <url-pattern>/*</url-pattern>  </filter-mapping>     <servlet>        <servlet-name>HelloServlet</servlet-name>         <servlet-class>mypackage.Hello</servlet-class>    </servlet>     <servlet-mapping>        <servlet-name>HelloServlet</servlet-name>        <url-pattern>/hello</url-pattern>    </servlet-mapping>   Its working fine when i hit the url of portal its give me cas login page and after authentication i log into the portal  index page.   In index page i have given the link of   sample application which is stored in another server say clientserver. I want that when i hit the link say http://clientserver:8080/sample I should be allowed to access the application without reauthentication but with ticket so that I can aceess the user in clientserver and the their session within two server should be same. But if I hit the url http://clientserver:8080/sample  through address bar without logging into portalserver I should be redirected to the cas login pagefor authetication.   So can you suggest be any solution for it and also what will the entries in my web xml of sample application on clientserver.   Thank You in advance.   Regards, Manisha    On 9/27/06, Manisha Satija <manishasatija-Re5JQEeQqe8AvxtiuMwx3w@xxxxxxxxxxxxxxxx > wrote: no its proxyValidate On 9/27/06, Frank Taffelt < frank.taffelt-fDpYTK8McCx7nbfGLMhGZOI/K5iOj0IV@xxxxxxxxxxxxxxxx> wrote: MMS21 wrote:<init-param>> <param-name>edu.yale.its.tp.cas.client.filter.validateUrl </param-name>> <param-value>https://server:8443/cas/proxyValidate</param-value> > </init-param>are you sure that you don't mean   https://server:8443/cas/serviceValidate instead https://server:8443/cas/proxyValidate ?Frank_______________________________________________ Yale CAS mailing listcas-c5E7yoNEsvRIM2btvs0Z1A@xxxxxxxxxxxxxxxx http://tp.its.yale.edu/mailman/listinfo/cas_______________________________________________Yale CAS mailing list cas-c5E7yoNEsvRIM2btvs0Z1A@xxxxxxxxxxxxxxxx http://tp.its.yale.edu/mailman/listinfo/cas_______________________________________________Yale CAS mailing list cas-c5E7yoNEsvRIM2btvs0Z1A@xxxxxxxxxxxxxxxxhttp://tp.its.yale.edu/mailman/listinfo/cas _______________________________________________Yale CAS mailing list cas-c5E7yoNEsvRIM2btvs0Z1A@xxxxxxxxxxxxxxxxhttp://tp.its.yale.edu/mailman/listinfo/cas _______________________________________________Yale CAS mailing listcas-c5E7yoNEsvRIM2btvs0Z1A@xxxxxxxxxxxxxxxx http://tp.its.yale.edu/mailman/listinfo/cas

Next Message by Thread: click to view message preview

Can we add some attribute in session and set their value

Hi, Using CAS can I set some attribute nad their values is session which I want to retrive in my applications Thanks Manisha -- View this message in context: http://www.nabble.com/Can-we-add-some-attribute-in-session-and-set-their-value-tf2436501.html#a6794078 Sent from the CAS Users mailing list archive at Nabble.com.