logo       
<prev   next>

javax.servlet.ServletException: sun.security.validator.ValidatorException: msg#00090

java.jasig.cas.user

Subject: javax.servlet.ServletException: sun.security.validator.ValidatorException

Hello all,

i am evaluating cas and i have done the next steps:

1) Generate a certificate as say in the web

/usr/java/jre/bin/keytool -delete -alias tomcat -keypass changeit

/usr/java/jre/bin/keytool -genkey -alias tomcat -keypass changeit -keyalg RSA

/usr/java/jre/bin/keytool -export -alias tomcat -keypass changeit  -file /export/home/domenech/tomcat.crt

/usr/java/jre/bin/keytool -import -file /export/home/domenech/tomcat.crt -keypass changeit -keystore /usr/java/jre/lib/security/cacerts

/usr/java/jre/bin/keytool -import -file /export/home/domenech/tomcat.crt -keystore /usr/java/jre/bin/lib/security\cacerts


2) I have modificated the server.xml

<Connector port="8443" maxHttpHeaderSize="8192"
               maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
               enableLookups="false" disableUploadTimeout="true"
               acceptCount="100" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS"
               keystoreFile= "/export/home/domenech/.keystore"
               keyAlias="tomcat"
               keystorePass="changeit"/>

3) I configure my web.xml

<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
     xmlns:xsi=" http://www.w3.org/2001/XMLSchema-instance"
     xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
     version="2.4">
    <session-config>
        <session-timeout>
            30
        </session-timeout>
    </session-config>
    <welcome-file-list>
    <welcome-file>
            index.jsp
        </welcome-file>
    </welcome-file-list>
    <filter>
    <filter-name>CAS Filter</filter-name>
    <filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class>
    <init-param>
      <param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name>
      <param-value> https://localhost:8443/cas/login</param-value>
    </init-param>
    <init-param>
      <param-name>edu.yale.its.tp.cas.client.filter.validateUrl </param-name>
      <param-value>https://localhost:8443/cas/proxyValidate</param-value>
    </init-param>
    <init-param>
      <param-name> edu.yale.its.tp.cas.client.filter.serverName</param-name>
      <param-value>localhost:9596</param-value>
    </init-param>
  </filter>

  <filter-mapping>
    <filter-name>CAS Filter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>
</web-app>

4) I run Tomcat and i access by https to cas page


5) When i start session i have the next error

javax.servlet.ServletException : sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser (CASFilter.java:254)
edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:184)

causa raíz

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)
com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal (SSLSocketImpl.java:1476)
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174)
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:168)
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate (ClientHandshaker.java:847)
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:106)
com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)
com.sun.net.ssl.internal.ssl.Handshaker.process_record (Handshaker.java:433)
com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:815)
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1025)
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake (SSLSocketImpl.java:1038)
sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:402)
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:170)
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:913)
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234)
edu.yale.its.tp.cas.util.SecureURL.retrieve (SecureURL.java:70)
edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(ServiceTicketValidator.java:212)
edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:219)
edu.yale.its.tp.cas.client.filter.CASFilter.doFilter (CASFilter.java:184)


can anyone help me?

thanks you
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: 3.1-dev webapp errors, Scott Battaglia
Next by Date:  Re: websso-3.0.5 and webflow problem, Scott Battaglia
Previous by Thread:  SPNEGO Test Cases, Scott Battaglia
Next by Thread:  Forcing HTTPS on login page., Derek Ethier
Indexes:  [Date] [Thread] [Top] [All Lists]

Google Custom Search
News | FAQ | advertise