Forums

Home » Liferay Portal » English » Liferay Legacy

Combination View Flat View Tree View
Threads [ Previous | Next ]
toggle
Fellow Guan
CAS integration problem
October 10, 2006 1:37 AM
Answer

Fellow Guan

Rank: New Member

Posts: 4

Join Date: October 8, 2006

Recent Posts

First, it is about CAS:
I'd like to try out Liferay and use it as my new portal. So I am going to integrate it with my previous system, which has a CAS module.
Everything goes easy, until the exception raise:

javax.servlet.ServletException: Unable to validate ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList= [edu.yale.its.tp.cas.client.ServiceTicketValidator casValidateUrl=[https://www.xxxxx.net/cas/proxyValidate] ticket=[ST-1913-d0pktD3lfPih6nzjQN7E] service=[http%3A%2F%2Flocalhost%3A8080%2F] renew=false]]]
edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:381)
........
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target


================================================

My Liferay configurations are below.

portal-ext.properties:

1company.security.auth.type=userId
2auto.login.hooks=com.liferay.portal.security.auth.BasicAutoLogin, com.liferay.portal.security.auth.CASAutoLogin
3auth.pipeline.pre=
4auth.pipeline.enable.liferay.check=false
5company.security.auto.login=false




web.xml:

 1<filter>
 2  <filter-name>CASFilter</filter-name>
 3  <filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class>
 4  <init-param>
 5    <param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name>
 6      <param-value>http://www.xxxx.net/cas/login</param-value>
 7  </init-param>
 8  <init-param>
 9    <param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name>
10      <param-value>https://www.xxxx.net/cas/proxyValidate</param-value>
11  </init-param>
12  <init-param>
13    <param-name>edu.yale.its.tp.cas.client.filter.serverName</param-name>
14      <param-value>localhost:8080</param-value>
15  </init-param>
16</filter>
17
18<filter-mapping>
19  <filter-name>CASFilter</filter-name>
20  <url-pattern>/*</url-pattern>
21</filter-mapping>


Besides, I create a user call "admin", which name also exists in the old system.

Liferay portal runs on Tomcat 5.5. The old system with the CAS module and some other sub modules runs on WebLogic 8.1.

I don't think the CAS module in the old system has any problem, because it works so well with many other module.

Is there anything I haven't done?
Help.
Jose REMY H
RE: CAS integration problem
October 17, 2006 2:06 AM
Answer

Jose REMY H

Rank: New Member

Posts: 1

Join Date: October 17, 2006

Recent Posts

Check your SSL configuration with correct setup of JKS keystore
Julien HENRY
RE: CAS integration problem
October 25, 2006 3:14 AM
Answer

Julien HENRY

Rank: New Member

Posts: 4

Join Date: October 25, 2006

Recent Posts

I have exactly the same error, and I don't know what to do.

I'm using Tomcat, and my config is :

 1<filter>
 2        <filter-name>CASFilter</filter-name>
 3        <filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class>
 4        <init-param>
 5            <param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name>
 6            <param-value>https://localhost:8443/cas/login</param-value>
 7        </init-param>
 8        <init-param>
 9            <param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name>
10            <param-value>https://localhost:8443/cas/proxyValidate</param-value>
11        </init-param>
12        <init-param>
13            <param-name>edu.yale.its.tp.cas.client.filter.serverName</param-name>
14            <param-value>localhost:8080</param-value>
15        </init-param>
16    </filter>


I can access to https://localhost:8443/cas/login. When I browse to http://localhost:8080, I'm redirected to https://localhost:8443/cas/login (OK). But then I enter login/password, and it doesn't return to liferay (same stack trace than the first post)

Thanks for any idea
Julien HENRY
RE: CAS integration problem
October 26, 2006 1:27 AM
Answer

Julien HENRY

Rank: New Member

Posts: 4

Join Date: October 25, 2006

Recent Posts

OK, you were right, it was a problem with keystore configuration.
Juan Fernández
RE: CAS integration problem
November 17, 2008 9:59 AM
Answer

Juan Fernández

LIFERAY STAFF

Rank: Liferay Legend

Posts: 1223

Join Date: October 2, 2008

Recent Posts

Julien HENRY:
OK, you were right, it was a problem with keystore configuration.

Hi Julien! how did you solved it? I'm stuck in this step
Thanks in advance