roller-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jens Greive <jens.gre...@googlemail.com>
Subject Re: Roller + CAS
Date Mon, 31 Mar 2008 17:13:26 GMT
Hi,

I found the problem. The certificate I generated for the https  
connection, was wrong. I think it had the wrong server name. To find  
the problem I wrote a small HelloWorld servlet and got the exception  
Phillip mentioned. So I regenerated the certificate and now it works  
with roller and the HelloWorld servlet.

Thanks for all answeres,

Jens



Am 31.03.2008 um 18:10 schrieb Phillip Rhodes:

> Jens Greive wrote:
>> Hi,
>> I followed the instructions from this site http://cwiki.apache.org/confluence/display/ROLLER/Roller+4.0+with+LDAP+and+CAS

>>  to integrate roller with CAS (http://www.ja-sig.org/products/ 
>> cas/). Now when I try to login into roller I am redirected to the  
>> CAS login page and can login there successfully. But after being  
>> redirected to roller, roller shows the message "Wrong User-Password- 
>> Combination". I searched the internet and found some reports from  
>> users who were experiencing the same problem. But nobody has posted  
>> a solution so far. Does anyone has an idea?
>>
>
> You're not testing with a self-signed certificate by any chance are  
> you? If you are, you'll need to import the certificate you are using  
> so that JSSE trust it.  If you don't, on the redirect back to Roller  
> from CAS, when the CASProcessingFilter tries to validate the CAS  
> ticket, it winds up blowing up with some crazy exception that looks  
> like:
>
>
> javax.net.ssl.SSLHandshakeException:  
> sun.security.validator.ValidatorException: PKIX path building  
> failed: sun.security.provider.certpath.SunCertPathBuilderException:  
> unable to find valid certification path to requested target
>
> Unfortunately this exception seems to be "swallowed" down in the  
> bowels of the CAS processing so you never see it in the log. The  
> only way
> I found out this was happening to me was by stepping through
> the code in the debugger.
>
> Anyway, if this is the same problem you're getting, see this webpage  
> for
> details on how to load the certificate into your JRE so that it
> will work.
>
> <http://blogs.sun.com/andreas/entry/no_more_unable_to_find>
>
>
> TTYL,
>
>
> -- 
> Phillip Rhodes
> Chief Architect - OpenQabal
> https://openqabal.dev.java.net
> LinkedIn: http://www.linkedin.com/in/philliprhodes


Mime
View raw message