Win a copy of Penetration Testing Basics this week in the Security forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Problems in configuring CAS Authentication with localhost

Prashantb Sinha
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am facing a problem while configuring CAS with my application in local. The description is as below:

Presently we have an application ABC which is deployed on a server using Tomcat.This application authenticates using CAS. The production version is running well and we have no issues. But now I have to make some enhancements in the application and deploy it again.

I have setup the code using eclipse in my PC(WIN XP) and the war file is also ready. As I want to focus on my application only, I tried to reuse the authentication mechanism of CAS of production with my local version of application. I made the necessary changes in web.xml file of my application for CAS. When I run the application in local using http://localhost:8081/dev_abc.. then it successfully redirects to CAS. After entering the ID and password, it should return to my local application war and run the code. But it fails with the exception Unable to validate ProxyTicketValidator and Handshake Exception.

After this I came to know that I should have my cacerts file in Java, updated with the server certificate. I exported the certificate file of CAS server as .cer file and tried the keytool command to include it in my cacerts. It was done fine as per the steps mentioned in different forums. But still it didnt work. I tried again doing the same but then keytool coomand failed with following display:

C:\j2sdk1.4.2_05\bin>keytool -import -file -alias cas_cert -keypass cas_cert -trustcacerts -keystore C:\Program Files\Java\jdk1.5.0\jre\lib\
keytool usage:

-certreq [-v] [-alias <alias>] [-sigalg <sigalg>]
[-file <csr_file>] [-keypass <keypass>]
[-keystore <keystore>] [-storepass <storepass>]
[-storetype <storetype>] [-provider <provider_class_name>] ...

-delete [-v] -alias <alias>
[-keystore <keystore>] [-storepass <storepass>]
[-storetype <storetype>] [-provider <provider_class_name>] ...

---------------- and other keytool options..

Please help that what exactly needs to be done here and also advice if my approach to use existing CAS of production server is correct or I need to configure CAS too in my local tomcat..

I shall be highly obliged with any suggestions..

Regards.. Prashant
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic