• Post Reply Bookmark Topic Watch Topic
  • New Topic

Problems in configuring CAS Authentication with localhost  RSS feed

 
Prashantb Sinha
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi..
I am facing a problem while configuring CAS with my application in local. The description is as below:

Presently we have an application ABC which is deployed on a server using Tomcat.This application authenticates using CAS. The production version is running well and we have no issues. But now I have to make some enhancements in the application and deploy it again.

I have setup the code using eclipse in my PC(WIN XP) and the war file is also ready. As I want to focus on my application only, I tried to reuse the authentication mechanism of CAS of production with my local version of application. I made the necessary changes in web.xml file of my application for CAS. When I run the application in local using http://localhost:8081/dev_abc.. then it successfully redirects to CAS. After entering the ID and password, it should return to my local application war and run the code. But it fails with the exception edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to validate ProxyTicketValidator and Handshake Exception.

After this I came to know that I should have my cacerts file in Java, updated with the server certificate. I exported the certificate file of CAS server as .cer file and tried the keytool command to include it in my cacerts. It was done fine as per the steps mentioned in different forums. But still it didnt work. I tried again doing the same but then keytool coomand failed with following display:

C:\j2sdk1.4.2_05\bin>keytool -import -file cas.domain.com.cer -alias cas_cert -keypass cas_cert -trustcacerts -keystore C:\Program Files\Java\jdk1.5.0\jre\lib\
security\cacerts
keytool usage:

-certreq [-v] [-alias <alias>] [-sigalg <sigalg>]
[-file <csr_file>] [-keypass <keypass>]
[-keystore <keystore>] [-storepass <storepass>]
[-storetype <storetype>] [-provider <provider_class_name>] ...

-delete [-v] -alias <alias>
[-keystore <keystore>] [-storepass <storepass>]
[-storetype <storetype>] [-provider <provider_class_name>] ...

---------------- and other keytool options..

Please help that what exactly needs to be done here and also advice if my approach to use existing CAS of production server is correct or I need to configure CAS too in my local tomcat..

I shall be highly obliged with any suggestions..

Regards.. Prashant
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!