备案控制台
开发者社区> 问答> 正文

CAS SSO配置后,客户端请求登陆成功、回跳的时候报错-配置报错

"

<span style=""background-color:#e56600;font-size:24px;font-family:KaiTi_GB2312;"">cas server端正常运行,也可以登陆:

client 端的配置:

web.xml:

<filter>
		<filter-name>sso</filter-name>
		<filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class>
		<init-param>
			<param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name>
			<param-value>https://localho:8443/sso-server/login</param-value>
		</init-param>
		<init-param>
			<param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name>
			<param-value>https://localhost:8443/sso-server/serviceValidate</param-value>
		</init-param>
		<init-param>
			<param-name>edu.yale.its.tp.cas.client.filter.serverName</param-name>
			<param-value>localho:8088</param-value>
		</init-param>
	</filter>
	<filter-mapping>
		<filter-name>sso</filter-name>
		<url-pattern>/*</url-pattern>
	</filter-mapping>

 现在访问客户端:http://localhost:port/project/自动跳转到https://localhost:8443/cas-server

验证登陆,也登陆成功,也获得了ticket,

但是回跳的时候,就报错了:

http://localhost:8088/castest1/?ticket=ST-2-4y6GgXW9ue3fd0Fg9CL6 

HTTP Status 500 -

type Exception report

message

description The server encountered an internal error () that prevented it from fulfilling this request.

exception

javax.servlet.ServletException: edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to validate ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator casValidateUrl=[https://www.sso-demo.com:8443/sso-server/serviceValidate] ticket=[ST-1-aptbOwbIcCvNn2zw6gtH] service=[http%3A%2F%2Fwww.sso-demo.com%3A8088%2Fcastest1%2F] renew=false]]]
	edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:381)
	edu.yale.its.tp.cas.filter.EncodingFilter.doFilter(EncodingFilter.java:42)
root cause

edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to validate ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator casValidateUrl=[https://www.sso-demo.com:8443/sso-server/serviceValidate] ticket=[ST-1-aptbOwbIcCvNn2zw6gtH] service=[http%3A%2F%2Fwww.sso-demo.com%3A8088%2Fcastest1%2F] renew=false]]]
	edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:51)
	edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:455)
	edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:378)
	edu.yale.its.tp.cas.filter.EncodingFilter.doFilter(EncodingFilter.java:42)
root cause

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
	com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1591)
	com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187)
	com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:181)
	com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:975)
	com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:123)
	com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
	com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
	com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
	com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1096)
	com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123)
	com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1107)
	sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:405)
	sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
	sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:977)
	sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234)
	edu.yale.its.tp.cas.util.SecureURL.retrieve(SecureURL.java:84)
	edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(ServiceTicketValidator.java:212)
	edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:49)
	edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:455)
	edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:378)
	edu.yale.its.tp.cas.filter.EncodingFilter.doFilter(EncodingFilter.java:42)
root cause

sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:285)
	sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:191)
	sun.security.validator.Validator.validate(Validator.java:218)
	com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
	com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
	com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249)
	com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:954)
	com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:123)
	com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
	com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
	com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
	com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1096)
	com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123)
	com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1107)
	sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:405)
	sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
	sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:977)
	sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234)
	edu.yale.its.tp.cas.util.SecureURL.retrieve(SecureURL.java:84)
	edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(ServiceTicketValidator.java:212)
	edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:49)
	edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:455)
	edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:378)
	edu.yale.its.tp.cas.filter.EncodingFilter.doFilter(EncodingFilter.java:42)
root cause

sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
	java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
	sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280)
	sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:191)
	sun.security.validator.Validator.validate(Validator.java:218)
	com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
	com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
	com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249)
	com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:954)
	com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:123)
	com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
	com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
	com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
	com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1096)
	com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123)
	com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1107)
	sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:405)
	sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
	sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:977)
	sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234)
	edu.yale.its.tp.cas.util.SecureURL.retrieve(SecureURL.java:84)
	edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(ServiceTicketValidator.java:212)
	edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:49)
	edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:455)
	edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:378)
	edu.yale.its.tp.cas.filter.EncodingFilter.doFilter(EncodingFilter.java:42)
note The full stack trace of the root cause is available in the Apache Tomcat/6.0.29 logs.

"

展开
收起
montos 2020-06-01 21:22:12 528 0
1 条回答
写回答
取消 提交回答
问答分类:
应用服务中间件 Apache
问答地址:
开发者社区 > 开发与运维 > 问答

版权声明:本文内容由阿里云实名注册用户自发贡献,版权归原作者所有,阿里云开发者社区不拥有其著作权,亦不承担相应法律责任。具体规则请查看《阿里云开发者社区用户服务协议》和《阿里云开发者社区知识产权保护指引》。如果您发现本社区中有涉嫌抄袭的内容,填写侵权投诉表单进行举报,一经查实,本社区将立刻删除涉嫌侵权内容。

相关问答
项目中用到Webclient请求OAUTH服务器进行身份验证时报客户端认证异常,该如何解决?
432
1
0
CAS SSO配置后,客户端请求登陆成功、回跳的时候报错 :报错
933
1
0
单点登录cas 客户端配置的一个小问题 :报错
1058
1
0
CAS SSO配置后,客户端请求登陆成功、回跳的时候报错:配置报错 
1064
1
0
在配置cas支持客户端自定义页面时报...报错
895
1
0
单点登录cas 客户端配置的一个小问题 - 配置报错
1217
1
0
单点登录cas 客户端配置的一个小问题:配置报错 
528
1
0
两个浏览器登陆同一个账户,session无法同步:报错
1164
1
0
单点登录cas 客户端配置的一个小问题-配置报错
759
1
0
cas自动登录,注册工作流自动登录配置详解?:报错
1210
1
0
问答排行榜
最热
最新
1 通过阿里云代备案系统进行个人快速备案 2699607
2 【大咖问答】对话PostgreSQL 中国社区发起人之一,阿里云数据库高级专家 德哥 1818193
3 据说在家办公的程序员是这样写代码的? 1792146
4 阿里云开放端口权限 689817
5 《阿里云服务器从入门到精通》—论坛精华帖汇总(2013.8.21更新) 599380
6 如何升级配置 536030
7 【藏经阁一起读(27)】本周推荐《Apache Flink案例集(2022版)》,你有哪些心得? 522330
8 【精品问答】python技术1000问(1) 513952
9 Flink Forward Asia 2021 有奖问答 512769
10 Linux Bash严重漏洞修复紧急通知(已全部给出最终修复方案) 456895
11 OceanBase 使用动画(持续更新) 359229
12 阿里云LNAMP(Linux + Nginx + Apache + MySQL + PHP)环境一键安装脚本 329691
13 OSS存储服务-客户端工具 321253
14 为体验实验室取一个新名字。 307184
15 企业邮箱发送邮件时,若出现投递失败产生退信,内容提示包含如下: the mta server of * reply:550 failed to meet SPF requirements 或者 the mta server of 163.com — 163mx01.mxmail.netease.com(220.181.14.141) reply:550 MI:SPF mx14,QMCowECpA0qTiftVaeB3Cg—.872S2 1442548128 http://mail.163.com/help 303690
16 Win Server 2003-2016 加密勒索事件必打补丁合集 295099
17 FLASH播放器,在IE浏览器下显示请确定您的域名已完成备案和CNAME绑定 283473
18 安全组详解,新手必看教程 277228
19 写code还是做管理,开发者如何进行职业规划? 268282
20 惊喜翻倍:免费ECS+免费环境配置~!(ECS免费体验6个月活动3月31日结束) 255811
1 如何从零构建一个现代深度学习框架? 471
2 AI面试成为线下面试的“隐形门槛”,对此你怎么看? 941
3 请问上次@灵码活动奖品,还没有收到,也没有地方看到是否发货,这活动是不是骗人玩的!!! 114
4 乘风问答官5月排位赛开启! 413
5 你见过哪些独特的代码注释? 1745
6 你遇到过哪些触发NPE的代码场景? 911
7 宜搭中,线上答题单选题和多选题在一起如何计算总分,请老师指点 215
8 宜搭中,在表单里复选选项(搭建多选题)如何设置单行文本自动获取“你的答案”所选的选项如“AB” 158
9 宜搭流程表单怎样根据连接器返回值阻止提交 184
10 如何让系统具备良好的扩展性? 1933
11 在JS编程中有哪些常见的编程“套路”或习惯? 1559
12 表单新加了个字段A,历史数据要添加字段A的值问题 393
13 nacos部署需要开放哪几个端口? 923
14 在做程序员的道路上,你掌握了什么关键的概念或技术让你感到自身技能有了显著飞跃? 2101
15 作为一个经典架构模式,事件驱动在云时代为什么会再次流行呢? 2465
16 如何实现主表单内数字组件自动获取子表单内数据条数 155
17 宜搭:提交表单前,如何校验另一张表单的数据? 416
18 如何实现自动计算请假天数并自动跳过法定节假日? 121
19 Windows 11系统电脑自动重启后,vscode启动通义灵码插件报错:此应用无法在你的电脑上运行 221
20 如何看待首个 AI 程序员入职科技公司? 3040
推荐问答
乘风问答官招募中!机械键盘免费拿

相关文章

  • 从离线到实时:无锡锡商银行基于 Apache Doris 的数据仓库演进实践
  • 分层存储救不了Kafka
  • Servlet 教程 之 Servlet 有用的资源
  • 设置 Maven 环境变量
  • Spring Boot 源码面试知识点

    • 相关电子书

    更多
    • 安全机制与User账户身份验证实战 立即下载
    低代码开发师(初级)实战教程 立即下载
    阿里巴巴DevOps 最佳实践手册 立即下载