looks like a proxy error. -----Original Message----- From: christopher pax [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 18, 2007 11:05 AM To: users@tomcat.apache.org Subject: Fwd: unable to find valid certification path to requested target
Hello i am trying to integrate shibboleth(shibboleth.internet2.edu) as a tomcat application. i am using central authentication service(http://www.ja-sig.org/products/cas/) as my authentication system. when i try to accesses a protected directory by shibboleth, it redirects me to the cas for login. then redirects me back to the directory that i once try to access. BUT i get a error, that i think is a tomcat error. so hopefully some can lead me in the correct direction. here is the full error message: HTTP Status 500 - type Exception report message description The server encountered an internal error () that prevented it from fulfilling this request. exception javax.servlet.ServletException: Unable to validate ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator casValidateUrl=[https://dhcp193-203.njit.edu/cas/serviceValidate] ticket=[ST-3-5WMcqBYRfplyqldpc5iW1ALK2WE3gZnXymr-20] service=[https%3A%2F%2Fdhcp193-203.njit.edu%2Fshibboleth-idp%2FSSO%3Fshire%3Dhttps%253A%252F%252Fsp.testshib.org%252FShibboleth.sso%252FSAML%252FPOST%26time%3D1184773093%26target%3Dcookie%26providerId%3Dhttps%253A%252F%252Fsp.testshib.org%252Fshibboleth%252Ftestshib%252Fsp] renew=false]]] edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:381) root cause edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to validate ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator casValidateUrl=[https://dhcp193-203.njit.edu/cas/serviceValidate] ticket=[ST-3-5WMcqBYRfplyqldpc5iW1ALK2WE3gZnXymr-20] service=[https%3A%2F%2Fdhcp193-203.njit.edu%2Fshibboleth-idp%2FSSO%3Fshire%3Dhttps%253A%252F%252Fsp.testshib.org%252FShibboleth.sso%252FSAML%252FPOST%26time%3D1184773093%26target%3Dcookie%26providerId%3Dhttps%253A%252F%252Fsp.testshib.org%252Fshibboleth%252Ftestshib%252Fsp] renew=false]]] edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:52) edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:455) edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:378) root cause javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150) com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1518) com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174) com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:168) com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:848) com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:106) com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495) com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433) com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:818) com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1030) com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1057) com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1041) sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:402) sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166) sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:934) sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234) edu.yale.its.tp.cas.util.SecureURL.retrieve(SecureURL.java:84) edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(ServiceTicketValidator.java:212) edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:50) edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:455) edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:378) root cause sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:221) sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:145) sun.security.validator.Validator.validate(Validator.java:203) com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:172) com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(SSLContextImpl.java:320) com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:841) com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:106) com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495) com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433) com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:818) com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1030) com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1057) com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1041) sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:402) sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166) sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:934) sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234) edu.yale.its.tp.cas.util.SecureURL.retrieve(SecureURL.java:84) edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(ServiceTicketValidator.java:212) edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:50) edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:455) edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:378) root cause sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:236) java.security.cert.CertPathBuilder.build(CertPathBuilder.java:194) sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:216) sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:145) sun.security.validator.Validator.validate(Validator.java:203) com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:172) com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(SSLContextImpl.java:320) com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:841) com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:106) com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495) com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433) com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:818) com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1030) com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1057) com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1041) sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:402) sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166) sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:934) sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234) edu.yale.its.tp.cas.util.SecureURL.retrieve(SecureURL.java:84) edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(ServiceTicketValidator.java:212) edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:50) edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:455) edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:378) note The full stack trace of the root cause is available in the Apache Tomcat/5.5.23 logs. Apache Tomcat/5.5.23 --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
