2. 질의 응답
  3. CAS Tomcat SSLHandshakeException

CAS Tomcat SSLHandshakeException

2012-03-20 3 views
0

프록시 모드를 사용하여 CAS를 실행하는 데 문제가 있습니다. 그러나 프록시 모드없이 CAS를 실행하는 데는 아무런 문제가 없습니다. 여기 내 개발 구성입니다 : 키 도구로 만든 SSL에 대한 자체 서명 인증서CAS Tomcat SSLHandshakeException

  • CAS의 서버
  • PHP와 phpCAS 여기

와 아파치 서버 CAS 서버 로그는 다음과 같습니다

2012-03-20 09:25:20,080 INFO [org.jasig.cas.util.AutowiringSchedulerFactoryBean] - Shutting down Quartz Scheduler 
2012-03-20 09:25:54,194 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - Loaded 4 services. 
2012-03-20 09:25:54,304 WARN [org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler] - org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler is only to be used in a testing environment. NEVER enable this in a production environment. 
2012-03-20 09:25:55,074 INFO [org.jasig.cas.util.AutowiringSchedulerFactoryBean] - Starting Quartz Scheduler now 
2012-03-20 09:26:13,865 INFO [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - Beginning ticket cleanup. 
2012-03-20 09:26:13,865 INFO [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - 0 tickets found to be removed. 
2012-03-20 09:26:13,866 INFO [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - Finished ticket cleanup. 
2012-03-20 09:26:15,490 INFO [org.jasig.cas.web.flow.InitialFlowSetupAction] - Setting path for cookies to: /cas/ 
2012-03-20 09:26:15,490 INFO [org.jasig.cas.web.flow.InitialFlowSetupAction] - Setting path for cookies to: /cas/ 
2012-03-20 09:26:51,732 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN 
============================================================= 
WHO: audit:unknown 
WHAT: https://myurl/mypage.php 
ACTION: SERVICE_TICKET_NOT_CREATED 
APPLICATION: CAS 
WHEN: Tue Mar 20 09:26:51 EDT 2012 
CLIENT IP ADDRESS: 192.168.56.1 
SERVER IP ADDRESS: 192.168.56.21 
============================================================= 


2012-03-20 09:26:54,661 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - AuthenticationHandler: org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler successfully authenticated the user which provided the following credentials: [username: uday] 
2012-03-20 09:26:54,663 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - Resolved principal uday 
2012-03-20 09:26:54,663 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - Principal found: uday 
2012-03-20 09:26:54,666 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN 
============================================================= 
WHO: [username: uday] 
WHAT: supplied credentials: [username: uday] 
ACTION: AUTHENTICATION_SUCCESS 
APPLICATION: CAS 
WHEN: Tue Mar 20 09:26:54 EDT 2012 
CLIENT IP ADDRESS: 192.168.56.1 
SERVER IP ADDRESS: 192.168.56.21 
============================================================= 


2012-03-20 09:26:54,671 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN 
============================================================= 
WHO: [username: uday] 
WHAT: TGT-1-k6WfKXIbw0oA9xOHeDnDuF9lT1Jxa6Gxcf2KLrSMpPewhR5oL3-cas 
ACTION: TICKET_GRANTING_TICKET_CREATED 
APPLICATION: CAS 
WHEN: Tue Mar 20 09:26:54 EDT 2012 
CLIENT IP ADDRESS: 192.168.56.1 
SERVER IP ADDRESS: 192.168.56.21 
============================================================= 


2012-03-20 09:26:54,672 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN 
============================================================= 
WHO: audit:unknown 
WHAT: TGT-1-e7IpmWoXBe0DZ1mriUtNnuyMA7Rd6zyiIueIXNH0DBY04NKVUn-cas 
ACTION: TICKET_GRANTING_TICKET_DESTROYED 
APPLICATION: CAS 
WHEN: Tue Mar 20 09:26:54 EDT 2012 
CLIENT IP ADDRESS: 192.168.56.1 
SERVER IP ADDRESS: 192.168.56.21 
============================================================= 


2012-03-20 09:26:54,674 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - Granted service ticket [ST-1-51JadzMUuXlQUBAOzNIB-cas] for service [https://myurl/mypage.php] for user [uday] 
2012-03-20 09:26:54,675 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN 
============================================================= 
WHO: uday 
WHAT: ST-1-51JadzMUuXlQUBAOzNIB-cas for https://myurl/mypage.php 
ACTION: SERVICE_TICKET_CREATED 
APPLICATION: CAS 
WHEN: Tue Mar 20 09:26:54 EDT 2012 
CLIENT IP ADDRESS: 192.168.56.1 
SERVER IP ADDRESS: 192.168.56.21 
============================================================= 


2012-03-20 09:26:54,861 ERROR [org.jasig.cas.util.HttpClient] - sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) 
    at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1697) 
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:258) 
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:252) 
    at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1165) 
    at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:154) 
    at sun.security.ssl.Handshaker.processLoop(Handshaker.java:610) 
    at sun.security.ssl.Handshaker.process_record(Handshaker.java:546) 
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:945) 
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1190) 
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1217) 
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1201) 
    at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:423) 
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) 
    at sun.net.www.protocol.http.HttpURLConnection.followRedirect(HttpURLConnection.java:2030) 
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1334) 
    at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:397) 
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:338) 
    at org.jasig.cas.util.HttpClient.isValidEndPoint_aroundBody4(HttpClient.java:111) 
    at org.jasig.cas.util.HttpClient.isValidEndPoint_aroundBody5$advice(HttpClient.java:44) 
    at org.jasig.cas.util.HttpClient.isValidEndPoint(HttpClient.java:1) 
    at org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler.authenticate_aroundBody0(HttpBasedServiceCredentialsAuthenticationHandler.java:59) 
    at org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler.authenticate_aroundBody1$advice(HttpBasedServiceCredentialsAuthenticationHandler.java:44) 
    at org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler.authenticate(HttpBasedServiceCredentialsAuthenticationHandler.java:1) 
    at org.jasig.cas.authentication.AuthenticationManagerImpl.authenticateAndObtainPrincipal(AuthenticationManagerImpl.java:84) 
    at org.jasig.cas.authentication.AbstractAuthenticationManager.authenticate_aroundBody0(AbstractAuthenticationManager.java:41) 
    at org.jasig.cas.authentication.AbstractAuthenticationManager.authenticate_aroundBody1$advice(AbstractAuthenticationManager.java:44) 
    at org.jasig.cas.authentication.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:1) 
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) 
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 
    at java.lang.reflect.Method.invoke(Method.java:616) 
    at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:309) 
    at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183) 
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) 
    at org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:80) 
    at com.github.inspektr.audit.AuditTrailManagementAspect.handleAuditTrail(AuditTrailManagementAspect.java:126) 
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) 
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 
    at java.lang.reflect.Method.invoke(Method.java:616) 
    at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:621) 
    at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:610) 
    at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:65) 
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:161) 
    at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89) 
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) 
    at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202) 
    at $Proxy17.authenticate(Unknown Source) 
    at org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket_aroundBody6(CentralAuthenticationServiceImpl.java:272) 
    at org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket_aroundBody7$advice(CentralAuthenticationServiceImpl.java:44) 
    at org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket(CentralAuthenticationServiceImpl.java:1) 
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) 
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 
    at java.lang.reflect.Method.invoke(Method.java:616) 
    at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:309) 
    [...] 
    at org.jasig.cas.web.init.SafeDispatcherServlet.service_aroundBody2(SafeDispatcherServlet.java:115) 
    at org.jasig.cas.web.init.SafeDispatcherServlet.service_aroundBody3$advice(SafeDispatcherServlet.java:44) 
    at org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:1) 
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) 
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) 
    at com.github.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:63) 
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) 
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) 
    at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88) 
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) 
    at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237) 
    at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167) 
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) 
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) 
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) 
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) 
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) 
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) 
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) 
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293) 
    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859) 
    at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:602) 
    at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489) 
    at java.lang.Thread.run(Thread.java:636) 
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 
    at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:302) 
    at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:205) 
    at sun.security.validator.Validator.validate(Validator.java:235) 
    at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:147) 
    at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:230) 
    at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:270) 
    at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1144) 
    ... 113 more 
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 
    at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:197) 
    at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:255) 
    at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:297) 
    ... 119 more 
2012-03-20 09:26:54,873 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - AuthenticationHandler: org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler failed to authenticate the user which provided the following credentials: [callbackUrl: https://myurl/mypage.php] 
2012-03-20 09:26:54,876 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN 
============================================================= 
WHO: [callbackUrl: https://myurl/mypage.php] 
WHAT: supplied credentials: [callbackUrl: https://myurl/mypage.php] 
ACTION: AUTHENTICATION_FAILED 
APPLICATION: CAS 
WHEN: Tue Mar 20 09:26:54 EDT 2012 
CLIENT IP ADDRESS: 192.168.56.20 
SERVER IP ADDRESS: 192.168.56.21 
============================================================= 


2012-03-20 09:26:54,879 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN 
============================================================= 
WHO: uday 
WHAT: error.authentication.credentials.bad 
ACTION: PROXY_GRANTING_TICKET_NOT_CREATED 
APPLICATION: CAS 
WHEN: Tue Mar 20 09:26:54 EDT 2012 
CLIENT IP ADDRESS: 192.168.56.20 
SERVER IP ADDRESS: 192.168.56.21 
============================================================= 


2012-03-20 09:26:54,879 ERROR [org.jasig.cas.web.ServiceValidateController] - TicketException generating ticket for: [callbackUrl: https://myurl/mypage.php] 
org.jasig.cas.ticket.TicketCreationException: error.authentication.credentials.bad 
    at org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket_aroundBody6(CentralAuthenticationServiceImpl.java:300) 
    at org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket_aroundBody7$advice(CentralAuthenticationServiceImpl.java:44) 
    at org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket(CentralAuthenticationServiceImpl.java:1) 
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) 
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 
    at java.lang.reflect.Method.invoke(Method.java:616) 
    at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:309) 
    at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183) 
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) 
    at org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:80) 
    at org.perf4j.aop.AbstractTimingAspect$1.proceed(AbstractTimingAspect.java:47) 
    at org.perf4j.aop.AgnosticTimingAspect.runProfiledMethod(AgnosticTimingAspect.java:53) 
    at org.perf4j.aop.AbstractTimingAspect.doPerfLogging(AbstractTimingAspect.java:45) 
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) 
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 
    at java.lang.reflect.Method.invoke(Method.java:616) 
    at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:621) 
    at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:610) 
    at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:65) 
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:161) 
    at org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:80) 
    at com.github.inspektr.audit.AuditTrailManagementAspect.handleAuditTrail(AuditTrailManagementAspect.java:126) 
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) 
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 
    at java.lang.reflect.Method.invoke(Method.java:616) 
    at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:621) 
    at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:610) 
    at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:65) 
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:161) 
    at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89) 
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) 
    at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202) 
    at $Proxy18.delegateTicketGrantingTicket(Unknown Source) 
    at org.jasig.cas.web.ServiceValidateController.handleRequestInternal(ServiceValidateController.java:125) 
    at org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153) 
    at org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48) 
    at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:790) 
    at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:719) 
    at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:644) 
    at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:549) 
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:617) 
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) 
    at org.jasig.cas.web.init.SafeDispatcherServlet.service_aroundBody2(SafeDispatcherServlet.java:115) 
    at org.jasig.cas.web.init.SafeDispatcherServlet.service_aroundBody3$advice(SafeDispatcherServlet.java:44) 
    at org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:1) 
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) 
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) 
    at com.github.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:63) 
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) 
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) 
    at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88) 
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) 
    at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237) 
    at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167) 
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) 
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) 
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) 
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) 
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) 
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) 
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) 
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293) 
    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859) 
    at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:602) 
    at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489) 
    at java.lang.Thread.run(Thread.java:636) 
Caused by: error.authentication.credentials.bad 
    at org.jasig.cas.authentication.handler.BadCredentialsAuthenticationException.<clinit>(BadCredentialsAuthenticationException.java:25) 
    at org.jasig.cas.authentication.AuthenticationManagerImpl.authenticateAndObtainPrincipal(AuthenticationManagerImpl.java:112) 
    at org.jasig.cas.authentication.AbstractAuthenticationManager.authenticate_aroundBody0(AbstractAuthenticationManager.java:41) 
    at org.jasig.cas.authentication.AbstractAuthenticationManager.authenticate_aroundBody1$advice(AbstractAuthenticationManager.java:44) 
    at org.jasig.cas.authentication.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:1) 
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) 
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 
    at java.lang.reflect.Method.invoke(Method.java:616) 
    at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:309) 
    at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183) 
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) 
    at org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:80) 
    at com.github.inspektr.audit.AuditTrailManagementAspect.handleAuditTrail(AuditTrailManagementAspect.java:126) 
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) 
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 
    at java.lang.reflect.Method.invoke(Method.java:616) 
    at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:621) 
    at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:610) 
    at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:65) 
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:161) 
    at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89) 
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) 
    at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202) 
    at $Proxy17.authenticate(Unknown Source) 
    at org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket_aroundBody6(CentralAuthenticationServiceImpl.java:272) 
    ... 68 more 
2012-03-20 09:26:54,890 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN 
============================================================= 
WHO: audit:unknown 
WHAT: ST-1-51JadzMUuXlQUBAOzNIB-cas 
ACTION: SERVICE_TICKET_VALIDATED 
APPLICATION: CAS 
WHEN: Tue Mar 20 09:26:54 EDT 2012 
CLIENT IP ADDRESS: 192.168.56.20 
SERVER IP ADDRESS: 192.168.56.21 
=============================================================

나는 troubleshooting을보고 내 오류를 발견했지만 해결할 수 없습니다.

https://myurl/의 자체 서명 된 인증서를 tomcat 키 저장소에 가져 왔으며 tomcat을 (를) 다시 시작했지만 여전히이 오류가 발생합니다.

내가 뭘 잘못 했니?

도움 주셔서 감사합니다.

편집 :

Type Keystore : JKS 
Fournisseur Keystore : SUN 

Votre Keystore contient 3 entrée(s) 

Nom d'alias : tomcat 
Date de création : 2012-03-08 
Type dentrée : {0} 
Longueur de chaîne du certificat : 1 
Certificat[1]: 
Propriétaire : CN=cas, OU=Company, O=Company, L=City, ST=Province, C=PR 
Émetteur : CN=cas, OU=Company, O=Company, L=City, ST=Province, C=PR 
Numéro de série : 4f58d082 
Valide du : Thu Mar 08 10:30:10 EST 2012 au : Wed Jun 06 11:30:10 EDT 2012 
Empreintes du certificat : 
    MD5 : F7:8D:3D:A0:24:31:B8:75:5E:AB:56:2B:80:66:1E:D8 
    SHA1 : 74:44:47:AD:CE:0A:00:DB:F4:F0:5B:0C:48:38:37:4A:A3:2F:E5:C2 
    Nom de lalgorithme de signature : {7} 
    Version : {8} 


******************************************* 
******************************************* 
Nom d'alias : myurl 
Date de création : 2012-03-21 
Type d'entrée : trustedCertEntry 

Propriétaire : CN=myurl 
Émetteur : CN=myurl 
Numéro de série : fc657300d50bdecd 
Valide du : Wed Mar 21 13:09:15 EDT 2012 au : Sat Mar 19 13:09:15 EDT 2022 
Empreintes du certificat : 
    MD5 : 9C:0B:3F:F8:AE:02:AD:63:D8:17:6D:60:84:90:69:AE 
    SHA1 : 7B:FF:1C:14:D7:36:36:5A:B0:A3:89:4E:F9:C7:8C:B0:75:B8:62:24 
    Nom de lalgorithme de signature : {7} 
    Version : {8} 


******************************************* 
*******************************************

편집 : 2 : 여기 여기 내 키 스토어와 (키 도구 -v -list -keystore/경로 /로/키 스토어로 나열) 신뢰의 내용입니다 내 바람둥이 커넥터입니다 :

<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" 
      maxThreads="150" scheme="https" secure="true" 
      clientAuth="false" sslProtocol="TLS" keyAlias="tomcat" 
      keystoreFile="/home/keystore" 
      keystorePass="changeit" truststoreFile="/home/keystore" 
      truststorePass="changeit"/>

/home/keystore는 위의 파일 경로입니다. 트러스트 별칭을 제공해야합니까? 예인 경우 별칭의 속성 이름은 무엇입니까?

출처

2012-03-20 glcp

답변

0

StartSSL에서 무료 SSL 인증서를 사용하여 마침내 내 문제를 해결했습니다.

출처

2012-03-28 15:09:15 glcp

0

자체 서명 된 인증서를 신뢰 저장소로 가져와야합니다. 그거 했니?

출처

2012-03-21 02:37:50 bubbly

+0

tomcat 키 저장소에 자체 서명 인증서 (https : // myurl /)를 가져 왔습니다. 이게 네가 말하는거야? 없다면 어떤 인증서 (tomcat (https : // cas /) 또는 apache (https : // myurl /) 중 하나)를 가져와야합니까? 그리고 어디에서 가져와야합니까? 감사. – glcp

+0

ID와 신뢰의 두 가지 키 저장소가 있습니다. 당신은 "ssl을위한 자체 서명 된 인증서"를 작성했다고 언급했다; 이것은 ID 키 스토어입니다. 이 키를 가져와 트러스트 스토어로 가져와야합니다. – bubbly

+0

나는 여전히 같은 오류가 발생했습니다. 내 키 스토어 및 트러스트 어의 내용을 보여주기 위해 내 대답을 편집했습니다. 뭐가 잘못 됐는지 말해 줄 수 있니? – glcp

관련 문제

 관련 문제