问题前提:
独立访问CAS自带的web应用没有问题。
访问tomcat自带的example页面可以跳转到认证页面。
认证后跳转example的时候出现,异常信息如下:
HTTP Status 500 -
--------------------------------------------------------------------------------
type Exception report
message
description The server encountered an internal error () that prevented it from fulfilling this request.
exception
javax.servlet.ServletException: javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:254)
edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:184)
root cause
javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1731)
com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1692)
com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1675)
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1204)
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1181)
sun.net.(HttpsClient.java:434)
sun.net.(AbstractDelegateHttpsURLConnection.java:166)
sun.net.(HttpURLConnection.java:1172)
sun.net.(HttpsURLConnectionImpl.java:234)
edu.yale.its.tp.cas.util.SecureURL.retrieve(SecureURL.java:70)
edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(ServiceTicketValidator.java:212)
edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:219)
edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:184)
问题的确是证书的问题,创建证书的时候有个需要输入 -dname "cn=我是机器名称" ,是这里的名称错误。
解决方案:
重新生成证书,并且导入到 ""%JAVA_HOME%/jre/lib/security/cacerts" 里面。
机器名称可以使用 ipconfig 命令或者右键我的电脑看到。
阅读(22395) | 评论(0) | 转发(0) |
