国产不卡视频一区,精品av一区二区,狠狠爱一区二区三区

Yale CAS異常問(wèn)題總結(jié)(1)Unable to validate ProxyTicketValidator之HTTPS hostname wrong: should be.....

嚴(yán)重: edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to validate ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator prox
yList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator casValidateUrl=[https://192.168.1.111:8443/cas/proxyValidate] ticket=[ST-0-9h7Mx5HK3pfsdxRv
MD3y] service=[http%3A%2F%2F192.168.1.222%3A8080%2Fservlets-examples%2Fservlet%2FHelloWorldExample] renew=false]]]

這個(gè)CAS異常是從CAS Client里面拋出，是當(dāng)我們不使用證書的CN去訪問(wèn)域名的時(shí)候（比如下文是用IP訪問(wèn)而且證書的CN是該IP對(duì)應(yīng)的域名而非該IP），CASClient無(wú)法信任，因?yàn)槟阕C書的CN命名寫著abc.com，192.168.1.111這個(gè)IP是無(wú)法被CAS Client識(shí)別。

edu.yale.its.tp.cas.client.CASAuthenticationException:?Unable?to?validate?ProxyTicketValidator?[[edu.yale.its.tp.cas.client.ProxyTicketValidator?proxyList = [ null ]?[edu.yale.its.tp.cas.client.ServiceTicketValidator?casValidateUrl = [https: // 192.168.1.111:8443/cas/proxyValidate]?ticket=[ST-0-9h7Mx5HK3pfsdxRvMD3y]?service=[http%3A%2F%2F192.168.1.222%3A8080%2Fservlets-examples%2Fservlet%2FHelloWorldExample]?renew=false]]]

????at?edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java: 52 )

????at?edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java: 455 )

????at?edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java: 378 )

????at?org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java: 202 )

????at?org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java: 173 )

????at?filters.ExampleFilter.doFilter(ExampleFilter.java: 101 )

????at?org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java: 202 )

????at?org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java: 173 )

????at?org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java: 213 )

????at?org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java: 178 )

????at?org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java: 432 )

????at?org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java: 126 )

????at?org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java: 105 )

????at?org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java: 107 )

????at?org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java: 148 )

????at?org.apache.coyote.http11.Http11Processor.process(Http11Processor.java: 869 )

????at?org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java: 664 )

????at?org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java: 527 )

????at?org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java: 80 )

????at?org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java: 684 )

????at?java.lang.Thread.run(Thread.java: 595 )

Caused?by:?java.io.IOException:?HTTPS?hostname?wrong:??should?be? < 192.168 . 1.111 >

????at?sun.net.www.protocol.https.HttpsClient.checkURLSpoofing(HttpsClient.java: 493 )

????at?sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java: 418 )

????at?sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java: 170 )

????at?sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java: 905 )

????at?sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java: 234 )

????at?edu.yale.its.tp.cas.util.SecureURL.retrieve(SecureURL.java: 84 )

????at?edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(ServiceTicketValidator.java: 212 )

????at?edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java: 50 )

解決辦法：
用域名訪問(wèn)，域名就是證書的CN。

posted on 2006-09-05 18:20 david.turing 閱讀(9527) 評(píng)論(4) 編輯收藏所屬分類: Security異常問(wèn)題

評(píng)論

# re: Yale CAS異常問(wèn)題總結(jié)(1)Unable to validate ProxyTicketValidator之HTTPS hostname wrong: should be.....[未登錄](méi) 2007-03-23 02:32 lulu

client 怎么得到授權(quán)??
就keytool -import....到j(luò)vm就行了???

但是我還是報(bào)上面的錯(cuò)誤.. 回復(fù) 更多評(píng)論

# re: Yale CAS異常問(wèn)題總結(jié)(1)Unable to validate ProxyTicketValidator之HTTPS hostname wrong: should be.....[未登錄](méi) 2008-12-25 16:04 1

要是別的機(jī)器訪問(wèn)你的機(jī)器，用ip訪問(wèn)，cn我也寫的ip，也還是報(bào)同樣錯(cuò)誤回復(fù) 更多評(píng)論

# re: Yale CAS異常問(wèn)題總結(jié)(1)Unable to validate ProxyTicketValidator之HTTPS hostname wrong: should be.....[未登錄](méi) 2011-08-30 18:20 小豬

我的也是啊，用ip生成的cn，也是用ip訪問(wèn)，還是報(bào)這個(gè)錯(cuò)誤啊回復(fù) 更多評(píng)論

# re: Yale CAS異常問(wèn)題總結(jié)(1)Unable to validate ProxyTicketValidator之HTTPS hostname wrong: should be.....[未登錄](méi) 2012-10-24 16:55 cx

edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to validate ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator casValidateUrl=[https://cx.com:8443/cas/proxyValidate] ticket=[ST-1-BS35zseNBoCQaZwNWjUu-cas] service=[http%3A%2F%2Fcx.com%3A8080%2Fjsp-examples%2F] renew=false]]]
使用域名依舊錯(cuò)誤…… 回復(fù) 更多評(píng)論

新用戶注冊(cè) 刷新評(píng)論列表


只有注冊(cè)用戶登錄后才能發(fā)表評(píng)論。




網(wǎng)站導(dǎo)航: 博客園 IT新聞 Chat2DB C++博客博問(wèn) 管理
相關(guān)文章: Tomcat/Weblogic在SSL握手中，IE提交證書窗口為空的問(wèn)題發(fā)現(xiàn)GDCA USBKey(電子鑰匙)的CSP數(shù)字簽名實(shí)現(xiàn)存在缺陷 Yale CAS異常問(wèn)題總結(jié)(2)Unable to validate ProxyTicketValidator之unable to find valid certification path to requested target Yale CAS異常問(wèn)題總結(jié)(1)Unable to validate ProxyTicketValidator之HTTPS hostname wrong: should be..... Certificate chain received from 客戶端- 192.168.10.10 was not trusted causing SSL handshake failure Unexpected Signal : EXCEPTION_ACCESS_VIOLATION javax.security.auth.login.LoginException:沒(méi)有為 XXX 配置LoginModules javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found

# re: Yale CAS異常問(wèn)題總結(jié)(1)Unable to validate ProxyTicketValidator之HTTPS hostname wrong: should be.....[未登錄](méi) 2007-03-23 02:32 lulu

# re: Yale CAS異常問(wèn)題總結(jié)(1)Unable to validate ProxyTicketValidator之HTTPS hostname wrong: should be.....[未登錄](méi) 2008-12-25 16:04 1

# re: Yale CAS異常問(wèn)題總結(jié)(1)Unable to validate ProxyTicketValidator之HTTPS hostname wrong: should be.....[未登錄](méi) 2011-08-30 18:20 小豬

# re: Yale CAS異常問(wèn)題總結(jié)(1)Unable to validate ProxyTicketValidator之HTTPS hostname wrong: should be.....[未登錄](méi) 2012-10-24 16:55 cx

David.Turing's blog

Yale CAS異常問(wèn)題總結(jié)(1)Unable to validate ProxyTicketValidator之HTTPS hostname wrong: should be.....

評(píng)論

導(dǎo)航

統(tǒng)計(jì)

常用鏈接

留言簿(110)

我參與的團(tuán)隊(duì)

隨筆分類(126)

隨筆檔案(155)

文章分類(9)

文章檔案(19)

相冊(cè)

搜索

積分與排名

最新隨筆

最新評(píng)論

閱讀排行榜

評(píng)論排行榜