使用yale cas做sso的问题

这段时间在试用下cas做下身份人证发现了个奇怪的问题,在此提出来下,希望知道的同学给解答一下,感激不尽!
证书我已经生成了,证书的cn是localhost,并且tomcat的ssl已经配置好了,证书也导入到jdk了,我访问客户端,如(http://localhost:8080/myapp/test),第一次由于还没有通过cas的身份认证,所以会重定向到(https://localhost:8443/cas/login?service=http%3A%2F%2Flocalhost%3A8080%2Fmyapp%2Ftest)进行身份认证,我输入正确的用户和密码之后,认证成功,返回的地址是(http://localhost:8080/myapp/test?ticket=ST-1-ydkGooyveb6vnb3TLYnm),到此,貌似是正确的.奇怪的是,当我把http://localhost:8080/myapp/test?ticket=ST-1-ydkGooyveb6vnb3TLYnm这个地址拷贝下来,再打开一个浏览器访问http://localhost:8080/myapp/test?ticket=ST-1-ydkGooyveb6vnb3TLYnm的时候,就报错:
[myapp] 21:32:38.937 [http-8080-1] ERROR edu.yale.its.tp.cas.client.CASReceipt - validation of [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator casValidateUrl=[https://localhost:8443/cas/proxyValidate] ticket=[ST-1-ydkGooyveb6vnb3TLYnm] service=[http%3A%2F%2Flocalhost%3A8080%2Fmyapp%2Ftest] errorCode=[INVALID_TICKET] errorMessage=[???????? 'ST-1-ydkGooyveb6vnb3TLYnm'??] renew=false entireResponse=[

???????? 'ST-1-ydkGooyveb6vnb3TLYnm'??
/cas:authenticationFailure
/cas:serviceResponse
]]]] was not successful.
[myapp] 21:32:38.937 [http-8080-1] ERROR edu.yale.its.tp.cas.client.filter.CASFilter - edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to validate ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator casValidateUrl=[https://localhost:8443/cas/proxyValidate] ticket=[ST-1-ydkGooyveb6vnb3TLYnm] service=[http%3A%2F%2Flocalhost%3A8080%2Fmyapp%2Ftest] errorCode=[INVALID_TICKET] errorMessage=[???????? 'ST-1-ydkGooyveb6vnb3TLYnm'??] renew=false entireResponse=[

???????? 'ST-1-ydkGooyveb6vnb3TLYnm'??
/cas:authenticationFailure
/cas:serviceResponse
]]]]
2009-7-5 21:32:38 org.apache.catalina.core.StandardWrapperValve invoke
严重: Servlet.service() for servlet default threw exception
edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to validate ProxyTicketValidator [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] [edu.yale.its.tp.cas.client.ServiceTicketValidator casValidateUrl=[https://localhost:8443/cas/proxyValidate] ticket=[ST-1-ydkGooyveb6vnb3TLYnm] service=[http%3A%2F%2Flocalhost%3A8080%2Fmyapp%2Ftest] errorCode=[INVALID_TICKET] errorMessage=[???????? 'ST-1-ydkGooyveb6vnb3TLYnm'??] renew=false entireResponse=[

???????? 'ST-1-ydkGooyveb6vnb3TLYnm'??
/cas:authenticationFailure
/cas:serviceResponse
]]]]
at edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:62)
at edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:455)
at edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:378)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:261)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:581)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Thread.java:619)

我实在是找不出原因来了,请各位同学帮忙了!

1个回答

照着这个来一遍就没问题了

http://www.iteye.com/topic/40129

Csdn user default icon
上传中...
上传图片
插入图片
抄袭、复制答案,以达到刷声望分或其他目的的行为,在CSDN问答是严格禁止的,一经发现立刻封号。是时候展现真正的技术了!
立即提问