This week's book giveaways are in the Java EE and JavaScript forums.
We're giving away four copies each of The Java EE 7 Tutorial Volume 1 or Volume 2(winners choice) and jQuery UI in Action and have the authors on-line!
See this thread and this one for details.
The moose likes Java in General and the fly likes SSL Handshake in SSO Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of The Java EE 7 Tutorial Volume 1 or Volume 2 this week in the Java EE forum
or jQuery UI in Action in the JavaScript forum!
JavaRanch » Java Forums » Java » Java in General
Bookmark "SSL Handshake in SSO" Watch "SSL Handshake in SSO" New topic
Author

SSL Handshake in SSO

Venkatachalapathy Devarajulu
Greenhorn

Joined: Dec 21, 2009
Posts: 1
Hi,

can anyone help me in getting out of this stuff.

While integrating CAS with Liferay i am getting an error as follows after validation through CAS with Ldap users



t [Tue Dec 29 10:34:23 GMT 2009]>
2009-12-29 10:34:26,453 INFO [org.jasig.cas.web.flow.InitialFlowSetupAction] - <
Setting path for cookies to: /cas-web>
2009-12-29 10:34:37,921 INFO [org.jasig.cas.authentication.AuthenticationManager
Impl] - <AuthenticationHandler: org.jasig.cas.authentication.handler.support.Sim
pleTestUsernamePasswordAuthenticationHandler failed to authenticate the user whi
ch provided the following credentials: [username: rkumar]>
2009-12-29 10:34:37,937 INFO [org.jasig.cas.authentication.AuthenticationManager
Impl] - <AuthenticationHandler: org.jasig.cas.adaptors.ldap.BindLdapAuthenticati
onHandler successfully authenticated the user which provided the following crede
ntials: [username: rkumar]>
2009-12-29 10:34:37,953 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] -
<Granted service ticket [ST-1-iEE2aeQvzOAjKpqlh5Oo-cas] for service [http://loca
lhost:8080/c/portal/login?p_l_id=10172] for user [rkumar]>
10:34:37,984 ERROR [CASFilter:148] javax.servlet.ServletException: javax.net.ssl
.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path bui
lding failed: sun.security.provider.certpath.SunCertPathBuilderException: unable
to find valid certification path to requested target
javax.servlet.ServletException: javax.net.ssl.SSLHandshakeException: sun.securit
y.validator.ValidatorException: PKIX path building failed: sun.security.provider
.certpath.SunCertPathBuilderException: unable to find valid certification path t
o requested target
at edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASF
ilter.java:254)
at edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:1
84)
at com.liferay.portal.servlet.filters.sso.cas.CASFilter.processFilter(CA
SFilter.java:140)
at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java
:91)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:206)
at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter
.java:154)
at com.liferay.portal.sharepoint.SharepointFilter.processFilter(Sharepoi
ntFilter.java:193)
at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java
:91)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:206)
at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter
.java:154)
at com.liferay.portal.servlet.filters.virtualhost.VirtualHostFilter.doFi
lter(VirtualHostFilter.java:148)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:206)
at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter
.java:154)
at com.liferay.portal.servlet.filters.threadlocalcache.ThreadLocalCacheF
ilter.processFilter(ThreadLocalCacheFilter.java:55)
at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java
:91)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:206)
at com.liferay.portal.kernel.servlet.BaseFilter.processFilter(BaseFilter
.java:154)
at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java
:94)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:206)
at org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewrit
eFilter.java:738)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV
alve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextV
alve.java:191)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica
torBase.java:433)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
a:286)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java
:845)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.proce
ss(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:44
7)
at java.lang.Thread.run(Thread.java:595)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.Validator
Exception: PKIX path building failed: sun.security.provider.certpath.SunCertPath
BuilderException: unable to find valid certification path to requested target
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1
584)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:168)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:848)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHa
ndshaker.java:106)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:4
95)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.jav
a:433)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.j
ava:877)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SS
LSocketImpl.java:1089)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketIm
pl.java:1116)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketIm
pl.java:1100)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:
402)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect
(AbstractDelegateHttpsURLConnection.java:170)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLCon
nection.java:934)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Http
sURLConnectionImpl.java:234)
at edu.yale.its.tp.cas.util.SecureURL.retrieve(SecureURL.java:70)
at edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(ServiceTic
ketValidator.java:212)
at edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASF
ilter.java:219)
... 37 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find vali
d certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:221)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.jav
a:145)
at sun.security.validator.Validator.validate(Validator.java:203)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:172)
at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(
SSLContextImpl.java:320)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:841)
... 51 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCert
PathBuilder.java:236)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:194)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:216)
... 56 more
10:34:52,343 INFO [PluginPackageUtil:1153] Reloading repositories
Loading file:/C:/LifeRay/liferay-portal-5.2.3/tomcat-6.0.18/temp/2-mail-portlet/
WEB-INF/classes/portlet.properties
A property claimed to start before zero, at -512! Resetting it to zero, and hopi
ng for the best
A property claimed to start before zero, at -512! Resetting it to zero, and hopi
ng for the best
Your document seemed to be mostly unicode, but the section definition was in byt
es! Trying anyway, but things may well go wrong!
2009-12-29 10:36:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Reloading registered services.>
2009-12-29 10:36:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Loaded 0 services.>
2009-12-29 10:38:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Reloading registered services.>
2009-12-29 10:38:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Loaded 0 services.>
2009-12-29 10:40:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Reloading registered services.>
2009-12-29 10:40:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Loaded 0 services.>
2009-12-29 10:42:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Reloading registered services.>
2009-12-29 10:42:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Loaded 0 services.>
2009-12-29 10:44:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Reloading registered services.>
2009-12-29 10:44:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Loaded 0 services.>
2009-12-29 10:46:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Reloading registered services.>
2009-12-29 10:46:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Loaded 0 services.>
2009-12-29 10:48:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Reloading registered services.>
2009-12-29 10:48:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Loaded 0 services.>
2009-12-29 10:50:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Reloading registered services.>
2009-12-29 10:50:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Loaded 0 services.>
2009-12-29 10:52:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Reloading registered services.>
2009-12-29 10:52:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Loaded 0 services.>
2009-12-29 10:54:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Reloading registered services.>
2009-12-29 10:54:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Loaded 0 services.>
2009-12-29 10:56:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Reloading registered services.>
2009-12-29 10:56:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Loaded 0 services.>
2009-12-29 10:58:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Reloading registered services.>
2009-12-29 10:58:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Loaded 0 services.>
2009-12-29 11:00:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Reloading registered services.>
2009-12-29 11:00:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Loaded 0 services.>
2009-12-29 11:02:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Reloading registered services.>
2009-12-29 11:02:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Loaded 0 services.>
2009-12-29 11:04:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Reloading registered services.>
2009-12-29 11:04:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Loaded 0 services.>
2009-12-29 11:06:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Reloading registered services.>
2009-12-29 11:06:03,265 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Loaded 0 services.>
2009-12-29 11:08:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Reloading registered services.>
2009-12-29 11:08:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Loaded 0 services.>
2009-12-29 11:10:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Reloading registered services.>
2009-12-29 11:10:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Loaded 0 services.>
2009-12-29 11:12:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Reloading registered services.>
2009-12-29 11:12:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Loaded 0 services.>
2009-12-29 11:14:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Reloading registered services.>
2009-12-29 11:14:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Loaded 0 services.>
2009-12-29 11:16:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Reloading registered services.>
2009-12-29 11:16:03,109 INFO [org.jasig.cas.services.DefaultServicesManagerImpl]
- <Loaded 0 services.>


thanks in advance
venkat


Adam Michalik
Ranch Hand

Joined: Feb 18, 2008
Posts: 128
I don't really thing that's a "Java in general" question, nor do I know much about SSO and Liferay, but the stacktrace says:

Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Do you have the whole certification chain properly installed, ie. your ceritficate and the certificates that sign your certificate?
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: SSL Handshake in SSO