CAS TGT 校验不成功：No principal was found in the response from the CAS server.WHO: audit:unknown

来源：互联网发布：什么是网络对讲机编辑：程序博客网时间：2024/04/28 20:29

背景描述：首先我重写了CAS Server端的登录这个模块，并且存储的返回值也是我自己定义的（以前默认存储的是登录名）；但是单独登录CAS server成功的，从client端访问就出现了找不到principal。后来我发现是返回值中有中文，中文乱码引起的。具体如下：

CAS 出错：

org.jasig.cas.client.validation.TicketValidationException: No principal was found in the response from the CAS server.
at org.jasig.cas.client.validation.Cas20ServiceTicketValidator.parseResponseFromServer(Cas20ServiceTicketValidator.java:82)
at org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:197)
at org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:164)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:102)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:65)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:503)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:421)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1070)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:611)
at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2462)
at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:2451)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:744)

而在TGT 和ST输出的内容是：

=============================================================
WHO: select_id_from_table
WHAT: ST-1-e1DyEYwhukd3vnhBeQcV-cas01.example.org for http://www.casclientdemo1.com:8080/servlet/Test
ACTION: SERVICE_TICKET_CREATED
APPLICATION: CAS
WHEN: Fri Dec 12 09:31:07 CST 2014
CLIENT IP ADDRESS: 127.0.0.1
SERVER IP ADDRESS: 127.0.0.1
=============================================================
十二月 12, 2014 9:31:07 上午 com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager record
信息: Audit trail record BEGIN
=============================================================
WHO: audit:unknown
WHAT: ST-1-e1DyEYwhukd3vnhBeQcV-cas01.example.org
ACTION: SERVICE_TICKET_VALIDATED
APPLICATION: CAS
WHEN: Fri Dec 12 09:31:07 CST 2014
CLIENT IP ADDRESS: 127.0.0.1
SERVER IP ADDRESS: 127.0.0.1
=============================================================

service_ticket 产生的是正确的，并且，我单独访问cas server，登录都是成功的，而从client端访问server后，就出现这种错，说明他取TGT的时候出错了。于是我就debug那一行（上面红色的那个Cas20ServiceTicketValidator，找到那一行。）

发现如下：

debug \cas-client-core\src\main\java\org\jasig\cas\client\validation.Cas20ServiceTicketValidator.java:

看右上侧，response值中有中文乱码，所以执行到这行的时候，下一步：

我把要返回的值从中文，写成英文，就没有这个错了。不过目前还没发现怎么将中文不乱吗，研究中，记录一下。

0 0