cas报错(No subject、'principal' cannot be null、PKIX path validation failed等错误)
来源:互联网 发布:淘宝店铺无线端网址 编辑:程序博客网 时间:2024/06/16 00:46
1、cas报错No subject alternative names present
2 、cas报错'principal' cannot be null.
3、cas报错PKIX path validation failed.
1、cas报错No subject alternative names present
1.1错误提示
[org.jasig.cas.client.util.CommonUtils]-[ERROR]java.security.cert.CertificateException:No subject alternative names present
javax.net.ssl.SSLHandshakeException:java.security.cert.CertificateException: No subject alternativenames present
atsun.security.ssl.Alerts.getSSLException(Alerts.java:192)
atsun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1937)
atsun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
atsun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
1.2原因和解决方法
原因是不能用IP地址的URL中用了IP地址,查看你在访问cas服务端时候是否使用了ip地址,比如127.0.0.1之类的,如果使用了IP地址,请修改为域名,如果使用的是127.0.0.1的话,修改为localhost。
如果这样处理后还是不能解决,你还是放弃自己的环境,重新搭建一个环境,先正确跑起来,然后在跑起来的基础上在做扩展和修改吧,一个完美运行的环境(按步骤做即可):
http://blog.csdn.net/pucao_cug/article/details/70182968
2 、cas报错'principal' cannot be null.
2.1错误提示
[org.jasig.cas.web.flow.AuthenticationViaFormAction]- <'principal' cannot be null.
Check the correctness of @Auditannotation at the following audit point: execution(public abstractorg.jasig.cas.authentication.Authenticationorg.jasig.cas.authentication.AuthenticationManager.authenticate(org.jasig.cas.authentication.AuthenticationTransaction))
java.lang.IllegalArgumentException: 'principal' cannot be null.
Check the correctness of @Auditannotation at the following audit point: execution(public abstractorg.jasig.cas.authentication.Authenticationorg.jasig.cas.authentication.AuthenticationManager.authenticate(org.jasig.cas.authentication.AuthenticationTransaction))atorg.jasig.inspektr.audit.AuditActionContext.assertNotNull
2.2原因和解决方法
原因是你的服务端环境缺少了commons-collections4这个jar包,在cas4.2.7服务端从数据库读取用户的更多信息的时候需要用到这个jar包,可以下载commons-collections4-4.1.jar加入到服务端的WEB-INF/lib下。
如果这样处理后还是不能解决,你还是放弃自己的环境,重新搭建一个环境,先正确跑起来,然后在跑起来的基础上在做扩展和修改吧,一个完美运行的环境(按步骤做即可):
http://blog.csdn.net/pucao_cug/article/details/70182968
3、cas报错PKIX path validation failed
3.1错误提示
javax.net.ssl.SSLHandshakeException:sun.security.validator.ValidatorException: PKIX path validation failed:java.security.cert.CertPathValidatorException: signature check failed
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
atsun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1937)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1478)
atsun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:212)
atsun.security.ssl.Handshaker.processLoop(Handshaker.java:969)
atsun.security.ssl.Handshaker.process_record(Handshaker.java:904)
atsun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1050)
atsun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1363)
atsun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1391)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1375)
atsun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
atsun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1512)
atsun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1440)
atsun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
Caused by:java.security.SignatureException: Signature does not match.
atsun.security.x509.X509CertImpl.verify(X509CertImpl.java:449)
atsun.security.provider.certpath.BasicChecker.verifySignature(BasicChecker.java:166)
at sun.security.provider.certpath.BasicChecker.check(BasicChecker.java:147)
atsun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:119)
... 56 more
3.2原因和解决方法
原因是使用https协议的时候你需要做一个事情,那就是在cas服务端生成秘钥库,在秘钥库中添加一个秘钥对条目,将该条目的信息以及公钥导出为数字证书,然后将该数字证书导入到cas客户端的web容器所使用的那个JRE的秘钥库中。
如果不清楚怎么生成秘钥库,添加条目,导出和导入证书,你可以参考该博文:
http://blog.csdn.net/pucao_cug/article/details/70136159
如果这样处理后还是不能解决,你还是放弃自己的环境,重新搭建一个环境,先正确跑起来,然后在跑起来的基础上在做扩展和修改吧,一个完美运行的环境(按步骤做即可):
http://blog.csdn.net/pucao_cug/article/details/70182968
- cas报错(No subject、'principal' cannot be null、PKIX path validation failed等错误)
- PKIX path validation failed: mestamp check failed 错误
- CAS SSO 错误返回PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException:
- PKIX path validation failed记录java访问https的点点
- tomcat5.5.20 cas-PKIX path building failed:异常解决
- tomcat5.5 cas-PKIX path building failed:异常解决 .
- 【报错】MySQLIntegrityConstraintViolationException:Column cannot be null
- PKIX path building failed
- PKIX path building failed
- 报错:No principal was found in the response from the CAS server
- PKIX path validation failed 以及Unsupported major.minor version 51.0问题
- Java#PKIX path building failed
- Nutch2.3.1使用ant eclipse 编译源代码报错ValidatorException: PKIX path building failed: sun.security.provider.
- My Eclipse:Resources cannot be null报错
- hibernate报错:Column 'id' cannot be null
- java掉用接口,报PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: u
- 解决Java在请求某些不受信任的https网站时会报:PKIX path building failed
- Struts中Resources cannot be null错误
- 10年
- 深入Struts
- HDU 1232 畅通工程 并查集简单应用
- webservice:(2)体验查询号码归属地demo
- Spark Streaming 2:概述
- cas报错(No subject、'principal' cannot be null、PKIX path validation failed等错误)
- 心的路上
- 第八周作业报告
- HDU 4507 吉哥系列故事——恨7不成妻 数位DP
- scut training 2 简单dp zoj3956
- 17
- SeqQueue
- 在Eclipse中使用Maven 2.x指南
- mysql 启动失败解决