[Building Sakai] CASifying Sakai: blank page after CAS login
Sanghyun Jeon
euksa99 at gmail.com
Wed Apr 2 14:08:17 PDT 2014
Thank you, Steve.
Actually I got another problem.
I accidentally put the server name of web.xml as our production servername
instead of our dev servername. dev server has all modified web.xml and
pom.xml and sakai.properties.
Here's what happen with the production (wrong) servername.
visit the gateway page of sakaidev.pomona.edu > click login > redirect our
CAS login page > after the CAS authentication, sakai.claremont.edu (I think
it's because I put the server name as sakai.claremont.edu) pops up.
When I realize my mistake and change the server name into
sakaidev.pomona.edu and i got the
java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
valid certification path
after the CAS authentication
Question: the current server name in CAS Authentication and Validation
Filter of web.xml is used for what?
<init-param>
<param-name>serverName</param-name>
<param-value>YOUR_SAKAI_SERVER:PORT</param-value>
</init-param>
Why do I get the different result depending on the specified server name?
Should it be resolved from CAS end or from Sakai end?
One thing I noticed is when webauth.claremont.edu and
sakai.claremont.eduare on the same domain, it redirects the sakai
webpage after the CAS login.
However, sakai.pomona.edu is on the different domain from
webauth.claremont.edu, I got validationexception.
Although the production servername gives me the right behavior, this is
wrong information, so...
I attached the screen shot when I get the validation error with the right
server name and please advise.
S
On Wed, Apr 2, 2014 at 1:15 PM, Steve Swinsburg
<steve.swinsburg at gmail.com>wrote:
> Yep that sakai login tool url needs to have the url of the sakai server.
> Adjust your web.xml
>
> As an aside, it is good to see that guide still going strong. I wrote it
> for 2.4 ;)
>
> Cheers
> Steve
>
> sent from my mobile device
> On 03/04/2014 3:03 AM, "Sam Ottenhoff" <ottenhoff at longsight.com> wrote:
>
>> Okay, delete all the Nakamura references or move the CAS filter *above*
>> Nakamura.
>>
>>
>>
>>> Sakai has sakai.claremont.edu
>>> CAS has webauth.claremont.edu (I got the instruction from our CAS
>>> developers to replace webauth.claremontmckenna.edu with webauth
>>> claremont.edu)
>>>
>>
>> Then this setting is wrong:
>>
>> <init-param>
>> <param-name>serverName</param-name>
>> <!-- <param-value>YOUR_SAKAI_SERVER:PORT</param-value> -->
>> <param-value>webauth.claremontmckenna.edu</param-value>
>> </init-param>
>>
>>
>>
>> <init-param>
>> <param-name>serverName</param-name>
>> <param-value>YOUR_SAKAI_SERVER:PORT</param-value>
>> </init-param>
>>
>>
>> _______________________________________________
>> sakai-dev mailing list
>> sakai-dev at collab.sakaiproject.org
>> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>>
>> TO UNSUBSCRIBE: send email to
>> sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of
>> "unsubscribe"
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20140402/be9bf869/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: CASvalidationError.png
Type: image/png
Size: 133330 bytes
Desc: not available
Url : http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20140402/be9bf869/attachment.png
More information about the sakai-dev
mailing list