java - Disable hostname verifier in servlet with CAS -

-

i have cas deployed on virtual machine (in jboss) , i'm trying use cas login in servlet, using saml protocol in filters authentication , validation, javax.net.ssl.sslhandshakeexception: java.security.cert.certificateexception: no subject alternative names present in future i'll receive proper certificate, until want disable hostname verifier, testing. know should @override code, don't know how , in servlet connects cas through filters in web.xml. servlet overrides doget method print should receive cas. can me, please?

thank in advance.

update: exact error see in logs

error [org.apache.catalina.core.containerbase.[jboss.web].[default-host].[/casuser].[cas]] (http-localhost-127.0.0.1-8080-1) servlet.service() servlet cas threw exception: java.lang.runtimeexception: javax.net.ssl.sslhandshakeexception: java.security.cert.certificateexception: no subject alternative names present     @ org.jasig.cas.client.validation.saml11ticketvalidator.retrieveresponsefromserver(saml11ticketvalidator.java:275) [cas-client-core-3.3.3.jar:3.3.3]     @ org.jasig.cas.client.validation.abstracturlbasedticketvalidator.validate(abstracturlbasedticketvalidator.java:200) [cas-client-core-3.3.3.jar:3.3.3]     @ org.jasig.cas.client.validation.abstractticketvalidationfilter.dofilter(abstractticketvalidationfilter.java:206) [cas-client-core-3.3.3.jar:3.3.3]     @ org.apache.catalina.core.applicationfilterchain.internaldofilter(applicationfilterchain.java:280) [jbossweb-7.0.13.final.jar:]     @ org.apache.catalina.core.applicationfilterchain.dofilter(applicationfilterchain.java:248) [jbossweb-7.0.13.final.jar:]     @ org.jasig.cas.client.session.singlesignoutfilter.dofilter(singlesignoutfilter.java:100) [cas-client-core-3.3.3.jar:3.3.3]     @ org.apache.catalina.core.applicationfilterchain.internaldofilter(applicationfilterchain.java:280) [jbossweb-7.0.13.final.jar:]     @ org.apache.catalina.core.applicationfilterchain.dofilter(applicationfilterchain.java:248) [jbossweb-7.0.13.final.jar:]     @ org.apache.catalina.core.standardwrappervalve.invoke(standardwrappervalve.java:275) [jbossweb-7.0.13.final.jar:]     @ org.apache.catalina.core.standardcontextvalve.invoke(standardcontextvalve.java:161) [jbossweb-7.0.13.final.jar:]     @ org.apache.catalina.authenticator.authenticatorbase.invoke(authenticatorbase.java:489) [jbossweb-7.0.13.final.jar:]     @ org.jboss.as.web.security.securitycontextassociationvalve.invoke(securitycontextassociationvalve.java:153) [jboss-as-web-7.1.1.final.jar:7.1.1.final]     @ org.apache.catalina.core.standardhostvalve.invoke(standardhostvalve.java:155) [jbossweb-7.0.13.final.jar:]     @ org.apache.catalina.valves.errorreportvalve.invoke(errorreportvalve.java:102) [jbossweb-7.0.13.final.jar:]     @ org.apache.catalina.core.standardenginevalve.invoke(standardenginevalve.java:109) [jbossweb-7.0.13.final.jar:]     @ org.apache.catalina.connector.coyoteadapter.service(coyoteadapter.java:368) [jbossweb-7.0.13.final.jar:]     @ org.apache.coyote.http11.http11processor.process(http11processor.java:877) [jbossweb-7.0.13.final.jar:]     @ org.apache.coyote.http11.http11protocol$http11connectionhandler.process(http11protocol.java:671) [jbossweb-7.0.13.final.jar:]     @ org.apache.tomcat.util.net.jioendpoint$worker.run(jioendpoint.java:930) [jbossweb-7.0.13.final.jar:]     @ java.lang.thread.run(thread.java:745) [rt.jar:1.7.0_79] caused by: javax.net.ssl.sslhandshakeexception: java.security.cert.certificateexception: no subject alternative names present     @ sun.security.ssl.alerts.getsslexception(alerts.java:192) [jsse.jar:1.7.0_79]     @ sun.security.ssl.sslsocketimpl.fatal(sslsocketimpl.java:1904) [jsse.jar:1.7.0_79]     @ sun.security.ssl.handshaker.fatalse(handshaker.java:279) [jsse.jar:1.7.0_79]     @ sun.security.ssl.handshaker.fatalse(handshaker.java:273) [jsse.jar:1.7.0_79]     @ sun.security.ssl.clienthandshaker.servercertificate(clienthandshaker.java:1446) [jsse.jar:1.7.0_79]     @ sun.security.ssl.clienthandshaker.processmessage(clienthandshaker.java:209) [jsse.jar:1.7.0_79]     @ sun.security.ssl.handshaker.processloop(handshaker.java:901) [jsse.jar:1.7.0_79]     @ sun.security.ssl.handshaker.process_record(handshaker.java:837) [jsse.jar:1.7.0_79]     @ sun.security.ssl.sslsocketimpl.readrecord(sslsocketimpl.java:1023) [jsse.jar:1.7.0_79]     @ sun.security.ssl.sslsocketimpl.performinitialhandshake(sslsocketimpl.java:1332) [jsse.jar:1.7.0_79]     @ sun.security.ssl.sslsocketimpl.starthandshake(sslsocketimpl.java:1359) [jsse.jar:1.7.0_79]     @ sun.security.ssl.sslsocketimpl.starthandshake(sslsocketimpl.java:1343) [jsse.jar:1.7.0_79]     @ sun.net.www.protocol.https.httpsclient.afterconnect(httpsclient.java:563) [rt.jar:1.7.0_79]     @ sun.net.www.protocol.https.abstractdelegatehttpsurlconnection.connect(abstractdelegatehttpsurlconnection.java:185) [rt.jar:1.7.0_79]     @ sun.net.www.protocol.http.httpurlconnection.getoutputstream(httpurlconnection.java:1092) [rt.jar:1.7.0_79]     @ sun.net.www.protocol.https.httpsurlconnectionimpl.getoutputstream(httpsurlconnectionimpl.java:250) [rt.jar:1.7.0_79]     @ org.jasig.cas.client.validation.saml11ticketvalidator.retrieveresponsefromserver(saml11ticketvalidator.java:259) [cas-client-core-3.3.3.jar:3.3.3]     ... 19 more caused by: java.security.cert.certificateexception: no subject alternative names present     @ sun.security.util.hostnamechecker.matchip(hostnamechecker.java:142) [rt.jar:1.7.0_79]     @ sun.security.util.hostnamechecker.match(hostnamechecker.java:91) [rt.jar:1.7.0_79]     @ sun.security.ssl.x509trustmanagerimpl.checkidentity(x509trustmanagerimpl.java:347) [jsse.jar:1.7.0_79]     @ sun.security.ssl.x509trustmanagerimpl.checktrusted(x509trustmanagerimpl.java:203) [jsse.jar:1.7.0_79]     @ sun.security.ssl.x509trustmanagerimpl.checkservertrusted(x509trustmanagerimpl.java:126) [jsse.jar:1.7.0_79]     @ sun.security.ssl.clienthandshaker.servercertificate(clienthandshaker.java:1428) [jsse.jar:1.7.0_79]     ... 31 more

you should set p:cookiesecure="false" ticketgrantingticketcookiegenerator.

https://wiki.jasig.org/display/casum/securing+your+new+cas+server


Comments

Post a Comment

Popular posts from this blog

c - Bitwise operation with (signed) enum value -

-
i using enumerator values flags: typedef enum { = 0x00, b = 0x01u, // u has no influence, expected c = 0x02u, // u has no influence, expected ... } enum_name; volatile unsigned char* reg = someaddress; *reg |= b; according misra-c:2004 bitwise operations shall not done signed type. unfortunately, compiler iar use signed int (or short or char) underlying type of enums, , option can find relates size, not signedness ("--enum-is-int"). according iar c/c++ development guide arm , pages 169 , 211, can define type of enum s if enable iar language extensions ( -e command-line option, or project > options > c/c++ compiler > language > allow iar extensions in ide). in particular, should define "sentinel" value, make sure compiler chooses correct type. prefers signed types, , uses smallest possible integer type, sentinel should largest positive integer corresponding unsigned integer type can describe. example, typedef enum
Read more

xslt - Unnest parent nodes by child node -

-
in xml there items 0-n attributes , item should copied each attribute new item 1 attribute. given xml this: <?xml version="1.0" encoding="utf-8" ?> <items> <item> <name>a</name> <attributes> <attribute> <key>attribute1</key> <value>1</value> </attribute> </attributes> </item> <item> <name>b</name> </item> <item> <name>c</name> <attributes> <attribute> <key>attribute1</key> <value>5</value> </attribute> <attribute> <key>attribute2</key> <value>2</value> </attribute> <attribute> <key>attri
Read more

YouTubePlayerFragment cannot be cast to android.support.v4.app.Fragment -

-
im stuck on 3 days , have tried have come across after lots of searching ,this post last resort, im trying open youtubeplayerfragment using navigation drawer youtubeplayerfragment cannot cast android.support.v4.app.fragment problem edit question : have updated code have used youtubeplayersupportfragment instead of youtubeplayerfragment ,i error in displayview method (case 4: fragment = new youtube(); break;) in main activity saying cannot convert youtube fragment , cannot logcat since cant run it edit question 2: code updated again have runtime problem ,heres logcat 07-22 22:15:09.782: e/androidruntime(20603): fatal exception: main 07-22 22:15:09.782: e/androidruntime(20603): process: net.frankandwalters, pid: 20603 07-22 22:15:09.782: e/androidruntime(20603): java.lang.nullpointerexception: attempt invoke virtual method 'void com.google.android.youtube.player.youtubeplayerview.a()' on null object reference 07-22 22:15:09.782: e/androidruntime(20603): @ com.goog
Read more