java - Disable hostname verifier in servlet with CAS -


i have cas deployed on virtual machine (in jboss) , i'm trying use cas login in servlet, using saml protocol in filters authentication , validation, javax.net.ssl.sslhandshakeexception: java.security.cert.certificateexception: no subject alternative names present in future i'll receive proper certificate, until want disable hostname verifier, testing. know should @override code, don't know how , in servlet connects cas through filters in web.xml. servlet overrides doget method print should receive cas. can me, please?

thank in advance.

update: exact error see in logs

error [org.apache.catalina.core.containerbase.[jboss.web].[default-host].[/casuser].[cas]] (http-localhost-127.0.0.1-8080-1) servlet.service() servlet cas threw exception: java.lang.runtimeexception: javax.net.ssl.sslhandshakeexception: java.security.cert.certificateexception: no subject alternative names present     @ org.jasig.cas.client.validation.saml11ticketvalidator.retrieveresponsefromserver(saml11ticketvalidator.java:275) [cas-client-core-3.3.3.jar:3.3.3]     @ org.jasig.cas.client.validation.abstracturlbasedticketvalidator.validate(abstracturlbasedticketvalidator.java:200) [cas-client-core-3.3.3.jar:3.3.3]     @ org.jasig.cas.client.validation.abstractticketvalidationfilter.dofilter(abstractticketvalidationfilter.java:206) [cas-client-core-3.3.3.jar:3.3.3]     @ org.apache.catalina.core.applicationfilterchain.internaldofilter(applicationfilterchain.java:280) [jbossweb-7.0.13.final.jar:]     @ org.apache.catalina.core.applicationfilterchain.dofilter(applicationfilterchain.java:248) [jbossweb-7.0.13.final.jar:]     @ org.jasig.cas.client.session.singlesignoutfilter.dofilter(singlesignoutfilter.java:100) [cas-client-core-3.3.3.jar:3.3.3]     @ org.apache.catalina.core.applicationfilterchain.internaldofilter(applicationfilterchain.java:280) [jbossweb-7.0.13.final.jar:]     @ org.apache.catalina.core.applicationfilterchain.dofilter(applicationfilterchain.java:248) [jbossweb-7.0.13.final.jar:]     @ org.apache.catalina.core.standardwrappervalve.invoke(standardwrappervalve.java:275) [jbossweb-7.0.13.final.jar:]     @ org.apache.catalina.core.standardcontextvalve.invoke(standardcontextvalve.java:161) [jbossweb-7.0.13.final.jar:]     @ org.apache.catalina.authenticator.authenticatorbase.invoke(authenticatorbase.java:489) [jbossweb-7.0.13.final.jar:]     @ org.jboss.as.web.security.securitycontextassociationvalve.invoke(securitycontextassociationvalve.java:153) [jboss-as-web-7.1.1.final.jar:7.1.1.final]     @ org.apache.catalina.core.standardhostvalve.invoke(standardhostvalve.java:155) [jbossweb-7.0.13.final.jar:]     @ org.apache.catalina.valves.errorreportvalve.invoke(errorreportvalve.java:102) [jbossweb-7.0.13.final.jar:]     @ org.apache.catalina.core.standardenginevalve.invoke(standardenginevalve.java:109) [jbossweb-7.0.13.final.jar:]     @ org.apache.catalina.connector.coyoteadapter.service(coyoteadapter.java:368) [jbossweb-7.0.13.final.jar:]     @ org.apache.coyote.http11.http11processor.process(http11processor.java:877) [jbossweb-7.0.13.final.jar:]     @ org.apache.coyote.http11.http11protocol$http11connectionhandler.process(http11protocol.java:671) [jbossweb-7.0.13.final.jar:]     @ org.apache.tomcat.util.net.jioendpoint$worker.run(jioendpoint.java:930) [jbossweb-7.0.13.final.jar:]     @ java.lang.thread.run(thread.java:745) [rt.jar:1.7.0_79] caused by: javax.net.ssl.sslhandshakeexception: java.security.cert.certificateexception: no subject alternative names present     @ sun.security.ssl.alerts.getsslexception(alerts.java:192) [jsse.jar:1.7.0_79]     @ sun.security.ssl.sslsocketimpl.fatal(sslsocketimpl.java:1904) [jsse.jar:1.7.0_79]     @ sun.security.ssl.handshaker.fatalse(handshaker.java:279) [jsse.jar:1.7.0_79]     @ sun.security.ssl.handshaker.fatalse(handshaker.java:273) [jsse.jar:1.7.0_79]     @ sun.security.ssl.clienthandshaker.servercertificate(clienthandshaker.java:1446) [jsse.jar:1.7.0_79]     @ sun.security.ssl.clienthandshaker.processmessage(clienthandshaker.java:209) [jsse.jar:1.7.0_79]     @ sun.security.ssl.handshaker.processloop(handshaker.java:901) [jsse.jar:1.7.0_79]     @ sun.security.ssl.handshaker.process_record(handshaker.java:837) [jsse.jar:1.7.0_79]     @ sun.security.ssl.sslsocketimpl.readrecord(sslsocketimpl.java:1023) [jsse.jar:1.7.0_79]     @ sun.security.ssl.sslsocketimpl.performinitialhandshake(sslsocketimpl.java:1332) [jsse.jar:1.7.0_79]     @ sun.security.ssl.sslsocketimpl.starthandshake(sslsocketimpl.java:1359) [jsse.jar:1.7.0_79]     @ sun.security.ssl.sslsocketimpl.starthandshake(sslsocketimpl.java:1343) [jsse.jar:1.7.0_79]     @ sun.net.www.protocol.https.httpsclient.afterconnect(httpsclient.java:563) [rt.jar:1.7.0_79]     @ sun.net.www.protocol.https.abstractdelegatehttpsurlconnection.connect(abstractdelegatehttpsurlconnection.java:185) [rt.jar:1.7.0_79]     @ sun.net.www.protocol.http.httpurlconnection.getoutputstream(httpurlconnection.java:1092) [rt.jar:1.7.0_79]     @ sun.net.www.protocol.https.httpsurlconnectionimpl.getoutputstream(httpsurlconnectionimpl.java:250) [rt.jar:1.7.0_79]     @ org.jasig.cas.client.validation.saml11ticketvalidator.retrieveresponsefromserver(saml11ticketvalidator.java:259) [cas-client-core-3.3.3.jar:3.3.3]     ... 19 more caused by: java.security.cert.certificateexception: no subject alternative names present     @ sun.security.util.hostnamechecker.matchip(hostnamechecker.java:142) [rt.jar:1.7.0_79]     @ sun.security.util.hostnamechecker.match(hostnamechecker.java:91) [rt.jar:1.7.0_79]     @ sun.security.ssl.x509trustmanagerimpl.checkidentity(x509trustmanagerimpl.java:347) [jsse.jar:1.7.0_79]     @ sun.security.ssl.x509trustmanagerimpl.checktrusted(x509trustmanagerimpl.java:203) [jsse.jar:1.7.0_79]     @ sun.security.ssl.x509trustmanagerimpl.checkservertrusted(x509trustmanagerimpl.java:126) [jsse.jar:1.7.0_79]     @ sun.security.ssl.clienthandshaker.servercertificate(clienthandshaker.java:1428) [jsse.jar:1.7.0_79]     ... 31 more 

you should set p:cookiesecure="false" ticketgrantingticketcookiegenerator.

https://wiki.jasig.org/display/casum/securing+your+new+cas+server


Comments

Popular posts from this blog

python - Healpy: From Data to Healpix map -

c - Bitwise operation with (signed) enum value -

xslt - Unnest parent nodes by child node -