服务器部署cas,登录后页面提示INVALID_PROXY_CALLBACK

然后查看cas的日志,日志报以下错误:

2018-06-29 11:36:06,251 ERROR [org.jasig.cas.util.http.SimpleHttpClient] - java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty

javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty

	at sun.security.ssl.Alerts.getSSLException(Unknown Source)

	at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)

	at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)

	at sun.security.ssl.SSLSocketImpl.handleException(Unknown Source)

	at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)

	at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)

	at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:394)

	at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:353)

	at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:134)

	at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:353)

	at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:380)

	at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)

	at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:184)

	at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:88)

	at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)

	at org.apache.http.impl.execchain.ServiceUnavailableRetryExec.execute(ServiceUnavailableRetryExec.java:84)

	at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184)

	at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)

	at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107)

	at org.jasig.cas.util.http.SimpleHttpClient.isValidEndPoint(SimpleHttpClient.java:136)

	at org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler.authenticate(HttpBasedServiceCredentialsAuthenticationHandler.java:69)

	at org.jasig.cas.authentication.PolicyBasedAuthenticationManager.authenticateInternal(PolicyBasedAuthenticationManager.java:220)

	at org.jasig.cas.authentication.PolicyBasedAuthenticationManager.authenticate(PolicyBasedAuthenticationManager.java:149)

	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

	at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)

	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)

	at java.lang.reflect.Method.invoke(Unknown Source)

	at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317)

	at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190)

	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)

	at org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:85)

	at org.jasig.inspektr.audit.AuditTrailManagementAspect.handleAuditTrail(AuditTrailManagementAspect.java:128)

	at sun.reflect.GeneratedMethodAccessor123.invoke(Unknown Source)

	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)

	at java.lang.reflect.Method.invoke(Unknown Source)

	at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:621)

	at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:610)

	at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:68)

	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:168)

	at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:92)

	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)

	at com.ryantenney.metrics.spring.AbstractMetricMethodInterceptor.invoke(AbstractMetricMethodInterceptor.java:62)

	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)

	at com.ryantenney.metrics.spring.AbstractMetricMethodInterceptor.invoke(AbstractMetricMethodInterceptor.java:62)

	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)

	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:207)

	at com.sun.proxy.$Proxy49.authenticate(Unknown Source)

	at org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket(CentralAuthenticationServiceImpl.java:392)

	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

	at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)

	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)

	at java.lang.reflect.Method.invoke(Unknown Source)

	at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317)

	at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190)

	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)

	at org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:85)

	at org.jasig.inspektr.audit.AuditTrailManagementAspect.handleAuditTrail(AuditTrailManagementAspect.java:128)

	at sun.reflect.GeneratedMethodAccessor123.invoke(Unknown Source)

	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)

	at java.lang.reflect.Method.invoke(Unknown Source)

	at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:621)

	at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:610)

	at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:68)

	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:168)

	at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:92)

	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)

	at com.ryantenney.metrics.spring.MeteredMethodInterceptor.invoke(MeteredMethodInterceptor.java:45)

	at com.ryantenney.metrics.spring.MeteredMethodInterceptor.invoke(MeteredMethodInterceptor.java:32)

	at com.ryantenney.metrics.spring.AbstractMetricMethodInterceptor.invoke(AbstractMetricMethodInterceptor.java:59)

	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)

	at com.ryantenney.metrics.spring.TimedMethodInterceptor.invoke(TimedMethodInterceptor.java:48)

	at com.ryantenney.metrics.spring.TimedMethodInterceptor.invoke(TimedMethodInterceptor.java:34)

	at com.ryantenney.metrics.spring.AbstractMetricMethodInterceptor.invoke(AbstractMetricMethodInterceptor.java:59)

	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)

	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:207)

	at com.sun.proxy.$Proxy50.delegateTicketGrantingTicket(Unknown Source)

	at org.jasig.cas.web.ServiceValidateController.handleRequestInternal(ServiceValidateController.java:152)

	at org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:146)

	at org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:50)

	at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:959)

	at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:893)

	at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:967)

	at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:858)

	at javax.servlet.http.HttpServlet.service(HttpServlet.java:635)

	at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:843)

	at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)

	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)

	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)

	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)

	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)

	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)

	at org.jasig.cas.security.RequestParameterPolicyEnforcementFilter.doFilter(RequestParameterPolicyEnforcementFilter.java:250)

	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344)

	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:261)

	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)

	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)

	at org.jasig.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:62)

	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)

	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)

	at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:85)

	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)

	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344)

	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:261)

	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)

	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)

	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198)

	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)

	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:496)

	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)

	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)

	at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650)

	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)

	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)

	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:803)

	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)

	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:790)

	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1459)

	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)

	at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)

	at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)

	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)

	at java.lang.Thread.run(Unknown Source)

Caused by: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty

	at sun.security.validator.PKIXValidator.<init>(Unknown Source)

	at sun.security.validator.Validator.getInstance(Unknown Source)

	at sun.security.ssl.X509TrustManagerImpl.getValidator(Unknown Source)

	at sun.security.ssl.X509TrustManagerImpl.checkTrustedInit(Unknown Source)

	at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)

	at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)

	at org.jasig.cas.authentication.FileTrustStoreSslSocketFactory$CompositeX509TrustManager.checkServerTrusted(FileTrustStoreSslSocketFactory.java:281)

	at sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(Unknown Source)

	at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)

	at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)

	at sun.security.ssl.Handshaker.processLoop(Unknown Source)

	at sun.security.ssl.Handshaker.process_record(Unknown Source)

	at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)

	at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)

	... 118 more

Caused by: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty

	at java.security.cert.PKIXParameters.setTrustAnchors(Unknown Source)

	at java.security.cert.PKIXParameters.<init>(Unknown Source)

	at java.security.cert.PKIXBuilderParameters.<init>(Unknown Source)

	... 132 more

2018-06-29 11:36:06,259 INFO [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - HttpBasedServiceCredentialsAuthenticationHandler failed authenticating https://192.168.x.xxx:8080/uwp/proxyCallback

2018-06-29 11:36:06,260 INFO [org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN

=============================================================

WHO: https://192.168.x.xxx:8080/uwp/proxyCallback

WHAT: supplied credentials: [https://192.168.x.xxx:8080/uwp/proxyCallback]

ACTION: AUTHENTICATION_FAILED

APPLICATION: CAS

WHEN: Fri Jun 29 11:36:06 CST 2018

CLIENT IP ADDRESS: 192.168.x.xxx

SERVER IP ADDRESS: 192.168.x.xxx

=============================================================

2018-06-29 11:36:06,260 INFO [org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN

=============================================================

WHO: https://192.168.x.xxx:8080/uwp/proxyCallback

WHAT: supplied credentials: [https://192.168.x.xxx:8080/uwp/proxyCallback]

ACTION: AUTHENTICATION_FAILED

APPLICATION: CAS

WHEN: Fri Jun 29 11:36:06 CST 2018

CLIENT IP ADDRESS: 192.168.x.xxx

SERVER IP ADDRESS: 192.168.x.xxx

=============================================================

2018-06-29 11:36:06,262 INFO [org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN

=============================================================

WHO: admin

WHAT: 1 errors, 0 successes

ACTION: PROXY_GRANTING_TICKET_NOT_CREATED

APPLICATION: CAS

WHEN: Fri Jun 29 11:36:06 CST 2018

CLIENT IP ADDRESS: 192.168.x.xxx

SERVER IP ADDRESS: 192.168.x.xxx

=============================================================

  说是证书有问题,然后又重新导入了证书还是报错

报错原因:

命令行启动tomcat时发现JRE_HOME路径是jre的,但是当时生成证书时放到jdk中了

C:\SOFT\apache-tomcat-6.0.44\bin>startup.bat

Using CATALINA_BASE:   "C:\SOFT\apache-tomcat-6.0.44"

Using CATALINA_HOME:   "C:\SOFT\apache-tomcat-6.0.44"

Using CATALINA_TMPDIR: "C:\SOFT\apache-tomcat-6.0.44\temp"

Using JRE_HOME:        "C:\Java\jre1.7"

Using CLASSPATH:       "C:\SOFT\apache-tomcat-6.0.44\bin\bootstrap.jar"

C:\SOFT\apache-tomcat-6.0.44\bin>

  解决方法:

cas客户端和服务端分别放不同版本tomcat中。第二个tomcat的startup.bat和shutdown.bat文件增加了以下参数

SET JRE_HOME=C:\Java\jdk1.7

SET JAVA_HOME=C:\Java\jdk1.7

SET CATALINA_HOME=C:\SOFT\apache-tomcat-8.5.30

  

cas-client登录后报INVALID_PROXY_CALLBACK的更多相关文章

  1. CAS Client集群环境的Session问题及解决方案

    [原创申明:文章为原创,欢迎非盈利性转载,但转载必须注明来源] 之前写过一篇文章,介绍单点登录的基本原理.这篇文章重点介绍开源单点登录系统CAS的登录和注销的实现方法.并结合实际工作中碰到的问题,探讨 ...

  2. CAS Client集群环境的Session问题及解决方案介绍,下篇介绍作者本人项目中的解决方案代码

    CAS Client集群环境的Session问题及解决方案  程序猿讲故事  2016-05-20  原文 [原创申明:文章为原创,欢迎非盈利性转载,但转载必须注明来源] 之前写过一篇文章,介绍单点登 ...

  3. (转)基于CAS实现单点登录(SSO):cas client端的退出问题

    出处:http://blog.csdn.net/tch918/article/details/22276627 自从CAS 3.4就很好的支持了单点注销功能,配置也很简单. 之前版本因为在CAS服务器 ...

  4. cas 单点登录出现org.jasig.cas.client.util.CommonUtils.getResponseFromServer - 拒绝连接 Connection refused

    cas 单点登录出现org.jasig.cas.client.util.CommonUtils.getResponseFromServer - 拒绝连接 Connection refused 环境: ...

  5. cas+tomcat+shiro实现单点登录-4-Apache Shiro 集成Cas作为cas client端实现

    目录 1.tomcat添加https安全协议 2.下载cas server端部署到tomcat上 3.CAS服务器深入配置(连接MYSQL) 4.Apache Shiro 集成Cas作为cas cli ...

  6. [原]基于CAS实现单点登录(SSO):cas client端的退出问题

    自从CAS 3.4就很好的支持了单点注销功能,配置也很简单. 之前版本因为在CAS服务器通过HttpClient发送消息时并未指定为POST方式,所以在CAS客户端的注销Filter中没有收到POST ...

  7. [原]基于CAS实现单点登录(SSO):登录成功后,cas client如何返回更多用户信息

    从cas server登录成功后,默认只能从casclient得到用户名.但程序中也可能遇到需要得到更多如姓名,手机号,email等更多用户信息的情况. cas client拿到用户名后再到数据库中查 ...

  8. cas单点登录系统:客户端(client)详细配置

    最近一直在研究cas登录中心这一块的应用,分享一下记录的一些笔记和心得.后面会把cas-server端的配置和重构,另外还有这几天再搞nginx+cas的https反向代理配置,以及cas的证书相关的 ...

  9. CAS Client集群环境的Session问题及解决方案 不能退出登录

    casclient源代码下载链接:https://github.com/apereo/java-cas-client cas官网链接:https://www.apereo.org/projects/c ...

随机推荐

  1. 快速切题 sgu133.Border 离线

    133. Border time limit per test: 0.25 sec. memory limit per test: 4096 KB Along the border between s ...

  2. 彻底弄懂jQuery事件原理二

    上一篇说到,我们在最外层API的on,off,tiggler,triggerHandler调用的是event方法的add,remove和tirgger方法,本篇就来介绍event辅助类 \ 先放个图, ...

  3. Java中的HashMap的工作原理是什么?

    问答题23 /120 Java中的HashMap的工作原理是什么? 参考答案 Java中的HashMap是以键值对(key-value)的形式存储元素的.HashMap需要一个hash函数,它使用ha ...

  4. 'mysql'不是内部或外部命令,也不是可运行的程序或批处理文件.

    'mysql'不是内部或外部命令,也不是可运行的程序或批处理文件. 今天中午新换了一个系统,重装了一下wampserver2.2.下午想导入一个数据库文件打开dos,输入MySQL -u root - ...

  5. Hibernate对象的三种状态,瞬时态、持久态、游离态

    1.瞬时态.(new完一个对象,突然断电,内存中没有此对象) hibernate中什么时候的对象为瞬时态呢,当我们new 一个对象时,还没有save时,它就是瞬时态的,当我们delete一个对象时,它 ...

  6. LOJ2316. 「NOIP2017」逛公园【DP】【最短路】【思维】

    LINK 思路 因为我想到的根本不是网上的普遍做法 所以常数出奇的大,而且做法极其暴力 可以形容是带优化的大模拟 进入正题: 首先一个很显然的思路是如果在合法的路径网络里面存在零环是有无数组解的 然后 ...

  7. 《FDTD electromagnetic field using MATLAB》读书笔记之 Figure 1.14

    背景: 基于公式1.42(Ez分量).1.43(Hy分量)的1D FDTD实现. 计算电场和磁场分量,该分量由z方向的电流片Jz产生,Jz位于两个理想导体极板中间,两个极板平行且向y和z方向无限延伸. ...

  8. MYSQL中写SQL语句,取到表中按ID降序排列(最新纪录排在第一行)

    'select * from bugdata where id>0 order by id desc'

  9. codevs 计算器的改良

    #include<iostream> #include<cctype> #include<vector> #include<cstdio> using ...

  10. C# winForm 文件拖拽

    控件 AllowDrop属性改为true,并实现它的DragEnter.DragDrop这两个事件. private void lbFilePath_DragEnter(object sender, ...