服务器部署cas,登录后页面提示INVALID_PROXY_CALLBACK

然后查看cas的日志,日志报以下错误:

2018-06-29 11:36:06,251 ERROR [org.jasig.cas.util.http.SimpleHttpClient] - java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty

javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty

	at sun.security.ssl.Alerts.getSSLException(Unknown Source)

	at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)

	at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)

	at sun.security.ssl.SSLSocketImpl.handleException(Unknown Source)

	at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)

	at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)

	at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:394)

	at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:353)

	at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:134)

	at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:353)

	at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:380)

	at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)

	at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:184)

	at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:88)

	at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)

	at org.apache.http.impl.execchain.ServiceUnavailableRetryExec.execute(ServiceUnavailableRetryExec.java:84)

	at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184)

	at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)

	at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107)

	at org.jasig.cas.util.http.SimpleHttpClient.isValidEndPoint(SimpleHttpClient.java:136)

	at org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler.authenticate(HttpBasedServiceCredentialsAuthenticationHandler.java:69)

	at org.jasig.cas.authentication.PolicyBasedAuthenticationManager.authenticateInternal(PolicyBasedAuthenticationManager.java:220)

	at org.jasig.cas.authentication.PolicyBasedAuthenticationManager.authenticate(PolicyBasedAuthenticationManager.java:149)

	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

	at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)

	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)

	at java.lang.reflect.Method.invoke(Unknown Source)

	at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317)

	at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190)

	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)

	at org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:85)

	at org.jasig.inspektr.audit.AuditTrailManagementAspect.handleAuditTrail(AuditTrailManagementAspect.java:128)

	at sun.reflect.GeneratedMethodAccessor123.invoke(Unknown Source)

	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)

	at java.lang.reflect.Method.invoke(Unknown Source)

	at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:621)

	at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:610)

	at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:68)

	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:168)

	at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:92)

	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)

	at com.ryantenney.metrics.spring.AbstractMetricMethodInterceptor.invoke(AbstractMetricMethodInterceptor.java:62)

	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)

	at com.ryantenney.metrics.spring.AbstractMetricMethodInterceptor.invoke(AbstractMetricMethodInterceptor.java:62)

	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)

	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:207)

	at com.sun.proxy.$Proxy49.authenticate(Unknown Source)

	at org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket(CentralAuthenticationServiceImpl.java:392)

	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

	at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)

	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)

	at java.lang.reflect.Method.invoke(Unknown Source)

	at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317)

	at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190)

	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)

	at org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:85)

	at org.jasig.inspektr.audit.AuditTrailManagementAspect.handleAuditTrail(AuditTrailManagementAspect.java:128)

	at sun.reflect.GeneratedMethodAccessor123.invoke(Unknown Source)

	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)

	at java.lang.reflect.Method.invoke(Unknown Source)

	at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:621)

	at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:610)

	at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:68)

	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:168)

	at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:92)

	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)

	at com.ryantenney.metrics.spring.MeteredMethodInterceptor.invoke(MeteredMethodInterceptor.java:45)

	at com.ryantenney.metrics.spring.MeteredMethodInterceptor.invoke(MeteredMethodInterceptor.java:32)

	at com.ryantenney.metrics.spring.AbstractMetricMethodInterceptor.invoke(AbstractMetricMethodInterceptor.java:59)

	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)

	at com.ryantenney.metrics.spring.TimedMethodInterceptor.invoke(TimedMethodInterceptor.java:48)

	at com.ryantenney.metrics.spring.TimedMethodInterceptor.invoke(TimedMethodInterceptor.java:34)

	at com.ryantenney.metrics.spring.AbstractMetricMethodInterceptor.invoke(AbstractMetricMethodInterceptor.java:59)

	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)

	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:207)

	at com.sun.proxy.$Proxy50.delegateTicketGrantingTicket(Unknown Source)

	at org.jasig.cas.web.ServiceValidateController.handleRequestInternal(ServiceValidateController.java:152)

	at org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:146)

	at org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:50)

	at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:959)

	at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:893)

	at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:967)

	at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:858)

	at javax.servlet.http.HttpServlet.service(HttpServlet.java:635)

	at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:843)

	at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)

	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)

	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)

	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)

	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)

	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)

	at org.jasig.cas.security.RequestParameterPolicyEnforcementFilter.doFilter(RequestParameterPolicyEnforcementFilter.java:250)

	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344)

	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:261)

	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)

	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)

	at org.jasig.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:62)

	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)

	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)

	at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:85)

	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)

	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344)

	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:261)

	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)

	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)

	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198)

	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)

	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:496)

	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)

	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)

	at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650)

	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)

	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)

	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:803)

	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)

	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:790)

	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1459)

	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)

	at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)

	at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)

	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)

	at java.lang.Thread.run(Unknown Source)

Caused by: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty

	at sun.security.validator.PKIXValidator.<init>(Unknown Source)

	at sun.security.validator.Validator.getInstance(Unknown Source)

	at sun.security.ssl.X509TrustManagerImpl.getValidator(Unknown Source)

	at sun.security.ssl.X509TrustManagerImpl.checkTrustedInit(Unknown Source)

	at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)

	at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)

	at org.jasig.cas.authentication.FileTrustStoreSslSocketFactory$CompositeX509TrustManager.checkServerTrusted(FileTrustStoreSslSocketFactory.java:281)

	at sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(Unknown Source)

	at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)

	at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)

	at sun.security.ssl.Handshaker.processLoop(Unknown Source)

	at sun.security.ssl.Handshaker.process_record(Unknown Source)

	at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)

	at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)

	... 118 more

Caused by: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty

	at java.security.cert.PKIXParameters.setTrustAnchors(Unknown Source)

	at java.security.cert.PKIXParameters.<init>(Unknown Source)

	at java.security.cert.PKIXBuilderParameters.<init>(Unknown Source)

	... 132 more

2018-06-29 11:36:06,259 INFO [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - HttpBasedServiceCredentialsAuthenticationHandler failed authenticating https://192.168.x.xxx:8080/uwp/proxyCallback

2018-06-29 11:36:06,260 INFO [org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN

=============================================================

WHO: https://192.168.x.xxx:8080/uwp/proxyCallback

WHAT: supplied credentials: [https://192.168.x.xxx:8080/uwp/proxyCallback]

ACTION: AUTHENTICATION_FAILED

APPLICATION: CAS

WHEN: Fri Jun 29 11:36:06 CST 2018

CLIENT IP ADDRESS: 192.168.x.xxx

SERVER IP ADDRESS: 192.168.x.xxx

=============================================================

2018-06-29 11:36:06,260 INFO [org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN

=============================================================

WHO: https://192.168.x.xxx:8080/uwp/proxyCallback

WHAT: supplied credentials: [https://192.168.x.xxx:8080/uwp/proxyCallback]

ACTION: AUTHENTICATION_FAILED

APPLICATION: CAS

WHEN: Fri Jun 29 11:36:06 CST 2018

CLIENT IP ADDRESS: 192.168.x.xxx

SERVER IP ADDRESS: 192.168.x.xxx

=============================================================

2018-06-29 11:36:06,262 INFO [org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN

=============================================================

WHO: admin

WHAT: 1 errors, 0 successes

ACTION: PROXY_GRANTING_TICKET_NOT_CREATED

APPLICATION: CAS

WHEN: Fri Jun 29 11:36:06 CST 2018

CLIENT IP ADDRESS: 192.168.x.xxx

SERVER IP ADDRESS: 192.168.x.xxx

=============================================================

  说是证书有问题,然后又重新导入了证书还是报错

报错原因:

命令行启动tomcat时发现JRE_HOME路径是jre的,但是当时生成证书时放到jdk中了

C:\SOFT\apache-tomcat-6.0.44\bin>startup.bat

Using CATALINA_BASE:   "C:\SOFT\apache-tomcat-6.0.44"

Using CATALINA_HOME:   "C:\SOFT\apache-tomcat-6.0.44"

Using CATALINA_TMPDIR: "C:\SOFT\apache-tomcat-6.0.44\temp"

Using JRE_HOME:        "C:\Java\jre1.7"

Using CLASSPATH:       "C:\SOFT\apache-tomcat-6.0.44\bin\bootstrap.jar"

C:\SOFT\apache-tomcat-6.0.44\bin>

  解决方法:

cas客户端和服务端分别放不同版本tomcat中。第二个tomcat的startup.bat和shutdown.bat文件增加了以下参数

SET JRE_HOME=C:\Java\jdk1.7

SET JAVA_HOME=C:\Java\jdk1.7

SET CATALINA_HOME=C:\SOFT\apache-tomcat-8.5.30

  

cas-client登录后报INVALID_PROXY_CALLBACK的更多相关文章

  1. CAS Client集群环境的Session问题及解决方案

    [原创申明:文章为原创,欢迎非盈利性转载,但转载必须注明来源] 之前写过一篇文章,介绍单点登录的基本原理.这篇文章重点介绍开源单点登录系统CAS的登录和注销的实现方法.并结合实际工作中碰到的问题,探讨 ...

  2. CAS Client集群环境的Session问题及解决方案介绍,下篇介绍作者本人项目中的解决方案代码

    CAS Client集群环境的Session问题及解决方案  程序猿讲故事  2016-05-20  原文 [原创申明:文章为原创,欢迎非盈利性转载,但转载必须注明来源] 之前写过一篇文章,介绍单点登 ...

  3. (转)基于CAS实现单点登录(SSO):cas client端的退出问题

    出处:http://blog.csdn.net/tch918/article/details/22276627 自从CAS 3.4就很好的支持了单点注销功能,配置也很简单. 之前版本因为在CAS服务器 ...

  4. cas 单点登录出现org.jasig.cas.client.util.CommonUtils.getResponseFromServer - 拒绝连接 Connection refused

    cas 单点登录出现org.jasig.cas.client.util.CommonUtils.getResponseFromServer - 拒绝连接 Connection refused 环境: ...

  5. cas+tomcat+shiro实现单点登录-4-Apache Shiro 集成Cas作为cas client端实现

    目录 1.tomcat添加https安全协议 2.下载cas server端部署到tomcat上 3.CAS服务器深入配置(连接MYSQL) 4.Apache Shiro 集成Cas作为cas cli ...

  6. [原]基于CAS实现单点登录(SSO):cas client端的退出问题

    自从CAS 3.4就很好的支持了单点注销功能,配置也很简单. 之前版本因为在CAS服务器通过HttpClient发送消息时并未指定为POST方式,所以在CAS客户端的注销Filter中没有收到POST ...

  7. [原]基于CAS实现单点登录(SSO):登录成功后,cas client如何返回更多用户信息

    从cas server登录成功后,默认只能从casclient得到用户名.但程序中也可能遇到需要得到更多如姓名,手机号,email等更多用户信息的情况. cas client拿到用户名后再到数据库中查 ...

  8. cas单点登录系统:客户端(client)详细配置

    最近一直在研究cas登录中心这一块的应用,分享一下记录的一些笔记和心得.后面会把cas-server端的配置和重构,另外还有这几天再搞nginx+cas的https反向代理配置,以及cas的证书相关的 ...

  9. CAS Client集群环境的Session问题及解决方案 不能退出登录

    casclient源代码下载链接:https://github.com/apereo/java-cas-client cas官网链接:https://www.apereo.org/projects/c ...

随机推荐

  1. 如何写入和读取从 Microsoft 消息队列在 Visual C#

    注意:这篇文章是由无人工介入的微软自动的机器翻译软件翻译完成.微软很高兴能同时提供给您由人工翻译的和由机器翻译的文章, 以使您能使用您的语言访问所有的知识库文章.然而由机器翻译的文章并不总是完美的.它 ...

  2. VS2013命令行界面查看虚函数的内存布局

    内存布局可能使用vs的界面调试看到的旺旺是一串数字,很不方便,但是vs的命令行界面可以很直观的显示出一个类中具体的内存布局. 打开命令行.界面如下所示: 测试代码如下所示: class Base1 { ...

  3. Xilinx Microblaze Bootloader

    作者:Hello,Panda 一般而言,Xilinx Microblaze会被用来在系统中做一些控制类和简单接口的辅助性工作,比如运行IIC.SPI.UART之类的低速接口驱动,对FPGA逻辑功能模块 ...

  4. 利用Sonar定制自定义JS扫描规则(一)——sonar环境搭建

    接触sonar已经有段时间了,最早是在一个项目组里面听到这个框架,后来在公司持续集成活动的推动下,也逐渐学习了sonar的具体功能.sonar集成了findbugs,pmd,checkstyle各种静 ...

  5. 解决Jenkins 中无法展示 HTML 样式的问题

    问题 将本地的jmeter脚本部署到Jenkins上时,可以运行成功也可以在本地生成正确的HTML.但在Jenkins中查看HTML report时内容显示不出来. because the docum ...

  6. 收集前端UI框架 持续更新中....

    1. elementUI 饿了么出品 基于Vue2 http://element.eleme.io/#/zh-CN 2. ZUI 开源HTML5跨屏框架  (2018年1月4日更新)一个基于 Boot ...

  7. POJ2942 Knights of the Round Table【Tarjan点双联通分量】【二分图染色】【补图】

    LINK 题目大意 有一群人,其中有一些人之间有矛盾,现在要求选出一些人形成一个环,这个环要满足如下条件: 1.人数大于1 2.总人数是奇数 3.有矛盾的人不能相邻 问有多少人不能和任何人形成任何的环 ...

  8. (简单)冒泡和直接选择排序同时调用swap算法

    void swap(int &a , int &b) { int temp; temp = a; a=b; b=temp; } void bubble(int a[],int n) { ...

  9. Cockpit 容器&&kubernetes 管理可视化工具

    安装 在k8s 的master 上 yum install -y cockpit cockpit-ws cockpit-kubernetes cockpit-bridge cockpit-dashbo ...

  10. consul 1.2 支持service mesh

    主要说明: This release supports a major new feature called Connect that automatically turns any existing ...