tomcat +CAS 单点登陆属性探究

makala

<filter>
<filter-name>CASFilter</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>https://localhost:8443/cas/login</param-value>
<!--&#36825;&#37324;&#30340;server&#26159;&#26381;&#21153;&#31471;&#30340;IP-->
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>localhost:8443</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CASFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--ticket-->
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>
org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://localhost:8443/cas</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name><!--这里到底是什么意思？真的不明白，到底应该怎么写？！！-->
<param-value>localhost:8443</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--&#21333;&#28857;&#30331;&#24405;-->

有点奇怪的是，每次都会报
严重: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorExce
tion: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuil
erException: unable to find valid certification path to requested target
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException:
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderExc
ption: unable to find valid certification path to requested target
        at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:
591)
        at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187)
        at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:181)
        at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clie
tHandshaker.java:1035)
        at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientH
ndshaker.java:124)
        at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:
16)
        at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.ja
a:454)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.
ava:884)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(S
LSocketImpl.java:1096)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketI
pl.java:1123)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketI
pl.java:1107)
        at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java
415)
        at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connec
(AbstractDelegateHttpsURLConnection.java:166)
        at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLCo
nection.java:1026)
        at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Htt
sURLConnectionImpl.java:234)
        at org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketVal
dator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.jav
:35)
        at org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.vali
ate(AbstractUrlBasedTicketValidator.java:159)
        at org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFil
er(AbstractTicketValidationFilter.java:129)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(App
icationFilterChain.java:243)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(Application
ilterChain.java:210)
        at org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(Au
henticationFilter.java:103)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(App
icationFilterChain.java:243)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(Application
ilterChain.java:210)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapper
alve.java:240)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContext
alve.java:164)
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentic
torBase.java:462)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.
ava:164)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.
ava:100)
        at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java
562)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVa
ve.java:118)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.ja
a:395)
        at org.apache.coyote.http11.Http11NioProcessor.process(Http11NioProcess
r.java:396)
        at org.apache.coyote.http11.Http11NioProtocol$Http11ConnectionHandler.p
ocess(Http11NioProtocol.java:357)
        at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoi
t.java:1531)
        at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExe
utor.java:886)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecuto
.java:908)
        at java.lang.Thread.run(Thread.java:619)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed
sun.security.provider.certpath.SunCertPathBuilderException: unable to find val
d certification path to requested target
        at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:285)
        at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.ja
a:191)
        at sun.security.validator.Validator.validate(Validator.java:218)
        at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509Trust
anagerImpl.java:126)
        at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted
X509TrustManagerImpl.java:209)
        at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted
X509TrustManagerImpl.java:249)
        at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clie
tHandshaker.java:1014)
        ... 33 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable t
find valid certification path to requested target
        at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCer
PathBuilder.java:174)
        at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
        at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280)
        ... 39 more
2011-12-21 15:13:52 org.jasig.cas.client.validation.AbstractTicketValidationFil
er doFilter
警告: org.jasig.cas.client.validation.TicketValidationException: The CAS server
returned no response.
org.jasig.cas.client.validation.TicketValidationException: The CAS server retur
ed no response.
        at org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.vali
ate(AbstractUrlBasedTicketValidator.java:162)
        at org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFil
er(AbstractTicketValidationFilter.java:129)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(App
icationFilterChain.java:243)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(Application
ilterChain.java:210)
        at org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(Au
henticationFilter.java:103)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(App
icationFilterChain.java:243)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(Application
ilterChain.java:210)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapper
alve.java:240)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContext
alve.java:164)
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentic
torBase.java:462)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.
ava:164)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.
ava:100)
        at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java
562)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVa
ve.java:118)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.ja
a:395)
        at org.apache.coyote.http11.Http11NioProcessor.process(Http11NioProcess
r.java:396)
        at org.apache.coyote.http11.Http11NioProtocol$Http11ConnectionHandler.p
ocess(Http11NioProtocol.java:357)
        at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoi
t.java:1531)
        at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExe
utor.java:886)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecuto
.java:908)
        at java.lang.Thread.run(Thread.java:619)
2011-12-21 15:17:25 org.apache.catalina.startup.HostConfig checkResources这样的错误，第一反应，jdk认证库没有加，但是加完之后还是抱这个错误，就感觉像是我的客户端配置文件有问题，但是到底怎么改呢？对上面那个属性真的很不理解，不知道是什么意思