gwt - GWT CAS Tomcat 部署失败

Question

我用 CAS 升级了我的 GWT 项目。当我在开发模式下测试它时，它工作正常。现在我想将我的项目部署到tomcat。当我运行它时，我可以访问 CAS 服务器。但是当 CAS 服务器将我引导回我的 webapp 时，我收到了这个错误。

HTTP 状态 500 - javax.net.ssl.SSLHandshakeException：sun.security.validator.ValidatorException：PKIX 路径构建失败：sun.security.provider.certpath.SunCertPathBuilderException：无法找到请求目标的有效证书路径

类型异常报告

消息 javax.net.ssl.SSLHandshakeException：sun.security.validator.ValidatorException：PKIX 路径构建失败：sun.security.provider.certpath.SunCertPathBuilderException：无法找到请求目标的有效证书路径

描述 服务器遇到一个内部错误，阻止它完成这个请求。

例外

java.lang.RuntimeException：javax.net.ssl.SSLHandshakeException：sun.security.validator.ValidatorException：PKIX 路径构建失败：sun.security.provider.certpath.SunCertPathBuilderException：无法找到到请求的目标 org.jasig 的有效证书路径。 cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:295) org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:33) org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate( AbstractUrlBasedTicketValidator.java:178) org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:132) org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:102) org.jasig。卡斯。client.util.HttpServletRequestWrapperFilter.doFilter(HttpServletRequestWrapperFilter.java:62) org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110)

根本原因

javax.net.ssl.SSLHandshakeException：sun.security.validator.ValidatorException：PKIX 路径构建失败：sun.security.provider.certpath.SunCertPathBuilderException：无法找到请求目标的有效证书路径 sun.security.ssl.Alerts.getSSLException（ Alerts.java:192) sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1902) sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276) sun.security.ssl.Handshaker.fatalSE(Handshaker. java:270) sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1338) sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:154) sun.security.ssl.Handshaker.processLoop(Handshaker.java: 868）sun.security.ssl.Handshaker.process_record（Handshaker.java:804）sun.security.ssl.SSLSocketImpl.readRecord（SSLSocketImpl.java:1032）太阳。security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1328) sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1355) sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339) sun.net。 www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:515) sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) sun.net.www.protocol.http.HttpURLConnection.getInputStream( HttpURLConnection.java:1299) sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254) org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:281) org.jasig。 cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:33) org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:178) org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:132) org.jasig.cas.client。 authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:102) org.jasig.cas.client.util.HttpServletRequestWrapperFilter.doFilter(HttpServletRequestWrapperFilter.java:62) org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java: 110)doFilter(AuthenticationFilter.java:102) org.jasig.cas.client.util.HttpServletRequestWrapperFilter.doFilter(HttpServletRequestWrapperFilter.java:62) org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110)doFilter(AuthenticationFilter.java:102) org.jasig.cas.client.util.HttpServletRequestWrapperFilter.doFilter(HttpServletRequestWrapperFilter.java:62) org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110)

根本原因

sun.security.validator.ValidatorException：PKIX 路径构建失败：sun.security.provider.certpath.SunCertPathBuilderException：无法找到到请求的目标 sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385) sun.的有效证书路径。 security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) sun.security.validator.Validator.validate(Validator.java:260) sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326) sun.security。 ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231) sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126) sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1320) sun.security.ssl。 ClientHandshaker.processMessage(ClientHandshaker.java:154) sun.security.ssl。Handshaker.processLoop(Handshaker.java:868) sun.security.ssl.Handshaker.process_record(Handshaker.java:804) sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1032) sun.security.ssl.SSLSocketImpl。 performInitialHandshake(SSLSocketImpl.java:1328) sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1355) sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339) sun.net.www.protocol.https。 HttpsClient.afterConnect(HttpsClient.java:515) sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1299) sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254) org.jasig.cas.client.util.CommonUtils。getResponseFromServer(CommonUtils.java:281) org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:33) org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java: jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:132) org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:102) org.jasig.cas.client.util.HttpServletRequestWrapperFilter。 doFilter(HttpServletRequestWrapperFilter.java:62) org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110)retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:33) org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:178) org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:132) org. jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:102) org.jasig.cas.client.util.HttpServletRequestWrapperFilter.doFilter(HttpServletRequestWrapperFilter.java:62) org.jasig.cas.client.session.SingleSignOutFilter。 doFilter(SingleSignOutFilter.java:110)retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:33) org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:178) org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:132) org. jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:102) org.jasig.cas.client.util.HttpServletRequestWrapperFilter.doFilter(HttpServletRequestWrapperFilter.java:62) org.jasig.cas.client.session.SingleSignOutFilter。 doFilter(SingleSignOutFilter.java:110)AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:132) org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:102) org.jasig.cas.client.util.HttpServletRequestWrapperFilter.doFilter(HttpServletRequestWrapperFilter.java:62) org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110)AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:132) org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:102) org.jasig.cas.client.util.HttpServletRequestWrapperFilter.doFilter(HttpServletRequestWrapperFilter.java:62) org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110)

根本原因

sun.security.provider.certpath.SunCertPathBuilderException: 无法找到到请求的目标 sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196) java.security.cert.CertPathBuilder.build(CertPathBuilder.java) 的有效证书路径:268) sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380) sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) sun.security.validator.Validator.validate(Validator.java:260 ) sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326) sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231) sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126) sun .security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1320) 太阳。security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:154) sun.security.ssl.Handshaker.processLoop(Handshaker.java:868) sun.security.ssl.Handshaker.process_record(Handshaker.java:804) sun.security。 ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1032) sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1328) sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1355) sun.security.ssl。 SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339) sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:515) sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1299) sun.net.www.protocol.https.HttpsURLConnectionImpl。getInputStream(HttpsURLConnectionImpl.java:254) org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:281) org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:33) org. jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:178) org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:132) org.jasig.cas.client.authentication.AuthenticationFilter。 doFilter(AuthenticationFilter.java:102) org.jasig.cas.client.util.HttpServletRequestWrapperFilter.doFilter(HttpServletRequestWrapperFilter.java:62) org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110)110)110)client.util.CommonUtils.getResponseFromServer(CommonUtils.java:281) org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:33) org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator. java:178) org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:132) org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:102) org.jasig.cas。 client.util.HttpServletRequestWrapperFilter.doFilter(HttpServletRequestWrapperFilter.java:62) org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110)client.util.CommonUtils.getResponseFromServer(CommonUtils.java:281) org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:33) org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator. java:178) org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:132) org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:102) org.jasig.cas。 client.util.HttpServletRequestWrapperFilter.doFilter(HttpServletRequestWrapperFilter.java:62) org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110)validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:33) org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:178) org.jasig.cas.client.validationFilter(AbstractTicketValidationFilter.do 132) org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:102) org.jasig.cas.client.util.HttpServletRequestWrapperFilter.doFilter(HttpServletRequestWrapperFilter.java:62) org.jasig.cas.client。 session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110)validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:33) org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:178) org.jasig.cas.client.validationFilter(AbstractTicketValidationFilter.do 132) org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:102) org.jasig.cas.client.util.HttpServletRequestWrapperFilter.doFilter(HttpServletRequestWrapperFilter.java:62) org.jasig.cas.client。 session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110)AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:178) org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:132) org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:102) org.jasig.cas.client.util.HttpServletRequestWrapperFilter.doFilter(HttpServletRequestWrapperFilter.java:62) org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110)AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:178) org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:132) org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:102) org.jasig.cas.client.util.HttpServletRequestWrapperFilter.doFilter(HttpServletRequestWrapperFilter.java:62) org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110)doFilter(HttpServletRequestWrapperFilter.java:62) org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110)doFilter(HttpServletRequestWrapperFilter.java:62) org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110)

note Apache Tomcat/7.0.37 日志中提供了根本原因的完整堆栈跟踪。Apache Tomcat/7.0.37

无法弄清楚如何解决它。

Answer 1

我假设您启用https=true了deployDescriptor.xml. 为了使 CAS 与您一起工作，HTTPS 您必须创建一个密钥库文件

创建密钥库文件