81,092
社区成员
发帖
与我相关
我的任务
分享shiro集成cas 部署现场windows服务器上异常,org.jasig.cas.client.util.CommonUtils] - Connect
场景描述:
1、应用系统是采用shiro框架,所以采用shiro+cas方式做单点登录,在公司部署了一套环境(cas服务是linux,几个应用服务有linux也有windows),单点登录正常
2、现在部署到现场环境(全部windows),内部网络,相应端口已经映射至外网,现在出现的问题是如果把cas相关配置成内网,单点正常,但是如果配置成外网,单点异常,各子系统无法使用,但是下面几个场景让我也验证过就是:
a、我用现场的cas服务外网配置和我公司的应用系统外网做集成,单点正常
b、我用现场的应用系统外网和我公司的cas服务外网配置做集成,单点正常
c、我用现场的应用系统内网和现场的cas服务内网配置做集成,单点也正常
d、我用现场的应用系统外网和现场的cas服务外网做集成,单点异常
异常描述:
登录是可以拦截至cas服务的登录页面,输入用户名密码,可以再cas后台看到登录信息,但是登录后进入子系统后,子系统报错
错误信息如下:
2019-11-27 17:06:34,227 [http-apr-8080-exec-7] ERROR [org.jasig.cas.client.util.CommonUtils] - Connection refused: connect
java.net.ConnectException: Connection refused: connect
at java.net.DualStackPlainSocketImpl.connect0(Native Method)
at java.net.DualStackPlainSocketImpl.socketConnect(DualStackPlainSocketImpl.java:79)
at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:172)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
at java.net.Socket.connect(Socket.java:589)
at java.net.Socket.connect(Socket.java:538)
at sun.net.NetworkClient.doConnect(NetworkClient.java:180)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:463)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:558)
at sun.net.www.http.HttpClient.<init>(HttpClient.java:242)
at sun.net.www.http.HttpClient.New(HttpClient.java:339)
at sun.net.www.http.HttpClient.New(HttpClient.java:357)
at sun.net.www.protocol.http.HttpURLConnection.getNewHttpClient(HttpURLConnection.java:1202)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1138)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1032)
at sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection.java:966)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1546)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1474)
at org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:326)
at org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:305)
at org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:50)
at org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:208)
at com.XXXXXX.cas.SimpleCasRealm.doGetAuthenticationInfo(SimpleCasRealm.java:60)
at org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:568)
报的这段错误找到代码处,应该是子系统向cas验证ticket是被拒绝连接了,
报错代码处:
想请问下各位是否遇到过,搞了半天没搞出来
1、应用系统是采用shiro框架,所以采用shiro+cas方式做单点登录,在公司部署了一套环境(cas服务是linux,几个应用服务有linux也有windows),单点登录正常
2、现在部署到现场环境(全部windows),内部网络,相应端口已经映射至外网,现在出现的问题是如果把cas相关配置成内网,单点正常,但是如果配置成外网,单点异常,各子系统无法使用,但是下面几个场景让我也验证过就是:
a、我用现场的cas服务外网配置和我公司的应用系统外网做集成,单点正常
b、我用现场的应用系统外网和我公司的cas服务外网配置做集成,单点正常
c、我用现场的应用系统内网和现场的cas服务内网配置做集成,单点也正常
d、我用现场的应用系统外网和现场的cas服务外网做集成,单点异常
异常描述:
登录是可以拦截至cas服务的登录页面,输入用户名密码,可以再cas后台看到登录信息,但是登录后进入子系统后,子系统报错
错误信息如下:
2019-11-27 17:06:34,227 [http-apr-8080-exec-7] ERROR [org.jasig.cas.client.util.CommonUtils] - Connection refused: connect
java.net.ConnectException: Connection refused: connect
at java.net.DualStackPlainSocketImpl.connect0(Native Method)
at java.net.DualStackPlainSocketImpl.socketConnect(DualStackPlainSocketImpl.java:79)
at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:172)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
at java.net.Socket.connect(Socket.java:589)
at java.net.Socket.connect(Socket.java:538)
at sun.net.NetworkClient.doConnect(NetworkClient.java:180)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:463)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:558)
at sun.net.www.http.HttpClient.<init>(HttpClient.java:242)
at sun.net.www.http.HttpClient.New(HttpClient.java:339)
at sun.net.www.http.HttpClient.New(HttpClient.java:357)
at sun.net.www.protocol.http.HttpURLConnection.getNewHttpClient(HttpURLConnection.java:1202)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1138)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1032)
at sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection.java:966)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1546)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1474)
at org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:326)
at org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:305)
at org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:50)
at org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:208)
at com.XXXXXX.cas.SimpleCasRealm.doGetAuthenticationInfo(SimpleCasRealm.java:60)
at org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:568)
报的这段错误找到代码处,应该是子系统向cas验证ticket是被拒绝连接了,
报错代码处:
想请问下各位是否遇到过,搞了半天没搞出来
...全文
请发表友善的回复…
发表回复
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building f
