CASXSSFilter received non-trusted url with request http://{host}:{port}/cas/v1/tickets/{ticket}?null
(Doc ID 1619899.1)
Last updated on NOVEMBER 25, 2024
Applies to:
Oracle WebCenter Sites - Version 11.1.1.8.0 and laterInformation in this document applies to any platform.
Symptoms
The cas.log shows a message:
2014-01-22 02:00:11,131 INFO [com.fatwire.logging.ssoplugin] - <CASXSSFilter received non-trusted url with request http://{host}:{port}/cas/v1/tickets/TGT-123-45AbCdEF6gHIj7KIMnoP8qrstU9vWXYzzYXWV0Utsr9QPoNmLk-cas-host-1?null>
javax.servlet.ServletException
at com.fatwire.cas.web.CASXSSFilter.doFilter(CASXSSFilter.java:80)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:861)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:606)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
at java.lang.Thread.run(Thread.java:662)
With logger com.fatwire.logging.security.context set to TRACE, the following can be seen in the sites.log:
[2014-02-03 21:30:47,400 EST] [WARN ] [http-18080-1] [fatwire.logging.security.context] Unable to obtain authentication provider ticket, defaulting to internal authentication
[2014-02-03 21:30:47,400 EST] [TRACE] [http-18080-1] [fatwire.logging.security.context] Failed to get ticket: com.fatwire.wem.sso.SSOException: Failed to acquire TGT. HTTP response code 400
[2014-02-03 21:30:47,400 EST] [TRACE] [http-18080-1] [fatwire.logging.security.context] secureLogin: final URL=http://{otherhost}:{port}/cs/CatalogManager?ftcmd=login&username=ContentServer&password={AES}<ENCRYPTED PASSWORD>
[2014-02-03 21:30:47,406 EST] [TRACE] [http-18080-1] [fatwire.logging.security.context] secureLogin: post status=200
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |
References |