服務器部署cas，登錄后頁面提示INVALID_PROXY_CALLBACK

然后查看cas的日志，日志報以下錯誤：

2018-06-29 11:36:06,251 ERROR [org.jasig.cas.util.http.SimpleHttpClient] - java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-emptyat sun.security.ssl.Alerts.getSSLException(Unknown Source)at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)at sun.security.ssl.SSLSocketImpl.handleException(Unknown Source)at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:394)at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:353)at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:134)at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:353)at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:380)at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:184)at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:88)at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)at org.apache.http.impl.execchain.ServiceUnavailableRetryExec.execute(ServiceUnavailableRetryExec.java:84)at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184)at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107)at org.jasig.cas.util.http.SimpleHttpClient.isValidEndPoint(SimpleHttpClient.java:136)at org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler.authenticate(HttpBasedServiceCredentialsAuthenticationHandler.java:69)at org.jasig.cas.authentication.PolicyBasedAuthenticationManager.authenticateInternal(PolicyBasedAuthenticationManager.java:220)at org.jasig.cas.authentication.PolicyBasedAuthenticationManager.authenticate(PolicyBasedAuthenticationManager.java:149)at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)at java.lang.reflect.Method.invoke(Unknown Source)at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317)at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190)at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)at org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:85)at org.jasig.inspektr.audit.AuditTrailManagementAspect.handleAuditTrail(AuditTrailManagementAspect.java:128)at sun.reflect.GeneratedMethodAccessor123.invoke(Unknown Source)at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)at java.lang.reflect.Method.invoke(Unknown Source)at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:621)at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:610)at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:68)at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:168)at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:92)at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)at com.ryantenney.metrics.spring.AbstractMetricMethodInterceptor.invoke(AbstractMetricMethodInterceptor.java:62)at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)at com.ryantenney.metrics.spring.AbstractMetricMethodInterceptor.invoke(AbstractMetricMethodInterceptor.java:62)at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:207)at com.sun.proxy.$Proxy49.authenticate(Unknown Source)at org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket(CentralAuthenticationServiceImpl.java:392)at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)at java.lang.reflect.Method.invoke(Unknown Source)at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317)at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190)at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)at org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:85)at org.jasig.inspektr.audit.AuditTrailManagementAspect.handleAuditTrail(AuditTrailManagementAspect.java:128)at sun.reflect.GeneratedMethodAccessor123.invoke(Unknown Source)at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)at java.lang.reflect.Method.invoke(Unknown Source)at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:621)at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:610)at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:68)at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:168)at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:92)at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)at com.ryantenney.metrics.spring.MeteredMethodInterceptor.invoke(MeteredMethodInterceptor.java:45)at com.ryantenney.metrics.spring.MeteredMethodInterceptor.invoke(MeteredMethodInterceptor.java:32)at com.ryantenney.metrics.spring.AbstractMetricMethodInterceptor.invoke(AbstractMetricMethodInterceptor.java:59)at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)at com.ryantenney.metrics.spring.TimedMethodInterceptor.invoke(TimedMethodInterceptor.java:48)at com.ryantenney.metrics.spring.TimedMethodInterceptor.invoke(TimedMethodInterceptor.java:34)at com.ryantenney.metrics.spring.AbstractMetricMethodInterceptor.invoke(AbstractMetricMethodInterceptor.java:59)at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:207)at com.sun.proxy.$Proxy50.delegateTicketGrantingTicket(Unknown Source)at org.jasig.cas.web.ServiceValidateController.handleRequestInternal(ServiceValidateController.java:152)at org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:146)at org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:50)at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:959)at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:893)at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:967)at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:858)at javax.servlet.http.HttpServlet.service(HttpServlet.java:635)at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:843)at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)at org.jasig.cas.security.RequestParameterPolicyEnforcementFilter.doFilter(RequestParameterPolicyEnforcementFilter.java:250)at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344)at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:261)at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)at org.jasig.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:62)at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:85)at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344)at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:261)at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198)at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:496)at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650)at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:803)at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:790)at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1459)at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)at java.lang.Thread.run(Unknown Source) Caused by: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-emptyat sun.security.validator.PKIXValidator.<init>(Unknown Source)at sun.security.validator.Validator.getInstance(Unknown Source)at sun.security.ssl.X509TrustManagerImpl.getValidator(Unknown Source)at sun.security.ssl.X509TrustManagerImpl.checkTrustedInit(Unknown Source)at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)at org.jasig.cas.authentication.FileTrustStoreSslSocketFactory$CompositeX509TrustManager.checkServerTrusted(FileTrustStoreSslSocketFactory.java:281)at sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(Unknown Source)at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)at sun.security.ssl.Handshaker.processLoop(Unknown Source)at sun.security.ssl.Handshaker.process_record(Unknown Source)at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)... 118 more Caused by: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-emptyat java.security.cert.PKIXParameters.setTrustAnchors(Unknown Source)at java.security.cert.PKIXParameters.<init>(Unknown Source)at java.security.cert.PKIXBuilderParameters.<init>(Unknown Source)... 132 more2018-06-29 11:36:06,259 INFO [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - HttpBasedServiceCredentialsAuthenticationHandler failed authenticating https://192.168.x.xxx:8080/uwp/proxyCallback 2018-06-29 11:36:06,260 INFO [org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN ============================================================= WHO: https://192.168.x.xxx:8080/uwp/proxyCallback WHAT: supplied credentials: [https://192.168.x.xxx:8080/uwp/proxyCallback] ACTION: AUTHENTICATION_FAILED APPLICATION: CAS WHEN: Fri Jun 29 11:36:06 CST 2018 CLIENT IP ADDRESS: 192.168.x.xxx SERVER IP ADDRESS: 192.168.x.xxx =============================================================2018-06-29 11:36:06,260 INFO [org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN ============================================================= WHO: https://192.168.x.xxx:8080/uwp/proxyCallback WHAT: supplied credentials: [https://192.168.x.xxx:8080/uwp/proxyCallback] ACTION: AUTHENTICATION_FAILED APPLICATION: CAS WHEN: Fri Jun 29 11:36:06 CST 2018 CLIENT IP ADDRESS: 192.168.x.xxx SERVER IP ADDRESS: 192.168.x.xxx =============================================================2018-06-29 11:36:06,262 INFO [org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN ============================================================= WHO: admin WHAT: 1 errors, 0 successes ACTION: PROXY_GRANTING_TICKET_NOT_CREATED APPLICATION: CAS WHEN: Fri Jun 29 11:36:06 CST 2018 CLIENT IP ADDRESS: 192.168.x.xxx SERVER IP ADDRESS: 192.168.x.xxx =============================================================

　　說是證書有問題，然后又重新導入了證書還是報錯

報錯原因：

命令行啟動tomcat時發現JRE_HOME路徑是jre的，但是當時生成證書時放到jdk中了C:\SOFT\apache-tomcat-6.0.44\bin>startup.bat Using CATALINA_BASE: "C:\SOFT\apache-tomcat-6.0.44" Using CATALINA_HOME: "C:\SOFT\apache-tomcat-6.0.44" Using CATALINA_TMPDIR: "C:\SOFT\apache-tomcat-6.0.44\temp" Using JRE_HOME: "C:\Java\jre1.7" Using CLASSPATH: "C:\SOFT\apache-tomcat-6.0.44\bin\bootstrap.jar" C:\SOFT\apache-tomcat-6.0.44\bin>

　　解決方法：

cas客戶端和服務端分別放不同版本tomcat中。第二個tomcat的startup.bat和shutdown.bat文件增加了以下參數

SET JRE_HOME=C:\Java\jdk1.7 SET JAVA_HOME=C:\Java\jdk1.7 SET CATALINA_HOME=C:\SOFT\apache-tomcat-8.5.30

　　

?

轉載于:https://www.cnblogs.com/l412382979/p/9242830.html

總結

以上是生活随笔為你收集整理的cas-client登录后报INVALID_PROXY_CALLBACK的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。