So, there's been a thread on cas-user about timeout errors getting
Conversation locks in Spring Web Flow.
I think I have at least one facet of this problem distilled down to a
simple working example.
https://issues.jasig.org/browse/CAS-993
The issue includes a local-cas Maven overlay demonstrating the issue.
Basically, if an AuthenticationHandler fails to return (i.e., loops
forever, or runs for a very long time), then Spring Web Flow is
subsequently unable to acquire the lock to that Conversation and
subsequent attempts to login in that browser session will fail to
return, until the attempt to acquire the lock times out after 30
seconds, after which my latest testing shows that the invidual browser
session recovers such that the user can subsequently try again to log in
using CAS and succeed.
That is, the simple working example doesn't show what I thought it
showed at first. It's looking like Conversation lock acquisition
timeouts are a symptom of distressed AuthenticationHandlers which render
users unable to log in, rather than a cause of users being unable to log
in via CAS.
Andrew
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-dev
