RE: [cas-user] ehcache and Service Ticket Validation fails

Misagh Moayyed Tue, 03 Nov 2015 14:17:59 -0800

Seconds:

http://docs.spring.io/spring/docs/current/javadoc-api/org/springframework/
cache/ehcache/EhCacheFactoryBean.html#setTimeToLive-int-


 

 

From: Song, Doe-Hyun [mailto:ds...@armada.net] 
Sent: Tuesday, November 3, 2015 3:06 PM
To: cas-user@lists.jasig.org
Subject: RE:[cas-user] ehcache and Service Ticket Validation fails

 

BTW, this is the one copied from 4.1 document.

 

       <bean id="serviceTicketsCache"

             class="org.springframework.cache.ehcache.EhCacheFactoryBean"

             parent="abstractTicketCache"

             p:cacheName="cas_st"

             p:timeToIdle="0"

             p:timeToLive="300"

 
p:cacheEventListeners-ref="ticketRMISynchronousCacheReplicator" />

 

Log shows copied ServiceTicket is expired. I can not find the timeToLive
information from EhCacheFactoryBean document. Is it millisecond instead of
second? If so, what value should I set instead of 300? 

 

 2015-11-03 16:38:15,721 INFO
[org.jasig.cas.CentralAuthenticationServiceImpl] - ServiceTicket
[ST-1-XcYCkWsQ4MnIfWOqeZdf-cas.server.net] has expired.

 

 

From: Song, Doe-Hyun 
Sent: Tuesday, November 03, 2015 4:57 PM
To: cas-user@lists.jasig.org <mailto:cas-user@lists.jasig.org> 
Subject: [cas-user] ehcache and Service Ticket Validation fails

 

I am using 4.1 and installed ehcache for two cas servers. It is quiet
random - fail sometimes and succeed sometimes. 

 

There are two servers and server1 creates TGT and ST successfully. Server2
tries to validate ST and fails. The following is both servers' logs. 

 

Interestingly, I can see cas_st.data file is always 0 size no matter what
validate fails or succeeds. 

 

 

Server1

 

2015-11-03 16:38:04,958 INFO
[org.jasig.cas.authentication.PolicyBasedAuthenticationManager] -
LdapAuthenticationHandler successfully authenticated temp+password

2015-11-03 16:38:04,973 INFO
[org.jasig.cas.authentication.PolicyBasedAuthenticationManager] -
Authenticated temp with credentials [temp+password].

2015-11-03 16:38:04,976 INFO
[org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit
trail record BEGIN

=============================================================

WHO: temp+password

WHAT: supplied credentials: [temp+password]

ACTION: AUTHENTICATION_SUCCESS

APPLICATION: CAS

WHEN: Tue Nov 03 16:38:04 EST 2015

CLIENT IP ADDRESS: 100.100.100.200

SERVER IP ADDRESS: apparms.server.net

=============================================================

 

 

2015-11-03 16:38:04,976 INFO
[org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit
trail record BEGIN

=============================================================

WHO: temp+password

WHAT: supplied credentials: [temp+password]

ACTION: AUTHENTICATION_SUCCESS

APPLICATION: CAS

WHEN: Tue Nov 03 16:38:04 EST 2015

CLIENT IP ADDRESS: 100.100.100.200

SERVER IP ADDRESS: apparms.server.net

=============================================================

 

 

2015-11-03 16:38:04,978 DEBUG [net.sf.ehcache.store.disk.Segment] - put
added 0 on heap

2015-11-03 16:38:04,981 DEBUG [net.sf.ehcache.store.disk.Segment] - fault
removed 0 from heap

2015-11-03 16:38:04,981 DEBUG [net.sf.ehcache.store.disk.Segment] - fault
added 0 on disk

2015-11-03 16:38:04,985 INFO
[org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit
trail record BEGIN

=============================================================

WHO: temp+password

WHAT:
TGT-**********************************************GsFfWjbxN6-cas.server.ne
t

ACTION: TICKET_GRANTING_TICKET_CREATED

APPLICATION: CAS

WHEN: Tue Nov 03 16:38:04 EST 2015

CLIENT IP ADDRESS: 100.100.100.200

SERVER IP ADDRESS: apparms.server.net

=============================================================

 

 

2015-11-03 16:38:04,985 INFO
[org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit
trail record BEGIN

=============================================================

WHO: temp+password

WHAT:
TGT-**********************************************GsFfWjbxN6-cas.server.ne
t

ACTION: TICKET_GRANTING_TICKET_CREATED

APPLICATION: CAS

WHEN: Tue Nov 03 16:38:04 EST 2015

CLIENT IP ADDRESS: 100.100.100.200

SERVER IP ADDRESS: apparms.server.net

=============================================================

 

 

2015-11-03 16:38:05,546 INFO
[org.jasig.cas.authentication.PolicyBasedAuthenticationManager] -
LdapAuthenticationHandler successfully authenticated temp+password

2015-11-03 16:38:05,549 INFO
[org.jasig.cas.authentication.PolicyBasedAuthenticationManager] -
Authenticated temp with credentials [temp+password].

2015-11-03 16:38:05,550 INFO
[org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit
trail record BEGIN

=============================================================

WHO: temp+password

WHAT: supplied credentials: [temp+password]

ACTION: AUTHENTICATION_SUCCESS

APPLICATION: CAS

WHEN: Tue Nov 03 16:38:05 EST 2015

CLIENT IP ADDRESS: 100.100.100.200

SERVER IP ADDRESS: apparms.server.net

=============================================================

 

 

2015-11-03 16:38:05,550 INFO
[org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit
trail record BEGIN

=============================================================

WHO: temp+password

WHAT: supplied credentials: [temp+password]

ACTION: AUTHENTICATION_SUCCESS

APPLICATION: CAS

WHEN: Tue Nov 03 16:38:05 EST 2015

CLIENT IP ADDRESS: 100.100.100.200

SERVER IP ADDRESS: apparms.server.net

=============================================================

 

 

2015-11-03 16:38:05,573 DEBUG [net.sf.ehcache.store.disk.Segment] - put
added 0 on heap

2015-11-03 16:38:05,577 DEBUG [net.sf.ehcache.store.disk.Segment] - put
updated, deleted 0 on heap

2015-11-03 16:38:05,577 DEBUG [net.sf.ehcache.store.disk.Segment] - put
updated, deleted 0 on disk

2015-11-03 16:38:05,578 DEBUG [net.sf.ehcache.store.disk.Segment] - put
added 0 on heap

2015-11-03 16:38:05,578 DEBUG
[net.sf.ehcache.distribution.RMICacheManagerPeerProvider] - Lookup URL
//apparms01q:41001/cas_st

2015-11-03 16:38:05,580 DEBUG [net.sf.ehcache.store.disk.Segment] - fault
removed 0 from heap

2015-11-03 16:38:05,580 DEBUG [net.sf.ehcache.store.disk.Segment] - fault
added 0 on disk

2015-11-03 16:38:05,581 DEBUG [net.sf.ehcache.store.disk.Segment] - fault
removed 0 from heap

2015-11-03 16:38:05,581 DEBUG [net.sf.ehcache.store.disk.Segment] - fault
added 0 on disk

2015-11-03 16:38:05,610 INFO
[org.jasig.cas.CentralAuthenticationServiceImpl] - Granted ticket
[ST-1-XcYCkWsQ4MnIfWOqeZdf-cas.server.net] for service
[https://apparms.server.net/] for user [temp]

2015-11-03 16:38:05,617 INFO
[org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit
trail record BEGIN

=============================================================

WHO: temp

WHAT: ST-1-XcYCkWsQ4MnIfWOqeZdf-cas.server.net for
https://apparms.server.net/

ACTION: SERVICE_TICKET_CREATED

APPLICATION: CAS

WHEN: Tue Nov 03 16:38:05 EST 2015

CLIENT IP ADDRESS: 100.100.100.200

SERVER IP ADDRESS: apparms.server.net

=============================================================

 

 

2015-11-03 16:38:05,617 INFO
[org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit
trail record BEGIN

=============================================================

WHO: temp

WHAT: ST-1-XcYCkWsQ4MnIfWOqeZdf-cas.server.net for
https://apparms.server.net/

ACTION: SERVICE_TICKET_CREATED

APPLICATION: CAS

WHEN: Tue Nov 03 16:38:05 EST 2015

CLIENT IP ADDRESS: 100.100.100.200

SERVER IP ADDRESS: apparms.server.net

=============================================================

 

 

2015-11-03 16:38:05,856 DEBUG [net.sf.ehcache.distribution.RMICachePeer] -
RMICachePeer for cache cas_st: remote remove received for key:
ST-1-XcYCkWsQ4MnIfWOqeZdf-cas.server.net

2015-11-03 16:38:05,878 DEBUG [net.sf.ehcache.store.disk.Segment] - remove
deleted 0 from heap

2015-11-03 16:38:05,879 DEBUG [net.sf.ehcache.store.disk.Segment] - remove
deleted 0 from disk

2015-11-03 16:38:12,889 DEBUG
[net.sf.ehcache.distribution.RMICacheManagerPeerProvider] - Lookup URL
//apparms01q:41001/cas_tgt

 

 

Server 2. 

 

2015-11-03 16:38:15,494 DEBUG [net.sf.ehcache.store.disk.Segment] - put
added 0 on heap

2015-11-03 16:38:15,496 DEBUG [net.sf.ehcache.distribution.RMICachePeer] -
RMICachePeer for cache cas_st: remote put received. Element is: [ key =
ST-1-XcYCkWsQ4MnIfWOqeZdf-cas.server.net,
value=ST-1-XcYCkWsQ4MnIfWOqeZdf-cas.server.net, version=1, hitCount=0,
CreationTime = 1446586686000, LastAccessTime = 1446586695494 ]

2015-11-03 16:38:15,498 DEBUG [net.sf.ehcache.store.disk.Segment] - fault
removed 0 from heap

2015-11-03 16:38:15,498 DEBUG [net.sf.ehcache.store.disk.Segment] - fault
added 0 on disk

2015-11-03 16:38:15,721 INFO
[org.jasig.cas.CentralAuthenticationServiceImpl] - ServiceTicket
[ST-1-XcYCkWsQ4MnIfWOqeZdf-cas.server.net] has expired.

2015-11-03 16:38:15,730 DEBUG [net.sf.ehcache.store.disk.Segment] - remove
deleted 0 from heap

2015-11-03 16:38:15,730 DEBUG [net.sf.ehcache.store.disk.Segment] - remove
deleted 0 from disk

2015-11-03 16:38:15,731 DEBUG
[net.sf.ehcache.distribution.RMICacheManagerPeerProvider] - Lookup URL
//apparms02q:41003/cas_st

2015-11-03 16:38:15,801 INFO
[org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit
trail record BEGIN

=============================================================

WHO: audit:unknown

WHAT: ST-1-XcYCkWsQ4MnIfWOqeZdf-cas.server.net

ACTION: SERVICE_TICKET_VALIDATE_FAILED

APPLICATION: CAS

WHEN: Tue Nov 03 16:38:15 EST 2015

CLIENT IP ADDRESS: 126.90.100.137

SERVER IP ADDRESS: 126.90.100.139

=============================================================

 

 

2015-11-03 16:38:15,801 INFO
[org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit
trail record BEGIN

=============================================================

WHO: audit:unknown

WHAT: ST-1-XcYCkWsQ4MnIfWOqeZdf-cas.server.net

ACTION: SERVICE_TICKET_VALIDATE_FAILED

APPLICATION: CAS

WHEN: Tue Nov 03 16:38:15 EST 2015

CLIENT IP ADDRESS: 126.90.100.137

SERVER IP ADDRESS: 126.90.100.139

=============================================================

 

 

2015-11-03 16:38:22,804 DEBUG [net.sf.ehcache.store.disk.Segment] - put
added 0 on heap

2015-11-03 16:38:22,806 DEBUG [net.sf.ehcache.distribution.RMICachePeer] -
RMICachePeer for cache cas_tgt: remote put received. Element is: [ key =
TGT-**********************************************GsFfWjbxN6-cas.server.ne
t,
value=TGT-**********************************************GsFfWjbxN6-cas.ser
ver.net, version=1, hitCount=0, CreationTime = 1446586685000,
LastAccessTime = 1446586702804 ]

2015-11-03 16:38:22,807 DEBUG [net.sf.ehcache.store.disk.Segment] - put
added 0 on heap

2015-11-03 16:38:22,807 DEBUG [net.sf.ehcache.store.disk.Segment] - put
updated, deleted 0 on heap

2015-11-03 16:38:22,808 DEBUG [net.sf.ehcache.distribution.RMICachePeer] -
RMICachePeer for cache cas_tgt: remote put received. Element is: [ key =
TGT-**********************************************GsFfWjbxN6-cas.server.ne
t,
value=TGT-**********************************************GsFfWjbxN6-cas.ser
ver.net, version=1, hitCount=0, CreationTime = 1446586686000,
LastAccessTime = 1446586702807 ]

2015-11-03 16:38:22,808 DEBUG [net.sf.ehcache.store.disk.Segment] - fault
removed 0 from heap

2015-11-03 16:38:22,809 DEBUG [net.sf.ehcache.store.disk.Segment] - fault
added 0 on disk

2015-11-03 16:38:22,809 DEBUG [net.sf.ehcache.store.disk.Segment] - fault
installation failed, deleted 0 from heap

2015-11-03 16:38:22,809 DEBUG [net.sf.ehcache.store.disk.Segment] - fault
installation failed deleted 0 from disk

2015-11-03 16:38:22,813 DEBUG [net.sf.ehcache.store.disk.Segment] - fault
removed 0 from heap

2015-11-03 16:38:22,815 DEBUG [net.sf.ehcache.store.disk.Segment] - fault
added 0 on disk

 
-- 
You are currently subscribed to cas-user@lists.jasig.org
<mailto:cas-user@lists.jasig.org>  as: ds...@armada.net
<mailto:ds...@armada.net> 
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
 
 
The information contained in this e-mail and any attachments is
confidential and
intended only for the recipient. If you are not the intended recipient,
the
information contained in this message may not be used, copied, or
forwarded to
third parties or otherwise distributed for any other purpose. Please
notify the
sender if you received this e-mail in error and delete the e-mail and its
attachments promptly.  Nothing in this e-mail may be used or deemed to
form the
basis of a contractual or any other legally binding obligation unless
separately
confirmed in writing by an authorized representative of ARMADA.
 
-- 
You are currently subscribed to cas-user@lists.jasig.org
<mailto:cas-user@lists.jasig.org>  as: mmoay...@unicon.net
<mailto:mmoay...@unicon.net> 
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
 
 
The information contained in this e-mail and any attachments is
confidential and
intended only for the recipient. If you are not the intended recipient,
the
information contained in this message may not be used, copied, or
forwarded to
third parties or otherwise distributed for any other purpose. Please
notify the
sender if you received this e-mail in error and delete the e-mail and its
attachments promptly.  Nothing in this e-mail may be used or deemed to
form the
basis of a contractual or any other legally binding obligation unless
separately
confirmed in writing by an authorized representative of ARMADA.

-- 
You are currently subscribed to cas-user@lists.jasig.org as: 
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

RE: [cas-user] ehcache and Service Ticket Validation fails

Reply via email to