Hi guys, We used to run two identical apaches using mod_auth_cas behind a loadbalancer. So both apaches would be called www.example.com<http://www.example.com> and both cookies had the same name. So s2 would overwrite the cookie of s1.
We would keep the sessions in sync on the two apache servers with the help of unison. This worked just fine as far as mod_auth_cas is concerned. We eventually moved away because of issues with unison and because the pressing need for the feature went away too. Just my 2 cents. Christian Folini Von: [email protected] [mailto:[email protected]] Im Auftrag von Matt Smith Gesendet: Montag, 15. Februar 2016 23:54 An: Song, Doe-Hyun Cc: [email protected] Betreff: RE: [cas-user] Mod_Auth_Cas Timeout Synchronization on Two Apache Servers. Yes, that is what should occur. But please note that while I think this should work, you may experience things we did not anticipate in the design. I would love to get your results, though, if you do attempt this. On Feb 15, 2016 16:40, "Song, Doe-Hyun" <[email protected]<mailto:[email protected]>> wrote: Matt, If so, can we have one cookie for both instances? Currently one cookie per apache is created, meaning two cookies with different name with S1 and S2 suffix. Thanks, Doe From: Matt Smith [mailto:[email protected]<mailto:[email protected]>] Sent: Monday, February 15, 2016 4:20 PM To: Song, Doe-Hyun Cc: [email protected]<mailto:[email protected]> Subject: Re: [cas-user] Mod_Auth_Cas Timeout Synchronization on Two Apache Servers. Hello, This is an interesting use-case, and not one that the mod_auth_cas team has designed for. I have heard of deployers pointing CASCookiePath at a shared network location for fault tolerance, but I'm thinking that may also work for this use-case. Would you be able to try configuring CASCookiePath to shared storage, e.g., NFS, and see if this meets your requirements? This would allow each instance to use exactly the same cookie information. -Matt On Fri, Feb 12, 2016 at 2:40 PM, Song, Doe-Hyun <[email protected]<mailto:[email protected]>> wrote: CAS Community, We use Mod_Auth_Cas for our CAS Client. We have Mod_Auth_Cas on two apache servers respectively. Each Apache is invoked randomly through Load Balancer up front with a single URL. Each Mod_Auth_Cas generates Cookie as Mod_Auth_Cas_S1 for S1 instance and Mod_Auth_Cas_S2 for S2 instance. I can see two cookies from my browser. Because of some reasons, I would like to synchronize timeout of those two instances. Timeout could be different if S1 is invoked at 1:00PM and S2 is invoked at 1:10PM. FYI, CAS Server uses Ehcache to synchronize tickets between two CAS Servers. Thanks, Doe Song The information contained in this e-mail and any attachments is confidential and intended only for the recipient. If you are not the intended recipient, the information contained in this message may not be used, copied, or forwarded to third parties or otherwise distributed for any other purpose. Please notify the sender if you received this e-mail in error and delete the e-mail and its attachments promptly. Nothing in this e-mail may be used or deemed to form the basis of a contractual or any other legally binding obligation unless separately confirmed in writing by an authorized representative of ARMADA. -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]<mailto:[email protected]>. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. -- [email protected]<mailto:[email protected]> PGP: E2144AD8 The information contained in this e-mail and any attachments is confidential and intended only for the recipient. If you are not the intended recipient, the information contained in this message may not be used, copied, or forwarded to third parties or otherwise distributed for any other purpose. Please notify the sender if you received this e-mail in error and delete the e-mail and its attachments promptly. Nothing in this e-mail may be used or deemed to form the basis of a contractual or any other legally binding obligation unless separately confirmed in writing by an authorized representative of ARMADA. -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]<mailto:[email protected]>. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
