Matt and Christian,
Thanks for your help. I tried to implement it and had interesting error.
Switch the cache directory to network directory.
#CASCookiePath /var/cache/mod_auth_cas/
CASCookiePath /mnt/tnsag/cas/cas_cache/
Then, I have the following error.
[root@webarms02q cas_cache]# /etc/init.d/httpd restart
Stopping httpd: [ OK ]
Starting httpd: Syntax error on line 7 of /etc/httpd/conf.d/cas.conf:
MOD_AUTH_CAS: CASCookiePath '/mnt/tnsag/cas/cas_cache/' is not a directory or
does not end in a trailing '/'!
[FAILED]
Thanks,
Doe
From: [email protected] [mailto:[email protected]]
Sent: Wednesday, February 17, 2016 1:41 AM
To: [email protected]; Song, Doe-Hyun
Cc: [email protected]
Subject: AW: [cas-user] Mod_Auth_Cas Timeout Synchronization on Two Apache
Servers.
Hi guys,
We used to run two identical apaches using mod_auth_cas behind a loadbalancer.
So both apaches would be called www.example.com<http://www.example.com> and
both cookies had the
same name. So s2 would overwrite the cookie of s1.
We would keep the sessions in sync on the two apache servers with the help of
unison. This worked just fine as far as mod_auth_cas is concerned.
We eventually moved away because of issues with unison and because the pressing
need for the feature went away too.
Just my 2 cents.
Christian Folini
Von: [email protected] [mailto:[email protected]] Im Auftrag von Matt Smith
Gesendet: Montag, 15. Februar 2016 23:54
An: Song, Doe-Hyun
Cc: [email protected]
Betreff: RE: [cas-user] Mod_Auth_Cas Timeout Synchronization on Two Apache
Servers.
Yes, that is what should occur. But please note that while I think this should
work, you may experience things we did not anticipate in the design. I would
love to get your results, though, if you do attempt this.
On Feb 15, 2016 16:40, "Song, Doe-Hyun"
<[email protected]<mailto:[email protected]>> wrote:
Matt,
If so, can we have one cookie for both instances? Currently one cookie per
apache is created, meaning two cookies with different name with S1 and S2
suffix.
Thanks,
Doe
From: Matt Smith [mailto:[email protected]<mailto:[email protected]>]
Sent: Monday, February 15, 2016 4:20 PM
To: Song, Doe-Hyun
Cc: [email protected]<mailto:[email protected]>
Subject: Re: [cas-user] Mod_Auth_Cas Timeout Synchronization on Two Apache
Servers.
Hello,
This is an interesting use-case, and not one that the mod_auth_cas team has
designed for. I have heard of deployers pointing CASCookiePath at a shared
network location for fault tolerance, but I'm thinking that may also work for
this use-case. Would you be able to try configuring CASCookiePath to shared
storage, e.g., NFS, and see if this meets your requirements? This would allow
each instance to use exactly the same cookie information.
-Matt
On Fri, Feb 12, 2016 at 2:40 PM, Song, Doe-Hyun
<[email protected]<mailto:[email protected]>> wrote:
CAS Community,
We use Mod_Auth_Cas for our CAS Client. We have Mod_Auth_Cas on two apache
servers respectively. Each Apache is invoked randomly through Load Balancer up
front with a single URL.
Each Mod_Auth_Cas generates Cookie as Mod_Auth_Cas_S1 for S1 instance and
Mod_Auth_Cas_S2 for S2 instance. I can see two cookies from my browser.
Because of some reasons, I would like to synchronize timeout of those two
instances. Timeout could be different if S1 is invoked at 1:00PM and S2 is
invoked at 1:10PM.
FYI, CAS Server uses Ehcache to synchronize tickets between two CAS Servers.
Thanks,
Doe Song
The information contained in this e-mail and any attachments is confidential and
intended only for the recipient. If you are not the intended recipient, the
information contained in this message may not be used, copied, or forwarded to
third parties or otherwise distributed for any other purpose. Please notify the
sender if you received this e-mail in error and delete the e-mail and its
attachments promptly. Nothing in this e-mail may be used or deemed to form the
basis of a contractual or any other legally binding obligation unless separately
confirmed in writing by an authorized representative of ARMADA.
--
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected]<mailto:[email protected]>.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
--
[email protected]<mailto:[email protected]>
PGP: E2144AD8
The information contained in this e-mail and any attachments is confidential and
intended only for the recipient. If you are not the intended recipient, the
information contained in this message may not be used, copied, or forwarded to
third parties or otherwise distributed for any other purpose. Please notify the
sender if you received this e-mail in error and delete the e-mail and its
attachments promptly. Nothing in this e-mail may be used or deemed to form the
basis of a contractual or any other legally binding obligation unless separately
confirmed in writing by an authorized representative of ARMADA.
--
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected]<mailto:[email protected]>.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
The information contained in this e-mail and any attachments is confidential and
intended only for the recipient. If you are not the intended recipient, the
information contained in this message may not be used, copied, or forwarded to
third parties or otherwise distributed for any other purpose. Please notify the
sender if you received this e-mail in error and delete the e-mail and its
attachments promptly. Nothing in this e-mail may be used or deemed to form the
basis of a contractual or any other legally binding obligation unless separately
confirmed in writing by an authorized representative of ARMADA.
--
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
