Hello, 1. Here we have about 1400 employees, our architecture is pretty simple : 2 front servers sharing a virtual IP (active/passive, apache + mod_jk), 2 CAS applications servers (CAS v3.5, Clustered tomcat, EHCache ticket registry, JPA Service registry). It works like a charm since 2012.
2. Our servers run Debian 7/8. IMHO, OS doesn't matter as long as you use custom JVM for your CAS server. Regards. Le 11/08/2016 à 23:23, Hank Foss a écrit : > Thanks, Misagh, much appreciated. > > It sounds like this will work quite well for us. Most of our web apps > rely on LDAP authentication. > > Regarding architecture, hope you don't mind a couple of other questions: > > > 1. How many servers are in your CAS environment (presuming you > recommend an HA environment) - e.g. 1 web server (Tomcat?) + 2 HA > CAS ticketing servers > 2. Do you recommend RHEL for OS? > > > Our user environment is about 12,000 (2,000 staff + 10,000 students) > so I am trying to architect the CAS to support that. > > > -Hank > > On Thursday, August 11, 2016 at 4:45:43 PM UTC-4, Misagh Moayyed wrote: > > If you mean CAS is going to provide you with an LDAP server, the > answer is no. AFAIK, that has never been the case. If you mean you > wish to authenticate via AD/LDAP and get access to your portal and > other CAS-protected apps, then it’s quite simple. Since the dawn > of time, CAS has supported LDAP/AD authentication. 90% of the > deployments use that method of authentication. > > -- > Misagh > From: Hank Foss <[email protected]> <javascript:> > Reply: Hank Foss <[email protected]> <javascript:> > Date: August 11, 2016 at 1:38:35 PM > To: CAS Community <[email protected]> <javascript:> > Subject: [cas-user] New to CAS, new to Apereo > > >> Hello, >> >> I'm brand new to CAS and Apereo, and am asking the best way to >> begin. We are migrating our CAS from the cloud to on-premise as a >> cost savings measure. This will likely save us $60+k annually, as >> the vendor is also provides our portal. >> >> The externally hosted portal contains LDAP as well as CAS links. >> I understand CAS 5 comes out this fall (October?) which offers >> LDAP support, so I am on the fence a bit more. Since AD >> authentication drives many of our authentication, I have been >> told that we will either need to use ADFS or Shibboleth. The goal >> for this to be live is December of this year, so there are >> learning curve, architecture, installation and customization >> components of this project that all come into play. >> >> I built the Linux box, most current version of CentOS, but I >> believe being an open source application that the support of at >> least the OS should actually be a licensed RHEL instance. >> >> I'm technical, but this is uncharted territory so suggestions, >> comments, and criticism are all greatly welcome. >> >> >> Thanks, >> CAS-Newbie >> >> -- >> You received this message because you are subscribed to the >> Google Groups "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, >> send an email to [email protected] <javascript:>. >> To post to this group, send email to [email protected] >> <javascript:>. >> Visit this group at >> https://groups.google.com/a/apereo.org/group/cas-user/ >> <https://groups.google.com/a/apereo.org/group/cas-user/>. >> To view this discussion on the web visit >> >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/ccf659bc-12d9-4cb8-98dd-4dbf926f403a%40apereo.org >> >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/ccf659bc-12d9-4cb8-98dd-4dbf926f403a%40apereo.org?utm_medium=email&utm_source=footer>. >> For more options, visit >> https://groups.google.com/a/apereo.org/d/optout >> <https://groups.google.com/a/apereo.org/d/optout>. >> > > -- > You received this message because you are subscribed to the Google > Groups "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send > an email to [email protected] > <mailto:[email protected]>. > To post to this group, send email to [email protected] > <mailto:[email protected]>. > Visit this group at > https://groups.google.com/a/apereo.org/group/cas-user/. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/df64e990-a4f5-406a-871e-f4a8ea96d289%40apereo.org > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/df64e990-a4f5-406a-871e-f4a8ea96d289%40apereo.org?utm_medium=email&utm_source=footer>. > For more options, visit https://groups.google.com/a/apereo.org/d/optout. -- Philippe MARASSE Responsable pôle Infrastructures - DSIO Centre Hospitalier Henri Laborit CS 10587 - 370 avenue Jacques Cœur 86021 Poitiers Cedex Tel : 05.49.44.57.19 -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/cb01bad3-3148-3295-3418-10ae0f513422%40ch-poitiers.fr. For more options, visit https://groups.google.com/a/apereo.org/d/optout.
