Maybe I need to configure something on the memcached package before I try connecting to their instances with spymemcached. Can anyone confirm that the memcached package for CentOS 7 works for CAS out-of-box?
On Friday, September 4, 2020 at 9:14:32 AM UTC-4 Jeremiah Garmatter wrote: > Thanks for the reply Jérôme > > I changed my cas.ticket.registry.memcached.memcached.servers property to > look like this: > cas.ticket.registry.memcached.memcached.server=server1.domain:11211, > server2.domain:11211 > > I redeployed and my servers still are not sharing their tickets. Same > results as before when I telnet into each server's memcached instance. > > On Friday, September 4, 2020 at 9:01:51 AM UTC-4 ste wrote: > >> Hi, >> >> Try to use comma separator in >> cas.ticket.registry.memcached.memcached.servers property. >> >> Jérôme. >> >> Le ven. 4 sept. 2020 à 14:24, Jeremiah Garmatter <[email protected]> a >> écrit : >> >>> Hello, >>> >>> I have made it through the CAS installation, configuration and >>> customization process for CAS 6.2. The final thing that I must do is >>> configure a ticket registry shared between two CentOS 7 servers. I was >>> planning on using memcached because my predecessor used it on the old CAS >>> 3.5.2 installment but I have had no luck getting the two CAS instances to >>> share their tickets with each other. >>> >>> I have included the memcached and spymemcached dependencies within >>> build.gradle: >>> implementation >>> "org.apereo.cas:cas-server-support-memcached-ticket-registry:${project.'cas.version'}" >>> implementation >>> "org.apereo.cas:cas-server-support-memcached-spy:${project.'cas.version'}" >>> >>> I installed memcached on each server with: yum install memcached >>> The version is: 1.4.15 >>> >>> I have opened the firewall (firewalld) to allow access to memcache's >>> default port: 11211 >>> >>> Inside of cas.properties, I included these properties: >>> cas.ticket.registry.memcached.memcached.servers=server1.domain:11211 >>> server2.domain:11211 >>> cas.ticket.registry.memcached.memcached.locator-type=ARRAY_MOD >>> cas.ticket.registry.memcached.memcached.failure-mode=Redistribute >>> cas.ticket.registry.memcached.memcached.hash-algorithm=FNV1_64_HASH >>> cas.ticket.registry.memcached.memcached.transcoder=KRYO >>> >>> cas.ticket.registry.memcached.crypto.signing.key=<My signing key> >>> cas.ticket.registry.memcached.crypto.encryption.key=<My encryption key> >>> cas.ticket.registry.memcached.crypto.enabled=true >>> cas.ticket.registry.memcached.crypto.strategyType=ENCRYPT_AND_SIGN >>> >>> After rebuilding and deploying, then signing in to server1's CAS >>> instances, I use telnet to verify the cookies are within memcache: >>> telnet server1 11211 >>> stats items >>> I see this on server 1: >>> STAT items:19:number 1 >>> STAT items:19:age 61809 >>> STAT items:19:evicted 0 >>> STAT items:19:evicted_nonzero 0 >>> STAT items:19:evicted_time 0 >>> STAT items:19:outofmemory 0 >>> STAT items:19:tailrepairs 0 >>> STAT items:19:reclaimed 0 >>> STAT items:19:expired_unfetched 0 >>> STAT items:19:evicted_unfetched 0 >>> END >>> and this on server2: >>> stats items >>> END >>> >>> Troubleshooting: >>> I used a rich firewalld rule to allow tcp connections between server1 >>> and server2 across port 11211. Thinking I may have gunked up the rule, I >>> opened port 11211 to all. This didn't change anything. >>> I wasn't sure how memcached worked with signing and encryption of >>> tickets, I'm currently using the same signing key on both servers, as well >>> as the same encryption key, is that the way I should have them? >>> >>> Has anyone had luck implementing memcached into a CAS 6.2 deployment? >>> Any ideas of the problem here? The cas.log file showed some java errors >>> before I had my cas.properties ironed out, but on the most recent runs I >>> haven't seen any errors at all. >>> >>> Thank you for your time. >>> >>> -- >>> - Website: https://apereo.github.io/cas >>> - Gitter Chatroom: https://gitter.im/apereo/cas >>> - List Guidelines: https://goo.gl/1VRrw7 >>> - Contributions: https://goo.gl/mh7qDG >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "CAS Community" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/306c993d-cb7d-4cae-8751-6b5031409258n%40apereo.org >>> >>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/306c993d-cb7d-4cae-8751-6b5031409258n%40apereo.org?utm_medium=email&utm_source=footer> >>> . >>> >> -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/72d2fe12-bca5-4623-8490-cc0351d7c446n%40apereo.org.
