We are observing a recovery issue related to SAML IdP metadata initialization when using Apereo CAS.
Apereo CAS is skipping SAML IdP metadata generation if the metadata directory already exists. In some scenario we observed that - 1. CAS starts 2. Metadata generation begins 3. A unknown failure occurs during file creation 4. The metadata directory remains partially populated On subsequent startup: 1. CAS detects that the directory exists 2. CAS does not attempt regeneration 3. Missing files (e.g.,idp-signing.crt) are not recreated 4. CAS startup fails 5. Pod enters restart loop In our case, because the directory is mounted on persistent storage(Gluster fs), it is not cleared between pod restarts. Therefore, the system remains in a permanently broken state unless manual intervention occurs (deleting metadata files). Is it a known issue? -- - Website: https://apereo.github.io/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/45b43e21-2ea4-4c53-a24e-9626e4081af8n%40apereo.org.
