Hello Nessy, The JPATicketRegistry does not require to declare the <distributable /> in web.xml nor does it requires any multicast configuration. The JPATicketRegistry works similarly to a DAO.
We happily use the JPA ticket registry on a pretty high volume web portal (a bit more than 10 authentications per second) with three Tomcat 6 nodes in our cas cluster and an Oracle 10 database. The Oracle database is highly available thanks to a synchronous Physical Standby DataGuard database. The synchronous replication is not adapted to our ticket tables but we wanted to chare the same database infrastructure with our business databases. More over, the log files of our database are not optimal as they are currently store on RAID 5 instead of RAID 1. We made a sensible modification to the out-of-the-box JPATicketRegistry : We disabled the out-of-the-box cleaner mechanism to replace it by a SQL DELETE query on the TGT table (1) associated with a cascade delete on the ST_TO_TGT foreign key ; more over, we changed the frequency of the cleaner from the 20 minutes default value to 1 minute because we saw an unacceptable contention during the DELETE that took more than two minutes to execute its commit. This time was mostly spent in IO and Dataguard replication. With the one minute cleaner frequency, our query deletes around 700 TGT and their associated ST in around 1 second without any impact on the user experience. We also added a "Session Keeper" extension to CAS that highly increase the load on the ticket registry and the underlying database : each html page of the portal contains an <img/> tag to call a blank session keeper URL that update the lastTimeUse field of the TGT. We do it directly with a SQL UPDATE request. We use a java servlet session to perform an update in the database only once per 30 seconds : for each web user, we store in the servlet session the lastUpdatetime ; if the difference is less than 30 seconds, the call to session-keeper is no-op. The load is controlled by an util.concurrent ExecutorService to limit the number of concurrent update request ; if the database has a problem, the executor queue will saturate, the updates will be rejected and it is not a problem as they are not business critical ; the user experience impact may just be to reauthenticate after 15 minutes (the lifetime of our TGT). As you talked about Memcached, we looked at this appealing solution but descoped it because we don't use Memcached on our data center (we have a Java culture). However, we are currently looking at a distributed EhCache (with the Async RMI Replicator) ; we already use RMI based Distributed EhCache on several applications and it seems to fit our need. We like in EhCache the fact that it is inprocess Java technology. Adding new highly available middlewares and technologies is difficult for us. I hope I will soon give a feedback to the community about RMI based EhCache to distribute the Ticket Registry. Hope this helps, Cyrille (1) delete from TICKETGRANTINGTICKET where LAST_TIME_USED < ? -- Cyrille Le Clerc [email protected] [email protected] http://blog.xebia.fr On Wed, May 27, 2009 at 2:26 AM, Messi Chan <[email protected]> wrote: > > Hi, all > I want to build clustering CAS(3.3.2) in JBoss4.2.2.GA (there are 2 jboss > nodes and 1 apache node as LB), but I don't want to Multicast in my network. > So I edit ticketRegistry.xml as > http://www.ja-sig.org/wiki/display/CASUM/JpaTicketRegistry > http://www.ja-sig.org/wiki/display/CASUM/JpaTicketRegistry says. > When I startup the first JBoss node(${JBOSS_HOME}/server/default), it worked > fine, But then I startup the other JBoss node(${JBOSS_HOME}/server/default), > it stay in the CAS's login page and couldn't jump back to my application. > ps:I also test JBossCacheTicketRegistry in these 2 jboss nodes, and all > worked fine!(${JBOSS_HOME}/server/all). > > I have some questiones about JpaTicketRegistry and MemCacheTicketRegistry: > > 1.Does JpaTicketRegistry need <distributable /> in web.xml as > http://www.ja-sig.org/wiki/display/CASUM/Clustering+CAS > http://www.ja-sig.org/wiki/display/CASUM/Clustering+CAS says? > 2.Does JpaTicketRegistry need startup in ${JBOSS_HOME}/server/all and need > Multicast? > 3.Is MemCacheTicketRegistry the same as JpaTicketRegistry except that ticket > is persistented in memcached server? > 4.Does repcache only support 2 memcached servers replication? > > anyone could help me? > -- > View this message in context: > http://www.nabble.com/Does-JpaTicketRegistry-need-distributable-tag-in-web.xml-...-tp23724274p23724274.html > Sent from the CAS Users mailing list archive at Nabble.com. > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
