As far as having the F5 front the CAS servers (assuming a CAS cluster of
2 in your stack?) and perform the SSL termination, I gather that this is
a common way to offer the CAS service.
As CAS newbies, we are just building out our CAS deployment here, with
an SSL-offload configuration with our F5 much like you describe. I'd be
interested in hearing that this is indeed a common approach....
thanks!
Corey S.
Corey Scholefield
Identity & Access Mgmt. Team Lead
UVic Online | University Systems
University of Victoria | Victoria, BC, Canada
[email protected] | +1.250.472.4549
Jeff Chapin wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Offloading. We have a BigIP F5 that is accepting the SSL connections,
stripping off the SSL portion, and forwarding to port 80 on the CAS box.
I will double check the config on the test box to make sure that all
SSL ports are closed on that machine.
Thanks!
Patrick Berry wrote:
A first glance, it looks like something to do with SSL perhaps. Are you
using Tomcat? Are you offloading SSL or is you container handling it?
On Thu, Apr 1, 2010 at 7:57 AM, Jeff Chapin <[email protected]
<mailto:[email protected]>> wrote:
I have rolled an instance of CAS 3.3.5 into a test instance. We have
started to tie a few apps to this instance, and CAS has begun randomly
crashing, sometimes as often as several times a day, and not always when
under load much load. As little as one user logging in can kill it, or
it can wait for as many as several hundred login attempts. When I check
catalina.out, I see the following error. It is the same error each time
-- with pkcs11_softtoken.
This is running on Sparc hardware, running Solaris 10 in a zone.
Any suggestions?
#
# A fatal error has been detected by the Java Runtime Environment:
#
# SIGSEGV (0xb) at pc=0xfbc58404, pid=13993, tid=405
#
# JRE version: 6.0_16-b01
# Java VM: Java HotSpot(TM) Server VM (14.2-b01 mixed mode
solaris-sparc )
# Problematic frame:
# C [pkcs11_softtoken.so.1+0x38404]
#
# An error report file with more information is saved as:
# /home/ascass/hs_err_pid13993.log
#
# If you would like to submit a bug report, please visit:
# http://java.sun.com/webapps/bugreport/crash.jsp
# The crash happened outside the Java Virtual Machine in native code.
# See problematic frame for where to report the bug.
#
Thanks,
Jeff
- --
You are currently subscribed to [email protected]
<mailto:[email protected]> as: [email protected]
<mailto:[email protected]>
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as: [email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
- --
Jeff Chapin,
Assistant Systems/Applications Administrator
ITS-IS, University of Northern Iowa
Phone: 319-273-3162 Email: [email protected]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAku0visACgkQQiaEUfQoY7SRkwCeOuIEaKIiPcutpnWqfsVFE34q
qfcAoMILMHMcFuHwF372FSfn9PF24/gn
=TUE+
-----END PGP SIGNATURE-----
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
