I figured so much. Can you guestamate how much work it is to upgrade to
Spring Security 3.0.x? Is this almost a dropin replacement?

Arjan Seesing


On Mon, May 3, 2010 at 19:04, Scott Battaglia-2 [via Jasig] <
[email protected]<ml-node%[email protected]>
> wrote:

> I don't know how much help you'll get here.  Acegi Security 1.0.6 is
> extremely old (they are currently on Spring Security 3.0.x).
>
>
> On Mon, May 3, 2010 at 11:16 AM, Arjan Seesing <[hidden 
> email]<http://user/SendEmail.jtp?type=node&node=2124259&i=0>
> > wrote:
>
>>
>> Hello,
>>
>> We implemented a CAS client in our web application. This application was
>> setup with Acegi security in the past, so we used the acegi cas client
>> (acegi-security-1.0.6.jar and the casclient.jar from yale.edu). With the
>> example configurations it all works correctly. But when we went into
>> production and the production server seems to be a lot slower with the CAS
>> client than without. So much so that the server is so overloaded that
>> people
>> are not able to work.
>>
>> We reproduced the slowness in our test environment, but we're not able to
>> pinpoint the cause of the slowdown. We used a profiler, but everything
>> seems
>> to be slower, not some call in the cas client code.
>>
>> Has anyone seen this happen before?
>> Below is the cas part of the configuration, but it all seems very
>> standard.
>>
>>        <bean id="casProcessingFilter"
>> class="org.acegisecurity.ui.cas.CasProcessingFilter">
>>                <property name="authenticationManager">
>>                        <ref bean="authenticationManager" />
>>                </property>
>>                <property name="authenticationFailureUrl"
>> value="/casfailed.jsp"/>
>>                <property name="defaultTargetUrl"
>> value="/faces/pages/start.xhtml"/>
>>                <property name="filterProcessesUrl"
>> value="/j_acegi_cas_security_check" />
>>                <property name="alwaysUseDefaultTargetUrl" value="false" />
>>        </bean>
>>
>>        <bean id="casProcessingFilterEntryPoint"
>> class="org.acegisecurity.ui.cas.CasProcessingFilterEntryPoint">
>>                <property name="loginUrl">
>>                        <value>${sso.server.path}/login</value>
>>                </property>
>>                <property name="serviceProperties">
>>                        <ref bean="serviceProperties" />
>>                </property>
>>        </bean>
>>
>>        <bean id="exceptionTranslationFilter"
>> class="org.acegisecurity.ui.ExceptionTranslationFilter">
>>                <property name="authenticationEntryPoint">
>>                        <ref local="casProcessingFilterEntryPoint" />
>>                </property>
>>        </bean>
>>
>>        <bean id="serviceProperties"
>> class="org.acegisecurity.ui.cas.ServiceProperties">
>>                <property name="service">
>>
>>  <value>${context.server.path}/j_acegi_cas_security_check</value>
>>                </property>
>>                <property name="sendRenew">
>>                        <value>false</value>
>>                </property>
>>        </bean>
>>
>>        <bean id="authenticationManager"
>> class="org.acegisecurity.providers.ProviderManager">
>>                <property name="providers">
>>                        <list>
>>                                <ref bean="casAuthenticationProvider" />
>>                                <bean
>>
>> class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider">
>>                                        <property name="key"
>> value="_hubview_v3_"/>
>>                                </bean>
>>                        </list>
>>                </property>
>>        </bean>
>>
>>        <bean id="casAuthenticationProvider"
>>
>>  class="org.acegisecurity.providers.cas.CasAuthenticationProvider">
>>                <property name="casAuthoritiesPopulator">
>>                        <ref bean="casAuthoritiesPopulator" />
>>                </property>
>>                <property name="casProxyDecider">
>>                        <ref bean="casProxyDecider" />
>>                </property>
>>                <property name="ticketValidator">
>>                        <ref bean="casProxyTicketValidator" />
>>                </property>
>>                <property name="statelessTicketCache">
>>                        <ref bean="statelessTicketCache" />
>>                </property>
>>                <property name="key">
>>
>>  <value>my_password_for_this_auth_provider_only</value>
>>                </property>
>>        </bean>
>>
>>        <bean id="casProxyTicketValidator"
>>
>>
>> class="org.acegisecurity.providers.cas.ticketvalidator.CasProxyTicketValidator">
>>                <property name="casValidate">
>>                        <value>${sso.server.path}/proxyValidate</value>
>>                </property>
>>                <!-- property name="proxyCallbackUrl">
>>                        <value>
>> https://localhost:8443/contacts-cas/casProxy/receptor</value>
>>                </property-->
>>                <property name="serviceProperties">
>>                        <ref bean="serviceProperties" />
>>                </property>
>>                <!--property
>>
>> name="trustStore"><value>/some/path/to/your/lib/security/cacerts</value></property-->
>>        </bean>
>>
>>        <bean id="cacheManager"
>>
>>  class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean">
>>                <property name="configLocation">
>>                        <value>classpath:/ehcache.xml</value>
>>                </property>
>>        </bean>
>>
>>        <bean id="ticketCacheBackend"
>> class="org.springframework.cache.ehcache.EhCacheFactoryBean">
>>                <property name="cacheManager">
>>                        <ref local="cacheManager" />
>>                </property>
>>                <property name="cacheName">
>>                        <value>ticketCache</value>
>>                </property>
>>        </bean>
>>
>>        <bean id="statelessTicketCache"
>>
>>  class="org.acegisecurity.providers.cas.cache.EhCacheBasedTicketCache">
>>                <property name="cache">
>>                        <ref local="ticketCacheBackend" />
>>                </property>
>>        </bean>
>>
>>        <bean id="casAuthoritiesPopulator"
>>
>>
>> class="org.acegisecurity.providers.cas.populator.DaoCasAuthoritiesPopulator">
>>                <property name="userDetailsService">
>>                        <ref bean="acegiSecurityService" />
>>                </property>
>>        </bean>
>>
>>        <bean id="casProxyDecider"
>>
>>  class="org.acegisecurity.providers.cas.proxy.RejectProxyTickets" />
>>
>> Regards,
>>
>> Arjan Seesing
>> --
>> View this message in context:
>> http://jasig.275507.n4.nabble.com/CAS-Acegi-client-seems-to-make-the-application-a-lot-slower-tp2124112p2124112.html
>> Sent from the CAS Users mailing list archive at Nabble.com.
>>
>> --
>> You are currently subscribed to [hidden 
>> email]<http://user/SendEmail.jtp?type=node&node=2124259&i=1>as: [hidden
>> email] <http://user/SendEmail.jtp?type=node&node=2124259&i=2>
>>
>> To unsubscribe, change settings or access archives, see
>> http://www.ja-sig.org/wiki/display/JSG/cas-user
>>
>
> --
> You are currently subscribed to [hidden email] 
> <http://user/SendEmail.jtp?type=node&node=2124259&i=3> as: [hidden email] 
> <http://user/SendEmail.jtp?type=node&node=2124259&i=4>
>
> To unsubscribe, change settings or access archives, see 
> http://www.ja-sig.org/wiki/display/JSG/cas-user
>
>
>
> ------------------------------
>  View message @
> http://jasig.275507.n4.nabble.com/CAS-Acegi-client-seems-to-make-the-application-a-lot-slower-tp2124112p2124259.html
> To unsubscribe from CAS Acegi client seems to make the application a lot
> slower, click here< (link removed) ==>.
>
>
>

-- 
View this message in context: 
http://jasig.275507.n4.nabble.com/CAS-Acegi-client-seems-to-make-the-application-a-lot-slower-tp2124112p2125375.html
Sent from the CAS Users mailing list archive at Nabble.com.

-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Reply via email to