One thing to note when using RememberMe is the DefaultTicketRegistryCleaner problem. With RememberMe enabled with a TTL of weeks, you might get a lot of tickets in the registry. This could lead to a problem because the cleaner currently locks your ticket registry for a long time as all tickets are deserialized.
You can get java.sql.BatchUpdateException: Lock wait timeout exceeded; try restarting transaction exceptions due to this. I'm not sure if a Jira Ticket for this problem exists. We see this problem on MySQL. Robert Am 25.07.2011 um 09:48 schrieb Jerome LELEU: > Hello, > > Exactly, remember me is a feature to keep the user authenticated for weeks > (months maybe) even if you close your browser and not only during a browsing > session when you type your login and password. > The wiki page (https://wiki.jasig.org/display/CASUM/Remember+Me) describes > how to add this feature to the CAS server. After configuration you should > have a "remember me" check box on your login page : if you check it, your > identity will be kept after you close the browser. The CASTGC cookie will not > be destroyed when you close your browser : it will last and the user could be > reauthenticated whitout typing login and password in a next browsing session. > If you want to make remember me feature works, you have to configure your CAS > server as described in the wiki page and also notify your application that it > is a remember me authentication. This last part was missing : I create a JIRA > ticket : https://issues.jasig.org/browse/CAS-973. > It is now done in CAS server 3.4.9-SNAPSHOT. You should also use SAML > validation. This way, as a response of the service ticket validation, you'll > get an attribute called longTermAuthenticationRequestTokenUsed which says if > it is a remember me authentication or not. > Regards, > Jerome > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
