Hello, all! I'm doing some testing with Jasig CAS Server to evaluate the possibility of using it as SSO solution for three sites that composes the products in my company. It's a scenario that requires high availability with millions of daily hits (and logins).
Despite the availability of various materials on the wiki and around the internet about clustering Jasig CAS Server, I wondered if this material is up-to-date and, therefore, I ask your help so that we can define a high availability setup to version 3.5.2. So far, my proposed setup is: 1. Two (or more) instances of Jasig CAS Servers on Tomcat containers accessed via Load Balancer; 2. No ticket proxying should be used, logins must use CAS Server login screen only; 3. Use of a custom AuthenticationHandler that performs authentication via a call to a internal REST API; 4. Use of the "Remember me" feature; 5. Providing login via Facebook using OAuth 2.0 protocol; 6. Ticket registry in MySQL or SQLServer database through JpaTicketRegistry; So far, my questions are: 1. Do I need Tomcat session replication? If there are two requests on separate servers in a login process, lack of replication session would create a problem? 2. About the possible deadlock problems, the setting of performance indices as listed in the wiki ( https://wiki.jasig.org/display/CASUM/JpaTicketRegistry#JpaTicketRegistry-TicketCleanup) would be enough to end the problem? 3. The problem with RegistryCleaner and JpaTicketRegistry quoted in the post "JpaTicketRegistry - A Sinking Ship" ( http://jasig.275507.n4.nabble.com/JpaTicketRegistry-A-Sinking-Ship-td4256973.html) has already been solved at version 3.5.2? This problem also occurs when proxy tickets will not be used? Above all, I would like the opinion of you on if the Jasig CAS Server is suitable for my scenario. I didn't found use cases like mine, I'll appreciate if someone can indicate some. Thanks in advance! *Frederico Zveiter* -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
