Hello Scott, The application is running on standalone webserver, it is the SQL database that went in clustered CONFIG. CAS client authenticates against the SQL cluster. It works fine for 15 to 20 minutes after running iisreset. Are there specific permissions needed in IIS7 becasue CAS client went from stand alone windows 2003 to windows 2008 web server
Thanks On Tue, Jun 25, 2013 at 11:10 PM, Scott <[email protected]> wrote: > Your CAS client is currently setup in a mode where it needs to be > stateful. The proxyTicketManager and serviceTicketManager implementations > that ship with the CAS client maintain state in the ASP.NET cache, which > isn't web farm/cluster friendly (it lives in memory in each web server). > If you don't require proxy ticket supports, single sign-out support, or > the ability to revoke outstanding formsAuthentication tickets, you can > remove both of those attributes from the casClientConfig attribute in your > web.config and your CAS client will be stateless (web farm/cluster > friendly). If you do require them, you will need to implement the > IProxyTicketManager and IServiceTicketManager interfaces using some kind of > back-end storage mechanism that all of your web servers share. I believe > you can then replace CacheProxyTicketManager and CacheServiceTicketManager > in the web.config with standard the .NET config-style assembly references > (ex. Namespace.Type, Assembly, Version=1.0.0, Culture=neutral, > PublicKeyToken=etc) > > One other thing to be aware of. The .NET CAS Client uses a lot of the > FormsAuthentication API for creating and validating tickets/cookies on the > clients. The Forms authentication encryption, decryption, and validation > is typically performed using the machine key. All of your clustered web > servers should be configured to have the same machine key. Otherwise, > you'll find that you run into a lot of the same weirdness with Forms > Authentication with or without the CAS client involved. > > -ScottH > > On Tue, Jun 25, 2013 at 7:21 PM, Faisal Memon <[email protected]> wrote: > >> Hello, >> We have third party .net portal, the portal has been running with CAS >> since 2011. Last weekend the portal application database was clustered and >> since then we have very unstable SSO in place. Attached is the Error >> message we see in Event viewer, anyone had experienced this issue before. >> >> Thanks >> >> Faisal >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
