I don't know if I recommend using remember me with an in-JVM cache. You're basically asking it to store days worth of TGTs in the heap, and that's assuming you configure it correctly. They'll also be kicked out as memory runs out (and if the TTL in the cache is less than the remember me expiration). You've disabled store to disk which means its eventually going to have to kick things out.
On Mon, Jul 7, 2014 at 4:32 AM, rayman <[email protected]> wrote: > I am having problem connectings the dots. I implemented remember me > following this tutorial: https://wiki.jasig.org/display/CASUM/Remember+Me > > We moved to cluster env (HA support) therefor we using now ehcache to > cache our tickets between the nodes. How ever I lost the rememberMe > registry. > > I noted this from the remember me tutorial: > > NOTE: if you use a different ticket registry that configures the ticket > lifetime in the bean configuration (such as Memcache/Repcache), you will > need to adjust the ticket lifetime in the bean configuration as well ! > > I have difficulties connecting the dots. How I add now the rememberme > support into the current ehcache system. > > > The old remember me functionally use to be declared here: > > ticketExpirationPolicies.xml: > > <bean id="grantingTicketExpirationPolicy" > class="org.jasig.cas.ticket.support.RememberMeDelegatingExpirationPolicy"> > <property name="sessionExpirationPolicy"> > <bean > class="org.jasig.cas.ticket.support.TimeoutExpirationPolicy"> > <constructor-arg index="0" value="10800000" /> > </bean> > </property> > <property name="rememberMeExpirationPolicy"> > <bean > class="org.jasig.cas.ticket.support.TimeoutExpirationPolicy"> > <constructor-arg index="0" value="2592000000" /> > </bean> > </property> > </bean> > > But now that I have new ticketRegistry bean I have no idea how to adjust > into it the rememberme policy. > > > I have attached here the new TicketRegistry.xml having the ehcache > configuration: > <?xml version="1.0" encoding="UTF-8"?> > <!-- > .. > <bean id="cacheManager" > class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"> > <property name="configLocation" > value="classpath:${ehcache.profiles.active}.xml" /> > <property name="shared" value="true" /> > <property name="cacheManagerName" > value="ticketRegistryCacheManager" /> > </bean> > > <bean id="ticketRegistry" > class="org.jasig.cas.ticket.registry.EhCacheTicketRegistry" > p:serviceTicketsCache-ref="serviceTicketsCache" > p:ticketGrantingTicketsCache-ref="ticketGrantingTicketsCache" /> > > <bean id="abstractTicketCache" > class="org.springframework.cache.ehcache.EhCacheFactoryBean" > abstract="true"> > <property name="cacheManager" ref="cacheManager" /> > <property name="diskExpiryThreadIntervalSeconds" value="0" /> > <property name="diskPersistent" value="false" /> > <property name="eternal" value="false" /> > <property name="maxElementsInMemory" value="10000" /> > <property name="maxElementsOnDisk" value="0" /> > <property name="memoryStoreEvictionPolicy" value="LRU" /> > <property name="overflowToDisk" value="false" /> > <property name="bootstrapCacheLoader"> > <ref local="ticketCacheBootstrapCacheLoader" /> > </property> > </bean> > > <bean id="serviceTicketsCache" > class="org.springframework.cache.ehcache.EhCacheFactoryBean" > parent="abstractTicketCache"> > <property name="cacheName" > value="org.jasig.cas.ticket.ServiceTicket" /> > <property name="cacheEventListeners"> > <ref local="ticketRMISynchronousCacheReplicator" /> > </property> > <property name="timeToIdle" value="0" /> > <property name="timeToLive" value="300" /> > </bean> > > <bean id="ticketGrantingTicketsCache" > class="org.springframework.cache.ehcache.EhCacheFactoryBean"> > > <property name="cacheName" > value="org.jasig.cas.ticket.TicketGrantingTicket" /> > <property name="cacheEventListeners"> > <ref local="ticketRMIAsynchronousCacheReplicator" /> > </property> > <property name="timeToIdle" value="0" /> > <property name="timeToLive" value="7201" /> > </bean> > > <bean id="ticketRMISynchronousCacheReplicator" > class="net.sf.ehcache.distribution.RMISynchronousCacheReplicator"> > <constructor-arg name="replicatePuts" value="true" /> > <constructor-arg name="replicatePutsViaCopy" value="true" /> > <constructor-arg name="replicateUpdates" value="true" /> > <constructor-arg name="replicateUpdatesViaCopy" value="true" /> > <constructor-arg name="replicateRemovals" value="true" /> > </bean> > > <bean id="ticketRMIAsynchronousCacheReplicator" > class="net.sf.ehcache.distribution.RMIAsynchronousCacheReplicator" > parent="ticketRMISynchronousCacheReplicator"> > <constructor-arg name="replicationInterval" value="10000" /> > <constructor-arg name="maximumBatchSize" value="100" /> > </bean> > > <bean id="ticketCacheBootstrapCacheLoader" > class="net.sf.ehcache.distribution.RMIBootstrapCacheLoader"> > <constructor-arg name="asynchronous" value="true" /> > <constructor-arg name="maximumChunkSize" value="5000000" /> > </bean> > > </beans> > > On applicationContext: > > <!-- CentralAuthenticationService --> > <bean id="centralAuthenticationService" > class="org.jasig.cas.CentralAuthenticationServiceImpl" > > p:ticketGrantingTicketExpirationPolicy-ref="grantingTicketExpirationPolicy" > > p:serviceTicketExpirationPolicy-ref="serviceTicketExpirationPolicy" > p:authenticationManager-ref="authenticationManager" > > p:ticketGrantingTicketUniqueTicketIdGenerator-ref="ticketGrantingTicketUniqueIdGenerator" > p:ticketRegistry-ref="ticketRegistry" > p:servicesManager-ref="servicesManager" > p:persistentIdGenerator-ref="persistentIdGenerator" > > p:uniqueTicketIdGeneratorsForService-ref="uniqueIdGeneratorsMap"/> > > If you need anything else relevant to figure this out please let me know. > > > Thanks > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
