Ok, here is an update. After not getting ehcache to work I went ahead and configured Hazelcast.
Hazelcast failed in the exact same way. So we took our current production cas.war (3.4.12 with ehcache) and deployed to our test environment. It works just fine. It seems we have a much deeper and serious problem. I should point out our build is really 3.5.2 but with MFA M6 overlay: https://github.com/Unicon/cas-mfa/wiki/CAS-MFA-v1.0.0-M6-Overlay-Integration-Strategy All the MFA stuff works fine, it seems as soon as we add a second CAS server we start getting ST validation errors. The error occurs whether or not the user is using MFA. Thanks everyone, Bryan From: Jaroslav Kacer [mailto:[email protected]] Sent: Wednesday, February 18, 2015 8:30 AM To: [email protected] Subject: RE: [cas-user] ERROR net.sf.ehcache.distribution.RMIAsynchronousCacheReplicator Hi again Bryan! I would try adding this to your Log4J config: <logger name="net.sf.ehcache"> <level value="DEBUG" /> </logger> And you should see if the data is being exchanged between your nodes. This could be a good start. If you can't see anything interesting, please provide us your EH Cache configuration, as Ben suggests. Best Regards, Jarda From: Bryan Wooten [mailto:[email protected]] Sent: 18. February 2015 12:19 dop. To: [email protected]<mailto:[email protected]> Cc: [email protected]<mailto:[email protected]> Subject: Re: [cas-user] ERROR net.sf.ehcache.distribution.RMIAsynchronousCacheReplicator All, this issue is killing me. I was supposed to go live with this version tomorrow morning but this issue forced me to cancel. The symptom I am seeing is that ST's can't be validated. I believe this because tickets are not being replicated across my 2 CAS servers. The back channel ST validation is failing because of this. I checked and re-checked my ehcache-replication.xml configuration. Both servers are listening on port 40001. I am running on RHEL and have verified that there are no firewalls in place. I can telnet from each server to the other on port 40001. I have set the remote port in ehcache-replication.xml to 40002 yet neither server seems to be listening on this port. Does anyone have suggestions for log4j settings I should set to get additional debug info. I did note that my pom.xml has a dependency for ehcache, but I think that is built into the 3.5.2 overlay and I may not need that dependency. Ehcache has work well on our 3.4.12 CAS for many years, I am now stumped. Part of me says Dump ehcache and go to Hazelcast... JPA ticket registry is out of the question. Cheers, Bryan From: Bryan Wooten <[email protected]<mailto:[email protected]>> Reply-To: "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>> Date: Tuesday, February 17, 2015 at 10:21 AM To: "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>> Subject: [cas-user] ERROR net.sf.ehcache.distribution.RMIAsynchronousCacheReplicator My cas.log is filled with this error: (CAS 3.5.2) 2015-02-17 07:53:18,138 ERROR [net.sf.ehcache.distribution.RMIAsynchronousCacheReplicator] - Exception on flushing of replication queue: null. Continuing... java.lang.NullPointerException at net.sf.ehcache.distribution.RMISynchronousCacheReplicator.listRemoteCachePeers(RMISynchronousCacheReplicator.java:335) at net.sf.ehcache.distribution.RMIAsynchronousCacheReplicator.writeReplicationQueue(RMIAsynchronousCacheReplicator.java:312) at net.sf.ehcache.distribution.RMIAsynchronousCacheReplicator.replicationThreadMain(RMIAsynchronousCacheReplicator.java:127) at net.sf.ehcache.distribution.RMIAsynchronousCacheReplicator.access$000(RMIAsynchronousCacheReplicator.java:58) at net.sf.ehcache.distribution.RMIAsynchronousCacheReplicator$ReplicationThread.run(RMIAsynchronousCacheReplicator.java:389) I found this: https://issues.jasig.org/browse/CAS-1174 But I am not using ClearPass. Bryan Wooten UIT-Common Infrastructure Systems -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
