Hi everybody,
This is an experience we just encountered recently and we like to share it with you and also ask for some advice or solution for the bottleneck.
We have developed a web application through the mixture of CAS and Acegi [http://www.acegisecurity.org] to act as the single point of authentication and authorization for a number of enterprise applications in an organization.
Everything works fine except the fact that for a special case something happens that may need some more attention. If a number of about 100 users try to login approximately at the same time, the login time will drastically rise up to some extent that some of them will wait for minutes to get logged in.
To be more descriptive, if all the users start to login with a gap of about 1 second, still everything would be fine, but the coincidence will ruin everything up. We use Tomcat and MySQL.
When we browsed through the logs of Tomcat, it seems that for some of the users the CAS or Acegi will be trapped in a loop all with a AuthenticationSuccessEvent; meaning that the authentication has been done fine but no progress to the first page.
One thing we placed our doubt was the setting of the Cookie's in the browser, but it didn't seem to be the point.
I would be happy if you could just share your experience if you have encountered something similar.
Thanks for your contribution,
Behrooz Nobakht
This is an experience we just encountered recently and we like to share it with you and also ask for some advice or solution for the bottleneck.
We have developed a web application through the mixture of CAS and Acegi [http://www.acegisecurity.org] to act as the single point of authentication and authorization for a number of enterprise applications in an organization.
Everything works fine except the fact that for a special case something happens that may need some more attention. If a number of about 100 users try to login approximately at the same time, the login time will drastically rise up to some extent that some of them will wait for minutes to get logged in.
To be more descriptive, if all the users start to login with a gap of about 1 second, still everything would be fine, but the coincidence will ruin everything up. We use Tomcat and MySQL.
When we browsed through the logs of Tomcat, it seems that for some of the users the CAS or Acegi will be trapped in a loop all with a AuthenticationSuccessEvent; meaning that the authentication has been done fine but no progress to the first page.
One thing we placed our doubt was the setting of the Cookie's in the browser, but it didn't seem to be the point.
I would be happy if you could just share your experience if you have encountered something similar.
Thanks for your contribution,
Behrooz Nobakht
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
