Chris wrote: > We have several AD servers (replicated) so I've > tried to add them into the CAS LDAP handler config, to see if the first > fails what will be the behavior. > > Ex: /opt/tomcat/webapps/cas/WEB-INF/deployerConfigContext.xml > ... > <bean id="contextSourceEU" > class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource"> > <property name="urls"> > <list> > <value>ldap://euces01.eu.company.com/</value> IP: 172.16.1.1 > <value>ldap://euces02.eu.company.com/</value> IP: 172.16.1.2 > </list> > </property> > ...
Seems to be the same setup I have installed. > I did two tests: > > 1) If I manually update /etc/hosts I also did failover tests but with another approach for not messing up DNS resolving: With CAS being on a Linux box I used iptables to add a packet filter rule which simulates one AD DC being not reachable by dropping packets going to this (target) IP address. Failover tests were successful. Ciao, Michael. _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
