On 29 Jan 2008, at 21:53, Stephen Gelman wrote: > We are currently running cosign-1.9.4b, and are testing an upgrade to > cosign-2.0.2a. We have a load balanced system consisting of two Xen > VMs. We were having some trouble getting monster to correctly > replicate > our tickets with cosign-2.0.2a, so we've tried exporting the /var/ > cosign > directory via NFS. Has anyone done this before, and are there any > caveats? Everything seems to be working alright, but I wanted to > see if > anyone has any experience with this.
What's the network connectivity between these two VMs? If there's any chance of untrusted users having access to that network, either physically, or by subverting your network layer, I'd be very wary of doing this over NFS. On a busy cosign site, the ticket caches on the servers can be incredibly valuable to an attacker. We've seen some issues here with monster not replicating ticket caches. What should probably happen is that when cosign can't find a ticket cache on the first server, it tries the second one - this doesn't seem to currently happen. In addition, there's an issue if you have multiple sites hosted by the same server - if one of those sites requests tickets, and the other doesn't, then whether the user gets tickets or not depends entirely on which site they contacted first in a session. Simon. ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Cosign-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/cosign-discuss
