During testing CAS authentication for OGC services I see a stack trace in
the log because of creating an HTTP session not in the /geoserver/web/**
path. So far so good.
There are 2 possibilities for CAS ticket authentication for stateless
requests like http://localhost:8080/geoserver/wms?request=getCapabilities
1) The client requests a service/proxy ticket from the CAS server for the
service
http://localhost:8080/geoserver/wms?request=getCapabilities
and Geoserver validates the ticket using the CAS server. After validation,
Geoserver knows the user name. The ticket can be validated only once. (This
is the standard CAS configuration). In this scenario, TWO additional HTTP
requests to the CAS server are necessary for EACH stateless Geoserver
request. This is quite a performance penalty.
2) As an alternative, the GeoServer CAS configuration has the option to for
creating an HTTP Session. In this scenario, only the first request has the
performance penalty, subsequent requests can use the session cookie.
Caching the CAS tickets is no option since it may happen that different
users receive an identical ticket over the time.
At the end of the day, the GeoServer admin has to decide between these two
options. Looking at SessionDebugFilter.java and web.xml, I see no easy way
to avoid the stack trace in such situations.
Any ideas ?
Christian
------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://ad.doubleclick.net/clk;258768047;13503038;j?
http://info.appdynamics.com/FreeJavaPerformanceDownload.html
_______________________________________________
Geoserver-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/geoserver-devel
