Have you switched office 365 over to use federated login via
the Set-MsolDomainAuthentication powershell command?
On Monday, July 8, 2019 at 11:28:18 AM UTC-5, Alfonso Veraluz wrote:
>
> Hello.
>
> No. I made an advance adding values like to the inmutableId in the 365
> users but after that:
>
>
>
>
> Is there any way that I can manually expire TGTs for users that are
> expired based on the user expiry date/time? It's my understanding that CAS
> will automatically send out logout messages to registered services after a
> user manually logs out. I can handle these messages in those
Thank everyone for your replies, it was inspring!
> I am pretty sure most core component of CAS is multi-thread enabled,
where do you get the info that CAS is thread-blocking all the way?
I never questioned the fact CAS is multi-threaded.
All I wanted to say that it is using the 20+ years old
Hello Ray,
I have thought about the user implications and it's not currently a large
concern because I'm looking at this more from a security point of view.
My CAS sessions are longer than that of the services, but I want an expired
user to be stopped from accessing all services as soon as
Hello,
I am running CAS 5.2.3 on Redhat 7 ES on linux and upgraded tomcat from
8.5.32 to 8.5.42. The war files will not start and generate the following
error:
*More than one fragment with the name [spring_web] was found. This is not
legal with relative ordering. See section 8.2.2 2c of the
Hello Community,
We use Duo for 2FA and have successfully used it with CAS for a single
application. Recently we decided to enable 2FA for all applications using
cas.authn.mfa.globalProviderId=mfa-duo and are now finding that each
application requires that the user authenticate to the CAS
There are well known large b2c deployments in telecom and gaming with scale
around 20 million clients and millions of authentications every day.
This is from a 2016 survey from a 156 respondents:
Healthcare: 4 (2.8%)
Insurance: 5 (3.5%)
Government: 11 (7.5%)
Higher Ed: 109 (75.7%)
Finance: 1
Lafayette College provided their load testing results for CAS 5.1.x back in
2017:
https://apereo.github.io/2017/09/25/cas51-perfresults-LafayetteCollege/
The Locust configuration they used for this is available on Github:
https://github.com/cwaldbieser/locustfiles
--
DAVID A. CURRY, CISSP
Hi Kaiser,
Well, I might not be the best person to speak for high load, since our CAS
5 expected stress level is much lower than yours. However, would still like
to make some comment:
> CAS architecture is inherently non-reactive and thread-blocking all the
way
I am pretty sure most core
Greetings, CAS community
my customer considers using CAS as public OpenID server, since it is
feature-reach and mature
however, the loads are quite high
a dataset of 5M+ identities and 1K+ logins per second is expected as peak
load sustained for maybe an hour or so
this all may potentially
10 matches
Mail list logo
