> Provide ability to indicate that CAS should validate CASTGC cookies upon > login without service
Validating the contents of CASTGC should only reasonably happen whenever a service ticket is requested. Your workaround of sending a dummy service ticket sounds reasonable provided that the real problem you identified is resolved. > Refactor TGT implementation (org.jasig.cas.ticketTicketGrantingTicketImpl) > to transmit logout requests only to services that have had successfully > validated service tickets You've identified a real problem here and I agree with your recommended solution. The current implementation seems like an invitation for a resource leak in addition to the problem case you cited where connections time out at logout time. I encourage you to open a Jira issue for this. > Additional: We have been seeing higher network utilization, > which has manifested in the “Too many open files” exceptions > on the CAS server due to the HTTP connections being made and > “Connection broken / timed out” while transmitting logout > requests. You didn't specifically ask for a solution to the above problem, but I thought I would recommend one anyway. Have you tried decreasing HttpClient#connectionTimeout to something less than the 5s default? I would think that a setting of 1-2s would be an eternity on most university networks. M -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
