BTW, this is the one copied from 4.1 document.
<bean id="serviceTicketsCache"
class="org.springframework.cache.ehcache.EhCacheFactoryBean"
parent="abstractTicketCache"
p:cacheName="cas_st"
p:timeToIdle="0"
p:timeToLive="300"
p:cacheEventListeners-ref="ticketRMISynchronousCacheReplicator" />
Log shows copied ServiceTicket is expired. I can not find the timeToLive
information from EhCacheFactoryBean document. Is it millisecond instead of
second? If so, what value should I set instead of 300?
2015-11-03 16:38:15,721 INFO [org.jasig.cas.CentralAuthenticationServiceImpl]
- ServiceTicket [ST-1-XcYCkWsQ4MnIfWOqeZdf-cas.server.net] has expired.
From: Song, Doe-Hyun
Sent: Tuesday, November 03, 2015 4:57 PM
To: cas-user@lists.jasig.org
Subject: [cas-user] ehcache and Service Ticket Validation fails
I am using 4.1 and installed ehcache for two cas servers. It is quiet random -
fail sometimes and succeed sometimes.
There are two servers and server1 creates TGT and ST successfully. Server2
tries to validate ST and fails. The following is both servers' logs.
Interestingly, I can see cas_st.data file is always 0 size no matter what
validate fails or succeeds.
Server1
2015-11-03 16:38:04,958 INFO
[org.jasig.cas.authentication.PolicyBasedAuthenticationManager] -
LdapAuthenticationHandler successfully authenticated temp+password
2015-11-03 16:38:04,973 INFO
[org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - Authenticated
temp with credentials [temp+password].
2015-11-03 16:38:04,976 INFO
[org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail
record BEGIN
=============================================================
WHO: temp+password
WHAT: supplied credentials: [temp+password]
ACTION: AUTHENTICATION_SUCCESS
APPLICATION: CAS
WHEN: Tue Nov 03 16:38:04 EST 2015
CLIENT IP ADDRESS: 100.100.100.200
SERVER IP ADDRESS: apparms.server.net
=============================================================
2015-11-03 16:38:04,976 INFO
[org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail
record BEGIN
=============================================================
WHO: temp+password
WHAT: supplied credentials: [temp+password]
ACTION: AUTHENTICATION_SUCCESS
APPLICATION: CAS
WHEN: Tue Nov 03 16:38:04 EST 2015
CLIENT IP ADDRESS: 100.100.100.200
SERVER IP ADDRESS: apparms.server.net
=============================================================
2015-11-03 16:38:04,978 DEBUG [net.sf.ehcache.store.disk.Segment] - put added 0
on heap
2015-11-03 16:38:04,981 DEBUG [net.sf.ehcache.store.disk.Segment] - fault
removed 0 from heap
2015-11-03 16:38:04,981 DEBUG [net.sf.ehcache.store.disk.Segment] - fault added
0 on disk
2015-11-03 16:38:04,985 INFO
[org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail
record BEGIN
=============================================================
WHO: temp+password
WHAT:
TGT-**********************************************GsFfWjbxN6-cas.server.net
ACTION: TICKET_GRANTING_TICKET_CREATED
APPLICATION: CAS
WHEN: Tue Nov 03 16:38:04 EST 2015
CLIENT IP ADDRESS: 100.100.100.200
SERVER IP ADDRESS: apparms.server.net
=============================================================
2015-11-03 16:38:04,985 INFO
[org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail
record BEGIN
=============================================================
WHO: temp+password
WHAT:
TGT-**********************************************GsFfWjbxN6-cas.server.net
ACTION: TICKET_GRANTING_TICKET_CREATED
APPLICATION: CAS
WHEN: Tue Nov 03 16:38:04 EST 2015
CLIENT IP ADDRESS: 100.100.100.200
SERVER IP ADDRESS: apparms.server.net
=============================================================
2015-11-03 16:38:05,546 INFO
[org.jasig.cas.authentication.PolicyBasedAuthenticationManager] -
LdapAuthenticationHandler successfully authenticated temp+password
2015-11-03 16:38:05,549 INFO
[org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - Authenticated
temp with credentials [temp+password].
2015-11-03 16:38:05,550 INFO
[org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail
record BEGIN
=============================================================
WHO: temp+password
WHAT: supplied credentials: [temp+password]
ACTION: AUTHENTICATION_SUCCESS
APPLICATION: CAS
WHEN: Tue Nov 03 16:38:05 EST 2015
CLIENT IP ADDRESS: 100.100.100.200
SERVER IP ADDRESS: apparms.server.net
=============================================================
2015-11-03 16:38:05,550 INFO
[org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail
record BEGIN
=============================================================
WHO: temp+password
WHAT: supplied credentials: [temp+password]
ACTION: AUTHENTICATION_SUCCESS
APPLICATION: CAS
WHEN: Tue Nov 03 16:38:05 EST 2015
CLIENT IP ADDRESS: 100.100.100.200
SERVER IP ADDRESS: apparms.server.net
=============================================================
2015-11-03 16:38:05,573 DEBUG [net.sf.ehcache.store.disk.Segment] - put added 0
on heap
2015-11-03 16:38:05,577 DEBUG [net.sf.ehcache.store.disk.Segment] - put
updated, deleted 0 on heap
2015-11-03 16:38:05,577 DEBUG [net.sf.ehcache.store.disk.Segment] - put
updated, deleted 0 on disk
2015-11-03 16:38:05,578 DEBUG [net.sf.ehcache.store.disk.Segment] - put added 0
on heap
2015-11-03 16:38:05,578 DEBUG
[net.sf.ehcache.distribution.RMICacheManagerPeerProvider] - Lookup URL
//apparms01q:41001/cas_st
2015-11-03 16:38:05,580 DEBUG [net.sf.ehcache.store.disk.Segment] - fault
removed 0 from heap
2015-11-03 16:38:05,580 DEBUG [net.sf.ehcache.store.disk.Segment] - fault added
0 on disk
2015-11-03 16:38:05,581 DEBUG [net.sf.ehcache.store.disk.Segment] - fault
removed 0 from heap
2015-11-03 16:38:05,581 DEBUG [net.sf.ehcache.store.disk.Segment] - fault added
0 on disk
2015-11-03 16:38:05,610 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] -
Granted ticket [ST-1-XcYCkWsQ4MnIfWOqeZdf-cas.server.net] for service
[https://apparms.server.net/] for user [temp]
2015-11-03 16:38:05,617 INFO
[org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail
record BEGIN
=============================================================
WHO: temp
WHAT: ST-1-XcYCkWsQ4MnIfWOqeZdf-cas.server.net for https://apparms.server.net/
ACTION: SERVICE_TICKET_CREATED
APPLICATION: CAS
WHEN: Tue Nov 03 16:38:05 EST 2015
CLIENT IP ADDRESS: 100.100.100.200
SERVER IP ADDRESS: apparms.server.net
=============================================================
2015-11-03 16:38:05,617 INFO
[org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail
record BEGIN
=============================================================
WHO: temp
WHAT: ST-1-XcYCkWsQ4MnIfWOqeZdf-cas.server.net for https://apparms.server.net/
ACTION: SERVICE_TICKET_CREATED
APPLICATION: CAS
WHEN: Tue Nov 03 16:38:05 EST 2015
CLIENT IP ADDRESS: 100.100.100.200
SERVER IP ADDRESS: apparms.server.net
=============================================================
2015-11-03 16:38:05,856 DEBUG [net.sf.ehcache.distribution.RMICachePeer] -
RMICachePeer for cache cas_st: remote remove received for key:
ST-1-XcYCkWsQ4MnIfWOqeZdf-cas.server.net
2015-11-03 16:38:05,878 DEBUG [net.sf.ehcache.store.disk.Segment] - remove
deleted 0 from heap
2015-11-03 16:38:05,879 DEBUG [net.sf.ehcache.store.disk.Segment] - remove
deleted 0 from disk
2015-11-03 16:38:12,889 DEBUG
[net.sf.ehcache.distribution.RMICacheManagerPeerProvider] - Lookup URL
//apparms01q:41001/cas_tgt
Server 2.
2015-11-03 16:38:15,494 DEBUG [net.sf.ehcache.store.disk.Segment] - put added 0
on heap
2015-11-03 16:38:15,496 DEBUG [net.sf.ehcache.distribution.RMICachePeer] -
RMICachePeer for cache cas_st: remote put received. Element is: [ key =
ST-1-XcYCkWsQ4MnIfWOqeZdf-cas.server.net,
value=ST-1-XcYCkWsQ4MnIfWOqeZdf-cas.server.net, version=1, hitCount=0,
CreationTime = 1446586686000, LastAccessTime = 1446586695494 ]
2015-11-03 16:38:15,498 DEBUG [net.sf.ehcache.store.disk.Segment] - fault
removed 0 from heap
2015-11-03 16:38:15,498 DEBUG [net.sf.ehcache.store.disk.Segment] - fault added
0 on disk
2015-11-03 16:38:15,721 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] -
ServiceTicket [ST-1-XcYCkWsQ4MnIfWOqeZdf-cas.server.net] has expired.
2015-11-03 16:38:15,730 DEBUG [net.sf.ehcache.store.disk.Segment] - remove
deleted 0 from heap
2015-11-03 16:38:15,730 DEBUG [net.sf.ehcache.store.disk.Segment] - remove
deleted 0 from disk
2015-11-03 16:38:15,731 DEBUG
[net.sf.ehcache.distribution.RMICacheManagerPeerProvider] - Lookup URL
//apparms02q:41003/cas_st
2015-11-03 16:38:15,801 INFO
[org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail
record BEGIN
=============================================================
WHO: audit:unknown
WHAT: ST-1-XcYCkWsQ4MnIfWOqeZdf-cas.server.net
ACTION: SERVICE_TICKET_VALIDATE_FAILED
APPLICATION: CAS
WHEN: Tue Nov 03 16:38:15 EST 2015
CLIENT IP ADDRESS: 126.90.100.137
SERVER IP ADDRESS: 126.90.100.139
=============================================================
2015-11-03 16:38:15,801 INFO
[org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail
record BEGIN
=============================================================
WHO: audit:unknown
WHAT: ST-1-XcYCkWsQ4MnIfWOqeZdf-cas.server.net
ACTION: SERVICE_TICKET_VALIDATE_FAILED
APPLICATION: CAS
WHEN: Tue Nov 03 16:38:15 EST 2015
CLIENT IP ADDRESS: 126.90.100.137
SERVER IP ADDRESS: 126.90.100.139
=============================================================
2015-11-03 16:38:22,804 DEBUG [net.sf.ehcache.store.disk.Segment] - put added 0
on heap
2015-11-03 16:38:22,806 DEBUG [net.sf.ehcache.distribution.RMICachePeer] -
RMICachePeer for cache cas_tgt: remote put received. Element is: [ key =
TGT-**********************************************GsFfWjbxN6-cas.server.net,
value=TGT-**********************************************GsFfWjbxN6-cas.server.net,
version=1, hitCount=0, CreationTime = 1446586685000, LastAccessTime =
1446586702804 ]
2015-11-03 16:38:22,807 DEBUG [net.sf.ehcache.store.disk.Segment] - put added 0
on heap
2015-11-03 16:38:22,807 DEBUG [net.sf.ehcache.store.disk.Segment] - put
updated, deleted 0 on heap
2015-11-03 16:38:22,808 DEBUG [net.sf.ehcache.distribution.RMICachePeer] -
RMICachePeer for cache cas_tgt: remote put received. Element is: [ key =
TGT-**********************************************GsFfWjbxN6-cas.server.net,
value=TGT-**********************************************GsFfWjbxN6-cas.server.net,
version=1, hitCount=0, CreationTime = 1446586686000, LastAccessTime =
1446586702807 ]
2015-11-03 16:38:22,808 DEBUG [net.sf.ehcache.store.disk.Segment] - fault
removed 0 from heap
2015-11-03 16:38:22,809 DEBUG [net.sf.ehcache.store.disk.Segment] - fault added
0 on disk
2015-11-03 16:38:22,809 DEBUG [net.sf.ehcache.store.disk.Segment] - fault
installation failed, deleted 0 from heap
2015-11-03 16:38:22,809 DEBUG [net.sf.ehcache.store.disk.Segment] - fault
installation failed deleted 0 from disk
2015-11-03 16:38:22,813 DEBUG [net.sf.ehcache.store.disk.Segment] - fault
removed 0 from heap
2015-11-03 16:38:22,815 DEBUG [net.sf.ehcache.store.disk.Segment] - fault added
0 on disk
--
You are currently subscribed to cas-user@lists.jasig.org as: ds...@armada.net
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
The information contained in this e-mail and any attachments is confidential and
intended only for the recipient. If you are not the intended recipient, the
information contained in this message may not be used, copied, or forwarded to
third parties or otherwise distributed for any other purpose. Please notify the
sender if you received this e-mail in error and delete the e-mail and its
attachments promptly. Nothing in this e-mail may be used or deemed to form the
basis of a contractual or any other legally binding obligation unless separately
confirmed in writing by an authorized representative of ARMADA.
The information contained in this e-mail and any attachments is confidential and
intended only for the recipient. If you are not the intended recipient, the
information contained in this message may not be used, copied, or forwarded to
third parties or otherwise distributed for any other purpose. Please notify the
sender if you received this e-mail in error and delete the e-mail and its
attachments promptly. Nothing in this e-mail may be used or deemed to form the
basis of a contractual or any other legally binding obligation unless separately
confirmed in writing by an authorized representative of ARMADA.
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
