no i don't need the TGC too long, how can I make it shorter? On Monday, December 18, 2017 at 5:37:09 PM UTC+8, leleuj wrote: > > Hi, > > The encryption of the TGC makes it too long for a Memcached key: do you > really need it? > Thanks. > Best regards, > Jérôme > > > On Mon, Dec 18, 2017 at 9:58 AM, casuser <[email protected] > <javascript:>> wrote: > >> >> >> *This is my cas.properties, *# cas.tgc.path= >> cas.tgc.maxAge=-1 >> # cas.tgc.domain= >> >> cas.tgc.signingKey=******************************************************************************************* >> cas.tgc.name=TGC >> >> cas.tgc.encryptionKey=******************************************************************************************* >> cas.tgc.secure=false >> cas.tgc.rememberMeMaxAge=1350000 >> >> cas.tgc.cipherEnabled=true >> >> >> cas.webflow.signing.key=******************************************************************************************* >> cas.webflow.signing.keySize=512 >> >> >> cas.webflow.encryption.keySize=16 >> >> cas.webflow.encryption.key=******************************************************************************************* >> >> cas.webflow.crypto.signing.key=******************************************************************************************* >> >> cas.webflow.crypto.encryption.key=******************************************************************************************* >> #cas.webflow.crypto.enabled=false >> cas.webflow.crypto.signing.keySize=512 >> cas.webflow.crypto.encryption.keySize=16 >> #cas.webflow.crypto.alg=AES >> >> >> cas.tgc.crypto.signing.key=******************************************************************************************* >> >> cas.tgc.crypto.encryption.key=******************************************************************************************* >> >> >> # Service Registry >> cas.serviceRegistry.watcherEnabled=true >> cas.serviceRegistry.repeatInterval=120000 >> cas.serviceRegistry.startDelay=15000 >> cas.serviceRegistry.initFromJson=true >> cas.serviceRegistry.config.location=file:/etc/cas/config/services >> >> cas.ticket.tgt.onlyTrackMostRecentSession=true >> cas.ticket.tgt.maxLength=50 >> cas.monitor.tgt.warn.threshold=10 >> cas.monitor.tgt.warn.evictionThreshold=0 >> # >> # #remember me in seconds >> # # Set to a negative value to never expire tickets >> cas.ticket.tgt.maxTimeToLiveInSeconds=135000 >> cas.ticket.tgt.timeToKillInSeconds=7200 >> cas.ticket.tgt.rememberMe.enabled=true >> cas.ticket.tgt.rememberMe.timeToKillInSeconds=135000 >> >> cas.web.flow.GenericSuccessViewAction=******************************************************************************************* >> cas.ticket.tgt.timeout.maxTimeToLiveInSeconds=135000 >> >> ## >> #Throttled Timeout >> ## >> cas.ticket.tgt.throttledTimeout.timeToKillInSeconds=28800 >> cas.ticket.tgt.throttledTimeout.timeInBetweenUsesInSeconds=5 >> cas.ticket.tgt.hardTimeout.timeToKillInSeconds=28800 >> >> >> cas.monitor.st.warn.threshold=10 >> cas.monitor.st.warn.evictionThreshold=0 >> >> cas.ticket.st.maxLength=20 >> >> cas.ticket.st.numberOfUses=1 >> cas.ticket.st.timeToKillInSeconds=180 >> >> cas.ticket.crypto.enabled=true >> >> cas.ticket.crypto.signing.key=******************************************************************************************* >> >> cas.ticket.crypto.encryption.key=******************************************************************************************* >> >> I am getting an error in the catalina "java.lang.IllegalArgumentException: >> Key is too long (maxlen = 250)". How can I solve this? >> >> *This is the log:* >> >> >> 2017-12-18 15:12:50,962 DEBUG >> [org.apereo.cas.util.cipher.BaseStringCipherExecutor] - <Creating >> encryption key instance based on provided secret key> >> 2017-12-18 15:12:50,962 DEBUG >> [org.apereo.cas.util.cipher.BaseStringCipherExecutor] - <Initialized cipher >> encryption sequence via content encryption [A128CBC-HS256] and algorithm >> [dir]> >> 2017-12-18 15:12:50,963 DEBUG >> [org.apereo.cas.util.cipher.BaseStringCipherExecutor] - <Located signing >> key to use for [CAS Protocol Tickets]> >> 2017-12-18 15:12:50,963 DEBUG >> [org.apereo.cas.util.cipher.AbstractCipherExecutor] - <Created signing key >> instance [AesKey] based on provided secret key> >> 2017-12-18 15:12:50,964 DEBUG [org.apereo.cas.util.EncodingUtils] - >> <Encrypting via [A128CBC-HS256]> >> 2017-12-18 15:12:50,964 DEBUG >> [org.apereo.cas.ticket.factory.DefaultTicketGrantingTicketFactory] - >> <Encoded ticket-granting ticket id >> [*******************************************************************************************]> >> 2017-12-18 15:12:50,965 DEBUG >> [org.apereo.cas.ticket.registry.MemcachedTicketRegistry] - <Adding ticket >> [*******************************************************************************************]> >> 2017-12-18 15:12:50,965 ERROR >> [org.apereo.cas.ticket.registry.MemcachedTicketRegistry] - <Failed adding >> [*******************************************************************************************]> >> java.lang.IllegalArgumentException: Key is too long (maxlen = 250) >> 2017-12-18 15:12:50,966 DEBUG >> [org.apereo.cas.AbstractCentralAuthenticationService] - <Publishing >> [org.apereo.cas.support.events.ticket.CasTicketGrantingTicketCreatedEvent@41e218bd[ticketGrantingTicket=*******************************************************************************************]]> >> 2017-12-18 15:12:50,966 INFO >> [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit >> trail record BEGIN >> >> ============================================================= >> WHO: USER >> WHAT: >> ******************************************************************************************* >> ACTION: TICKET_GRANTING_TICKET_CREATED >> APPLICATION: CAS >> WHEN: Mon Dec 18 15:13:10 MYT 2017 >> CLIENT IP ADDRESS: 127.0.0.1 >> SERVER IP ADDRESS: 127.0.0.1 >> >> >> >> I should also mention that I don't see any ST created in the log too. I >> want to create the ST is well to validate the service. >> >> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/242eb0e3-4e51-4709-9f71-bdc0782e74bd%40apereo.org >> >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/242eb0e3-4e51-4709-9f71-bdc0782e74bd%40apereo.org?utm_medium=email&utm_source=footer> >> . >> > >
-- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/d8fb1cb4-ebde-4f64-8f52-e817e3ae2bef%40apereo.org.
