Rakesh, 1. There are a number of options for caching, https://apereo.github.io/cas/6.2.x/ticketing/Configuring-Ticketing-Components.html. Your choice will depend on what you already have (software and human), and how you configure you cas cluster. I have worked with ehcache and hazelcast. ehcache is distributed and replicated. replication takes time; you will have to determine if it is fast enough for your needs. hazelcast is not replicated (though maybe it can be configured). When a node goes down, that cache is lost; you will have to determine if that frequency is too disruptive for your users.
2. https://apereo.github.io/cas/6.2.x/configuration/Configuration-Properties-Security.html for security options. We use the spring cloud server, https://apereo.github.io/cas/6.2.x/configuration/Configuration-Server-Management.html which can have encrypted secrets. I recall that someone on this list posted a way to have a local secrets store that was outside of tomcat (and/or the packaged image/container; if you are going that route). I would advise against putting secrets in tomcat (setenv.sh or some such) as tomcat will print them into the log on startup. 3. There are options for consent, https://apereo.github.io/cas/6.2.x/webflow/Webflow-Customization-AUP.html, and password management, https://apereo.github.io/cas/6.2.x/password_management/Password-Management.html. We have a separate user management system, so I have not used the above systems. Ray On Fri, 2020-12-18 at 08:11 +0530, Rakesh K M wrote: Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information. Hi all, I worked on migration of CAS 3 to 6 version. I have couple questions 1. We were using JBOSS Cache based ticket caching and I can see those are depreciated in the latest version. Is there any direct alternative for this rather than using any kind of database for this? I found ehcache based caching, does that be a good alternative? 2. We are currently having all the securied properties like LDAP URLs, passwords etc. in external tomcat containers and we don't want to move into CAS properties file. Is there any way to use the existing properties from external tomcat container itself? 3. Does new CAS have any machism to update some information in LDAP? Thank you for the support in advance. With regards, Rakesh -- Ray Bon Programmer Analyst Development Services, University Systems 2507218831 | CLE 019 | r...@uvic.ca<mailto:r...@uvic.ca> I respectfully acknowledge that my place of work is located within the ancestral, traditional and unceded territory of the Songhees, Esquimalt and WSÁNEĆ Nations. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/b239421d3247d2e2e2eec0aeda74473f018b56dd.camel%40uvic.ca.