Hi Shadhin, mod_auth_cas uses the Apache Portable Runtime to parse the XML file, specifically the apr_xml_parse_file function. The return value of this call is checked. If it does not return "APR_SUCCESS" then you would see an error in your Apache log file, "MOD_AUTH_CAS: Error parsing XML content for 'filename'"
For the cache cleaning logic, since mod_auth_cas is only invoked when there is a CAS protected resource being accessed, the CASCleanCache function is called when it interacts with the cache. The first thing the cache clean function does is read a metadata file in the cache directory to determine when the last time the cache was cleaned. If more than the configured number of seconds have elapsed, the cache files are read and the out of date ones are purged. Otherwise, the method returns without processing the cache files in the directory. Hope this helps, -Phil On Fri, Mar 13, 2009 at 11:42 AM, Shadhin rahman <[email protected]> wrote: > All, > while cleaning cache file in cas cache directory, in function > CasCleancache() or in function readcasCachefile() what happens if you > encounter a zero byte file? I am trying to also understand why do we > perform cas cache cleaning after validating the ticket, should not it be > done before validating the ticket and assigning the cookie? I am new to > this, this is not criticism, rather I am trying to understand the process. > Please advise on this. Thanks > > Shadhin rahman wrote: >> >> All, >> While looking closely I see that while mod_auth_cas enters >> CASCleanCashe(), I get the following format file. Is the time format used >> in these file unix epoch time or some other time format? >> >> <cacheEntry xmlns="http://uconn.edu/cas/mod_auth_cas";> >> <user>sr2690</user> >> <issued>1234556061691950</issued> >> <lastactive>1234556791507752</lastactive> >> <path>/nagios/cgi-bin/</path> >> <ticket>v142Vcv2pjqybpPTBWjsrCG7C4Zs1Q6H6QVF6kN</ticket> >> <secure /> >> </cacheEntry> >> >> >> According to the logic of previous email, if my CASCacheCleanInterval 3600 >> seconds, there should be no file left in the directory older than 1 hour for >> a particular user's session. I see the following files in the cas cache >> directory. Please advise on this. Thanks >> >> >> bash-3.2# grep -rl sr2690 *|xargs ls -l >> -rw------- 1 www www 255 Jan 26 15:59 00a6b950663bc26db6ef2a43e6abd834 >> -rw------- 1 www www 255 Jan 29 00:58 00eaf730a7774c312b3a051ea4d9437d >> -rw------- 1 www www 255 Jan 29 02:25 0257130f2f354793f968cb5b92dfeb96 >> -rw------- 1 www www 255 Jan 15 13:43 038bf033826909c58c98fedfee45dc7a >> -rw------- 1 www www 263 Jan 19 14:13 040b5de19a06f2da1940ae2aeb2a2463 >> -rw------- 1 www www 255 Jan 15 11:04 05a9a29ea53cf9ece71bff2151631321 >> -rw------- 1 www www 263 Feb 11 19:03 06b649f1bc2126e1504b7cedbe39a482 >> -rw------- 1 www www 255 Feb 9 01:06 06cc4759ff52781e6d41b8cf86febd6b >> -rw------- 1 www www 263 Jan 21 19:00 06d6fb2eff004c0a3f184c29ea81907a >> -rw------- 1 www www 255 Feb 13 15:10 07270705ee5eee0eccb80c99a46ca1e8 >> -rw------- 1 www www 255 Feb 8 19:11 07aa7e87c873c0d6415262461042eee0 >> -rw------- 1 www www 263 Jan 16 15:10 096a052be5a2d18f1a0cf35c685b13f0 >> -rw------- 1 www www 255 Jan 16 18:01 0bceae34174de2643e269273ee2d3a88 >> -rw------- 1 www www 263 Jan 2 11:01 0cbd49e08cb09a3ef45d7ad3e19b4c3e >> -rw------- 1 www www 263 Jan 9 13:36 10a65c31470f7acdfd19f4feaf501ac4 >> -rw------- 1 www www 255 Jan 15 11:03 1207fa4efc922990e12dbb6212c31dda >> -rw------- 1 www www 263 Jan 9 16:30 130c9ce7dbe9023b8229fa0a7d06ec00 >> -rw------- 1 www www 263 Jan 5 15:38 133f2b899a46a0a8bfc8ea544399b729 >> -rw------- 1 www www 248 Nov 6 21:47 149f291185bf0fd7c5d50ab650ea9168 >> -rw------- 1 www www 248 Nov 6 17:43 15da3288049a00c5831f74dd3637bf9c >> -rw------- 1 www www 263 Feb 13 14:58 1829edd682102135d0c119dffd17c284 >> -rw------- 1 www www 263 Feb 12 18:14 1858c05d828803069a789ce4ae311176 >> -rw------- 1 www www 263 Jan 9 22:04 18a3f93eb0bcf85bf3911a62f854b060 >> -rw------- 1 www www 263 Jan 9 13:35 1ae06525eecbf60c3b209583299b14ab >> -rw------- 1 www www 255 Jan 20 18:18 1d00e74d2d4c41cbc3718bd65f5974bb >> -rw------- 1 www www 255 Jan 8 21:01 1d3675c5a92c4f6d82f94fb7a66fe91d >> -rw------- 1 www www 255 Feb 11 23:16 1e1d07340e6b76e0be0f103437ed4425 >> -rw------- 1 www www 255 Feb 12 10:57 21678f886b6cb2e5d406c11fb399e5ae >> -rw------- 1 www www 263 Feb 6 18:18 231daccd9a8b873a619d2b362617ab98 >> -rw------- 1 www www 255 Jan 29 02:34 233dfa7c2d1ca7183936407c920b1eea >> -rw------- 1 www www 255 Nov 13 10:23 23a666a794b84e0f71a9af9716064853 >> -rw------- 1 www www 263 Jan 21 11:22 253b85974ff9bf7ed9149216c2399257 >> -rw------- 1 www www 263 Dec 9 14:57 253c3f01811d3b51cb0de430a202d970 >> :q:q! >> >> >> Phil Ames wrote: >>> >>> Shadhin, >>> The cache file is created on the server when a new session cookie is >>> issued. Each cache file also contains a timestamp, the last 'time of >>> use' for that session, which is updated on each request that uses that >>> session identifier. Periodically (CASCacheCleanInterval seconds), the >>> directory of cache entries is processed and each cache entry is read. >>> If the cache entry is expired, the corresponding file is removed to >>> keep that directory clean. >>> >>> When someone clears their cache and authentication on the browser, the >>> cache file on the server is not affected until the cache is cleansed. >>> >>> -Phil >>> >>> On Thu, Feb 12, 2009 at 12:58 PM, Shadhin rahman <[email protected]> >>> wrote: >>> >>>> >>>> Phil, >>>> How does this Cache file gets created. Are they per user or per >>>> session? >>>> When someone clears the cache and authentication on the browser, does >>>> mod_auth_cas recreate these files. When mod_auth_cas cleans files, >>>> does >>>> mod_auth_cas deletes them or just keep it in the directory. I looked at >>>> bunch of file and it looks like they have the right information. >>>> >>>> >>> >>> >> >> > > > -- > Shadhin Rahman > 619 Watson Hall > Columbia University Information Technology-Network Infrastructure > Cell: 347-256-7869 Work: 212-851-7161 > Email: [email protected] > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
