questions about logout and clustering
Scott Battaglia
scott.battaglia at gmail.com
Wed Aug 30 21:07:23 EDT 2006
Siyuan,
1. You *can* leverage the clustering provided by WebLogic, WebSphere and
Tomcat to provide failover and loadbalancing to CAS (I've actually used
plain Apache to do load balancing). However, our TicketRegistry is our
pluggable "data store." By default its an in-memory data store but it can
be swapped out for any other form (including a database). We have
implemented a JBossTicketRegistry to provide clustering and sharing the
registry across nodes. You can't completely leverage just the container
clustering capabilities because most of them only cluster sessions (and we
don't store anything in session as the validate endpoints don't have access
to the user session).
2. CAS currently only removes the TGT in the CAS server. At this moment
you cannot log users out of their current sessions in other applications
(which may or may not be a big deal as the actual number of people logging
out of their SSO is pretty minimal). We are looking at the SAML
2.0protocol for supporting Single Log Out in CAS
3.1
-Scott
On 8/30/06, Liu, Siyuan <siyuan.liu at wachovia.com> wrote:
>
> Hi, all:
> I am evaluating CAS as a possible SSO solution. I have some questions
> here:
> 1) From what I have read, there does not seem to be a generic clustering
> solution for CAS. The only mentioning of clustering for CAS is done using
> jGroup on Jboss. Is there anyway to do clustering in weblogic, websphere or
> tomcat so it can provide live failover and load balancing?
> 2) If I use CAS logout, that only removed TGT in the CAS server. If I have
> some established application sessions, without closing the browser, is there
> a way to logout user from all of the sessions?
> Thanks.
> -Siyuan
>
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20060830/d3b489d6/attachment.html
More information about the cas
mailing list