Proxying cas-application in a cluster
Mikkel Refsgaard Bech
mrb at aub.aau.dk
Tue Sep 12 05:41:44 EDT 2006
Hi,
We want to setup an application that uses proxt granting tickets (PGT),
in a cluster. Our application (a CMS system) uses proxying to do the
authorization. That is; when a user logs in, the CMS system contacts
another system the get the user's permissions via a proxy ticket. This
works fine in a non-clustered setup. But when the CMS is clustered the
callback from CAS ends up in the cluster as well, which potentially
results in a PGT on one of the other systems than the user logged in to.
The login from the CMS to the authorization system fails because that
particular instance of the CMS never recieved the PGT.
I've searched the wiki and the mailing lists for a solution, but have
not found anything or anyone having this problem.
Has anyone had the same problem?
Which obvious solution can I not see? / How did you solve it?
The solution to this could be to make the CMS instances share the PGT's.
Anyone tried this?
Regards,
Mikkel
Aalborg University
More information about the cas
mailing list