AD account gets locked up using CAS.
Unai Rodriguez
me at u-journal.org
Wed Jul 2 05:53:06 EDT 2008
Solved, it seems that CAS sends a request per LDAP server defined. If I
stick to 2 servers only, it will send the wrong password twice. I have
attached another network traffic graphic flow.
Thank you so much!
unai
On Tue, 01 Jul 2008 19:47:05 -0600, Unai Rodriguez <me at u-journal.org>
wrote:
> Hi Scott,
>
>
>
> On Tue, 1 Jul 2008 09:44:28 -0400, "Scott Battaglia"
> <scott.battaglia at gmail.com> wrote:
>> Is it sending the request once to each of those servers?
>
> a) ONE Initial successful request to the first server (10.123.8.47) to
> "bind" as the 'xxxxxxxxx' user
> b) TWO unsuccessful requests to the 1st server (10.123.8.47), providing
> wrong password
> c) ONE unsuccessful requests to the 2nd server (10.123.8.46), providing
> wrong password
> d) ONE unsuccessful requests to the 3rd server (10.130.0.45), providing
> wrong password
> e) ONE unsuccessful requests to the 4th server (10.100.0.45), providing
> wrong password
> f) ONE unsuccessful requests to the 5th server (10.190.0.45), providing
> wrong password
>
> You may find attached a .cap file with all these packets and also a
> network
> flow graph.
>
> I am using:
>
> - OS: Debian Linux Sarge 3.1
> - CAS: version 3.0.5
> - Tomcat: version 5.5.23.0.
> - Java: version "1.5.0_08"
>
> thanks,
> unai
More information about the cas
mailing list